Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/VLsm1myY_zBOYeFZk-0a00R4QP4.roa
File: VLsm1myY_zBOYeFZk-0a00R4QP4.roa (raw, json)
Hash identifier: Y9vOpLa1IS36Y42Xvrzghaou3rn5HQoA7tezHr78JF4=
Subject key identifier: 54:BB:26:D6:6C:98:FF:30:4E:61:E1:59:93:ED:1A:D3:44:78:40:FE
Certificate issuer: /CN=00e2c33731adca57dcc33b2fb8233fc038b095e9
Certificate serial: 01856F30181D577D4E77474C6136980A6803
Authority key identifier: 00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/VLsm1myY_zBOYeFZk-0a00R4QP4.roa
Signing time: Sun 01 Jan 2023 21:15:00 +0000
ROA not before: Sun 01 Jan 2023 21:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23528
IP address blocks: 45.156.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:18:1d:57:7d:4e:77:47:4c:61:36:98:0a:68:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e2c33731adca57dcc33b2fb8233fc038b095e9
Validity
Not Before: Jan 1 21:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=54bb26d66c98ff304e61e15993ed1ad3447840fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:64:85:cb:58:c4:7c:bc:a8:e7:52:d3:25:2e:
6e:53:86:4d:f4:b9:3d:fe:c9:6a:20:54:92:29:0a:
05:94:3b:8a:5f:2c:af:d5:f8:f6:d2:ae:35:17:ee:
8f:00:d2:d3:91:8b:cd:37:8b:e2:44:7e:8e:99:aa:
86:74:98:b9:20:85:f3:88:6b:74:b7:65:bc:6a:ed:
58:bf:2f:98:02:ca:0b:5a:50:7a:19:1f:b0:ba:9e:
36:db:61:d2:35:c3:0c:b6:71:de:2f:7b:1d:93:f2:
4d:81:af:a9:3a:99:e7:d2:a6:d5:bb:ac:1e:c5:15:
67:0e:f6:3f:42:a6:34:72:b2:1f:66:ed:eb:3c:d8:
a3:f4:e1:ca:ab:f1:8b:d2:26:72:b8:d6:e5:db:e4:
6f:01:2f:c6:f9:1c:6b:74:d5:45:5e:ba:6d:1e:38:
57:a0:df:19:4a:6b:12:a5:0b:6f:58:4b:50:ae:fe:
1f:df:32:79:b8:84:17:98:18:28:07:dd:14:dd:37:
b3:16:2f:70:f7:12:4d:2d:d9:93:0a:22:2c:7a:cc:
d8:a3:9b:ad:a9:de:36:45:f8:9f:d5:1f:2b:1b:27:
ac:6a:58:b6:3c:85:04:d6:4d:73:a6:54:8b:bd:17:
73:97:47:08:37:08:12:40:db:c8:85:c2:87:a0:9f:
90:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:BB:26:D6:6C:98:FF:30:4E:61:E1:59:93:ED:1A:D3:44:78:40:FE
X509v3 Authority Key Identifier:
keyid:00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/VLsm1myY_zBOYeFZk-0a00R4QP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.161.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:93:7c:b0:e3:25:71:6b:8d:83:be:5d:c9:8d:f8:25:00:27:
61:3b:75:2d:da:1c:da:b9:88:f5:66:b7:59:ea:ed:1b:56:2f:
f8:46:68:69:61:c2:5e:f3:2c:f6:46:f5:eb:03:b1:ac:1a:20:
f5:dc:38:57:83:da:3b:a3:69:dd:cf:d3:2f:85:74:79:81:c1:
56:e2:fd:dd:ea:4b:e7:6e:6c:b0:22:c6:0c:d1:78:2f:f0:d1:
56:26:8a:2e:96:7c:24:a1:d0:14:27:a2:79:a3:b3:35:b8:f0:
85:b2:dd:73:27:86:22:e6:bf:8d:8d:b6:24:eb:2b:ee:7d:fb:
5b:75:1f:df:3c:75:40:21:03:99:99:3c:da:6b:51:eb:26:0e:
0b:5c:03:e5:c1:74:61:d8:c6:53:6b:32:c5:46:97:b8:25:60:
4f:91:aa:5d:8c:c9:50:c6:ac:ec:ff:67:ee:2b:7f:a3:42:74:
6f:ab:78:ae:95:a6:e3:e0:c3:bc:6e:a7:4d:89:07:75:b8:22:
f4:90:9e:72:36:24:23:f1:8b:02:82:e2:bd:ec:99:1f:46:49:
63:2a:7c:7a:92:fa:43:94:3b:a9:63:f9:60:09:12:48:db:10:
10:bf:ed:2d:95:63:38:2d:f3:ba:b0:ec:08:67:94:da:15:d5:
b2:de:d7:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvMBgdV31Od0dMYTaYCmgDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTJjMzM3MzFhZGNhNTdkY2MzM2IyZmI4MjMzZmMwMzhi
MDk1ZTkwHhcNMjMwMTAxMjExNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGJiMjZkNjZjOThmZjMwNGU2MWUxNTk5M2VkMWFkMzQ0Nzg0MGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22SFy1jEfLyo51LTJS5uU4ZN9Lk9
/slqIFSSKQoFlDuKXyyv1fj20q41F+6PANLTkYvNN4viRH6OmaqGdJi5IIXziGt0
t2W8au1Yvy+YAsoLWlB6GR+wup4222HSNcMMtnHeL3sdk/JNga+pOpnn0qbVu6we
xRVnDvY/QqY0crIfZu3rPNij9OHKq/GL0iZyuNbl2+RvAS/G+RxrdNVFXrptHjhX
oN8ZSmsSpQtvWEtQrv4f3zJ5uIQXmBgoB90U3TezFi9w9xJNLdmTCiIseszYo5ut
qd42Rfif1R8rGyesali2PIUE1k1zplSLvRdzl0cINwgSQNvIhcKHoJ+QMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFS7JtZsmP8wTmHhWZPtGtNEeED+MB8GA1UdIwQY
MBaAFADiwzcxrcpX3MM7L7gjP8A4sJXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS85ZDVmZWItYmVkYS00MTQ3LTlkODMt
YzlhZDM3Zjk0Y2Q3LzEvVkxzbTFteVlfekJPWWVGWmstMGEwMFI0UVA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS85ZDVmZWItYmVkYS00MTQ3LTlkODMtYzlhZDM3Zjk0Y2Q3
LzEvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZyhMA0G
CSqGSIb3DQEBCwUAA4IBAQCjk3yw4yVxa42Dvl3JjfglACdhO3Ut2hzauYj1ZrdZ
6u0bVi/4RmhpYcJe8yz2RvXrA7GsGiD13DhXg9o7o2ndz9MvhXR5gcFW4v3d6kvn
bmywIsYM0Xgv8NFWJooulnwkodAUJ6J5o7M1uPCFst1zJ4Yi5r+NjbYk6yvufftb
dR/fPHVAIQOZmTzaa1HrJg4LXAPlwXRh2MZTazLFRpe4JWBPkapdjMlQxqzs/2fu
K3+jQnRvq3iulabj4MO8bqdNiQd1uCL0kJ5yNiQj8YsCguK97JkfRkljKnx6kvpD
lDupY/lgCRJI2xAQv+0tlWM4LfO6sOwIZ5TaFdWy3td1
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:07 2025 by rpki-client