Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/AKPaqmQlfiNNBN9Wx661_fnBEUU.roa
File: AKPaqmQlfiNNBN9Wx661_fnBEUU.roa (raw, json)
Hash identifier: bqgfHCNfT3dVqpZaj7hWYDFNiXDv0+hXIRppfUnlpeE=
Subject key identifier: 00:A3:DA:AA:64:25:7E:23:4D:04:DF:56:C7:AE:B5:FD:F9:C1:11:45
Certificate issuer: /CN=2890da765a999f719875c51eecf4c7d6148a1bd9
Certificate serial: 018634E9E14F1E2F5EC59D247854B6C84A24
Authority key identifier: 28:90:DA:76:5A:99:9F:71:98:75:C5:1E:EC:F4:C7:D6:14:8A:1B:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KJDadlqZn3GYdcUe7PTH1hSKG9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/AKPaqmQlfiNNBN9Wx661_fnBEUU.roa
Signing time: Thu 09 Feb 2023 06:43:07 +0000
ROA not before: Thu 09 Feb 2023 06:43:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208339
IP address blocks: 45.143.204.0/23 maxlen: 24
45.143.204.0/24 maxlen: 24
45.143.204.0/22 maxlen: 23
45.143.205.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:34:e9:e1:4f:1e:2f:5e:c5:9d:24:78:54:b6:c8:4a:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2890da765a999f719875c51eecf4c7d6148a1bd9
Validity
Not Before: Feb 9 06:43:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00a3daaa64257e234d04df56c7aeb5fdf9c11145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:21:70:55:42:7e:eb:19:db:7c:fd:be:19:2d:
f4:af:65:1d:11:cc:1a:13:ac:39:22:76:67:f2:20:
d4:e5:2c:67:c7:de:98:3c:3e:63:8c:78:e4:e4:dd:
85:97:31:a4:78:50:e1:22:33:ae:8e:08:fb:88:8b:
6b:c1:90:d1:1e:d8:3c:82:ef:63:69:cf:85:dd:8c:
11:25:8f:6f:c4:88:f3:9b:6c:fb:84:18:4a:6e:15:
59:c9:9d:45:51:d7:62:e5:26:d3:ef:d8:01:09:ee:
b0:5d:7b:56:76:f9:f1:0c:a7:bd:12:90:a2:68:fc:
13:fe:25:d2:e8:70:a5:e2:99:fd:41:50:50:f0:7a:
43:ef:c6:c2:b5:00:11:6e:9f:26:44:f4:33:6d:78:
44:a5:1e:d9:6e:d9:01:e5:fa:f0:34:3a:1a:c2:0b:
7b:1c:4c:66:ce:e5:3c:40:58:c3:5e:dd:f1:a2:1f:
61:be:2f:19:89:7c:aa:96:cb:3e:d6:64:13:b9:e1:
c9:dd:ec:48:83:40:23:d5:4c:8f:31:46:15:42:06:
8a:b0:67:de:e0:6b:14:5b:6f:89:83:39:8d:3d:88:
06:55:03:d8:60:4e:32:4c:0d:c5:0c:cd:71:df:5f:
4e:d2:88:df:e8:d3:c5:d7:7a:18:76:31:46:9b:16:
d5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:A3:DA:AA:64:25:7E:23:4D:04:DF:56:C7:AE:B5:FD:F9:C1:11:45
X509v3 Authority Key Identifier:
keyid:28:90:DA:76:5A:99:9F:71:98:75:C5:1E:EC:F4:C7:D6:14:8A:1B:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KJDadlqZn3GYdcUe7PTH1hSKG9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/AKPaqmQlfiNNBN9Wx661_fnBEUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2bbcd4-edab-48ee-a411-28fc7063d952/1/KJDadlqZn3GYdcUe7PTH1hSKG9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.204.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:dc:d0:dc:64:2a:c6:64:e2:d2:14:85:11:b4:09:42:8c:48:
45:00:64:10:73:bb:a5:0d:f4:16:ce:d0:96:f0:a4:b6:11:24:
ef:a4:f2:84:79:34:3a:af:d9:c5:07:e6:fb:ff:5a:cd:1c:03:
f6:0c:8a:50:d9:0e:9b:b7:76:c6:21:d2:2a:05:d7:4e:fd:5e:
b5:94:5e:5f:9f:e7:05:ed:13:73:5d:b4:d3:f4:55:75:42:8d:
ee:29:88:fc:b1:20:2f:18:b6:ce:58:ea:25:30:a0:bc:30:3a:
8b:df:f6:06:fb:78:da:a4:aa:fb:09:39:1b:66:e9:a9:3b:22:
b7:2c:09:b1:26:1f:e1:ef:8d:c7:46:8b:9e:6e:8d:75:a0:b6:
ad:be:2a:c3:71:b1:a1:f0:77:31:d0:52:44:4b:56:eb:02:30:
20:de:df:28:9d:34:72:31:ab:1a:8a:b8:a6:65:a2:4c:37:bc:
aa:66:fb:9c:9c:52:9e:4c:1d:6c:93:6f:f2:48:6c:70:be:1a:
af:c1:aa:45:17:af:11:15:5b:f9:2e:be:5b:b0:d2:0c:5f:ca:
03:2e:59:ab:25:e1:fc:bc:f5:10:71:0e:46:a2:57:29:f8:29:
b0:8a:0c:ef:8c:4e:0d:07:bb:8f:4b:f9:d1:0b:1b:3e:02:c8:
77:cd:a8:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYY06eFPHi9exZ0keFS2yEokMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4OTBkYTc2NWE5OTlmNzE5ODc1YzUxZWVjZjRjN2Q2MTQ4
YTFiZDkwHhcNMjMwMjA5MDY0MzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGEzZGFhYTY0MjU3ZTIzNGQwNGRmNTZjN2FlYjVmZGY5YzExMTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCFwVUJ+6xnbfP2+GS30r2UdEcwa
E6w5InZn8iDU5Sxnx96YPD5jjHjk5N2FlzGkeFDhIjOujgj7iItrwZDRHtg8gu9j
ac+F3YwRJY9vxIjzm2z7hBhKbhVZyZ1FUddi5SbT79gBCe6wXXtWdvnxDKe9EpCi
aPwT/iXS6HCl4pn9QVBQ8HpD78bCtQARbp8mRPQzbXhEpR7ZbtkB5frwNDoawgt7
HExmzuU8QFjDXt3xoh9hvi8ZiXyqlss+1mQTueHJ3exIg0Aj1UyPMUYVQgaKsGfe
4GsUW2+JgzmNPYgGVQPYYE4yTA3FDM1x319O0ojf6NPF13oYdjFGmxbVCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFACj2qpkJX4jTQTfVseutf35wRFFMB8GA1UdIwQY
MBaAFCiQ2nZamZ9xmHXFHuz0x9YUihvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0pEYWRscVpuM0dZZGNVZTdQVEgxaFNLRzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yYmJjZDQtZWRhYi00OGVlLWE0MTEt
MjhmYzcwNjNkOTUyLzEvQUtQYXFtUWxmaU5OQk45V3g2NjFfZm5CRVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yYmJjZDQtZWRhYi00OGVlLWE0MTEtMjhmYzcwNjNkOTUy
LzEvS0pEYWRscVpuM0dZZGNVZTdQVEgxaFNLRzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLY/MMA0G
CSqGSIb3DQEBCwUAA4IBAQBc3NDcZCrGZOLSFIURtAlCjEhFAGQQc7ulDfQWztCW
8KS2ESTvpPKEeTQ6r9nFB+b7/1rNHAP2DIpQ2Q6bt3bGIdIqBddO/V61lF5fn+cF
7RNzXbTT9FV1Qo3uKYj8sSAvGLbOWOolMKC8MDqL3/YG+3japKr7CTkbZumpOyK3
LAmxJh/h743HRouebo11oLatvirDcbGh8Hcx0FJES1brAjAg3t8onTRyMasairim
ZaJMN7yqZvucnFKeTB1sk2/ySGxwvhqvwapFF68RFVv5Lr5bsNIMX8oDLlmrJeH8
vPUQcQ5Golcp+CmwigzvjE4NB7uPS/nRCxs+Ash3zai7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:46 2025 by rpki-client