Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/suKqDzOzjuUsf8E8jKz4NuC8xGQ.roa
File: suKqDzOzjuUsf8E8jKz4NuC8xGQ.roa (raw, json)
Hash identifier: mspoAmTbvSVZAS8lEdO1DKwqKWlkdbNBsSveclKmRfo=
Subject key identifier: B2:E2:AA:0F:33:B3:8E:E5:2C:7F:C1:3C:8C:AC:F8:36:E0:BC:C4:64
Certificate issuer: /CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Certificate serial: 093B7FF5
Authority key identifier: 3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/suKqDzOzjuUsf8E8jKz4NuC8xGQ.roa
Signing time: Mon 28 Feb 2022 06:39:34 +0000
ROA not before: Mon 28 Feb 2022 06:39:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62142
IP address blocks: 45.9.192.0/24 maxlen: 26
2a0e:1106::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154894325 (0x93b7ff5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aca50858a1856ffa02e91356f14236e7c38b85a
Validity
Not Before: Feb 28 06:39:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2e2aa0f33b38ee52c7fc13c8cacf836e0bcc464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:53:44:31:d6:24:83:dd:f8:ed:c8:9b:c5:f9:
0d:d4:37:00:88:da:17:44:3a:f9:ab:fe:eb:d3:5c:
69:07:bb:63:be:d9:c2:81:8d:9a:b1:20:75:1c:97:
d3:c4:19:ad:e5:60:9c:d6:e6:14:a9:11:9d:73:11:
26:85:a7:20:39:db:de:a9:a3:b8:32:95:0d:2e:b5:
d7:01:dd:3d:fa:64:5e:45:a3:1d:ec:64:6d:66:16:
08:5d:78:3a:39:e9:d9:66:8b:6d:2d:23:c8:c0:61:
53:2b:09:d1:b2:d8:88:a4:90:c1:ca:b5:8d:a0:27:
b5:0c:f6:11:67:12:6c:a2:65:c9:9b:5c:6b:91:e2:
9d:80:17:1d:ee:1c:b4:72:4f:01:12:b9:cf:18:e1:
6d:70:81:0f:ce:38:cd:6d:09:e6:30:6d:02:12:6c:
30:30:85:8c:6f:16:c9:44:cc:6a:c0:09:96:73:da:
24:4b:55:7c:ba:b0:1b:4b:ad:9f:be:9a:76:ee:08:
35:f2:16:40:1a:7c:2c:6a:2e:a5:29:b1:9b:ef:10:
b4:f4:ce:8a:1b:19:28:bc:f8:49:b2:78:92:77:c1:
f0:05:90:67:66:88:2b:0c:42:fc:9b:b6:35:36:86:
40:10:8b:47:d8:41:fc:71:e9:bb:f5:77:9c:e0:8a:
58:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:E2:AA:0F:33:B3:8E:E5:2C:7F:C1:3C:8C:AC:F8:36:E0:BC:C4:64
X509v3 Authority Key Identifier:
keyid:3A:CA:50:85:8A:18:56:FF:A0:2E:91:35:6F:14:23:6E:7C:38:B8:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OspQhYoYVv-gLpE1bxQjbnw4uFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/suKqDzOzjuUsf8E8jKz4NuC8xGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/12b937-890d-47b5-a041-331d7fc77bd4/1/OspQhYoYVv-gLpE1bxQjbnw4uFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.192.0/24
IPv6:
2a0e:1106::/40
Signature Algorithm: sha256WithRSAEncryption
83:44:d6:c5:59:13:ca:cd:5b:1a:fe:c8:23:b1:7a:ce:0b:72:
20:89:db:eb:37:d2:8d:0e:99:4d:a8:7b:df:4a:05:c0:4c:a9:
ba:54:23:62:be:0b:09:b9:27:a9:b3:5e:9b:83:ae:df:05:b5:
db:5c:bf:a3:e9:56:2b:3f:6d:9b:a6:0f:eb:10:4c:f7:29:09:
d2:86:65:28:9b:42:ad:80:a4:0d:94:eb:cf:6c:33:a7:56:ad:
41:66:08:91:9d:58:51:73:ec:9d:e4:65:10:72:80:ba:2e:cf:
5f:67:05:bc:01:f5:ce:03:e4:cf:18:71:41:a3:1e:86:6c:eb:
f6:aa:d5:e3:31:62:2b:46:18:9d:ad:c7:c0:3e:03:2f:83:c2:
17:29:a2:37:4e:be:f7:d4:ef:19:f3:41:08:4b:7c:a4:5d:ec:
a9:05:d7:ac:7f:0a:db:28:78:7d:ab:bb:15:45:cf:ed:ab:87:
f8:9e:8f:fc:45:9a:ab:f4:3a:6f:57:98:52:15:ac:d3:ab:67:
30:3f:43:36:18:1c:0f:9b:23:54:ed:94:3f:f7:69:2c:40:9e:
10:28:53:d6:07:2b:76:2e:bc:e3:66:7a:8d:b7:48:e1:18:f6:
b2:49:d1:00:12:f6:6a:04:d8:07:8b:54:33:02:96:1b:94:3d:
2c:00:be:09
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIECTt/9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWNhNTA4NThhMTg1NmZmYTAyZTkxMzU2ZjE0MjM2ZTdjMzhiODVhMB4XDTIyMDIy
ODA2MzkzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjJlMmFhMGYzM2Iz
OGVlNTJjN2ZjMTNjOGNhY2Y4MzZlMGJjYzQ2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANlTRDHWJIPd+O3Im8X5DdQ3AIjaF0Q6+av+69NcaQe7Y77Z
woGNmrEgdRyX08QZreVgnNbmFKkRnXMRJoWnIDnb3qmjuDKVDS611wHdPfpkXkWj
HexkbWYWCF14Ojnp2WaLbS0jyMBhUysJ0bLYiKSQwcq1jaAntQz2EWcSbKJlyZtc
a5HinYAXHe4ctHJPARK5zxjhbXCBD844zW0J5jBtAhJsMDCFjG8WyUTMasAJlnPa
JEtVfLqwG0utn76adu4INfIWQBp8LGoupSmxm+8QtPTOihsZKLz4SbJ4knfB8AWQ
Z2aIKwxC/Ju2NTaGQBCLR9hB/HHpu/V3nOCKWE8CAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBSy4qoPM7OO5Sx/wTyMrPg24LzEZDAfBgNVHSMEGDAWgBQ6ylCFihhW/6Au
kTVvFCNufDi4WjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09zcFFoWW9ZVnYtZ0xwRTFieFFqYm53NHVGby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMTJiOTM3LTg5MGQtNDdiNS1hMDQxLTMzMWQ3ZmM3N2JkNC8x
L3N1S3FEek96anVVc2Y4RThqS3o0TnVDOHhHUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MTJiOTM3LTg5MGQtNDdiNS1hMDQxLTMzMWQ3ZmM3N2JkNC8xL09zcFFoWW9ZVnYt
Z0xwRTFieFFqYm53NHVGby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEAC0JwDAOBAIAAjAIAwYAKg4RBgAw
DQYJKoZIhvcNAQELBQADggEBAINE1sVZE8rNWxr+yCOxes4LciCJ2+s30o0OmU2o
e99KBcBMqbpUI2K+Cwm5J6mzXpuDrt8Ftdtcv6PpVis/bZumD+sQTPcpCdKGZSib
Qq2ApA2U689sM6dWrUFmCJGdWFFz7J3kZRBygLouz19nBbwB9c4D5M8YcUGjHoZs
6/aq1eMxYitGGJ2tx8A+Ay+DwhcpojdOvvfU7xnzQQhLfKRd7KkF16x/CtsoeH2r
uxVFz+2rh/iej/xFmqv0Om9XmFIVrNOrZzA/QzYYHA+bI1TtlD/3aSxAnhAoU9YH
K3YuvONmeo23SOEY9rJJ0QAS9moE2AeLVDMClhuUPSwAvgk=
-----END CERTIFICATE-----
Generated at Wed Mar 12 11:57:24 2025 by rpki-client