Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HTdSJw8kNEedHa2Bz6Fov6AE2f4.roa
File: HTdSJw8kNEedHa2Bz6Fov6AE2f4.roa (raw, json)
Hash identifier: ZgjJqtSywQ+qY2UHHmC4jNBZPtNNcikZhydU5UpSK4U=
Subject key identifier: 1D:37:52:27:0F:24:34:47:9D:1D:AD:81:CF:A1:68:BF:A0:04:D9:FE
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01876AE5917CD714A3BDF1465E343A1E64D4
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HTdSJw8kNEedHa2Bz6Fov6AE2f4.roa
Signing time: Mon 10 Apr 2023 11:20:42 +0000
ROA not before: Mon 10 Apr 2023 11:20:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135377
IP address blocks: 93.190.246.0/24 maxlen: 24
45.128.79.0/24 maxlen: 24
45.128.25.0/24 maxlen: 24
45.128.26.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:6a:e5:91:7c:d7:14:a3:bd:f1:46:5e:34:3a:1e:64:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 10 11:20:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d3752270f2434479d1dad81cfa168bfa004d9fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:90:33:22:b2:cb:d4:d3:91:1c:f0:19:91:1f:
9a:fe:af:6d:7f:f3:57:79:48:d0:b3:f5:7b:c0:24:
b5:b4:39:8a:99:c0:fe:e6:f5:10:be:e5:53:8d:39:
0f:b1:d3:7d:50:c8:79:6a:32:75:6e:0f:4e:7b:bd:
c4:df:c4:5d:2f:08:30:8a:c6:72:2b:63:8b:47:bc:
6b:0f:12:4c:c7:97:65:14:2d:3e:52:34:cb:e2:cd:
41:15:22:c7:d7:64:ee:e5:46:19:e9:d6:fe:65:6d:
8b:be:a8:ac:6a:2e:67:77:3b:02:16:2b:18:8e:5b:
35:a5:ef:99:b6:d8:42:68:84:b2:d9:c1:1f:e3:f2:
80:0e:7a:da:91:fe:82:ea:90:92:ef:40:88:b3:eb:
5e:d4:0a:82:80:95:24:45:59:8d:19:dc:6b:74:32:
db:e8:df:41:57:f2:cf:cc:96:24:76:40:a0:11:2f:
40:0a:ea:f7:f2:7f:54:ed:17:82:fe:f4:5e:6b:09:
88:86:b3:42:7c:4f:40:08:19:b6:b6:7a:7f:57:4d:
ab:a3:84:40:06:99:d4:8c:a5:ef:c4:99:12:4e:b0:
04:ff:61:56:a7:66:13:98:0d:06:4e:69:34:5c:e3:
10:31:2b:97:2c:7c:ca:66:ce:ad:19:68:c6:da:02:
77:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:37:52:27:0F:24:34:47:9D:1D:AD:81:CF:A1:68:BF:A0:04:D9:FE
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/HTdSJw8kNEedHa2Bz6Fov6AE2f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.25.0-45.128.26.255
45.128.79.0/24
93.190.246.0/24
Signature Algorithm: sha256WithRSAEncryption
70:ef:e4:af:d3:88:35:e5:ad:9d:bc:f4:1c:ea:2a:73:33:c4:
83:f1:41:6b:52:9a:8a:80:ae:e4:a1:5f:8f:fb:f8:a2:84:28:
54:f4:c9:75:a9:02:04:2d:83:c3:0c:ef:63:67:d3:18:23:70:
a3:62:ea:a3:8d:53:4c:50:f2:13:f1:a3:e3:8f:bd:46:29:36:
5c:80:a3:39:c4:7b:28:80:cf:54:ee:78:46:19:e3:2e:04:0a:
c5:f4:1f:73:91:97:eb:70:75:a4:76:19:2d:98:19:61:99:86:
b2:65:65:04:7c:f1:06:3c:68:21:e5:00:91:db:2e:2f:f9:e0:
f1:37:b4:0c:52:ca:e3:ff:77:41:d3:49:a6:3c:9a:b6:07:59:
da:82:ee:d0:21:bb:56:ec:90:c6:54:0b:e1:42:52:04:31:6c:
ab:09:f2:0e:ad:8d:a1:aa:92:81:a4:f8:60:3a:a0:7d:40:72:
0e:a3:0d:5c:b0:0c:e5:d4:02:29:f0:ff:27:2b:22:3b:db:e7:
2f:8d:bb:c5:73:df:9a:03:3b:a3:28:6e:fe:1f:91:b1:57:86:
49:e2:05:a0:aa:45:57:23:cb:26:7e:af:eb:e7:43:59:32:b6:
b6:68:aa:a5:65:79:15:7f:a4:14:87:4c:33:6b:56:cd:ad:4f:
9a:ce:e6:f5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYdq5ZF81xSjvfFGXjQ6HmTUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNDEwMTEyMDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDM3NTIyNzBmMjQzNDQ3OWQxZGFkODFjZmExNjhiZmEwMDRkOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJAzIrLL1NORHPAZkR+a/q9tf/NX
eUjQs/V7wCS1tDmKmcD+5vUQvuVTjTkPsdN9UMh5ajJ1bg9Oe73E38RdLwgwisZy
K2OLR7xrDxJMx5dlFC0+UjTL4s1BFSLH12Tu5UYZ6db+ZW2Lvqisai5ndzsCFisY
jls1pe+ZtthCaISy2cEf4/KADnrakf6C6pCS70CIs+te1AqCgJUkRVmNGdxrdDLb
6N9BV/LPzJYkdkCgES9ACur38n9U7ReC/vReawmIhrNCfE9ACBm2tnp/V02ro4RA
BpnUjKXvxJkSTrAE/2FWp2YTmA0GTmk0XOMQMSuXLHzKZs6tGWjG2gJ3owIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFB03UicPJDRHnR2tgc+haL+gBNn+MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSFRkU0p3OGtORWVkSGEyQno2Rm92NkFFMmY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtgBkD
BAAtgBoDBAAtgE8DBABdvvYwDQYJKoZIhvcNAQELBQADggEBAHDv5K/TiDXlrZ28
9BzqKnMzxIPxQWtSmoqAruShX4/7+KKEKFT0yXWpAgQtg8MM72Nn0xgjcKNi6qON
U0xQ8hPxo+OPvUYpNlyAoznEeyiAz1TueEYZ4y4ECsX0H3ORl+twdaR2GS2YGWGZ
hrJlZQR88QY8aCHlAJHbLi/54PE3tAxSyuP/d0HTSaY8mrYHWdqC7tAhu1bskMZU
C+FCUgQxbKsJ8g6tjaGqkoGk+GA6oH1Acg6jDVywDOXUAinw/ycrIjvb5y+Nu8Vz
35oDO6Mobv4fkbFXhkniBaCqRVcjyyZ+r+vnQ1kytrZoqqVleRV/pBSHTDNrVs2t
T5rO5vU=
-----END CERTIFICATE-----
Generated at Thu May 8 04:48:39 2025 by rpki-client