Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zYjbCmiImnXRLeUET7NKiOueGwY.roa
File: zYjbCmiImnXRLeUET7NKiOueGwY.roa (raw, json)
Hash identifier: px2Hdz70zJoah6yu1bIdMOY01wGKJu6HJUn1XaF3KxU=
Subject key identifier: CD:88:DB:0A:68:88:9A:75:D1:2D:E5:04:4F:B3:4A:88:EB:9E:1B:06
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01884D20A3C1BBB36E7D84AEA695D9E732F3
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zYjbCmiImnXRLeUET7NKiOueGwY.roa
Signing time: Wed 24 May 2023 09:39:24 +0000
ROA not before: Wed 24 May 2023 09:39:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30633
IP address blocks: 45.129.127.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:39c1::/32 maxlen: 32
2a0e:c780::/32 maxlen: 32
2a0f:7f00::/32 maxlen: 32
2a12:ac40::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:a00::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a0f:e847:ffff::/48 maxlen: 48
2a13:4900::/29 maxlen: 29
2a0f:3d84::/32 maxlen: 32
2a0e:5a80::/29 maxlen: 29
2a0f:1e01:1::/48 maxlen: 48
2a0f:3d80:123::/48 maxlen: 48
2a0c:9247:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a12:d540::/29 maxlen: 29
2a0f:7d04:1::/48 maxlen: 48
2a0f:39c0::/32 maxlen: 32
2a0f:1e81:cdae::/48 maxlen: 48
2a0e:1a80::/32 maxlen: 32
2a0f:1e81:1293::/48 maxlen: 48
2a0f:3d87::/32 maxlen: 32
2a0f:1e00:abc::/48 maxlen: 48
2a10:6d40::/29 maxlen: 29
2a0f:1e81:a3d0::/48 maxlen: 48
2a12:ac40:f::/48 maxlen: 48
2a0f:2100::/29 maxlen: 29
2a0c:4880::/29 maxlen: 29
2a0f:a01::/32 maxlen: 32
2a13:1940:1::/48 maxlen: 48
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:3d82::/32 maxlen: 32
2a0f:7f01::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4d:20:a3:c1:bb:b3:6e:7d:84:ae:a6:95:d9:e7:32:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 24 09:39:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd88db0a68889a75d12de5044fb34a88eb9e1b06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:dd:af:bc:ee:93:f9:64:8e:34:b4:f8:88:97:
94:27:70:8e:cb:da:4a:92:8a:8a:2d:1f:e0:7b:66:
17:27:55:7f:6b:a3:86:05:3f:d4:12:35:5a:ae:85:
4d:4e:e9:a6:f8:90:a9:0b:39:cc:cf:b2:b5:c7:06:
19:a6:c7:3e:dc:37:10:7f:fe:fd:3b:38:af:fd:8f:
bd:b1:c8:b6:57:aa:8f:c6:51:6d:83:f7:14:6d:ce:
ff:d7:1a:60:5b:84:77:04:c6:45:23:1c:d0:a9:f6:
56:2c:ab:91:90:22:0b:98:95:ba:8e:07:3f:1a:93:
b9:73:71:90:26:66:e5:9e:4d:6d:ec:c0:16:bf:b2:
ed:2c:67:b9:0a:aa:8c:61:3d:99:c4:71:c6:54:59:
3a:f6:f1:d5:31:bd:c2:6f:1f:ea:1b:49:7c:d3:36:
0d:76:42:71:e3:30:4e:7e:79:36:59:ab:60:ef:f4:
38:8a:a4:ff:e1:2d:2e:3c:8f:a3:6b:a8:0f:4d:3f:
86:54:54:36:fc:cb:59:8f:a4:95:94:53:aa:08:dd:
ea:40:d3:30:57:cf:85:bb:43:28:fc:1b:97:9c:9b:
4b:93:b9:f8:24:cb:c5:83:20:e6:f2:39:45:38:6a:
3b:93:1c:74:0d:2f:c4:66:7f:de:f7:1c:4f:cd:e8:
57:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:88:DB:0A:68:88:9A:75:D1:2D:E5:04:4F:B3:4A:88:EB:9E:1B:06
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/zYjbCmiImnXRLeUET7NKiOueGwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
45.135.37.0/24
193.164.199.0/24
IPv6:
2a0c:4880::/29
2a0c:9247:1::/48
2a0e:1a80::/32
2a0e:5a80::/29
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:a00::/31
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2100::/29
2a0f:39c0::/31
2a0f:3d80:123::/48
2a0f:3d82::/32
2a0f:3d84::/32
2a0f:3d87::/32
2a0f:7d04:1::/48
2a0f:7f00::/31
2a0f:e847:ffff::/48
2a10:6d40::/29
2a12:ac40::/48
2a12:ac40:f::/48
2a12:d540::/29
2a13:1940:1::/48
2a13:4900::/29
Signature Algorithm: sha256WithRSAEncryption
45:33:c3:35:17:67:87:c7:68:5d:05:3a:73:69:28:12:a4:80:
6c:c5:51:22:55:f3:2b:6c:16:0e:d2:87:ec:b9:67:63:da:3b:
a9:54:00:36:f5:9d:e4:bd:fe:12:f4:c9:cb:4a:30:a9:54:a0:
b0:6f:64:54:3c:53:3c:fd:25:29:4c:ae:0c:3e:d4:dd:1f:0f:
d5:a3:0f:2a:98:46:c2:6f:fd:12:87:a3:f4:3b:0a:19:09:34:
ad:07:05:65:6c:09:da:fc:4e:7c:7e:20:54:4c:98:ae:07:db:
d4:56:1a:7c:4f:14:1b:e9:61:9b:5c:02:b8:37:10:54:6d:f8:
bd:04:89:34:1e:3a:84:be:0f:06:c9:24:f1:2a:be:75:11:85:
bd:44:7d:90:d0:45:af:b3:fa:bb:41:15:cc:02:0f:31:0d:42:
71:d4:26:b1:e7:c7:94:a5:2e:99:54:cc:3b:30:a6:3a:6a:89:
92:0b:13:8f:e2:9b:fa:fa:28:93:dd:bd:0a:36:d0:23:e6:4f:
3c:1b:87:9e:e7:d2:ae:d2:6b:77:c8:00:91:00:dc:00:8c:f7:
10:64:5f:f2:d3:8a:50:62:25:54:4c:7b:7c:0a:2e:6f:7a:46:
c6:45:43:8a:d5:06:26:5e:d8:c9:b8:68:ac:54:2d:d6:d9:7e:
21:5c:2a:f1
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgISAYhNIKPBu7NufYSuppXZ5zLzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNTI0MDkzOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDg4ZGIwYTY4ODg5YTc1ZDEyZGU1MDQ0ZmIzNGE4OGViOWUxYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArN2vvO6T+WSONLT4iJeUJ3COy9pK
koqKLR/ge2YXJ1V/a6OGBT/UEjVaroVNTumm+JCpCznMz7K1xwYZpsc+3DcQf/79
Oziv/Y+9sci2V6qPxlFtg/cUbc7/1xpgW4R3BMZFIxzQqfZWLKuRkCILmJW6jgc/
GpO5c3GQJmblnk1t7MAWv7LtLGe5CqqMYT2ZxHHGVFk69vHVMb3Cbx/qG0l80zYN
dkJx4zBOfnk2Watg7/Q4iqT/4S0uPI+ja6gPTT+GVFQ2/MtZj6SVlFOqCN3qQNMw
V8+Fu0Mo/BuXnJtLk7n4JMvFgyDm8jlFOGo7kxx0DS/EZn/e9xxPzehXaQIDAQAB
o4IDPTCCAzkwHQYDVR0OBBYEFM2I2wpoiJp10S3lBE+zSojrnhsGMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvellqYkNtaUltblhSTGVVRVQ3TktpT3VlR3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUQYIKwYBBQUHAQcBAf8EggFAMIIBPDAYBAIAATASAwQA
LYF/AwQALYclAwQAwaTHMIIBHgQCAAIwggEWAwUDKgxIgAMHACoMkkcAAQMFACoO
GoADBQMqDlqAAwUAKg7HgAMHACoO8gEAAQMFASoPCgADBwAqDx4AASMDBwAqDx4A
BFYDBwAqDx4ACYcDBwAqDx4ACrwDBwAqDx4A3vkDBwAqDx4BAAEDBwAqDx6BAAID
BwAqDx6BEpMDBwAqDx6BQxkDBwAqDx6BkugDBwAqDx6Bo9ADBwAqDx6Bza4DBQMq
DyEAAwUBKg85wAMHACoPPYABIwMFACoPPYIDBQAqDz2EAwUAKg89hwMHACoPfQQA
AQMFASoPfwADBwAqD+hH//8DBQMqEG1AAwcAKhKsQAAAAwcAKhKsQAAPAwUDKhLV
QAMHACoTGUAAAQMFAyoTSQAwDQYJKoZIhvcNAQELBQADggEBAEUzwzUXZ4fHaF0F
OnNpKBKkgGzFUSJV8ytsFg7Sh+y5Z2PaO6lUADb1neS9/hL0yctKMKlUoLBvZFQ8
Uzz9JSlMrgw+1N0fD9WjDyqYRsJv/RKHo/Q7ChkJNK0HBWVsCdr8Tnx+IFRMmK4H
29RWGnxPFBvpYZtcArg3EFRt+L0EiTQeOoS+DwbJJPEqvnURhb1EfZDQRa+z+rtB
FcwCDzENQnHUJrHnx5SlLplUzDswpjpqiZILE4/im/r6KJPdvQo20CPmTzwbh57n
0q7Sa3fIAJEA3ACM9xBkX/LTilBiJVRMe3wKLm96RsZFQ4rVBiZe2Mm4aKxULdbZ
fiFcKvE=
-----END CERTIFICATE-----
Generated at Sun May 11 01:26:24 2025 by rpki-client