Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/gPsAVmDJiic-_1n5BcRErRlv7WA.roa
File: gPsAVmDJiic-_1n5BcRErRlv7WA.roa (raw, json)
Hash identifier: hKqUO5LKZNqMq1tRsBxWIudu9RuewVz6KCR0/8MEqBk=
Subject key identifier: 80:FB:00:56:60:C9:8A:27:3E:FF:59:F9:05:C4:44:AD:19:6F:ED:60
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 018AAC5A3F4C04A20B1DB23640E0DB8F48F7
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/gPsAVmDJiic-_1n5BcRErRlv7WA.roa
Signing time: Tue 19 Sep 2023 07:31:50 +0000
ROA not before: Tue 19 Sep 2023 07:31:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20668
IP address blocks: 45.135.224.0/24 maxlen: 24
45.91.4.0/24 maxlen: 24
45.91.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:5a:3f:4c:04:a2:0b:1d:b2:36:40:e0:db:8f:48:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Sep 19 07:31:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80fb005660c98a273eff59f905c444ad196fed60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d2:ea:37:1d:3d:dc:16:bb:ca:cb:88:2c:1f:
e0:8f:9f:f2:1e:a6:48:d4:fe:6c:d8:c5:f1:b5:a0:
28:2d:3c:95:6b:2a:24:55:b5:a7:f0:35:0f:81:62:
2c:8b:65:56:f4:2a:30:e3:16:7c:1a:0a:5d:ff:b8:
96:65:13:4d:5d:58:d0:50:bf:6a:6c:b5:2e:a5:6b:
b1:dd:1b:5f:3e:37:36:17:26:d5:1a:f5:51:0e:6a:
2f:40:72:4e:46:36:67:ad:68:fa:46:7b:7f:c6:09:
2a:5e:a3:64:ec:94:3b:06:b2:86:b3:c7:28:69:37:
61:ff:90:a5:bc:e1:81:31:3d:f7:3c:42:9e:08:62:
ae:44:0c:9d:47:f0:56:a4:2b:b5:b1:20:eb:5b:b6:
ba:67:6b:e6:7d:76:ae:4d:8d:50:0f:f5:cb:00:96:
2e:2f:6d:a2:72:45:a0:b1:c0:d9:af:0d:86:3d:41:
89:db:59:09:01:cb:c5:e8:9e:43:d5:01:63:d0:cd:
19:4e:e2:a3:2d:a2:e1:be:fb:d0:e0:7c:27:04:6c:
dd:6e:04:eb:1e:f9:4c:09:ad:97:0e:b3:e1:bd:36:
ac:73:62:fb:2b:98:e8:b5:a4:57:b4:19:29:20:df:
91:ac:4a:07:df:ed:d8:03:18:a6:f8:32:90:c6:c3:
d7:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:FB:00:56:60:C9:8A:27:3E:FF:59:F9:05:C4:44:AD:19:6F:ED:60
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/gPsAVmDJiic-_1n5BcRErRlv7WA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.4.0/24
45.91.6.0/24
45.135.224.0/24
Signature Algorithm: sha256WithRSAEncryption
01:3f:9d:87:27:c8:eb:5c:8c:9e:4a:52:e0:57:47:14:ee:44:
33:e7:85:69:0b:5c:0d:02:17:fc:e6:36:27:7b:92:34:e5:ec:
78:a0:3a:fa:fb:91:c5:65:19:4f:2d:c6:36:ec:da:3a:29:f5:
a2:f6:00:39:28:c3:5e:a2:df:f7:19:65:28:d0:15:6a:29:58:
c4:56:74:e2:ec:d3:4b:9e:32:b2:88:73:a1:ea:fe:55:d8:de:
47:b1:61:11:1a:3f:4f:b1:92:e1:09:a7:ff:9a:ac:31:da:53:
a5:a4:04:9f:bb:77:96:05:e3:da:e2:bc:a0:5a:61:1c:ed:c5:
5a:6e:56:c0:71:18:ca:80:dc:81:e8:ce:d0:f9:21:2c:a1:f7:
57:7b:2b:af:6b:c1:b4:d0:a4:1f:ba:50:6e:c6:12:fe:95:4d:
63:3a:20:49:73:b4:e9:0d:d7:05:70:37:30:2b:93:40:26:b5:
ae:e5:aa:d2:3c:d5:10:cc:6d:d6:a5:44:89:26:1e:10:c7:92:
a2:b2:ee:52:27:d6:68:32:38:3b:bf:64:f8:24:8d:92:ec:80:
88:67:66:6f:82:fa:26:76:2b:48:e4:75:5e:32:ec:f2:d5:9f:
f4:f8:cc:a9:7e:e8:4e:f2:d4:63:2f:ad:57:43:99:c1:fb:0f:
33:48:a9:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqsWj9MBKILHbI2QODbj0j3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjMwOTE5MDczMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGZiMDA1NjYwYzk4YTI3M2VmZjU5ZjkwNWM0NDRhZDE5NmZlZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tLqNx093Ba7ysuILB/gj5/yHqZI
1P5s2MXxtaAoLTyVayokVbWn8DUPgWIsi2VW9Cow4xZ8Ggpd/7iWZRNNXVjQUL9q
bLUupWux3RtfPjc2FybVGvVRDmovQHJORjZnrWj6Rnt/xgkqXqNk7JQ7BrKGs8co
aTdh/5ClvOGBMT33PEKeCGKuRAydR/BWpCu1sSDrW7a6Z2vmfXauTY1QD/XLAJYu
L22ickWgscDZrw2GPUGJ21kJAcvF6J5D1QFj0M0ZTuKjLaLhvvvQ4HwnBGzdbgTr
HvlMCa2XDrPhvTasc2L7K5jotaRXtBkpIN+RrEoH3+3YAxim+DKQxsPXJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFID7AFZgyYonPv9Z+QXERK0Zb+1gMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvZ1BzQVZtREppaWMtXzFuNUJjUkVyUmx2N1dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVsEAwQA
LVsGAwQALYfgMA0GCSqGSIb3DQEBCwUAA4IBAQABP52HJ8jrXIyeSlLgV0cU7kQz
54VpC1wNAhf85jYne5I05ex4oDr6+5HFZRlPLcY27No6KfWi9gA5KMNeot/3GWUo
0BVqKVjEVnTi7NNLnjKyiHOh6v5V2N5HsWERGj9PsZLhCaf/mqwx2lOlpASfu3eW
BePa4rygWmEc7cVablbAcRjKgNyB6M7Q+SEsofdXeyuva8G00KQfulBuxhL+lU1j
OiBJc7TpDdcFcDcwK5NAJrWu5arSPNUQzG3WpUSJJh4Qx5Kisu5SJ9ZoMjg7v2T4
JI2S7ICIZ2ZvgvomditI5HVeMuzy1Z/0+MypfuhO8tRjL61XQ5nB+w8zSKnT
-----END CERTIFICATE-----
Generated at Tue Apr 29 11:33:38 2025 by rpki-client