Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ce24e2-68be-47d7-950b-c6b8800aa858/1/gh4wLl7C-0CY0uqG9-CrLJLQOcM.roa
File: gh4wLl7C-0CY0uqG9-CrLJLQOcM.roa (raw, json)
Hash identifier: dlH0T9CnOb2dkQrZtfeDLuV86QLNrZfS6KeGvI5ZyxM=
Subject key identifier: 82:1E:30:2E:5E:C2:FB:40:98:D2:EA:86:F7:E0:AB:2C:92:D0:39:C3
Certificate issuer: /CN=81696a81372357b5f1ed7c82ccaa993a980d54e7
Certificate serial: 01857246D8DEE9D449C882010641F9A5C471
Authority key identifier: 81:69:6A:81:37:23:57:B5:F1:ED:7C:82:CC:AA:99:3A:98:0D:54:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gWlqgTcjV7Xx7XyCzKqZOpgNVOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ce24e2-68be-47d7-950b-c6b8800aa858/1/gh4wLl7C-0CY0uqG9-CrLJLQOcM.roa
Signing time: Mon 02 Jan 2023 11:38:43 +0000
ROA not before: Mon 02 Jan 2023 11:38:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200697
IP address blocks: 45.134.241.0/24 maxlen: 24
45.134.243.0/24 maxlen: 24
45.134.240.0/24 maxlen: 24
2a07:4680::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:d8:de:e9:d4:49:c8:82:01:06:41:f9:a5:c4:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81696a81372357b5f1ed7c82ccaa993a980d54e7
Validity
Not Before: Jan 2 11:38:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=821e302e5ec2fb4098d2ea86f7e0ab2c92d039c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d0:6e:db:f4:bc:3d:85:cd:da:b5:30:64:f1:
eb:ca:0c:1f:80:44:ad:8c:18:4e:05:59:42:69:29:
35:fb:d3:04:83:d6:13:ea:fb:9c:9e:73:d7:a6:e6:
25:0c:f7:45:5d:d7:15:af:a9:ff:d6:a7:7b:b4:54:
f2:09:77:99:09:c3:5a:8e:aa:d9:1a:39:79:5d:11:
a5:9e:78:79:f1:fe:e7:72:27:d7:b1:ee:17:7e:f8:
7b:ca:d5:be:6b:8a:f5:ab:4a:bd:f2:41:ae:99:39:
ab:f3:9e:5f:1a:08:1b:45:71:20:66:dc:e5:a4:09:
5d:66:27:c8:d7:c1:cf:76:c1:45:1c:53:a6:11:57:
a0:e9:b8:87:05:b8:66:60:1f:55:f1:54:06:b6:1c:
5b:1c:e9:33:30:12:2f:e7:23:34:72:a8:c8:35:6e:
b1:7b:b9:dd:ca:0e:7c:79:2e:35:cb:77:1f:8c:ab:
ed:92:6f:e0:c7:56:16:67:11:c6:a2:fa:18:a2:09:
9c:21:ad:34:5c:4c:3c:52:c6:71:a1:e5:a0:cf:cf:
ec:fe:33:51:c6:72:e1:de:dd:b7:a8:5f:e1:66:af:
07:fd:1e:e5:72:4b:26:63:98:3b:4c:38:df:bc:d5:
85:a3:80:1a:aa:29:39:d4:6f:ca:2f:8d:9e:be:9c:
f0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:1E:30:2E:5E:C2:FB:40:98:D2:EA:86:F7:E0:AB:2C:92:D0:39:C3
X509v3 Authority Key Identifier:
keyid:81:69:6A:81:37:23:57:B5:F1:ED:7C:82:CC:AA:99:3A:98:0D:54:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gWlqgTcjV7Xx7XyCzKqZOpgNVOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce24e2-68be-47d7-950b-c6b8800aa858/1/gh4wLl7C-0CY0uqG9-CrLJLQOcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ce24e2-68be-47d7-950b-c6b8800aa858/1/gWlqgTcjV7Xx7XyCzKqZOpgNVOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.240.0/23
45.134.243.0/24
IPv6:
2a07:4680::/32
Signature Algorithm: sha256WithRSAEncryption
93:88:79:a4:c6:c4:b1:04:c9:17:27:58:15:ce:e2:91:0a:88:
36:3c:50:ae:b2:09:33:c8:5f:2d:57:3a:07:2e:aa:fc:be:07:
a3:fc:1f:11:1e:e0:7d:a7:7e:1f:0e:3e:da:78:0c:ca:5c:ff:
86:0e:c1:97:8d:69:5e:41:5d:15:57:f8:a7:a1:7c:91:29:be:
a3:70:7f:21:03:34:33:d1:10:64:ae:5b:05:55:bf:66:14:af:
cb:dc:cf:2f:c7:cb:7b:45:a5:f1:10:48:e8:3b:64:4d:fc:e9:
c3:7f:c0:03:95:ae:69:c3:c2:49:b4:c6:f1:70:73:30:a4:44:
51:11:30:58:fb:dc:12:bc:24:94:1e:cd:f3:43:c6:47:4b:d5:
85:81:d2:ab:b7:32:5b:09:15:b1:a1:8b:58:b6:ab:a5:8d:89:
96:8c:cc:fe:25:21:78:76:32:b8:e0:6c:bf:11:14:f5:48:56:
33:97:96:97:43:f9:32:96:36:92:bb:24:8f:f9:be:85:08:ed:
04:35:1f:dd:76:1a:77:8a:c3:14:e5:f0:d4:f9:88:79:7c:26:
41:71:4c:29:cb:bd:71:4e:76:59:90:7f:dc:e9:f2:39:ce:ef:
17:cc:03:58:3a:01:61:cc:b5:e3:08:9c:43:f8:d2:68:0a:1d:
bd:c3:e5:d4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyRtje6dRJyIIBBkH5pcRxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNjk2YTgxMzcyMzU3YjVmMWVkN2M4MmNjYWE5OTNhOTgw
ZDU0ZTcwHhcNMjMwMTAyMTEzODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjFlMzAyZTVlYzJmYjQwOThkMmVhODZmN2UwYWIyYzkyZDAzOWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntBu2/S8PYXN2rUwZPHrygwfgESt
jBhOBVlCaSk1+9MEg9YT6vucnnPXpuYlDPdFXdcVr6n/1qd7tFTyCXeZCcNajqrZ
Gjl5XRGlnnh58f7ncifXse4Xfvh7ytW+a4r1q0q98kGumTmr855fGggbRXEgZtzl
pAldZifI18HPdsFFHFOmEVeg6biHBbhmYB9V8VQGthxbHOkzMBIv5yM0cqjINW6x
e7ndyg58eS41y3cfjKvtkm/gx1YWZxHGovoYogmcIa00XEw8UsZxoeWgz8/s/jNR
xnLh3t23qF/hZq8H/R7lcksmY5g7TDjfvNWFo4Aaqik51G/KL42evpzwbQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIIeMC5ewvtAmNLqhvfgqyyS0DnDMB8GA1UdIwQY
MBaAFIFpaoE3I1e18e18gsyqmTqYDVTnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1dscWdUY2pWN1h4N1h5Q3pLcVpPcGdOVk9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jZTI0ZTItNjhiZS00N2Q3LTk1MGIt
YzZiODgwMGFhODU4LzEvZ2g0d0xsN0MtMENZMHVxRzktQ3JMSkxRT2NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jZTI0ZTItNjhiZS00N2Q3LTk1MGItYzZiODgwMGFhODU4
LzEvZ1dscWdUY2pWN1h4N1h5Q3pLcVpPcGdOVk9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLYbwAwQA
LYbzMA0EAgACMAcDBQAqB0aAMA0GCSqGSIb3DQEBCwUAA4IBAQCTiHmkxsSxBMkX
J1gVzuKRCog2PFCusgkzyF8tVzoHLqr8vgej/B8RHuB9p34fDj7aeAzKXP+GDsGX
jWleQV0VV/inoXyRKb6jcH8hAzQz0RBkrlsFVb9mFK/L3M8vx8t7RaXxEEjoO2RN
/OnDf8ADla5pw8JJtMbxcHMwpERRETBY+9wSvCSUHs3zQ8ZHS9WFgdKrtzJbCRWx
oYtYtquljYmWjMz+JSF4djK44Gy/ERT1SFYzl5aXQ/kyljaSuySP+b6FCO0ENR/d
dhp3isMU5fDU+Yh5fCZBcUwpy71xTnZZkH/c6fI5zu8XzANYOgFhzLXjCJxD+NJo
Ch29w+XU
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:05:25 2025 by rpki-client