Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/GoGGNOILqnM1lxRjKt0xeCcbV2w.roa
File: GoGGNOILqnM1lxRjKt0xeCcbV2w.roa (raw, json)
Hash identifier: 9ygATdOhi3qE1ukMyLepaCpdDLNrHmIaD9EZbteq01g=
Subject key identifier: 1A:81:86:34:E2:0B:AA:73:35:97:14:63:2A:DD:31:78:27:1B:57:6C
Certificate issuer: /CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Certificate serial: 0182C6AE1DB7F5A89FA864B04973B26DAEC8
Authority key identifier: A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/GoGGNOILqnM1lxRjKt0xeCcbV2w.roa
Signing time: Mon 22 Aug 2022 17:51:15 +0000
ROA not before: Mon 22 Aug 2022 17:51:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202945
IP address blocks: 45.154.60.0/24 maxlen: 24
2a0f:b100::/40 maxlen: 48
2a0f:b100:400::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c6:ae:1d:b7:f5:a8:9f:a8:64:b0:49:73:b2:6d:ae:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Validity
Not Before: Aug 22 17:51:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a818634e20baa73359714632add3178271b576c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:72:82:2e:e4:1b:3b:60:56:46:0c:7c:73:a5:
cc:b1:90:89:20:8c:53:f3:1e:4c:64:bf:f3:1b:c2:
39:80:43:58:bf:19:3a:0a:d6:d0:79:b4:b0:c3:d9:
c6:51:f2:59:7b:11:10:4b:42:15:7c:f7:f0:d8:bc:
e2:12:a5:07:85:84:ac:45:77:be:0e:d8:84:0a:fc:
31:67:ba:4d:9e:2e:0e:57:55:aa:56:1c:88:2b:fc:
0c:57:b6:49:ef:f4:0e:53:5d:e3:b9:e4:28:dc:2b:
4f:42:03:b2:93:81:20:61:c9:97:c7:0f:55:c0:b5:
93:32:c2:62:40:29:05:41:9c:48:e7:13:c4:3e:61:
14:38:d9:a8:3d:71:98:f1:46:b9:30:0a:21:c0:4e:
d8:70:a9:a8:86:e1:e4:87:69:30:9f:ee:86:22:85:
68:0e:e6:eb:28:20:ea:5c:75:6a:38:78:89:b0:6d:
c0:3d:2b:97:c9:3a:d8:e1:ec:cd:6e:93:a6:cc:26:
68:0f:ce:72:c7:42:e1:05:26:71:ff:e5:03:68:11:
ef:17:33:4c:05:5a:29:c7:2b:5a:32:cf:32:bf:51:
f3:4a:34:4b:51:c6:8d:ea:9a:2a:ee:55:ce:37:63:
49:88:36:0e:33:ae:61:1d:22:c8:50:be:5a:5f:5b:
d7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:81:86:34:E2:0B:AA:73:35:97:14:63:2A:DD:31:78:27:1B:57:6C
X509v3 Authority Key Identifier:
keyid:A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/GoGGNOILqnM1lxRjKt0xeCcbV2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/plYtCGlIDcEbdKVSzRZ7b2M5yLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.60.0/24
IPv6:
2a0f:b100::/40
2a0f:b100:400::/40
Signature Algorithm: sha256WithRSAEncryption
42:e5:8e:df:31:d9:77:ae:63:61:47:7c:bf:96:09:e3:39:fe:
07:cc:ef:c3:3a:e7:37:30:a5:26:f4:2d:53:f1:8f:af:dd:3e:
24:a9:ec:b6:a9:8e:a2:ef:7b:c3:db:78:a6:45:1a:75:7b:2c:
13:09:05:b8:85:c8:3d:38:59:d9:40:64:c8:a9:74:28:8d:88:
ec:55:de:55:5a:21:6e:8f:95:de:59:95:7f:cb:f8:04:25:76:
ad:b5:d8:d0:cd:b8:5b:a7:35:3a:bc:85:6f:40:f8:a6:b0:29:
5d:86:d1:2d:9a:b5:af:f2:9f:2d:56:53:c2:d3:17:06:93:6f:
01:a1:db:1f:47:33:bc:20:0c:c0:70:a5:71:bd:c8:f3:1e:a7:
8b:c1:c6:d2:87:58:69:32:db:d2:82:5b:83:98:93:6d:2e:19:
31:9b:63:32:90:2f:a0:71:09:da:ef:e2:a4:46:18:58:34:e2:
11:f1:2c:ea:29:29:88:6e:03:a1:1e:e4:95:53:67:a9:0e:7e:
84:d5:07:ae:18:81:c7:2f:ae:00:e2:12:f5:94:65:bb:b8:3e:
8e:8b:f7:9c:46:20:62:72:c5:e2:8a:e2:5d:6d:55:42:46:19:
af:f9:2e:09:0b:8f:cf:f4:bb:d0:52:d1:32:13:f9:d6:ce:f6:
53:d9:8e:5d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYLGrh239aifqGSwSXOyba7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTYyZDA4Njk0ODBkYzExYjc0YTU1MmNkMTY3YjZmNjMz
OWM4YmEwHhcNMjIwODIyMTc1MTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTgxODYzNGUyMGJhYTczMzU5NzE0NjMyYWRkMzE3ODI3MWI1NzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXKCLuQbO2BWRgx8c6XMsZCJIIxT
8x5MZL/zG8I5gENYvxk6CtbQebSww9nGUfJZexEQS0IVfPfw2LziEqUHhYSsRXe+
DtiECvwxZ7pNni4OV1WqVhyIK/wMV7ZJ7/QOU13jueQo3CtPQgOyk4EgYcmXxw9V
wLWTMsJiQCkFQZxI5xPEPmEUONmoPXGY8Ua5MAohwE7YcKmohuHkh2kwn+6GIoVo
DubrKCDqXHVqOHiJsG3APSuXyTrY4ezNbpOmzCZoD85yx0LhBSZx/+UDaBHvFzNM
BVopxytaMs8yv1HzSjRLUcaN6poq7lXON2NJiDYOM65hHSLIUL5aX1vXAwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBqBhjTiC6pzNZcUYyrdMXgnG1dsMB8GA1UdIwQY
MBaAFKZWLQhpSA3BG3SlUs0We29jOci6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEt
NDVhOGZlZDNhMmE1LzEvR29HR05PSUxxbk0xbHhSakt0MHhlQ2NiVjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEtNDVhOGZlZDNhMmE1
LzEvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQALZo8MBYE
AgACMBADBgAqD7EAAAMGACoPsQAEMA0GCSqGSIb3DQEBCwUAA4IBAQBC5Y7fMdl3
rmNhR3y/lgnjOf4HzO/DOuc3MKUm9C1T8Y+v3T4kqey2qY6i73vD23imRRp1eywT
CQW4hcg9OFnZQGTIqXQojYjsVd5VWiFuj5XeWZV/y/gEJXattdjQzbhbpzU6vIVv
QPimsCldhtEtmrWv8p8tVlPC0xcGk28BodsfRzO8IAzAcKVxvcjzHqeLwcbSh1hp
MtvSgluDmJNtLhkxm2MykC+gcQna7+KkRhhYNOIR8SzqKSmIbgOhHuSVU2epDn6E
1QeuGIHHL64A4hL1lGW7uD6Oi/ecRiBicsXiiuJdbVVCRhmv+S4JC4/P9LvQUtEy
E/nWzvZT2Y5d
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:05 2025 by rpki-client