Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/n2gkgeiKjWd5f7w9oXb1oEdQfEs.roa
File: n2gkgeiKjWd5f7w9oXb1oEdQfEs.roa (raw, json)
Hash identifier: u1evENV8uV9gFAzbXBK/pV8NjIuu2A7051Cqs9JTW8s=
Subject key identifier: 9F:68:24:81:E8:8A:8D:67:79:7F:BC:3D:A1:76:F5:A0:47:50:7C:4B
Certificate issuer: /CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Certificate serial: 08B5B51A
Authority key identifier: 3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/n2gkgeiKjWd5f7w9oXb1oEdQfEs.roa
Signing time: Sat 01 Jan 2022 15:05:19 +0000
ROA not before: Sat 01 Jan 2022 15:05:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208975
IP address blocks: 45.9.195.0/24 maxlen: 24
2a0e:1107::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146126106 (0x8b5b51a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Validity
Not Before: Jan 1 15:05:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f682481e88a8d67797fbc3da176f5a047507c4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8d:27:20:3a:9a:9c:48:16:99:6a:4f:2e:bb:
c8:25:87:24:53:93:0a:9b:e2:fe:89:36:f4:82:ba:
df:db:e8:38:5e:8b:4a:97:ac:43:36:23:f2:3e:67:
b4:ab:ca:51:1e:01:1e:4f:1d:3d:5e:fd:b5:88:2e:
0c:e3:31:03:4f:8d:4f:82:72:06:94:38:f7:67:bb:
bd:4f:e2:de:b5:49:81:b9:ff:e4:53:e8:ae:ec:cb:
2b:12:60:3f:94:98:38:ed:1a:6a:0d:15:4a:25:82:
37:0b:05:a8:48:4f:e4:bc:0f:5c:76:5c:90:1d:e1:
09:c5:a8:08:10:c5:4d:16:fc:a2:56:5a:9b:77:58:
e1:92:02:38:1a:33:ae:cb:f0:11:1f:a3:f6:7f:d6:
24:94:6d:a1:07:d1:36:69:3d:b1:5a:2c:0d:8f:ae:
97:43:b1:58:0e:97:6c:61:c8:4b:19:4c:d6:82:45:
62:54:3e:3a:14:88:17:31:d3:a1:89:f1:97:9e:40:
b1:26:7f:7d:eb:50:92:88:75:7a:35:ea:df:1b:3d:
63:af:aa:d6:75:3a:c9:36:29:d7:bb:1f:f9:d9:c8:
0d:cd:6d:0f:85:01:29:7e:be:8d:ec:ed:4e:61:dd:
2e:e7:c8:ab:77:13:85:db:83:5c:ab:c3:71:b4:d5:
80:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:68:24:81:E8:8A:8D:67:79:7F:BC:3D:A1:76:F5:A0:47:50:7C:4B
X509v3 Authority Key Identifier:
keyid:3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/n2gkgeiKjWd5f7w9oXb1oEdQfEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.195.0/24
IPv6:
2a0e:1107::/48
Signature Algorithm: sha256WithRSAEncryption
57:d4:7a:be:40:a9:1e:a3:06:e6:e0:d2:19:c9:2c:4d:7d:23:
8b:67:07:76:b3:40:70:bd:7d:cd:62:c6:88:76:a7:88:21:48:
ae:ff:96:24:6c:d7:db:d5:61:94:95:fa:c7:cf:0d:ee:a5:79:
71:77:7b:7a:70:6f:c5:bb:5d:09:77:c2:39:1c:90:41:59:46:
b8:f7:3f:2b:f0:1a:33:bd:97:09:e4:74:2d:8d:17:85:e1:62:
f9:98:e0:c7:3e:a8:f8:2d:3d:00:09:f0:06:46:f1:bc:4f:7e:
85:f9:3d:d0:d3:d1:04:d0:36:fa:c3:86:93:92:11:a3:7f:b0:
33:2b:15:4f:10:6c:35:e6:20:02:fa:af:7a:d7:50:4e:a3:27:
cd:ff:7d:9b:3b:f1:78:6a:17:db:0d:6c:1b:0a:c5:82:f8:4a:
8f:57:99:c5:20:98:d8:21:19:34:69:1c:13:65:47:01:a4:f1:
1a:e4:bd:da:6d:78:10:cb:06:e2:17:da:56:41:74:5e:dc:b9:
53:04:2b:c2:8b:db:21:80:c8:fb:39:1f:f4:ed:35:6b:3b:4b:
1c:4b:21:1f:2a:5c:66:93:1c:37:b6:d8:cc:f5:d3:31:04:3d:
a4:d5:5c:18:75:4f:ed:1a:bd:cd:ad:3a:94:a9:14:90:76:85:
c6:fc:e9:c8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECLW1GjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWNhNTA4NThhMTg1NmZmYTAyZTkxMzU2ZjE0MjM2ZTdjMzhiODVhMB4XDTIyMDEw
MTE1MDUxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWY2ODI0ODFlODhh
OGQ2Nzc5N2ZiYzNkYTE3NmY1YTA0NzUwN2M0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL2NJyA6mpxIFplqTy67yCWHJFOTCpvi/ok29IK639voOF6L
SpesQzYj8j5ntKvKUR4BHk8dPV79tYguDOMxA0+NT4JyBpQ492e7vU/i3rVJgbn/
5FPoruzLKxJgP5SYOO0aag0VSiWCNwsFqEhP5LwPXHZckB3hCcWoCBDFTRb8olZa
m3dY4ZICOBozrsvwER+j9n/WJJRtoQfRNmk9sVosDY+ul0OxWA6XbGHISxlM1oJF
YlQ+OhSIFzHToYnxl55AsSZ/fetQkoh1ejXq3xs9Y6+q1nU6yTYp17sf+dnIDc1t
D4UBKX6+jeztTmHdLufIq3cThduDXKvDcbTVgOkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSfaCSB6IqNZ3l/vD2hdvWgR1B8SzAfBgNVHSMEGDAWgBQ6ylCFihhW/6Au
kTVvFCNufDi4WjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09zcFFoWW9ZVnYtZ0xwRTFieFFqYm53NHVGby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMTJiOTM3LTg5MGQtNDdiNS1hMDQxLTMzMWQ3ZmM3N2JkNC8x
L24yZ2tnZWlLaldkNWY3dzlvWGIxb0VkUWZFcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MTJiOTM3LTg5MGQtNDdiNS1hMDQxLTMzMWQ3ZmM3N2JkNC8xL09zcFFoWW9ZVnYt
Z0xwRTFieFFqYm53NHVGby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAC0JwzAPBAIAAjAJAwcAKg4RBwAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBX1Hq+QKkeowbm4NIZySxNfSOLZwd2s0BwvX3N
YsaIdqeIIUiu/5YkbNfb1WGUlfrHzw3upXlxd3t6cG/Fu10Jd8I5HJBBWUa49z8r
8BozvZcJ5HQtjReF4WL5mODHPqj4LT0ACfAGRvG8T36F+T3Q09EE0Db6w4aTkhGj
f7AzKxVPEGw15iAC+q9611BOoyfN/32bO/F4ahfbDWwbCsWC+EqPV5nFIJjYIRk0
aRwTZUcBpPEa5L3abXgQywbiF9pWQXRe3LlTBCvCi9shgMj7OR/07TVrO0scSyEf
Klxmkxw3ttjM9dMxBD2k1VwYdU/tGr3NrTqUqRSQdoXG/OnI
-----END CERTIFICATE-----
Generated at Wed Mar 12 12:26:01 2025 by rpki-client