Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/CVafalOq9kHuQcXlSVGBJ2dIfqg.roa
File: CVafalOq9kHuQcXlSVGBJ2dIfqg.roa (raw, json)
Hash identifier: X+rfaQ+PU/PneHVZGU9d3MBuKfuyxKrUTYTPuUCwii0=
Subject key identifier: 09:56:9F:6A:53:AA:F6:41:EE:41:C5:E5:49:51:81:27:67:48:7E:A8
Certificate issuer: /CN=00e2c33731adca57dcc33b2fb8233fc038b095e9
Certificate serial: 024FEFB2
Authority key identifier: 00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/CVafalOq9kHuQcXlSVGBJ2dIfqg.roa
Signing time: Sat 01 Jan 2022 01:59:06 +0000
ROA not before: Sat 01 Jan 2022 01:59:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57648
IP address blocks: 45.156.160.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38793138 (0x24fefb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e2c33731adca57dcc33b2fb8233fc038b095e9
Validity
Not Before: Jan 1 01:59:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09569f6a53aaf641ee41c5e54951812767487ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f2:48:50:c3:78:83:10:91:7a:70:70:7f:66:
25:f6:04:8d:3f:c3:ce:a4:18:b0:92:0e:eb:90:c8:
13:28:ed:67:61:8c:19:8e:06:2c:7a:b3:b3:3e:72:
ff:85:af:1f:3c:5a:75:92:75:d7:ae:03:57:07:8c:
ca:10:e2:77:8e:31:e8:5a:53:35:2a:f4:0a:17:16:
27:ce:cb:a6:f2:40:11:d5:04:06:7a:7a:74:8c:8b:
04:95:78:9d:bb:c3:0e:be:fb:f2:fa:5c:4b:6f:fa:
b0:cc:e1:4c:9c:32:cb:a6:6c:38:16:97:71:67:ca:
a3:55:ff:70:46:92:04:bb:e6:18:7c:30:0b:51:d3:
07:ac:45:31:7e:a4:e9:bd:bc:82:54:ce:e6:a3:b5:
7b:2a:9d:12:e5:b8:3c:0e:76:f2:4f:b3:34:75:3c:
c1:89:a7:8c:76:52:49:30:3e:1f:39:71:dc:eb:37:
c0:11:d2:70:08:d2:b3:6a:99:98:d5:bb:7b:3f:f5:
62:65:b6:47:9d:41:d3:35:b0:24:25:73:63:14:a4:
5c:99:ec:5a:d9:e1:5f:d0:25:c7:f4:56:85:9b:1f:
fe:39:31:06:5e:00:0f:20:58:59:b0:35:25:de:05:
1c:67:c7:8e:c2:f3:d0:03:e9:5c:98:4a:a6:c2:e5:
59:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:56:9F:6A:53:AA:F6:41:EE:41:C5:E5:49:51:81:27:67:48:7E:A8
X509v3 Authority Key Identifier:
keyid:00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/CVafalOq9kHuQcXlSVGBJ2dIfqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.160.0/24
Signature Algorithm: sha256WithRSAEncryption
16:57:0c:7c:59:ff:79:31:be:53:21:aa:75:b8:4a:cb:c3:a5:
3e:cf:1b:6d:97:aa:fc:fa:f2:29:9a:e4:37:d4:10:7e:21:ce:
9b:3f:28:63:af:72:ea:b1:4b:c9:fd:00:5d:c8:86:fe:a6:99:
95:42:40:aa:cf:95:5c:83:54:17:1e:52:3a:03:d9:85:b1:e3:
84:a4:0c:58:19:ff:b6:11:71:eb:f8:0f:88:82:fe:a2:76:84:
6d:79:7e:ad:32:53:71:ad:32:8b:8b:ee:1c:6c:22:3b:96:e4:
79:38:16:3a:e0:d0:d9:5e:15:d5:8d:d9:be:4f:54:fa:b4:86:
a0:64:a5:96:2c:a6:c3:f7:89:a2:28:65:5a:f5:f3:dc:c8:0e:
83:3c:e4:4a:4d:f6:52:8c:d1:15:4d:1b:c2:67:a0:90:6b:19:
34:60:60:19:4e:6d:39:3a:8d:2b:8f:65:3f:48:8e:4c:32:a4:
8c:b6:0b:41:69:10:4e:16:51:4a:51:53:30:f2:b1:19:51:3e:
6b:e2:ff:62:4b:d4:84:86:fd:07:af:56:48:06:6d:8f:40:7c:
b3:9d:19:6c:32:8a:e8:c6:bc:7f:79:79:86:69:96:a0:c2:b0:
71:dc:26:8e:df:ea:32:bd:1d:f3:b8:b7:4d:f2:cd:46:66:1d:
6b:53:1a:1f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAk/vsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MGUyYzMzNzMxYWRjYTU3ZGNjMzNiMmZiODIzM2ZjMDM4YjA5NWU5MB4XDTIyMDEw
MTAxNTkwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDk1NjlmNmE1M2Fh
ZjY0MWVlNDFjNWU1NDk1MTgxMjc2NzQ4N2VhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALnySFDDeIMQkXpwcH9mJfYEjT/DzqQYsJIO65DIEyjtZ2GM
GY4GLHqzsz5y/4WvHzxadZJ1164DVweMyhDid44x6FpTNSr0ChcWJ87LpvJAEdUE
Bnp6dIyLBJV4nbvDDr778vpcS2/6sMzhTJwyy6ZsOBaXcWfKo1X/cEaSBLvmGHww
C1HTB6xFMX6k6b28glTO5qO1eyqdEuW4PA528k+zNHU8wYmnjHZSSTA+Hzlx3Os3
wBHScAjSs2qZmNW7ez/1YmW2R51B0zWwJCVzYxSkXJnsWtnhX9Alx/RWhZsf/jkx
Bl4ADyBYWbA1Jd4FHGfHjsLz0APpXJhKpsLlWX0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQJVp9qU6r2Qe5BxeVJUYEnZ0h+qDAfBgNVHSMEGDAWgBQA4sM3Ma3KV9zD
Oy+4Iz/AOLCV6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FPTEROekd0eWxmY3d6c3Z1Q01fd0Rpd2xlay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvOWQ1ZmViLWJlZGEtNDE0Ny05ZDgzLWM5YWQzN2Y5NGNkNy8x
L0NWYWZhbE9xOWtIdVFjWGxTVkdCSjJkSWZxZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
OWQ1ZmViLWJlZGEtNDE0Ny05ZDgzLWM5YWQzN2Y5NGNkNy8xL0FPTEROekd0eWxm
Y3d6c3Z1Q01fd0Rpd2xlay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2coDANBgkqhkiG9w0BAQsFAAOC
AQEAFlcMfFn/eTG+UyGqdbhKy8OlPs8bbZeq/PryKZrkN9QQfiHOmz8oY69y6rFL
yf0AXciG/qaZlUJAqs+VXINUFx5SOgPZhbHjhKQMWBn/thFx6/gPiIL+onaEbXl+
rTJTca0yi4vuHGwiO5bkeTgWOuDQ2V4V1Y3Zvk9U+rSGoGSlliymw/eJoihlWvXz
3MgOgzzkSk32UozRFU0bwmegkGsZNGBgGU5tOTqNK49lP0iOTDKkjLYLQWkQThZR
SlFTMPKxGVE+a+L/YkvUhIb9B69WSAZtj0B8s50ZbDKK6Ma8f3l5hmmWoMKwcdwm
jt/qMr0d87i3TfLNRmYda1MaHw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:07 2025 by rpki-client