Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Q2zVgXg-sDzFhrSdUBsWmuBxo24.roa
File: Q2zVgXg-sDzFhrSdUBsWmuBxo24.roa (raw, json)
Hash identifier: JWdRauS/cZLFqLv4vxrGUmGil49mP02bYGBIozxwhkc=
Subject key identifier: 43:6C:D5:81:78:3E:B0:3C:C5:86:B4:9D:50:1B:16:9A:E0:71:A3:6E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0213FF5C
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Q2zVgXg-sDzFhrSdUBsWmuBxo24.roa
Signing time: Thu 24 Feb 2022 13:57:20 +0000
ROA not before: Thu 24 Feb 2022 13:57:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60781
IP address blocks: 45.95.98.0/24 maxlen: 24
193.39.209.0/24 maxlen: 24
194.33.32.0/24 maxlen: 24
45.152.197.0/24 maxlen: 24
45.137.86.0/24 maxlen: 24
45.153.23.0/24 maxlen: 24
45.153.21.0/24 maxlen: 24
193.111.4.0/24 maxlen: 24
193.111.5.0/24 maxlen: 24
193.111.19.0/24 maxlen: 24
193.111.18.0/24 maxlen: 24
45.13.186.0/24 maxlen: 24
45.128.77.0/24 maxlen: 24
45.137.41.0/24 maxlen: 24
45.158.197.0/24 maxlen: 24
45.157.38.0/24 maxlen: 24
45.153.218.0/24 maxlen: 24
2a0e:e980::/29 maxlen: 29
2a0f:ac00::/29 maxlen: 29
2a0f:1f80::/29 maxlen: 29
2a0f:e940::/29 maxlen: 29
2a0e:2240:2::/48 maxlen: 48
2a0f:a02::/32 maxlen: 32
2a0f:e1c0::/32 maxlen: 32
2a0f:e600:1::/48 maxlen: 48
2a0f:a03::/32 maxlen: 32
2a0f:da40::/29 maxlen: 29
2a0f:e1c7::/32 maxlen: 32
2a0e:f200:2::/48 maxlen: 48
2a0f:a04::/32 maxlen: 32
2a0e:2440::/29 maxlen: 29
2a0f:e143::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34864988 (0x213ff5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 24 13:57:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=436cd581783eb03cc586b49d501b169ae071a36e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5e:66:1f:35:86:da:0a:58:03:cf:42:77:3e:
b1:25:fa:82:de:24:75:33:2d:52:e6:31:06:e7:be:
36:07:aa:45:88:4b:92:8d:a7:7e:f1:7f:5b:11:5f:
48:eb:40:6f:cd:5d:d2:a9:6f:bf:07:0b:d4:e4:60:
d9:77:95:e7:9d:23:0e:85:53:33:a2:39:d3:20:2a:
cd:5f:8c:16:fc:41:f0:9f:a4:09:aa:1a:63:61:53:
7b:9c:ca:f0:5e:2f:4e:48:28:60:da:2f:48:d5:69:
1d:e4:1b:9c:8d:e2:88:b1:7a:14:0e:9d:26:df:06:
8e:f3:c5:6a:16:44:45:d1:8f:05:87:b7:50:a8:aa:
80:85:62:ac:75:29:82:a4:e5:6a:fb:db:ed:70:77:
46:d7:dc:cb:df:eb:7c:28:15:26:42:d6:96:4d:65:
14:46:d2:6d:23:c6:0f:30:f0:63:de:6d:cb:97:f1:
58:80:23:51:d1:a5:70:29:c2:52:db:4a:42:b7:94:
de:9d:6f:0b:50:3a:17:1a:d4:b7:a0:50:7b:21:1e:
71:c4:3d:e9:e1:10:2d:67:fe:1b:9e:95:fb:6b:04:
c3:43:dc:f1:4c:36:c8:b7:1c:3f:d2:24:64:d7:55:
75:6f:81:a5:72:43:cd:50:97:d1:79:23:80:fa:77:
03:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:6C:D5:81:78:3E:B0:3C:C5:86:B4:9D:50:1B:16:9A:E0:71:A3:6E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/Q2zVgXg-sDzFhrSdUBsWmuBxo24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.186.0/24
45.95.98.0/24
45.128.77.0/24
45.137.41.0/24
45.137.86.0/24
45.152.197.0/24
45.153.21.0/24
45.153.23.0/24
45.153.218.0/24
45.157.38.0/24
45.158.197.0/24
193.39.209.0/24
193.111.4.0/23
193.111.18.0/23
194.33.32.0/24
IPv6:
2a0e:2240:2::/48
2a0e:2440::/29
2a0e:e980::/29
2a0e:f200:2::/48
2a0f:a02::-2a0f:a04:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:1f80::/29
2a0f:ac00::/29
2a0f:da40::/29
2a0f:e143::/32
2a0f:e1c0::/32
2a0f:e1c7::/32
2a0f:e600:1::/48
2a0f:e940::/29
Signature Algorithm: sha256WithRSAEncryption
49:f2:59:8b:eb:ab:ea:02:28:d2:cf:52:ea:67:e5:95:e5:44:
5d:cb:2d:d6:43:9f:7b:c4:70:bf:56:60:ea:94:28:6b:20:c9:
23:c8:19:c4:22:15:ae:7f:aa:87:ae:cd:ce:88:2d:be:e5:88:
3b:eb:e3:1b:72:10:a1:08:e3:e6:e2:38:5c:c1:63:10:24:d3:
4c:4b:29:ad:51:e4:ce:9c:2a:44:d3:87:07:c3:31:cb:23:f1:
48:32:b7:0a:4d:19:d3:7d:73:91:fe:95:14:29:df:38:26:1b:
2c:09:c4:dd:a7:b9:fb:ab:22:18:26:6c:1a:c1:aa:8c:c7:d7:
69:7e:33:21:dd:f8:4c:f5:33:2e:0d:39:f1:b3:fc:f5:e5:17:
32:43:f1:2b:bb:ce:03:3b:8c:5e:7a:a1:2d:c5:c1:35:b3:40:
e6:e8:a7:e0:a8:f3:ce:3b:04:98:a6:1d:09:76:8a:11:f4:d2:
c2:4c:77:13:e7:55:31:92:80:ef:e6:6d:d8:a9:7c:0b:b9:06:
34:f3:03:aa:80:25:6a:95:44:12:91:e1:eb:ba:b8:67:c4:bf:
f1:61:c2:f8:b5:03:62:9c:72:54:23:05:9e:87:51:f7:9f:4b:
0e:19:13:3c:b5:55:11:90:fa:b3:2a:37:5d:bc:80:bd:3e:a8:
70:11:26:ff
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgIEAhP/XDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDU1OWFhZmJmYzA5MzEyNDJlMWQ2MzcyOThjZjFkZDIyM2U0YzI2MB4XDTIyMDIy
NDEzNTcyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDM2Y2Q1ODE3ODNl
YjAzY2M1ODZiNDlkNTAxYjE2OWFlMDcxYTM2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJteZh81htoKWAPPQnc+sSX6gt4kdTMtUuYxBue+NgeqRYhL
ko2nfvF/WxFfSOtAb81d0qlvvwcL1ORg2XeV550jDoVTM6I50yAqzV+MFvxB8J+k
CaoaY2FTe5zK8F4vTkgoYNovSNVpHeQbnI3iiLF6FA6dJt8GjvPFahZERdGPBYe3
UKiqgIVirHUpgqTlavvb7XB3Rtfcy9/rfCgVJkLWlk1lFEbSbSPGDzDwY95ty5fx
WIAjUdGlcCnCUttKQreU3p1vC1A6FxrUt6BQeyEeccQ96eEQLWf+G56V+2sEw0Pc
8Uw2yLccP9IkZNdVdW+BpXJDzVCX0XkjgPp3Ay8CAwEAAaOCAtIwggLOMB0GA1Ud
DgQWBBRDbNWBeD6wPMWGtJ1QGxaa4HGjbjAfBgNVHSMEGDAWgBR9VZqvv8CTEkLh
1jcpjPHdIj5MJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8x
L1EyelZnWGctc0R6RmhyU2RVQnNXbXVCeG8yNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8xL2ZWV2FyN19Ba3hK
QzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
5wYIKwYBBQUHAQcBAf8EgdcwgdQwYAQCAAEwWgMEAC0NugMEAC1fYgMEAC2ATQME
AC2JKQMEAC2JVgMEAC2YxQMEAC2ZFQMEAC2ZFwMEAC2Z2gMEAC2dJgMEAC2exQME
AMEn0QMEAcFvBAMEAcFvEgMEAMIhIDBwBAIAAjBqAwcAKg4iQAACAwUDKg4kQAMF
AyoO6YADBwAqDvIAAAIwDgMFASoPCgIDBQAqDwoEAwUDKg8fgAMFAyoPrAADBQMq
D9pAAwUAKg/hQwMFACoP4cADBQAqD+HHAwcAKg/mAAABAwUDKg/pQDANBgkqhkiG
9w0BAQsFAAOCAQEASfJZi+ur6gIo0s9S6mflleVEXcst1kOfe8Rwv1Zg6pQoayDJ
I8gZxCIVrn+qh67NzogtvuWIO+vjG3IQoQjj5uI4XMFjECTTTEsprVHkzpwqRNOH
B8MxyyPxSDK3Ck0Z031zkf6VFCnfOCYbLAnE3ae5+6siGCZsGsGqjMfXaX4zId34
TPUzLg058bP89eUXMkPxK7vOAzuMXnqhLcXBNbNA5uin4KjzzjsEmKYdCXaKEfTS
wkx3E+dVMZKA7+Zt2Kl8C7kGNPMDqoAlapVEEpHh67q4Z8S/8WHC+LUDYpxyVCMF
nodR959LDhkTPLVVEZD6syo3XbyAvT6ocBEm/w==
-----END CERTIFICATE-----
Generated at Tue May 13 22:46:29 2025 by rpki-client