Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/GCH4-oQ9FsMm-_HQxb-Zl0MskyY.roa
File: GCH4-oQ9FsMm-_HQxb-Zl0MskyY.roa (raw, json)
Hash identifier: lW8/Iz3dcxP2tOp0gVH+LNyEQCVyYT7XfwewcKBHEbI=
Subject key identifier: 18:21:F8:FA:84:3D:16:C3:26:FB:F1:D0:C5:BF:99:97:43:2C:93:26
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 018BC5DED712F8CEBA89E6061FAFB058D0E1
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/GCH4-oQ9FsMm-_HQxb-Zl0MskyY.roa
Signing time: Sun 12 Nov 2023 23:29:57 +0000
ROA not before: Sun 12 Nov 2023 23:29:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 45.147.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c5:de:d7:12:f8:ce:ba:89:e6:06:1f:af:b0:58:d0:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Nov 12 23:29:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1821f8fa843d16c326fbf1d0c5bf9997432c9326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:23:92:70:75:3e:d7:b9:21:3a:dc:13:0b:f6:
ba:c1:63:c3:d7:19:04:b4:27:1b:14:aa:43:b0:92:
98:ba:12:2b:28:a2:a6:b0:c4:84:cc:ff:2d:7b:e6:
26:8a:19:e1:29:48:49:92:2f:93:3f:4d:23:67:04:
a5:47:28:7c:21:ea:f5:5c:1b:9e:39:58:96:f3:1a:
41:70:d4:2a:e2:06:15:35:e0:7d:99:be:49:4d:be:
3d:33:8e:b2:a2:e4:dc:34:df:8f:f1:3a:c5:3f:1f:
fb:8b:9b:1f:e0:05:0b:36:ed:92:25:a5:cf:71:82:
c0:60:c8:b5:12:6f:5d:11:e8:19:a5:fe:87:5c:af:
7d:78:75:86:60:5b:00:9e:0d:c8:45:a8:bb:1e:1b:
a3:2e:e0:b6:18:8e:5b:48:35:ec:a7:cd:d7:99:0f:
65:4a:6b:d6:e3:ce:71:a3:e8:0d:db:48:17:a9:f4:
18:b2:5f:67:36:96:14:69:40:09:ae:23:ff:2c:3e:
9e:0a:5e:2f:32:63:22:cd:33:bc:f7:f1:fa:07:11:
26:48:0f:42:a3:76:3a:57:1d:02:a2:ac:27:34:87:
bf:c1:b0:c2:fa:d6:f5:a9:19:17:2f:c9:9e:bb:81:
73:c3:01:38:7d:f3:95:1b:7b:c1:48:7f:4d:e9:95:
83:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:21:F8:FA:84:3D:16:C3:26:FB:F1:D0:C5:BF:99:97:43:2C:93:26
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/GCH4-oQ9FsMm-_HQxb-Zl0MskyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.46.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:c0:3c:8e:90:c4:ff:6b:ac:07:f3:90:73:e0:1e:e5:2c:2c:
ca:b4:25:29:2e:48:b5:e1:36:9a:68:11:1c:76:f7:b7:c8:a7:
3f:43:11:b4:96:1d:89:c1:f4:9d:68:94:45:6a:59:34:bc:d3:
6a:1d:b7:00:a1:ce:1c:a2:e3:d3:03:cf:66:0c:d0:50:e4:ec:
70:ea:d7:3a:11:fa:ce:a6:f3:4f:71:81:fe:24:df:69:7d:2a:
a4:8c:b0:ce:7c:db:ed:7c:55:df:9a:95:c3:1e:ae:8c:49:62:
e7:de:07:c8:89:9a:7c:78:e2:92:38:78:f7:6b:87:f1:bc:09:
7d:30:32:d8:99:74:70:27:0e:fb:02:68:db:8d:d3:05:f2:e0:
7c:ff:84:3b:81:e5:09:8d:e2:d6:76:96:c3:57:05:e7:e9:cd:
8b:6e:3a:85:0f:4b:f7:60:0d:25:45:d6:62:28:ff:51:b5:35:
70:b0:1b:90:66:c8:16:70:0e:ba:5b:9f:8c:cc:70:fb:b9:4b:
28:4d:d2:52:0c:d3:02:23:96:42:a6:57:e7:a9:3e:7f:fe:4a:
e8:2b:ca:6e:bc:2c:c9:a7:01:4b:72:39:6e:0b:5d:12:bb:58:
d3:cb:71:43:5b:9f:aa:fd:de:a7:98:06:11:13:fb:c0:9c:47:
c4:f6:16:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvF3tcS+M66ieYGH6+wWNDhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjMxMTEyMjMyOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODIxZjhmYTg0M2QxNmMzMjZmYmYxZDBjNWJmOTk5NzQzMmM5MzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyOScHU+17khOtwTC/a6wWPD1xkE
tCcbFKpDsJKYuhIrKKKmsMSEzP8te+YmihnhKUhJki+TP00jZwSlRyh8Ier1XBue
OViW8xpBcNQq4gYVNeB9mb5JTb49M46youTcNN+P8TrFPx/7i5sf4AULNu2SJaXP
cYLAYMi1Em9dEegZpf6HXK99eHWGYFsAng3IRai7HhujLuC2GI5bSDXsp83XmQ9l
SmvW485xo+gN20gXqfQYsl9nNpYUaUAJriP/LD6eCl4vMmMizTO89/H6BxEmSA9C
o3Y6Vx0CoqwnNIe/wbDC+tb1qRkXL8meu4FzwwE4ffOVG3vBSH9N6ZWDWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBgh+PqEPRbDJvvx0MW/mZdDLJMmMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvR0NINC1vUTlGc01tLV9IUXhiLVpsME1za3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZMuMA0G
CSqGSIb3DQEBCwUAA4IBAQCPwDyOkMT/a6wH85Bz4B7lLCzKtCUpLki14TaaaBEc
dve3yKc/QxG0lh2JwfSdaJRFalk0vNNqHbcAoc4couPTA89mDNBQ5Oxw6tc6EfrO
pvNPcYH+JN9pfSqkjLDOfNvtfFXfmpXDHq6MSWLn3gfIiZp8eOKSOHj3a4fxvAl9
MDLYmXRwJw77AmjbjdMF8uB8/4Q7geUJjeLWdpbDVwXn6c2LbjqFD0v3YA0lRdZi
KP9RtTVwsBuQZsgWcA66W5+MzHD7uUsoTdJSDNMCI5ZCplfnqT5//kroK8puvCzJ
pwFLcjluC10Su1jTy3FDW5+q/d6nmAYRE/vAnEfE9haE
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:21 2025 by rpki-client