Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/4b2cf9-d8ed-4a27-93ba-93b691ee1cce/1/gFt06vWS2sQ7uLghB5dUC9XJ_FE.roa
File: gFt06vWS2sQ7uLghB5dUC9XJ_FE.roa (raw, json)
Hash identifier: sP+huQ2hR9SyvClRwZophoPHNcNL4QEBla5ba/vlB38=
Subject key identifier: 80:5B:74:EA:F5:92:DA:C4:3B:B8:B8:21:07:97:54:0B:D5:C9:FC:51
Certificate issuer: /CN=e43dd424384759b5e85595825019b69fe9bf9220
Certificate serial: 01856DA64EFB63EAF17869349DB4FA0A83CE
Authority key identifier: E4:3D:D4:24:38:47:59:B5:E8:55:95:82:50:19:B6:9F:E9:BF:92:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5D3UJDhHWbXoVZWCUBm2n-m_kiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/4b2cf9-d8ed-4a27-93ba-93b691ee1cce/1/gFt06vWS2sQ7uLghB5dUC9XJ_FE.roa
Signing time: Sun 01 Jan 2023 14:04:53 +0000
ROA not before: Sun 01 Jan 2023 14:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62000
IP address blocks: 45.157.60.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:a6:4e:fb:63:ea:f1:78:69:34:9d:b4:fa:0a:83:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43dd424384759b5e85595825019b69fe9bf9220
Validity
Not Before: Jan 1 14:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=805b74eaf592dac43bb8b8210797540bd5c9fc51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6b:70:76:72:4f:d1:77:84:94:33:23:55:2b:
a1:5b:61:62:85:c8:e1:c6:91:f1:2c:f9:0a:49:b5:
00:43:74:17:7a:48:da:0b:c4:29:de:d2:aa:c6:0a:
95:93:70:ae:8a:e0:e6:16:09:8a:8d:6f:8c:2e:04:
46:b9:2d:e8:e0:6e:52:33:ca:7e:be:83:25:93:25:
06:b9:3b:53:28:32:4e:8e:1c:97:d6:ce:f9:31:0c:
74:15:d5:0d:ee:1a:b8:c7:e2:0e:b0:b0:ff:90:69:
66:f9:42:24:c4:51:6e:a9:df:81:48:21:30:fc:4b:
1b:72:c8:40:11:e2:72:4b:87:ab:d1:cf:4e:bc:d2:
77:06:e2:2b:f0:41:66:d0:91:bd:9b:52:35:98:db:
f5:b0:71:ed:ec:b9:42:13:4a:8b:3f:7d:fd:92:12:
14:1a:8f:61:7c:1d:1f:ec:ef:66:1e:30:85:41:11:
5a:39:4b:ff:87:75:c1:ba:e8:3a:ea:a7:30:67:1b:
ff:9c:69:4c:d8:f6:43:dc:28:b8:84:70:83:d6:0b:
db:4d:ab:5e:f4:c0:4d:99:54:c7:9e:d3:8f:5e:24:
ca:0c:ad:ba:11:ba:18:3b:51:30:7d:52:82:0a:0e:
5d:24:9c:c4:32:e0:e7:a6:99:cf:00:51:fb:07:72:
a6:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:5B:74:EA:F5:92:DA:C4:3B:B8:B8:21:07:97:54:0B:D5:C9:FC:51
X509v3 Authority Key Identifier:
keyid:E4:3D:D4:24:38:47:59:B5:E8:55:95:82:50:19:B6:9F:E9:BF:92:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D3UJDhHWbXoVZWCUBm2n-m_kiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/4b2cf9-d8ed-4a27-93ba-93b691ee1cce/1/gFt06vWS2sQ7uLghB5dUC9XJ_FE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/4b2cf9-d8ed-4a27-93ba-93b691ee1cce/1/5D3UJDhHWbXoVZWCUBm2n-m_kiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.60.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:aa:47:9f:37:c3:77:08:11:85:ca:ca:3d:ce:a9:19:d9:53:
cc:36:f0:84:0b:b0:fa:ab:12:3b:a1:40:2b:02:c1:b9:a6:72:
b0:1b:25:69:84:68:d1:08:81:4a:64:0c:6f:1f:e4:4f:68:35:
6f:a1:41:67:ad:c7:fa:ef:d0:f3:52:d9:f0:2d:61:ea:f1:8d:
8a:85:fa:29:4e:51:aa:26:32:6c:6d:97:da:a1:2a:3a:1b:09:
05:21:bc:26:52:6b:5e:a5:01:4e:f7:03:6c:c0:5d:a0:6c:d4:
76:89:f5:f0:6e:c5:0d:9b:e1:e6:94:51:11:95:b7:b6:ce:92:
cf:84:a1:58:f2:53:d1:60:32:76:4e:d2:5b:aa:42:9e:30:46:
8f:3e:d7:d8:10:04:73:18:3a:c4:a9:13:d1:0f:8c:8f:93:aa:
c5:de:91:c2:f6:a6:b4:15:d5:aa:bf:e1:e2:99:20:27:26:df:
fb:43:02:8f:40:07:a8:67:95:f9:d6:b9:92:9a:77:e2:5e:b1:
00:37:6c:4c:6c:23:23:f5:2d:f3:54:4a:09:63:57:5f:f4:0d:
85:03:f9:87:d6:a9:b0:04:53:6b:61:f6:ea:8e:6e:da:04:49:
7b:d8:5c:08:cf:60:d1:32:28:46:bd:c8:bd:94:7c:71:fa:49:
ed:fb:f0:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtpk77Y+rxeGk0nbT6CoPOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2RkNDI0Mzg0NzU5YjVlODU1OTU4MjUwMTliNjlmZTli
ZjkyMjAwHhcNMjMwMTAxMTQwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDViNzRlYWY1OTJkYWM0M2JiOGI4MjEwNzk3NTQwYmQ1YzlmYzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGtwdnJP0XeElDMjVSuhW2Fihcjh
xpHxLPkKSbUAQ3QXekjaC8Qp3tKqxgqVk3CuiuDmFgmKjW+MLgRGuS3o4G5SM8p+
voMlkyUGuTtTKDJOjhyX1s75MQx0FdUN7hq4x+IOsLD/kGlm+UIkxFFuqd+BSCEw
/EsbcshAEeJyS4er0c9OvNJ3BuIr8EFm0JG9m1I1mNv1sHHt7LlCE0qLP339khIU
Go9hfB0f7O9mHjCFQRFaOUv/h3XBuug66qcwZxv/nGlM2PZD3Ci4hHCD1gvbTate
9MBNmVTHntOPXiTKDK26EboYO1EwfVKCCg5dJJzEMuDnppnPAFH7B3KmpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIBbdOr1ktrEO7i4IQeXVAvVyfxRMB8GA1UdIwQY
MBaAFOQ91CQ4R1m16FWVglAZtp/pv5IgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQzVUpEaEhXYlhvVlpXQ1VCbTJuLW1fa2lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80YjJjZjktZDhlZC00YTI3LTkzYmEt
OTNiNjkxZWUxY2NlLzEvZ0Z0MDZ2V1Myc1E3dUxnaEI1ZFVDOVhKX0ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy80YjJjZjktZDhlZC00YTI3LTkzYmEtOTNiNjkxZWUxY2Nl
LzEvNUQzVUpEaEhXYlhvVlpXQ1VCbTJuLW1fa2lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZ08MA0G
CSqGSIb3DQEBCwUAA4IBAQCKqkefN8N3CBGFyso9zqkZ2VPMNvCEC7D6qxI7oUAr
AsG5pnKwGyVphGjRCIFKZAxvH+RPaDVvoUFnrcf679DzUtnwLWHq8Y2KhfopTlGq
JjJsbZfaoSo6GwkFIbwmUmtepQFO9wNswF2gbNR2ifXwbsUNm+HmlFERlbe2zpLP
hKFY8lPRYDJ2TtJbqkKeMEaPPtfYEARzGDrEqRPRD4yPk6rF3pHC9qa0FdWqv+Hi
mSAnJt/7QwKPQAeoZ5X51rmSmnfiXrEAN2xMbCMj9S3zVEoJY1df9A2FA/mH1qmw
BFNrYfbqjm7aBEl72FwIz2DRMihGvci9lHxx+knt+/Cw
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:03:10 2025 by rpki-client