Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/b9RQmsKC3IxERQrOJOr01ZZPF90.roa
File: b9RQmsKC3IxERQrOJOr01ZZPF90.roa (raw, json)
Hash identifier: Md3c4Qt7BGSMmdtonDwSpP8Qd9IL30ruz+mpIVtlIN0=
Subject key identifier: 6F:D4:50:9A:C2:82:DC:8C:44:45:0A:CE:24:EA:F4:D5:96:4F:17:DD
Certificate issuer: /CN=00e2c33731adca57dcc33b2fb8233fc038b095e9
Certificate serial: 01856F30198F3457FC322B956558646F2432
Authority key identifier: 00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/b9RQmsKC3IxERQrOJOr01ZZPF90.roa
Signing time: Sun 01 Jan 2023 21:15:01 +0000
ROA not before: Sun 01 Jan 2023 21:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57648
IP address blocks: 45.156.162.0/24 maxlen: 24
45.156.160.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:19:8f:34:57:fc:32:2b:95:65:58:64:6f:24:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e2c33731adca57dcc33b2fb8233fc038b095e9
Validity
Not Before: Jan 1 21:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fd4509ac282dc8c44450ace24eaf4d5964f17dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f1:2e:56:66:5b:77:b5:1f:8d:a3:a5:22:09:
1d:de:4f:1b:70:6e:e4:23:00:5c:05:73:0f:62:72:
9c:9b:e5:f7:28:b2:f5:cd:a8:13:b9:fa:31:f3:cb:
40:9d:63:57:da:91:39:f4:e0:a0:66:60:ed:19:1e:
ea:fa:85:43:12:24:20:0d:57:21:91:6a:2d:3a:3a:
77:8a:0d:09:a5:79:d5:2c:08:57:b8:c7:92:ef:be:
88:6d:56:96:9c:73:40:48:2a:ea:b5:fd:db:53:75:
21:39:cd:c0:d8:2b:2b:58:30:4d:e8:67:a6:c5:b9:
1c:83:51:eb:41:8a:07:da:bf:af:82:b8:da:14:2b:
7b:c1:a1:a4:51:44:85:ff:98:25:0d:c8:54:53:bc:
4d:cc:80:69:29:8f:bf:00:d3:67:d7:91:39:3b:7d:
00:c7:09:6f:85:d9:8a:38:61:ed:16:cb:72:29:2b:
7e:06:98:93:34:f7:42:d1:9e:3a:64:21:0b:f6:d3:
8d:17:c5:45:fa:f5:ba:c6:04:c9:33:21:e5:2d:ab:
1d:bc:c6:c3:99:4a:62:30:f1:36:39:21:40:91:69:
24:5d:eb:0e:9c:b3:8b:3c:5f:58:ac:33:d3:ea:ee:
c6:df:74:8f:a4:80:0e:21:e7:69:81:00:eb:89:ad:
0c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:D4:50:9A:C2:82:DC:8C:44:45:0A:CE:24:EA:F4:D5:96:4F:17:DD
X509v3 Authority Key Identifier:
keyid:00:E2:C3:37:31:AD:CA:57:DC:C3:3B:2F:B8:23:3F:C0:38:B0:95:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOLDNzGtylfcwzsvuCM_wDiwlek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/b9RQmsKC3IxERQrOJOr01ZZPF90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/9d5feb-beda-4147-9d83-c9ad37f94cd7/1/AOLDNzGtylfcwzsvuCM_wDiwlek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.160.0/24
45.156.162.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:ac:b7:47:8f:f8:99:c9:6b:e2:42:9f:cd:fa:16:6d:01:a3:
a7:e9:c4:99:3c:c9:dd:3d:1b:ba:79:77:de:2a:18:10:c4:7a:
ad:93:f7:a6:cc:39:0c:41:23:5f:12:7a:c5:ca:b6:ac:c9:b7:
61:71:03:4c:17:05:b4:e6:2f:df:7e:ab:87:0f:c1:01:c3:b8:
60:c3:ad:fe:e4:7f:26:e1:21:40:89:3c:1e:00:98:2c:a1:7e:
67:0d:12:9d:1a:be:fe:55:12:27:c4:03:86:d3:db:46:3f:90:
cd:3c:5f:ff:fe:fa:af:55:78:58:6b:f4:3f:68:e2:c9:83:e6:
7e:f2:6a:9a:4b:59:7e:84:ad:d6:f3:21:d0:b7:1f:69:4d:80:
b0:5a:57:a2:e9:91:87:62:ed:53:1a:c9:30:91:6a:dc:3c:5e:
c0:27:3c:5b:b9:96:6b:5d:1a:f4:f9:0b:31:0c:fe:ac:05:ee:
e7:00:e8:b6:90:8c:5d:a4:82:c4:2d:6a:7a:35:f1:9f:e1:17:
13:84:62:b4:61:dd:0c:dd:ff:28:9b:e6:26:54:f5:02:7b:7f:
c1:2d:ec:14:15:2b:17:d6:d1:dd:18:bd:82:d7:58:66:3f:04:
49:72:7a:af:85:a9:d5:80:66:87:bc:b3:b5:ed:40:11:a0:b2:
93:e2:44:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvMBmPNFf8MiuVZVhkbyQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTJjMzM3MzFhZGNhNTdkY2MzM2IyZmI4MjMzZmMwMzhi
MDk1ZTkwHhcNMjMwMTAxMjExNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmQ0NTA5YWMyODJkYzhjNDQ0NTBhY2UyNGVhZjRkNTk2NGYxN2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPEuVmZbd7UfjaOlIgkd3k8bcG7k
IwBcBXMPYnKcm+X3KLL1zagTufox88tAnWNX2pE59OCgZmDtGR7q+oVDEiQgDVch
kWotOjp3ig0JpXnVLAhXuMeS776IbVaWnHNASCrqtf3bU3UhOc3A2CsrWDBN6Gem
xbkcg1HrQYoH2r+vgrjaFCt7waGkUUSF/5glDchUU7xNzIBpKY+/ANNn15E5O30A
xwlvhdmKOGHtFstyKSt+BpiTNPdC0Z46ZCEL9tONF8VF+vW6xgTJMyHlLasdvMbD
mUpiMPE2OSFAkWkkXesOnLOLPF9YrDPT6u7G33SPpIAOIedpgQDria0MEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG/UUJrCgtyMREUKziTq9NWWTxfdMB8GA1UdIwQY
MBaAFADiwzcxrcpX3MM7L7gjP8A4sJXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS85ZDVmZWItYmVkYS00MTQ3LTlkODMt
YzlhZDM3Zjk0Y2Q3LzEvYjlSUW1zS0MzSXhFUlFyT0pPcjAxWlpQRjkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS85ZDVmZWItYmVkYS00MTQ3LTlkODMtYzlhZDM3Zjk0Y2Q3
LzEvQU9MRE56R3R5bGZjd3pzdnVDTV93RGl3bGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZygAwQA
LZyiMA0GCSqGSIb3DQEBCwUAA4IBAQAsrLdHj/iZyWviQp/N+hZtAaOn6cSZPMnd
PRu6eXfeKhgQxHqtk/emzDkMQSNfEnrFyrasybdhcQNMFwW05i/ffquHD8EBw7hg
w63+5H8m4SFAiTweAJgsoX5nDRKdGr7+VRInxAOG09tGP5DNPF///vqvVXhYa/Q/
aOLJg+Z+8mqaS1l+hK3W8yHQtx9pTYCwWlei6ZGHYu1TGskwkWrcPF7AJzxbuZZr
XRr0+QsxDP6sBe7nAOi2kIxdpILELWp6NfGf4RcThGK0Yd0M3f8om+YmVPUCe3/B
LewUFSsX1tHdGL2C11hmPwRJcnqvhanVgGaHvLO17UARoLKT4kQz
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:03:47 2025 by rpki-client