Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/GAQTWy4GRSZHPqd9GPxZNr7qIOI.roa
File: GAQTWy4GRSZHPqd9GPxZNr7qIOI.roa (raw, json)
Hash identifier: aiiME2IK1JrJZo8pxVNS0XWrSdoFikCEmWnVA7EjHAg=
Subject key identifier: 18:04:13:5B:2E:06:45:26:47:3E:A7:7D:18:FC:59:36:BE:EA:20:E2
Certificate issuer: /CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Certificate serial: 018B431E62B2B350AAD9AC6B6E0B712F0B64
Authority key identifier: A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/GAQTWy4GRSZHPqd9GPxZNr7qIOI.roa
Signing time: Wed 18 Oct 2023 14:09:06 +0000
ROA not before: Wed 18 Oct 2023 14:09:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60456
IP address blocks: 45.81.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:43:1e:62:b2:b3:50:aa:d9:ac:6b:6e:0b:71:2f:0b:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a375369b2d4bb2e2dede668645313e344e6f1cc0
Validity
Not Before: Oct 18 14:09:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1804135b2e064526473ea77d18fc5936beea20e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:01:68:24:01:7d:5b:b2:fa:0b:71:48:8a:ff:
83:88:46:d3:a9:23:4c:52:5b:bf:c3:0f:b5:ca:a7:
b0:f8:ea:a0:ec:63:08:d7:f2:6d:c8:2c:95:98:96:
63:64:5d:74:d2:2f:43:7d:ee:d7:d7:8c:0d:ce:83:
12:83:f9:80:7c:e7:2d:dd:c1:6a:4b:fa:93:3b:60:
3b:ab:ea:c2:c4:76:c2:87:c1:bc:2c:61:98:e2:06:
8e:f4:73:c4:7f:c7:1b:47:d7:62:89:79:c1:23:c1:
45:9d:4b:d7:53:93:41:98:b2:87:9b:d4:2c:9c:ed:
9f:92:d3:df:69:a5:8d:42:f8:45:b9:92:bb:a6:2a:
55:a2:c2:9b:c0:95:b4:3f:09:86:06:a6:ab:55:23:
5f:f5:ad:45:41:68:c7:1b:39:83:a8:12:53:df:49:
c0:fc:60:64:2d:08:21:3c:dd:60:ff:cc:e7:8e:f2:
5e:6e:b0:ab:d9:2d:3c:f4:85:cd:80:50:ce:50:2c:
6f:ec:ff:18:f5:02:9b:2e:d2:03:dc:a9:20:63:59:
78:5c:d6:da:1b:86:1e:e9:c1:38:80:34:bc:bc:12:
24:26:28:4f:ae:26:0f:53:d6:c9:f9:29:4d:fd:d4:
a2:28:05:a2:a2:fc:25:eb:06:98:e3:54:c6:04:42:
cf:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:04:13:5B:2E:06:45:26:47:3E:A7:7D:18:FC:59:36:BE:EA:20:E2
X509v3 Authority Key Identifier:
keyid:A3:75:36:9B:2D:4B:B2:E2:DE:DE:66:86:45:31:3E:34:4E:6F:1C:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3U2my1LsuLe3maGRTE-NE5vHMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/GAQTWy4GRSZHPqd9GPxZNr7qIOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ec6905-b0f7-424f-8a84-28bec7b99929/1/o3U2my1LsuLe3maGRTE-NE5vHMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.204.0/22
Signature Algorithm: sha256WithRSAEncryption
78:f9:59:8a:54:60:8e:96:1f:c4:9f:07:9f:8e:75:75:fc:48:
21:1c:4c:71:78:ef:d9:30:d4:f1:6a:74:a3:63:db:b9:61:fd:
74:a0:2f:8b:57:52:3c:13:e9:ad:b0:df:eb:cf:7f:32:04:70:
cc:45:2f:40:95:63:da:26:39:3e:f3:43:d9:53:e4:3f:1b:4b:
cc:d4:68:af:d9:53:98:0a:34:1c:36:d5:97:97:ca:da:2a:36:
8d:be:49:6d:b2:94:50:ff:93:a6:bc:43:91:79:b7:80:e0:3a:
0a:f5:6c:90:63:ad:62:89:dd:49:0d:47:b3:5c:88:b5:23:ab:
d4:3c:5a:e9:9f:2f:99:ef:52:e8:bf:4d:bb:11:3b:07:3a:2e:
37:ab:02:07:eb:b6:fa:48:3c:89:24:98:22:f1:81:20:13:06:
da:97:8c:47:cd:4c:6c:ae:69:6b:35:33:ae:9d:cf:04:f8:fc:
c8:c9:5d:8e:dc:59:5e:f4:5c:78:e7:7c:d7:f1:38:6c:4a:e6:
92:41:70:be:92:15:62:26:90:00:08:e9:49:fa:f9:05:c5:ed:
0c:8c:ea:09:68:6e:7e:7c:d5:21:61:33:b0:26:3d:53:3a:7e:
71:a2:9d:c4:f1:e7:32:b9:21:c1:93:75:eb:b6:71:6d:5c:79:
9c:d8:8f:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtDHmKys1Cq2axrbgtxLwtkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzUzNjliMmQ0YmIyZTJkZWRlNjY4NjQ1MzEzZTM0NGU2
ZjFjYzAwHhcNMjMxMDE4MTQwOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODA0MTM1YjJlMDY0NTI2NDczZWE3N2QxOGZjNTkzNmJlZWEyMGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywFoJAF9W7L6C3FIiv+DiEbTqSNM
Ulu/ww+1yqew+Oqg7GMI1/JtyCyVmJZjZF100i9Dfe7X14wNzoMSg/mAfOct3cFq
S/qTO2A7q+rCxHbCh8G8LGGY4gaO9HPEf8cbR9diiXnBI8FFnUvXU5NBmLKHm9Qs
nO2fktPfaaWNQvhFuZK7pipVosKbwJW0PwmGBqarVSNf9a1FQWjHGzmDqBJT30nA
/GBkLQghPN1g/8znjvJebrCr2S089IXNgFDOUCxv7P8Y9QKbLtID3KkgY1l4XNba
G4Ye6cE4gDS8vBIkJihPriYPU9bJ+SlN/dSiKAWiovwl6waY41TGBELP9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBgEE1suBkUmRz6nfRj8WTa+6iDiMB8GA1UdIwQY
MBaAFKN1NpstS7Li3t5mhkUxPjRObxzAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQt
MjhiZWM3Yjk5OTI5LzEvR0FRVFd5NEdSU1pIUHFkOUdQeFpOcjdxSU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lYzY5MDUtYjBmNy00MjRmLThhODQtMjhiZWM3Yjk5OTI5
LzEvbzNVMm15MUxzdUxlM21hR1JURS1ORTV2SE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVHMMA0G
CSqGSIb3DQEBCwUAA4IBAQB4+VmKVGCOlh/EnwefjnV1/EghHExxeO/ZMNTxanSj
Y9u5Yf10oC+LV1I8E+mtsN/rz38yBHDMRS9AlWPaJjk+80PZU+Q/G0vM1Giv2VOY
CjQcNtWXl8raKjaNvkltspRQ/5OmvEORebeA4DoK9WyQY61iid1JDUezXIi1I6vU
PFrpny+Z71Lov027ETsHOi43qwIH67b6SDyJJJgi8YEgEwbal4xHzUxsrmlrNTOu
nc8E+PzIyV2O3Fle9Fx453zX8ThsSuaSQXC+khViJpAACOlJ+vkFxe0MjOoJaG5+
fNUhYTOwJj1TOn5xop3E8ecyuSHBk3XrtnFtXHmc2I8m
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:34:14 2025 by rpki-client