Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/htRnVAXjasOdwuMqn2mFJu-GS-8.roa
File: htRnVAXjasOdwuMqn2mFJu-GS-8.roa (raw, json)
Hash identifier: 4qSmboln1FTNy/kuxWZmbAbTWioWck6MmVaZYxB0Yqw=
Subject key identifier: 86:D4:67:54:05:E3:6A:C3:9D:C2:E3:2A:9F:69:85:26:EF:86:4B:EF
Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Certificate serial: 0185B6B710F566DC1790D7CC9A687F901544
Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/htRnVAXjasOdwuMqn2mFJu-GS-8.roa
Signing time: Sun 15 Jan 2023 18:35:28 +0000
ROA not before: Sun 15 Jan 2023 18:35:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210122
IP address blocks: 45.8.176.0/24 maxlen: 24
45.142.0.0/24 maxlen: 24
45.142.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b6:b7:10:f5:66:dc:17:90:d7:cc:9a:68:7f:90:15:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7
Validity
Not Before: Jan 15 18:35:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86d4675405e36ac39dc2e32a9f698526ef864bef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:02:0b:49:c3:5b:d6:6b:9c:14:5a:fa:b4:dd:
bf:a5:a4:19:f5:2e:cb:e0:31:83:3c:85:5c:da:12:
24:22:12:09:2f:f6:37:d5:04:03:79:2a:c5:d3:e8:
8a:98:e1:60:30:64:fb:ce:9b:ae:72:dd:3b:c1:4f:
7e:66:e4:a1:d8:1b:0d:22:b8:c2:a8:9d:ac:c2:d8:
0f:54:d7:ed:98:73:7f:46:04:9c:bf:76:b5:37:31:
56:c7:8d:62:b9:e0:d1:21:c2:21:5d:fa:8a:f1:00:
1c:e7:a3:5e:55:a7:4b:d9:f7:56:f7:d2:55:8a:33:
dd:1f:78:12:74:e4:67:4a:0f:03:a2:2d:1a:11:15:
9e:4f:bb:49:b2:13:6d:8a:cb:36:3a:e9:21:ca:c9:
ef:de:2d:a5:a9:98:6e:8e:77:41:db:00:12:58:e8:
c2:5c:8b:1a:e4:89:5a:51:e2:b3:75:8f:9e:ef:b5:
f5:26:b9:7c:eb:16:e6:64:81:28:78:d3:c1:89:5d:
13:96:66:78:ba:6a:b2:38:11:9e:52:7c:2b:5c:cf:
5b:f5:0d:b7:73:6e:67:58:f5:8f:73:5c:22:ed:44:
e0:b4:eb:99:2c:e0:95:db:0d:ed:89:b9:c2:3e:1a:
bd:a4:7d:44:c9:21:83:7a:f9:1e:e0:6a:29:1b:64:
ca:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D4:67:54:05:E3:6A:C3:9D:C2:E3:2A:9F:69:85:26:EF:86:4B:EF
X509v3 Authority Key Identifier:
keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/htRnVAXjasOdwuMqn2mFJu-GS-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.176.0/24
45.142.0.0/23
Signature Algorithm: sha256WithRSAEncryption
78:3a:f2:5b:d5:8a:00:a4:0a:1d:64:2a:89:25:80:bf:dc:46:
57:83:ca:fc:1a:ca:53:32:9c:7b:e9:82:0d:67:e6:67:3d:43:
ef:8d:bb:e8:e2:d7:2c:11:fb:52:ca:5f:19:a9:cf:2c:06:37:
d9:ee:15:64:05:98:e8:f5:e2:32:c2:f2:74:b9:13:70:84:38:
0a:58:3f:eb:c0:bb:2b:9e:91:5a:76:72:aa:e5:73:02:51:92:
2a:e8:ae:7e:7e:bb:45:7f:eb:73:b3:a9:9e:73:2b:4a:f4:4a:
95:32:74:b9:f9:7a:3d:e9:ce:0c:6b:13:be:b6:dc:c2:34:9b:
4a:79:d7:cb:01:8e:f8:59:e3:a3:5d:ff:ac:84:5e:7e:10:fa:
bf:5b:02:dc:c3:cf:bc:0c:1d:e6:73:14:8a:2b:5e:e8:2b:6e:
e5:d8:ab:20:ad:ee:c0:9d:f1:1b:d8:62:21:68:86:02:2e:2a:
6a:f7:d7:55:de:2d:a8:73:e8:0f:81:b5:8f:2d:58:00:5a:3e:
5a:04:54:12:d8:90:53:54:04:9d:16:2a:02:00:e2:2b:f3:a4:
e6:c9:ce:71:20:4d:cf:d1:8d:bb:83:ad:0d:12:8d:ac:be:1f:
ed:ea:7f:47:ec:71:71:2c:53:89:8c:8d:1c:5a:a8:82:4b:b9:
b9:38:be:30
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYW2txD1ZtwXkNfMmmh/kBVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy
ODVkZTcwHhcNMjMwMTE1MTgzNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmQ0Njc1NDA1ZTM2YWMzOWRjMmUzMmE5ZjY5ODUyNmVmODY0YmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwILScNb1mucFFr6tN2/paQZ9S7L
4DGDPIVc2hIkIhIJL/Y31QQDeSrF0+iKmOFgMGT7zpuuct07wU9+ZuSh2BsNIrjC
qJ2swtgPVNftmHN/RgScv3a1NzFWx41iueDRIcIhXfqK8QAc56NeVadL2fdW99JV
ijPdH3gSdORnSg8Doi0aERWeT7tJshNtiss2Oukhysnv3i2lqZhujndB2wASWOjC
XIsa5IlaUeKzdY+e77X1Jrl86xbmZIEoeNPBiV0TlmZ4umqyOBGeUnwrXM9b9Q23
c25nWPWPc1wi7UTgtOuZLOCV2w3tibnCPhq9pH1EySGDevke4GopG2TKDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIbUZ1QF42rDncLjKp9phSbvhkvvMB8GA1UdIwQY
MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt
NDc3MjMxMTkxYTM1LzEvaHRSblZBWGphc09kd3VNcW4ybUZKdS1HUy04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1
LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQiwAwQB
LY4AMA0GCSqGSIb3DQEBCwUAA4IBAQB4OvJb1YoApAodZCqJJYC/3EZXg8r8GspT
Mpx76YINZ+ZnPUPvjbvo4tcsEftSyl8Zqc8sBjfZ7hVkBZjo9eIywvJ0uRNwhDgK
WD/rwLsrnpFadnKq5XMCUZIq6K5+frtFf+tzs6mecytK9EqVMnS5+Xo96c4MaxO+
ttzCNJtKedfLAY74WeOjXf+shF5+EPq/WwLcw8+8DB3mcxSKK17oK27l2Ksgre7A
nfEb2GIhaIYCLipq99dV3i2oc+gPgbWPLVgAWj5aBFQS2JBTVASdFioCAOIr86Tm
yc5xIE3P0Y27g60NEo2svh/t6n9H7HFxLFOJjI0cWqiCS7m5OL4w
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:39 2025 by rpki-client