Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/02-j3uFi_N9f34BuYI6GF1l-NWY.roa
File: 02-j3uFi_N9f34BuYI6GF1l-NWY.roa (raw, json)
Hash identifier: bIt5SJZSf2bin5XuGZnecNfgUtW1UBAxUqGRjSUwABk=
Subject key identifier: D3:6F:A3:DE:E1:62:FC:DF:5F:DF:80:6E:60:8E:86:17:59:7E:35:66
Certificate issuer: /CN=9868a1992bb8037dde81d0c8cdc0695fcee17c27
Certificate serial: 018C3F596F9258E9700165140F05B3327CD7
Authority key identifier: 98:68:A1:99:2B:B8:03:7D:DE:81:D0:C8:CD:C0:69:5F:CE:E1:7C:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mGihmSu4A33egdDIzcBpX87hfCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/02-j3uFi_N9f34BuYI6GF1l-NWY.roa
Signing time: Wed 06 Dec 2023 13:37:54 +0000
ROA not before: Wed 06 Dec 2023 13:37:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210636
IP address blocks: 45.15.209.0/24 maxlen: 24
45.90.200.0/22 maxlen: 24
45.86.190.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:59:6f:92:58:e9:70:01:65:14:0f:05:b3:32:7c:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9868a1992bb8037dde81d0c8cdc0695fcee17c27
Validity
Not Before: Dec 6 13:37:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d36fa3dee162fcdf5fdf806e608e8617597e3566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:98:10:f2:9e:cf:f0:da:63:af:89:5c:3b:f1:
af:cd:20:2b:e9:50:dd:1f:51:34:15:35:1a:74:57:
71:3f:99:ed:8a:fb:4a:49:a5:f7:58:55:17:b2:a3:
24:50:1f:e6:3d:a6:9a:e1:d1:0b:04:bb:99:d9:c9:
59:d6:6c:e1:ae:99:79:b9:01:7b:42:0f:bc:1f:0b:
1f:a2:96:17:2d:2f:14:dd:ed:85:69:70:60:9c:3b:
8a:65:bc:ba:5d:be:50:d7:40:84:82:9b:df:6b:a8:
50:05:5b:dc:e5:9b:9f:cf:91:42:be:fc:17:5f:08:
e6:9a:8c:74:18:af:47:e7:75:d3:fb:84:15:f0:7f:
c8:0d:68:ac:61:50:a8:0e:60:54:6f:9d:80:53:98:
94:e2:f7:00:43:66:94:0c:f5:cc:2d:ec:ee:29:7a:
72:84:6b:c7:2b:7a:e7:ac:0a:9f:e7:b9:fc:f3:9a:
1f:df:a7:dc:48:04:d7:91:5a:bc:77:93:e1:f7:7d:
91:bb:7e:65:c5:68:8e:7a:54:de:d5:0d:3e:c2:e3:
26:58:6d:68:95:70:03:4f:3c:a9:13:6d:8a:b6:5c:
4b:49:78:cc:6f:93:49:7d:51:a3:39:a6:e1:22:8e:
ab:76:0a:18:cf:a8:96:a2:52:0d:d2:92:0b:eb:b5:
14:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:6F:A3:DE:E1:62:FC:DF:5F:DF:80:6E:60:8E:86:17:59:7E:35:66
X509v3 Authority Key Identifier:
keyid:98:68:A1:99:2B:B8:03:7D:DE:81:D0:C8:CD:C0:69:5F:CE:E1:7C:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mGihmSu4A33egdDIzcBpX87hfCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/02-j3uFi_N9f34BuYI6GF1l-NWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/6b22e6-352f-4e88-827b-d78d5631d7f6/1/mGihmSu4A33egdDIzcBpX87hfCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.209.0/24
45.86.190.0/23
45.90.200.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:c8:a9:1a:b0:44:7d:3e:a8:70:2c:30:14:c8:e2:9e:d0:b4:
5d:e5:25:94:b8:20:28:ba:58:84:11:a7:e8:9b:2c:39:ca:6c:
76:21:dc:f0:98:21:4d:ce:d2:e6:e2:93:34:9a:0a:1a:80:41:
ea:0a:51:26:3b:8c:a2:5a:a4:75:0f:d4:69:d8:11:ef:ab:4e:
ae:16:a1:a6:2f:2b:7d:11:e1:09:54:4c:f7:48:ca:0f:54:d4:
d8:8e:5d:6c:87:b4:1d:03:5f:37:dc:10:01:06:a4:36:2c:8a:
9e:1c:a4:08:47:88:39:ae:23:ae:f9:3a:af:aa:ba:60:61:7e:
48:09:22:1e:d1:e8:07:66:f8:10:5d:3f:ef:1b:66:94:e7:d0:
68:12:de:b1:d1:5d:15:8a:c0:e1:d5:8e:b1:d5:a8:5d:63:6f:
5f:a4:93:29:84:88:b2:99:50:51:3f:66:f7:de:76:a4:86:23:
a7:06:c9:33:ea:c5:04:a3:bb:21:13:e8:e8:a1:55:65:99:f6:
8e:e6:d3:c9:f0:69:4e:56:79:01:d6:f8:f5:67:a4:7e:37:2f:
8e:32:a3:51:91:dc:7a:60:88:a5:4c:73:5a:0c:3e:46:8b:74:
d1:21:98:31:89:85:b9:49:97:f4:a1:c1:fe:b0:05:56:1e:d1:
38:be:38:ee
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYw/WW+SWOlwAWUUDwWzMnzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NjhhMTk5MmJiODAzN2RkZTgxZDBjOGNkYzA2OTVmY2Vl
MTdjMjcwHhcNMjMxMjA2MTMzNzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzZmYTNkZWUxNjJmY2RmNWZkZjgwNmU2MDhlODYxNzU5N2UzNTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZgQ8p7P8Npjr4lcO/GvzSAr6VDd
H1E0FTUadFdxP5ntivtKSaX3WFUXsqMkUB/mPaaa4dELBLuZ2clZ1mzhrpl5uQF7
Qg+8HwsfopYXLS8U3e2FaXBgnDuKZby6Xb5Q10CEgpvfa6hQBVvc5Zufz5FCvvwX
Xwjmmox0GK9H53XT+4QV8H/IDWisYVCoDmBUb52AU5iU4vcAQ2aUDPXMLezuKXpy
hGvHK3rnrAqf57n885of36fcSATXkVq8d5Ph932Ru35lxWiOelTe1Q0+wuMmWG1o
lXADTzypE22KtlxLSXjMb5NJfVGjOabhIo6rdgoYz6iWolIN0pIL67UUmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNNvo97hYvzfX9+AbmCOhhdZfjVmMB8GA1UdIwQY
MBaAFJhooZkruAN93oHQyM3AaV/O4XwnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUdpaG1TdTRBMzNlZ2RESXpjQnBYODdoZkNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82YjIyZTYtMzUyZi00ZTg4LTgyN2It
ZDc4ZDU2MzFkN2Y2LzEvMDItajN1RmlfTjlmMzRCdVlJNkdGMWwtTldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82YjIyZTYtMzUyZi00ZTg4LTgyN2ItZDc4ZDU2MzFkN2Y2
LzEvbUdpaG1TdTRBMzNlZ2RESXpjQnBYODdoZkNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQ/RAwQB
LVa+AwQCLVrIMA0GCSqGSIb3DQEBCwUAA4IBAQBNyKkasER9PqhwLDAUyOKe0LRd
5SWUuCAouliEEafomyw5ymx2IdzwmCFNztLm4pM0mgoagEHqClEmO4yiWqR1D9Rp
2BHvq06uFqGmLyt9EeEJVEz3SMoPVNTYjl1sh7QdA1833BABBqQ2LIqeHKQIR4g5
riOu+TqvqrpgYX5ICSIe0egHZvgQXT/vG2aU59BoEt6x0V0VisDh1Y6x1ahdY29f
pJMphIiymVBRP2b33nakhiOnBskz6sUEo7shE+jooVVlmfaO5tPJ8GlOVnkB1vj1
Z6R+Ny+OMqNRkdx6YIilTHNaDD5Gi3TRIZgxiYW5SZf0ocH+sAVWHtE4vjju
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:22:02 2025 by rpki-client