Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c88a8f-7be0-4e40-9ce6-d252a574ae8d/1/KRdayac3jbeCp-WSXM3Z0XdcziQ.roa
File: KRdayac3jbeCp-WSXM3Z0XdcziQ.roa (raw, json)
Hash identifier: AXsgSXgMaYBrJoMppcaX84VsQJR7wXnlbw7LozuC+xw=
Subject key identifier: 29:17:5A:C9:A7:37:8D:B7:82:A7:E5:92:5C:CD:D9:D1:77:5C:CE:24
Certificate issuer: /CN=ec917c0afda449ecc0429c046df50fbc959b4eea
Certificate serial: 059110E5
Authority key identifier: EC:91:7C:0A:FD:A4:49:EC:C0:42:9C:04:6D:F5:0F:BC:95:9B:4E:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7JF8Cv2kSezAQpwEbfUPvJWbTuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/c88a8f-7be0-4e40-9ce6-d252a574ae8d/1/KRdayac3jbeCp-WSXM3Z0XdcziQ.roa
Signing time: Sat 01 Jan 2022 02:53:12 +0000
ROA not before: Sat 01 Jan 2022 02:53:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48346
IP address blocks: 46.149.100.0/24 maxlen: 24
2a10:1c00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93393125 (0x59110e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec917c0afda449ecc0429c046df50fbc959b4eea
Validity
Not Before: Jan 1 02:53:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29175ac9a7378db782a7e5925ccdd9d1775cce24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:72:b6:9e:9c:c5:ff:fa:36:32:e8:6c:b3:44:
ae:ad:66:07:12:d8:6f:fc:03:17:36:5c:49:d1:2e:
c4:48:be:93:83:8f:85:43:df:5a:bc:0f:a8:89:4c:
d2:40:f5:8c:fb:2f:0f:8f:58:8b:c8:3f:08:19:7a:
75:e2:0f:75:1f:41:5e:c1:8b:60:cf:63:69:96:17:
04:58:a1:8e:ba:36:08:50:6b:dc:b4:4d:d6:eb:7c:
00:4c:8b:b1:61:5d:05:b1:fd:18:51:d2:93:9a:2e:
43:7c:53:84:78:07:ff:d0:f9:99:35:26:77:49:a4:
6f:cf:02:d7:4f:a4:78:df:0c:0e:80:77:bf:71:a9:
4e:35:f2:2e:df:63:a0:08:12:13:80:f1:36:04:7f:
62:25:af:a5:4a:0d:fc:00:d6:82:6a:70:00:2d:0e:
26:13:a9:3f:fd:5e:9c:89:f6:19:ee:ed:72:20:f7:
02:f8:01:69:5b:d1:fb:4d:72:18:08:53:3e:65:0e:
67:4f:a7:54:12:b2:14:ca:6a:09:a2:9c:83:1f:9c:
43:54:de:79:d3:43:ef:fd:f2:24:05:79:07:be:90:
7d:70:a9:91:6a:b9:0f:2c:4c:3e:1d:b5:6a:bf:21:
82:ff:c8:29:fc:c6:ac:a5:5d:a2:e0:df:09:30:46:
e1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:17:5A:C9:A7:37:8D:B7:82:A7:E5:92:5C:CD:D9:D1:77:5C:CE:24
X509v3 Authority Key Identifier:
keyid:EC:91:7C:0A:FD:A4:49:EC:C0:42:9C:04:6D:F5:0F:BC:95:9B:4E:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7JF8Cv2kSezAQpwEbfUPvJWbTuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c88a8f-7be0-4e40-9ce6-d252a574ae8d/1/KRdayac3jbeCp-WSXM3Z0XdcziQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c88a8f-7be0-4e40-9ce6-d252a574ae8d/1/7JF8Cv2kSezAQpwEbfUPvJWbTuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.100.0/24
IPv6:
2a10:1c00::/29
Signature Algorithm: sha256WithRSAEncryption
9a:2c:9f:18:4e:1f:32:4e:3c:27:a6:15:44:9c:56:a9:55:60:
af:ae:a1:ca:6e:e4:27:de:d9:2f:ed:d8:ee:62:16:c4:bc:f1:
2f:c5:d0:d0:84:21:90:8d:4d:16:58:e9:0d:48:e6:87:df:c1:
bf:1f:03:c0:2f:ac:f8:44:d2:c4:85:b4:f5:f4:7a:97:65:61:
99:23:8a:76:3a:f9:90:20:9f:40:36:24:71:4e:5e:59:b7:4a:
be:ce:cc:86:bd:30:53:33:2d:ed:25:0a:9b:20:23:c3:84:6b:
13:66:28:90:eb:36:ad:e8:87:2b:94:6b:38:02:cf:d3:26:99:
c5:0c:06:bc:0f:5a:44:72:15:60:4e:9d:7a:0f:dc:0b:e0:bc:
58:70:03:dc:2b:f9:11:ef:3f:b8:40:3e:50:f6:87:19:27:74:
87:26:eb:f4:34:d7:ee:76:2a:f3:23:a0:ac:6d:c9:49:c5:07:
bf:be:07:20:a8:10:3f:7f:46:4b:96:d8:4a:4a:82:9c:2c:59:
74:f4:29:30:61:4f:4d:79:38:ef:6a:3a:a7:37:ad:bd:e0:d7:
98:b5:33:1a:8e:9e:47:91:09:73:8b:50:92:89:a9:0d:b5:19:
87:c3:05:c7:43:61:a9:eb:b4:a8:3d:5d:73:1c:84:64:96:fe:
63:de:e8:73
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBZEQ5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzkxN2MwYWZkYTQ0OWVjYzA0MjljMDQ2ZGY1MGZiYzk1OWI0ZWVhMB4XDTIyMDEw
MTAyNTMxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjkxNzVhYzlhNzM3
OGRiNzgyYTdlNTkyNWNjZGQ5ZDE3NzVjY2UyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhytp6cxf/6NjLobLNErq1mBxLYb/wDFzZcSdEuxEi+k4OP
hUPfWrwPqIlM0kD1jPsvD49Yi8g/CBl6deIPdR9BXsGLYM9jaZYXBFihjro2CFBr
3LRN1ut8AEyLsWFdBbH9GFHSk5ouQ3xThHgH/9D5mTUmd0mkb88C10+keN8MDoB3
v3GpTjXyLt9joAgSE4DxNgR/YiWvpUoN/ADWgmpwAC0OJhOpP/1enIn2Ge7tciD3
AvgBaVvR+01yGAhTPmUOZ0+nVBKyFMpqCaKcgx+cQ1TeedND7/3yJAV5B76QfXCp
kWq5DyxMPh21ar8hgv/IKfzGrKVdouDfCTBG4SUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQpF1rJpzeNt4Kn5ZJczdnRd1zOJDAfBgNVHSMEGDAWgBTskXwK/aRJ7MBC
nARt9Q+8lZtO6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdKRjhDdjJrU2V6QVFwd0ViZlVQdkpXYlR1by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvYzg4YThmLTdiZTAtNGU0MC05Y2U2LWQyNTJhNTc0YWU4ZC8x
L0tSZGF5YWMzamJlQ3AtV1NYTTNaMFhkY3ppUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
Yzg4YThmLTdiZTAtNGU0MC05Y2U2LWQyNTJhNTc0YWU4ZC8xLzdKRjhDdjJrU2V6
QVFwd0ViZlVQdkpXYlR1by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAC6VZDANBAIAAjAHAwUDKhAcADAN
BgkqhkiG9w0BAQsFAAOCAQEAmiyfGE4fMk48J6YVRJxWqVVgr66hym7kJ97ZL+3Y
7mIWxLzxL8XQ0IQhkI1NFljpDUjmh9/Bvx8DwC+s+ETSxIW09fR6l2VhmSOKdjr5
kCCfQDYkcU5eWbdKvs7Mhr0wUzMt7SUKmyAjw4RrE2YokOs2reiHK5RrOALP0yaZ
xQwGvA9aRHIVYE6deg/cC+C8WHAD3Cv5Ee8/uEA+UPaHGSd0hybr9DTX7nYq8yOg
rG3JScUHv74HIKgQP39GS5bYSkqCnCxZdPQpMGFPTXk472o6pzetveDXmLUzGo6e
R5EJc4tQkompDbUZh8MFx0Nhqeu0qD1dcxyEZJb+Y97ocw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:07 2025 by rpki-client