Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/7c3a18-0ec9-4157-bf5a-5207f664df21/1/KakAwcPu3x4JE5wfwYhoC5qgEqM.roa
File: KakAwcPu3x4JE5wfwYhoC5qgEqM.roa (raw, json)
Hash identifier: ms8DY8I02Ugf2EGsGzL8OWALmT35pvrO9DKDNrX+Ws4=
Subject key identifier: 29:A9:00:C1:C3:EE:DF:1E:09:13:9C:1F:C1:88:68:0B:9A:A0:12:A3
Certificate issuer: /CN=16d31b2d899d6eb2bcb7a4d78cc3100dce30c90c
Certificate serial: 018AFA9F99140F4A5163F4F65C08176C68C7
Authority key identifier: 16:D3:1B:2D:89:9D:6E:B2:BC:B7:A4:D7:8C:C3:10:0D:CE:30:C9:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FtMbLYmdbrK8t6TXjMMQDc4wyQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/7c3a18-0ec9-4157-bf5a-5207f664df21/1/KakAwcPu3x4JE5wfwYhoC5qgEqM.roa
Signing time: Wed 04 Oct 2023 12:17:57 +0000
ROA not before: Wed 04 Oct 2023 12:17:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61970
IP address blocks: 45.93.90.0/24 maxlen: 24
45.93.91.0/24 maxlen: 24
45.93.88.0/23 maxlen: 24
185.48.145.0/24 maxlen: 24
185.48.144.0/24 maxlen: 24
185.48.146.0/24 maxlen: 24
185.48.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:9f:99:14:0f:4a:51:63:f4:f6:5c:08:17:6c:68:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16d31b2d899d6eb2bcb7a4d78cc3100dce30c90c
Validity
Not Before: Oct 4 12:17:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29a900c1c3eedf1e09139c1fc188680b9aa012a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ca:3c:1f:19:6b:00:12:c1:66:1c:61:7f:97:
ee:e3:48:53:d4:43:43:cf:bd:ec:8a:a5:4a:d6:61:
f1:67:a6:db:54:d8:51:5b:62:09:06:80:33:0e:09:
34:6c:67:6f:df:44:52:7f:f7:bb:4c:73:30:a5:00:
75:f7:d2:24:1a:f2:05:ad:2a:b5:fa:db:06:dc:91:
bc:34:ba:74:4f:26:05:ef:e4:89:99:a9:c0:95:b8:
ac:be:bc:d2:c3:f3:0c:a7:5a:bd:e2:19:4f:e4:a9:
cc:60:dc:8a:de:1a:65:86:ee:18:a3:47:66:d1:01:
87:69:0a:03:20:17:7f:72:d7:21:81:f8:00:fd:56:
24:9b:58:4c:fc:43:cb:4b:53:55:0c:4f:d7:c5:c3:
b0:05:72:22:17:1b:ea:9a:35:a5:b9:8a:2c:59:0f:
49:7b:6a:dc:59:28:c5:00:da:46:a7:65:82:fb:61:
ef:da:e4:c9:da:f3:9e:ad:d6:43:f9:5c:80:15:b1:
0b:32:14:38:a9:aa:1f:9c:0a:ba:75:67:d6:49:86:
7b:f3:1d:3b:00:70:3a:a4:6f:df:4b:b0:ad:67:03:
42:a7:51:7b:17:e4:a8:d2:2c:cc:a4:9c:ef:ff:ca:
b8:1b:f7:bd:a1:be:c3:28:ae:06:fe:22:e6:f6:69:
c6:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A9:00:C1:C3:EE:DF:1E:09:13:9C:1F:C1:88:68:0B:9A:A0:12:A3
X509v3 Authority Key Identifier:
keyid:16:D3:1B:2D:89:9D:6E:B2:BC:B7:A4:D7:8C:C3:10:0D:CE:30:C9:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FtMbLYmdbrK8t6TXjMMQDc4wyQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/7c3a18-0ec9-4157-bf5a-5207f664df21/1/KakAwcPu3x4JE5wfwYhoC5qgEqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/7c3a18-0ec9-4157-bf5a-5207f664df21/1/FtMbLYmdbrK8t6TXjMMQDc4wyQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.88.0/22
185.48.144.0/22
Signature Algorithm: sha256WithRSAEncryption
91:fb:08:d0:01:77:43:1e:66:ad:fb:c6:3d:8f:21:f8:e4:35:
10:59:43:46:e3:42:66:fd:0d:83:d7:4d:6e:f9:04:98:0a:e2:
8c:57:7e:50:2a:ae:e5:5b:aa:36:93:40:c3:d5:e4:73:0f:09:
86:44:78:b6:80:b7:91:17:cf:f9:85:a1:cb:87:a5:f8:fa:9e:
bc:bb:d6:c3:01:3e:2d:0b:78:37:c4:4f:c1:55:16:c7:86:ce:
7e:1b:5e:31:1a:b8:b0:53:65:73:f3:fb:e9:81:49:48:1e:b7:
f4:25:a9:85:d3:eb:c5:51:e1:72:8c:ba:f5:85:0a:a0:d4:d0:
dd:d2:38:7c:c8:94:40:4a:0c:84:b1:26:09:64:b0:12:62:a8:
2c:f9:03:4c:46:f4:90:b4:b1:72:cd:e5:3e:58:d3:5e:b4:0c:
8e:8c:59:dd:78:0b:c3:bb:c6:49:e2:17:de:8c:9c:2d:b8:dc:
7e:3c:fb:d0:2f:17:9c:23:3c:e3:52:9e:69:a1:5d:87:78:99:
b1:cb:a4:0c:b6:e5:c7:fc:e8:cc:a8:02:7c:93:16:19:e4:4a:
b0:e2:9f:be:50:d7:05:1e:b1:c9:b9:c1:05:7e:2c:a3:2a:2a:
ae:7a:a1:bd:39:69:31:7f:2d:68:5a:5d:a0:0f:c0:65:44:fd:
12:92:58:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYr6n5kUD0pRY/T2XAgXbGjHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ZDMxYjJkODk5ZDZlYjJiY2I3YTRkNzhjYzMxMDBkY2Uz
MGM5MGMwHhcNMjMxMDA0MTIxNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWE5MDBjMWMzZWVkZjFlMDkxMzljMWZjMTg4NjgwYjlhYTAxMmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Mo8HxlrABLBZhxhf5fu40hT1END
z73siqVK1mHxZ6bbVNhRW2IJBoAzDgk0bGdv30RSf/e7THMwpQB199IkGvIFrSq1
+tsG3JG8NLp0TyYF7+SJmanAlbisvrzSw/MMp1q94hlP5KnMYNyK3hplhu4Yo0dm
0QGHaQoDIBd/ctchgfgA/VYkm1hM/EPLS1NVDE/XxcOwBXIiFxvqmjWluYosWQ9J
e2rcWSjFANpGp2WC+2Hv2uTJ2vOerdZD+VyAFbELMhQ4qaofnAq6dWfWSYZ78x07
AHA6pG/fS7CtZwNCp1F7F+So0izMpJzv/8q4G/e9ob7DKK4G/iLm9mnGKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCmpAMHD7t8eCROcH8GIaAuaoBKjMB8GA1UdIwQY
MBaAFBbTGy2JnW6yvLek14zDEA3OMMkMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnRNYkxZbWRicks4dDZUWGpNTVFEYzR3eVF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS83YzNhMTgtMGVjOS00MTU3LWJmNWEt
NTIwN2Y2NjRkZjIxLzEvS2FrQXdjUHUzeDRKRTV3ZndZaG9DNXFnRXFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS83YzNhMTgtMGVjOS00MTU3LWJmNWEtNTIwN2Y2NjRkZjIx
LzEvRnRNYkxZbWRicks4dDZUWGpNTVFEYzR3eVF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLV1YAwQC
uTCQMA0GCSqGSIb3DQEBCwUAA4IBAQCR+wjQAXdDHmat+8Y9jyH45DUQWUNG40Jm
/Q2D101u+QSYCuKMV35QKq7lW6o2k0DD1eRzDwmGRHi2gLeRF8/5haHLh6X4+p68
u9bDAT4tC3g3xE/BVRbHhs5+G14xGriwU2Vz8/vpgUlIHrf0JamF0+vFUeFyjLr1
hQqg1NDd0jh8yJRASgyEsSYJZLASYqgs+QNMRvSQtLFyzeU+WNNetAyOjFndeAvD
u8ZJ4hfejJwtuNx+PPvQLxecIzzjUp5poV2HeJmxy6QMtuXH/OjMqAJ8kxYZ5Eqw
4p++UNcFHrHJucEFfiyjKiqueqG9OWkxfy1oWl2gD8BlRP0SkljM
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:21 2025 by rpki-client