Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/ggJ6RoNxakqPVk9GDepFB_ID468.roa
File: ggJ6RoNxakqPVk9GDepFB_ID468.roa (raw, json)
Hash identifier: zZMHp/ns2axmAaUy0q1c4bAqMa4sg0Ft+rvdPhPQXqo=
Subject key identifier: 82:02:7A:46:83:71:6A:4A:8F:56:4F:46:0D:EA:45:07:F2:03:E3:AF
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 018A1C84097CE69FD1E9E410FBACFE083FE1
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/ggJ6RoNxakqPVk9GDepFB_ID468.roa
Signing time: Tue 22 Aug 2023 09:12:09 +0000
ROA not before: Tue 22 Aug 2023 09:12:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42831
IP address blocks: 45.43.64.0/23 maxlen: 24
45.43.86.0/24 maxlen: 24
198.105.109.0/24 maxlen: 24
198.105.108.0/24 maxlen: 24
198.105.111.0/24 maxlen: 24
89.33.6.0/23 maxlen: 24
107.181.128.0/22 maxlen: 24
107.181.152.0/24 maxlen: 24
107.181.154.0/24 maxlen: 24
107.181.153.0/24 maxlen: 24
2a07:9946::/32 maxlen: 48
2a05:9f40:1f::/48 maxlen: 48
2a05:9f44:2a05::/48 maxlen: 48
2a07:9947::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:84:09:7c:e6:9f:d1:e9:e4:10:fb:ac:fe:08:3f:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Aug 22 09:12:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82027a4683716a4a8f564f460dea4507f203e3af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:23:14:bf:97:4e:1e:3f:d2:a1:91:d3:ec:c7:
09:dd:87:6c:59:db:39:58:f4:27:4a:30:d0:d2:b4:
04:aa:82:c9:18:a7:ef:ed:6d:08:cc:03:13:81:7f:
37:a2:a2:27:8a:11:1a:39:ca:52:86:3f:bd:5a:0d:
dc:6b:2f:b4:6e:21:ac:b1:53:55:f4:1c:79:e4:72:
f4:a2:5d:c7:99:e0:d3:4b:58:39:d0:65:be:4d:4b:
25:97:f1:16:a8:42:68:9e:46:4f:a6:ce:92:2e:76:
ca:a5:6f:45:e2:67:68:96:d0:fb:fd:fb:e3:81:44:
7d:1d:25:9a:ee:80:10:4c:87:94:bd:56:e5:c2:98:
b3:58:36:6b:a1:93:bb:8c:0b:62:e4:e4:b5:90:5b:
f9:1a:5c:0b:5b:af:c9:0d:83:8a:ae:c0:97:d9:06:
50:05:0d:c3:9b:cd:67:33:a0:d8:8f:9a:7a:ac:84:
da:fa:0c:73:db:91:b4:36:f3:7a:f3:65:26:ca:c4:
43:dc:16:c3:95:e9:2b:93:3e:85:92:db:bd:01:2d:
c0:75:bc:24:41:b8:2d:4e:3c:5d:3c:83:b0:45:b7:
1e:d9:e1:48:e4:7c:64:37:de:95:ed:86:45:31:aa:
6c:76:47:4e:d9:24:4d:95:12:23:59:0b:03:cc:e7:
0e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:02:7A:46:83:71:6A:4A:8F:56:4F:46:0D:EA:45:07:F2:03:E3:AF
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/ggJ6RoNxakqPVk9GDepFB_ID468.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.64.0/23
45.43.86.0/24
89.33.6.0/23
107.181.128.0/22
107.181.152.0-107.181.154.255
198.105.108.0/23
198.105.111.0/24
IPv6:
2a05:9f40:1f::/48
2a05:9f44:2a05::/48
2a07:9946::/31
Signature Algorithm: sha256WithRSAEncryption
74:92:40:6f:30:77:6d:84:9d:df:20:dd:97:95:08:a7:1f:ad:
54:32:09:bd:ee:b8:35:1a:55:bc:d4:c4:bb:9c:bf:c2:2e:bd:
50:28:7c:f9:9b:ca:8c:6d:b9:d2:16:df:5c:18:e4:4a:c2:f2:
96:c7:79:27:9b:f3:63:b1:23:4b:f1:51:62:19:82:c1:2d:5a:
3d:17:2b:24:94:7e:de:a1:b7:37:ce:87:64:77:29:08:d4:f7:
70:2c:9b:b2:90:bd:48:af:0c:64:cd:f6:a5:82:10:a0:68:e1:
cc:31:03:4a:3b:f4:a7:10:1b:14:2f:49:6f:1f:d3:b8:2c:0e:
58:1a:b4:8a:5e:b6:74:00:e0:ee:0f:47:3a:a6:96:5e:9f:76:
a2:24:01:c9:17:35:15:96:9f:9e:f9:d2:ac:ee:c8:c2:d2:17:
90:00:df:a4:2b:5f:3c:e6:fd:a3:6f:a5:c5:cb:23:01:19:cb:
3c:97:4d:12:bf:dc:a5:4f:28:f9:a5:1b:ee:c8:08:1a:21:d6:
60:db:d3:a5:4a:a6:0f:d0:2d:88:23:c1:9c:c9:01:e4:43:cb:
96:b3:e4:fd:d5:dc:84:98:2c:4f:4d:20:5a:91:7e:de:e1:1e:
90:db:82:67:79:25:2a:ff:31:41:44:db:b5:15:58:df:7f:5a:
5b:ce:01:a9
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYochAl85p/R6eQQ+6z+CD/hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjMwODIyMDkxMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjAyN2E0NjgzNzE2YTRhOGY1NjRmNDYwZGVhNDUwN2YyMDNlM2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyMUv5dOHj/SoZHT7McJ3YdsWds5
WPQnSjDQ0rQEqoLJGKfv7W0IzAMTgX83oqInihEaOcpShj+9Wg3cay+0biGssVNV
9Bx55HL0ol3HmeDTS1g50GW+TUsll/EWqEJonkZPps6SLnbKpW9F4mdoltD7/fvj
gUR9HSWa7oAQTIeUvVblwpizWDZroZO7jAti5OS1kFv5GlwLW6/JDYOKrsCX2QZQ
BQ3Dm81nM6DYj5p6rITa+gxz25G0NvN682UmysRD3BbDlekrkz6Fktu9AS3Adbwk
QbgtTjxdPIOwRbce2eFI5HxkN96V7YZFMapsdkdO2SRNlRIjWQsDzOcOawIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFIICekaDcWpKj1ZPRg3qRQfyA+OvMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvZ2dKNlJvTnhha3FQVms5R0RlcEZCX0lENDY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzA4BAIAATAyAwQBLStAAwQA
LStWAwQBWSEGAwQCa7WAMAwDBANrtZgDBABrtZoDBAHGaWwDBADGaW8wHwQCAAIw
GQMHACoFn0AAHwMHACoFn0QqBQMFASoHmUYwDQYJKoZIhvcNAQELBQADggEBAHSS
QG8wd22End8g3ZeVCKcfrVQyCb3uuDUaVbzUxLucv8IuvVAofPmbyoxtudIW31wY
5ErC8pbHeSeb82OxI0vxUWIZgsEtWj0XKySUft6htzfOh2R3KQjU93Asm7KQvUiv
DGTN9qWCEKBo4cwxA0o79KcQGxQvSW8f07gsDlgatIpetnQA4O4PRzqmll6fdqIk
AckXNRWWn5750qzuyMLSF5AA36QrXzzm/aNvpcXLIwEZyzyXTRK/3KVPKPmlG+7I
CBoh1mDb06VKpg/QLYgjwZzJAeRDy5az5P3V3ISYLE9NIFqRft7hHpDbgmd5JSr/
MUFE27UVWN9/WlvOAak=
-----END CERTIFICATE-----
Generated at Sat Jun 7 11:52:55 2025 by rpki-client