Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/gsy3bL7nfRocINKlWOH3by3lWpk.roa
File: gsy3bL7nfRocINKlWOH3by3lWpk.roa (raw, json)
Hash identifier: Q6pyyOPZpmnIDE+EMZPPBgudAkCdk0MeTGXwGl37ejI=
Subject key identifier: 82:CC:B7:6C:BE:E7:7D:1A:1C:20:D2:A5:58:E1:F7:6F:2D:E5:5A:99
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01856E8B4732F5A462740A3FD0623C420638
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/gsy3bL7nfRocINKlWOH3by3lWpk.roa
Signing time: Sun 01 Jan 2023 18:14:59 +0000
ROA not before: Sun 01 Jan 2023 18:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48357
IP address blocks: 45.15.140.0/24 maxlen: 24
45.89.97.0/24 maxlen: 24
45.89.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:47:32:f5:a4:62:74:0a:3f:d0:62:3c:42:06:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 18:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82ccb76cbee77d1a1c20d2a558e1f76f2de55a99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ae:71:90:64:b9:ad:4a:c3:66:e1:76:64:f4:
19:15:49:15:1b:42:88:44:40:14:c1:43:a3:1a:eb:
33:49:28:9e:45:0a:ed:53:f7:34:76:21:89:27:54:
c0:4b:2f:76:1d:85:81:3c:cf:2b:d3:b9:45:21:9d:
7b:a0:e2:1f:7d:81:d4:a7:20:d8:82:96:fc:68:2c:
19:2b:57:3e:ed:75:dd:3c:36:7d:56:8f:9b:c7:9a:
b6:80:47:3f:5b:5e:6e:2b:99:63:95:42:a1:58:96:
ea:34:48:8e:9c:7b:28:82:26:28:50:14:85:e0:02:
b2:34:6e:ea:58:45:23:67:4a:90:c2:f8:d7:21:fb:
37:c8:c4:f3:b2:40:99:80:93:b5:1e:cb:45:86:ab:
aa:3d:8a:cd:eb:84:ea:d9:88:e9:85:8e:9d:5a:a6:
00:cc:56:07:57:db:5b:c2:86:b7:3e:9f:33:dc:62:
f9:42:10:c2:42:b3:c8:92:80:33:28:22:40:05:c8:
ce:77:f3:81:30:8b:33:08:c8:2c:70:10:68:34:d9:
43:96:81:f5:c4:04:5c:7c:2e:e8:b8:76:32:01:61:
ed:2c:c1:66:45:27:34:00:f7:e8:01:3e:6b:da:14:
25:4f:24:8c:19:31:28:8e:fc:68:ae:99:ba:d7:25:
57:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:CC:B7:6C:BE:E7:7D:1A:1C:20:D2:A5:58:E1:F7:6F:2D:E5:5A:99
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/gsy3bL7nfRocINKlWOH3by3lWpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.140.0/24
45.89.97.0/24
45.89.99.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:08:80:3f:2d:47:fb:15:53:ac:d4:e9:73:40:31:6b:51:8b:
df:29:4e:ae:43:c0:25:39:d1:80:02:d1:99:29:e4:70:e7:d7:
52:6d:fa:ae:15:c5:bc:36:5f:8a:cd:5a:57:10:23:97:a0:ab:
91:4d:a6:f7:39:74:95:34:08:82:e3:db:af:ae:4a:90:ee:7c:
0b:60:ff:96:9f:c3:17:f7:2f:f9:b1:cd:58:d8:7d:32:c0:5e:
c2:95:42:55:12:f8:1c:a5:e5:a4:e3:ac:3f:40:ac:0f:59:0b:
60:94:b1:62:1e:7b:61:b6:d4:39:04:fc:63:0f:c1:62:bf:1d:
46:d4:7a:b4:d3:a7:b3:02:fb:c9:ce:30:cb:b1:e6:77:f7:3c:
f9:73:35:8b:bb:71:78:a2:3f:9e:7a:1f:97:61:78:5e:ab:75:
22:8e:27:86:81:ad:a8:b7:89:a1:23:2e:f0:07:8a:2d:0c:9c:
47:cd:83:83:c0:cd:a4:11:5c:41:d5:42:e4:b4:3c:76:9a:70:
12:b8:4b:39:ad:da:88:74:aa:59:7e:c8:00:35:dd:e3:f7:a8:
3c:cc:bc:18:05:aa:d1:4a:9b:d6:d8:88:45:b8:d6:fb:3c:fd:
83:cb:0e:d7:7c:ad:db:a5:54:4f:10:77:4a:6e:3f:fa:15:be:
4c:ae:75:4b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVui0cy9aRidAo/0GI8QgY4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMTAxMTgxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmNjYjc2Y2JlZTc3ZDFhMWMyMGQyYTU1OGUxZjc2ZjJkZTU1YTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArq5xkGS5rUrDZuF2ZPQZFUkVG0KI
REAUwUOjGuszSSieRQrtU/c0diGJJ1TASy92HYWBPM8r07lFIZ17oOIffYHUpyDY
gpb8aCwZK1c+7XXdPDZ9Vo+bx5q2gEc/W15uK5ljlUKhWJbqNEiOnHsogiYoUBSF
4AKyNG7qWEUjZ0qQwvjXIfs3yMTzskCZgJO1HstFhquqPYrN64Tq2YjphY6dWqYA
zFYHV9tbwoa3Pp8z3GL5QhDCQrPIkoAzKCJABcjOd/OBMIszCMgscBBoNNlDloH1
xARcfC7ouHYyAWHtLMFmRSc0APfoAT5r2hQlTySMGTEojvxorpm61yVXawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFILMt2y+530aHCDSpVjh928t5VqZMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvZ3N5M2JMN25mUm9jSU5LbFdPSDNieTNsV3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQ+MAwQA
LVlhAwQALVljMA0GCSqGSIb3DQEBCwUAA4IBAQDXCIA/LUf7FVOs1OlzQDFrUYvf
KU6uQ8AlOdGAAtGZKeRw59dSbfquFcW8Nl+KzVpXECOXoKuRTab3OXSVNAiC49uv
rkqQ7nwLYP+Wn8MX9y/5sc1Y2H0ywF7ClUJVEvgcpeWk46w/QKwPWQtglLFiHnth
ttQ5BPxjD8Fivx1G1Hq006ezAvvJzjDLseZ39zz5czWLu3F4oj+eeh+XYXheq3Ui
jieGga2ot4mhIy7wB4otDJxHzYODwM2kEVxB1ULktDx2mnASuEs5rdqIdKpZfsgA
Nd3j96g8zLwYBarRSpvW2IhFuNb7PP2Dyw7XfK3bpVRPEHdKbj/6Fb5MrnVL
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:05 2025 by rpki-client