Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/CvRHa25GhxoyUespz0zghfttL9Y.roa
File: CvRHa25GhxoyUespz0zghfttL9Y.roa (raw, json)
Hash identifier: RIcxd+Pd+DMGn0ywsKCgX+JuCZXNccDzIuhQ7vPq1Xc=
Subject key identifier: 0A:F4:47:6B:6E:46:87:1A:32:51:EB:29:CF:4C:E0:85:FB:6D:2F:D6
Certificate issuer: /CN=afc193ee11e54716169f94c8f931eae1fc854921
Certificate serial: 018570CC009E9907DE86C7195B47948D7768
Authority key identifier: AF:C1:93:EE:11:E5:47:16:16:9F:94:C8:F9:31:EA:E1:FC:85:49:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r8GT7hHlRxYWn5TI-THq4fyFSSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/CvRHa25GhxoyUespz0zghfttL9Y.roa
Signing time: Mon 02 Jan 2023 04:44:55 +0000
ROA not before: Mon 02 Jan 2023 04:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208367
IP address blocks: 45.142.100.0/24 maxlen: 24
2a10:46c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cc:00:9e:99:07:de:86:c7:19:5b:47:94:8d:77:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afc193ee11e54716169f94c8f931eae1fc854921
Validity
Not Before: Jan 2 04:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0af4476b6e46871a3251eb29cf4ce085fb6d2fd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:79:90:9d:47:e7:d3:0c:aa:fa:24:bd:c2:49:
12:a9:ff:82:b2:ed:e0:17:44:97:61:56:77:c8:cc:
22:65:be:0e:4a:5e:61:c0:50:00:7e:10:ed:d7:e8:
55:62:52:4a:0f:c1:bd:4b:07:22:09:1a:32:ea:fa:
c9:64:55:20:07:b6:ce:1b:12:45:4f:83:f3:cc:b8:
21:93:53:74:e1:b7:d4:cf:0a:b4:cc:e3:1b:51:2d:
4a:e2:d4:10:76:ed:04:72:f7:3d:78:5e:f9:2f:f1:
29:fc:0e:0a:5d:18:18:3f:5d:4d:7c:5f:5a:58:f9:
58:91:cd:1d:a3:14:c6:46:dc:0c:6e:19:37:e4:84:
36:fd:09:c3:eb:e9:36:44:17:c9:9c:b6:14:a2:34:
05:93:3c:4d:d7:f2:e3:60:8b:93:fe:09:0f:b5:28:
27:85:20:85:b2:7e:d6:76:e0:6b:a7:4f:54:b5:3f:
84:c0:22:1b:16:26:62:61:1f:1a:b0:e1:77:6d:1e:
01:a8:b0:11:19:67:75:25:78:57:a7:4d:75:b6:74:
0b:a4:3b:62:05:60:cc:40:c0:cb:e5:74:bd:a9:83:
ba:47:ff:28:a7:2b:58:e9:de:73:ca:1f:ee:3a:ef:
5b:1b:4d:73:be:de:8b:2e:b6:f2:9f:83:d1:ad:58:
e8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F4:47:6B:6E:46:87:1A:32:51:EB:29:CF:4C:E0:85:FB:6D:2F:D6
X509v3 Authority Key Identifier:
keyid:AF:C1:93:EE:11:E5:47:16:16:9F:94:C8:F9:31:EA:E1:FC:85:49:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r8GT7hHlRxYWn5TI-THq4fyFSSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/CvRHa25GhxoyUespz0zghfttL9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/r8GT7hHlRxYWn5TI-THq4fyFSSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.100.0/24
IPv6:
2a10:46c0::/32
Signature Algorithm: sha256WithRSAEncryption
68:02:70:9e:40:c0:ff:41:33:e6:a8:65:f1:3b:c1:7b:22:11:
d2:c1:1e:e8:cb:97:3f:c2:a1:96:a2:a6:c7:f8:71:08:4e:c5:
5c:f5:5a:f0:4c:2d:c0:a1:f7:b6:66:98:fc:e3:19:e5:d4:97:
60:db:5a:d1:60:65:04:5c:33:bf:d4:0d:18:c2:31:70:32:f0:
ef:cc:6c:e6:cc:c3:97:c0:ea:be:0f:28:4a:24:0f:8f:d2:27:
10:65:84:de:55:bb:8e:4a:e3:8b:4e:e1:6a:d4:9a:a1:3b:ad:
6c:46:34:8f:1f:98:25:f6:4f:dc:5f:5b:48:02:97:b9:ae:af:
00:e7:4a:58:53:41:86:97:b3:14:54:6b:cc:c3:f1:1b:78:d0:
88:c6:3f:2c:b6:51:b1:c4:a1:8f:9e:2e:58:11:a2:b0:3c:bf:
06:98:fd:76:7a:96:80:68:49:1a:14:8f:81:e1:16:55:ef:a7:
62:9d:8a:b3:43:5c:fa:1f:a5:1e:e2:6f:2c:91:43:99:05:06:
a2:ee:78:7c:61:13:9f:ad:22:90:60:bc:9c:0d:72:48:0f:b9:
eb:b9:db:13:7b:0c:c1:dd:a0:f6:da:3c:22:33:f2:f2:48:0d:
67:51:6a:43:6a:60:ad:89:7a:54:d7:15:b9:8e:90:04:32:64:
32:9c:79:2c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwzACemQfehscZW0eUjXdoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYzE5M2VlMTFlNTQ3MTYxNjlmOTRjOGY5MzFlYWUxZmM4
NTQ5MjEwHhcNMjMwMTAyMDQ0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWY0NDc2YjZlNDY4NzFhMzI1MWViMjljZjRjZTA4NWZiNmQyZmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3mQnUfn0wyq+iS9wkkSqf+Csu3g
F0SXYVZ3yMwiZb4OSl5hwFAAfhDt1+hVYlJKD8G9SwciCRoy6vrJZFUgB7bOGxJF
T4PzzLghk1N04bfUzwq0zOMbUS1K4tQQdu0Ecvc9eF75L/Ep/A4KXRgYP11NfF9a
WPlYkc0doxTGRtwMbhk35IQ2/QnD6+k2RBfJnLYUojQFkzxN1/LjYIuT/gkPtSgn
hSCFsn7WduBrp09UtT+EwCIbFiZiYR8asOF3bR4BqLARGWd1JXhXp011tnQLpDti
BWDMQMDL5XS9qYO6R/8opytY6d5zyh/uOu9bG01zvt6LLrbyn4PRrVjoGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAr0R2tuRocaMlHrKc9M4IX7bS/WMB8GA1UdIwQY
MBaAFK/Bk+4R5UcWFp+UyPkx6uH8hUkhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjhHVDdoSGxSeFlXbjVUSS1USHE0ZnlGU1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8wYjljYmYtMjVhZS00MzI3LTk4YWEt
YTdkZDlhZWExZDdhLzEvQ3ZSSGEyNUdoeG95VWVzcHowemdoZnR0TDlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8wYjljYmYtMjVhZS00MzI3LTk4YWEtYTdkZDlhZWExZDdh
LzEvcjhHVDdoSGxSeFlXbjVUSS1USHE0ZnlGU1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALY5kMA0E
AgACMAcDBQAqEEbAMA0GCSqGSIb3DQEBCwUAA4IBAQBoAnCeQMD/QTPmqGXxO8F7
IhHSwR7oy5c/wqGWoqbH+HEITsVc9VrwTC3Aofe2Zpj84xnl1Jdg21rRYGUEXDO/
1A0YwjFwMvDvzGzmzMOXwOq+DyhKJA+P0icQZYTeVbuOSuOLTuFq1JqhO61sRjSP
H5gl9k/cX1tIApe5rq8A50pYU0GGl7MUVGvMw/EbeNCIxj8stlGxxKGPni5YEaKw
PL8GmP12epaAaEkaFI+B4RZV76dinYqzQ1z6H6Ue4m8skUOZBQai7nh8YROfrSKQ
YLycDXJID7nrudsTewzB3aD22jwiM/LySA1nUWpDamCtiXpU1xW5jpAEMmQynHks
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:46 2025 by rpki-client