Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/qu14r4xFlnBqeO8I-9Pe88U629E.roa
File: qu14r4xFlnBqeO8I-9Pe88U629E.roa (raw, json)
Hash identifier: H9v62Rj54y6qk2fJ/rG2bHzmnlOU6CF/2GG7bWEGSaU=
Subject key identifier: AA:ED:78:AF:8C:45:96:70:6A:78:EF:08:FB:D3:DE:F3:C5:3A:DB:D1
Certificate issuer: /CN=9b32a2e8fcbeee63020ba93daab9076c37bc9991
Certificate serial: 01856F700D561C38C4E21FDDD7E932B9D998
Authority key identifier: 9B:32:A2:E8:FC:BE:EE:63:02:0B:A9:3D:AA:B9:07:6C:37:BC:99:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mzKi6Py-7mMCC6k9qrkHbDe8mZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/qu14r4xFlnBqeO8I-9Pe88U629E.roa
Signing time: Sun 01 Jan 2023 22:24:52 +0000
ROA not before: Sun 01 Jan 2023 22:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58224
IP address blocks: 45.15.200.0/24 maxlen: 24
45.15.203.0/24 maxlen: 24
45.15.202.0/24 maxlen: 24
45.15.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:70:0d:56:1c:38:c4:e2:1f:dd:d7:e9:32:b9:d9:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b32a2e8fcbeee63020ba93daab9076c37bc9991
Validity
Not Before: Jan 1 22:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aaed78af8c4596706a78ef08fbd3def3c53adbd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b4:f2:88:10:49:42:c9:13:f4:69:14:bc:bd:
2f:85:4c:0a:f6:9c:7c:bd:26:62:fa:e0:3e:83:6f:
48:71:b4:3c:7f:86:93:23:48:d5:0e:7d:46:94:0e:
9c:b9:c0:8c:9e:bf:52:93:f3:1b:23:b4:d8:6a:67:
9b:74:21:45:6a:6f:38:e5:86:fb:28:be:63:88:36:
8c:e7:13:d9:55:1d:37:01:88:ef:95:07:78:ed:ba:
8e:cc:4f:3c:fd:09:9a:92:28:75:eb:b1:ee:1e:89:
47:b4:b9:84:ce:58:c2:73:93:03:b0:d0:78:64:9a:
c4:46:73:c5:48:b0:59:3a:4b:9d:58:ee:89:a1:65:
f3:64:29:4e:84:92:07:81:a3:f1:27:a8:6e:28:b8:
3c:c0:45:ea:20:6b:9d:ca:e2:cd:3c:3a:c9:e0:4b:
4f:0e:b1:9e:3c:60:c7:0a:a9:46:6b:2a:fd:11:7e:
ec:34:a3:5e:02:95:36:7c:fa:1a:c4:02:88:d8:66:
4d:68:35:0f:87:54:62:55:29:d2:65:c7:07:ab:eb:
29:d4:35:fb:b6:b3:f7:a8:63:0c:9f:64:3f:ab:15:
47:3a:c7:96:2b:fa:d7:5e:84:e3:c1:0d:a9:35:c4:
37:3d:e0:ed:7c:8c:5e:a5:92:83:81:eb:04:45:8e:
4c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:ED:78:AF:8C:45:96:70:6A:78:EF:08:FB:D3:DE:F3:C5:3A:DB:D1
X509v3 Authority Key Identifier:
keyid:9B:32:A2:E8:FC:BE:EE:63:02:0B:A9:3D:AA:B9:07:6C:37:BC:99:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mzKi6Py-7mMCC6k9qrkHbDe8mZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/qu14r4xFlnBqeO8I-9Pe88U629E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/mzKi6Py-7mMCC6k9qrkHbDe8mZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.200.0/22
Signature Algorithm: sha256WithRSAEncryption
91:f6:c4:62:cc:ad:e1:a7:6f:57:b5:b0:62:61:3a:d7:bb:d0:
67:6c:b0:a0:51:c4:75:14:f0:7e:cd:52:7a:ad:a5:95:ed:43:
51:43:63:f2:6f:76:34:93:23:28:0e:c1:c1:4f:2e:46:48:d9:
1d:2c:78:24:74:27:bb:b4:96:9d:1a:e5:f4:9c:3c:ba:af:26:
44:2b:70:50:74:fa:2a:c3:0d:36:d5:db:dc:2a:2d:21:11:3e:
c0:82:26:c0:1d:a3:e2:cd:56:d9:b2:15:16:0d:68:a0:e0:7e:
00:90:68:5b:9e:53:64:88:35:21:d8:c9:1e:73:bf:2b:07:ae:
7b:39:3b:f8:56:58:b1:51:3e:be:8a:30:c1:17:6b:50:12:0c:
8e:a8:e8:96:b4:e4:8a:ad:67:ad:f1:7a:e3:43:86:f1:10:14:
f9:16:88:19:2b:84:e5:8c:42:3f:0a:9e:ca:d3:ea:d1:2d:cb:
e0:f5:82:46:a3:02:dd:59:72:cb:bc:c3:ab:ba:ab:9f:eb:10:
de:2a:69:d5:be:f9:66:5b:9b:3d:7d:a4:fe:fa:17:6e:3a:68:
8e:5c:60:02:8f:1f:6c:95:9a:88:12:fa:0f:98:f2:c3:df:d6:
8c:ea:22:09:cf:af:98:82:67:fb:27:25:f0:96:be:d3:b1:97:
76:b5:1c:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvcA1WHDjE4h/d1+kyudmYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMzJhMmU4ZmNiZWVlNjMwMjBiYTkzZGFhYjkwNzZjMzdi
Yzk5OTEwHhcNMjMwMTAxMjIyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWVkNzhhZjhjNDU5NjcwNmE3OGVmMDhmYmQzZGVmM2M1M2FkYmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7TyiBBJQskT9GkUvL0vhUwK9px8
vSZi+uA+g29IcbQ8f4aTI0jVDn1GlA6cucCMnr9Sk/MbI7TYamebdCFFam845Yb7
KL5jiDaM5xPZVR03AYjvlQd47bqOzE88/Qmakih167HuHolHtLmEzljCc5MDsNB4
ZJrERnPFSLBZOkudWO6JoWXzZClOhJIHgaPxJ6huKLg8wEXqIGudyuLNPDrJ4EtP
DrGePGDHCqlGayr9EX7sNKNeApU2fPoaxAKI2GZNaDUPh1RiVSnSZccHq+sp1DX7
trP3qGMMn2Q/qxVHOseWK/rXXoTjwQ2pNcQ3PeDtfIxepZKDgesERY5MhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKrteK+MRZZwanjvCPvT3vPFOtvRMB8GA1UdIwQY
MBaAFJsyouj8vu5jAgupPaq5B2w3vJmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXpLaTZQeS03bU1DQzZrOXFya0hiRGU4bVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9kZjIxY2ItMDhhYy00ZTVjLWI4NTQt
ZTNhYjkwODdkNDAzLzEvcXUxNHI0eEZsbkJxZU84SS05UGU4OFU2MjlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9kZjIxY2ItMDhhYy00ZTVjLWI4NTQtZTNhYjkwODdkNDAz
LzEvbXpLaTZQeS03bU1DQzZrOXFya0hiRGU4bVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQ/IMA0G
CSqGSIb3DQEBCwUAA4IBAQCR9sRizK3hp29XtbBiYTrXu9BnbLCgUcR1FPB+zVJ6
raWV7UNRQ2Pyb3Y0kyMoDsHBTy5GSNkdLHgkdCe7tJadGuX0nDy6ryZEK3BQdPoq
ww021dvcKi0hET7AgibAHaPizVbZshUWDWig4H4AkGhbnlNkiDUh2Mkec78rB657
OTv4VlixUT6+ijDBF2tQEgyOqOiWtOSKrWet8XrjQ4bxEBT5FogZK4TljEI/Cp7K
0+rRLcvg9YJGowLdWXLLvMOruquf6xDeKmnVvvlmW5s9faT++hduOmiOXGACjx9s
lZqIEvoPmPLD39aM6iIJz6+Ygmf7JyXwlr7TsZd2tRyN
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:24 2025 by rpki-client