Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/f1d976-726b-4cb7-9fa2-02b33582c747/1/KaW_B5nyOmuzLTXnJAPKKaG1cug.roa
File: KaW_B5nyOmuzLTXnJAPKKaG1cug.roa (raw, json)
Hash identifier: PwNrMg68KUPtrK2ZgTCub1iQkpk88bgHTn+kKCNxZBs=
Subject key identifier: 29:A5:BF:07:99:F2:3A:6B:B3:2D:35:E7:24:03:CA:29:A1:B5:72:E8
Certificate issuer: /CN=2ce71b1f4eea0159246125fc5ae9ad51a44792ce
Certificate serial: 018570706C9D5B5DF3FE40B49E3D95F03F8F
Authority key identifier: 2C:E7:1B:1F:4E:EA:01:59:24:61:25:FC:5A:E9:AD:51:A4:47:92:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LOcbH07qAVkkYSX8WumtUaRHks4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/f1d976-726b-4cb7-9fa2-02b33582c747/1/KaW_B5nyOmuzLTXnJAPKKaG1cug.roa
Signing time: Mon 02 Jan 2023 03:04:54 +0000
ROA not before: Mon 02 Jan 2023 03:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197735
IP address blocks: 91.226.27.0/24 maxlen: 24
91.226.26.0/24 maxlen: 24
91.226.26.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:6c:9d:5b:5d:f3:fe:40:b4:9e:3d:95:f0:3f:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ce71b1f4eea0159246125fc5ae9ad51a44792ce
Validity
Not Before: Jan 2 03:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29a5bf0799f23a6bb32d35e72403ca29a1b572e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b6:eb:99:13:ba:2a:31:30:b7:4d:fd:4d:db:
91:7b:39:b7:f8:f2:c6:03:a9:e0:cd:d5:9b:78:5d:
52:0f:cd:53:16:dd:cc:27:87:28:50:d1:53:04:31:
f7:ff:dd:74:f3:07:55:1c:83:fc:51:29:8a:cb:49:
e5:56:5a:56:fc:78:83:79:77:3b:0b:0c:b3:99:f9:
b2:56:c4:bf:5f:9d:72:dc:a2:4a:23:f7:0b:8e:e2:
c6:0c:08:3c:4b:05:66:91:3d:ba:f4:d2:a2:d0:a4:
09:98:c4:86:b4:2f:c3:28:94:f5:2c:09:11:f6:13:
02:35:43:6a:e3:e9:6c:16:79:1a:26:29:29:6c:ae:
4b:b4:cf:9b:20:ae:00:7f:88:1b:f7:7a:af:5d:b9:
9d:83:5b:b6:89:f9:1d:89:cd:be:ef:91:21:80:44:
d4:c9:f1:0b:2b:d8:f8:d0:3c:56:8d:e2:e4:33:3e:
00:54:83:89:b8:f6:d8:79:e4:32:51:ec:97:40:29:
c0:2e:f1:da:f3:e1:3b:ef:20:e0:91:71:56:5b:d9:
4e:ce:94:f7:f5:64:4b:9c:6a:69:c2:17:42:ef:64:
61:44:d7:64:55:cf:f6:fa:d9:43:33:72:c4:d0:d6:
4e:9b:a8:88:4d:44:6a:ed:88:38:f7:3d:1d:81:68:
66:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A5:BF:07:99:F2:3A:6B:B3:2D:35:E7:24:03:CA:29:A1:B5:72:E8
X509v3 Authority Key Identifier:
keyid:2C:E7:1B:1F:4E:EA:01:59:24:61:25:FC:5A:E9:AD:51:A4:47:92:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LOcbH07qAVkkYSX8WumtUaRHks4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/f1d976-726b-4cb7-9fa2-02b33582c747/1/KaW_B5nyOmuzLTXnJAPKKaG1cug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/f1d976-726b-4cb7-9fa2-02b33582c747/1/LOcbH07qAVkkYSX8WumtUaRHks4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.226.26.0/23
Signature Algorithm: sha256WithRSAEncryption
34:0f:d7:c7:6e:f2:f5:e2:1b:16:e6:cb:c8:4a:38:38:56:87:
7c:d4:f2:58:ea:28:e3:02:09:d8:01:cb:52:37:83:4b:2f:7e:
c6:70:61:6d:2f:d5:13:a9:3b:07:41:49:15:ac:ed:e3:59:a8:
c7:29:6f:ce:3e:1e:6b:28:0e:c8:25:90:49:f0:fd:36:49:0e:
c0:20:dc:c4:11:dc:24:19:88:df:9b:a1:b2:3c:ce:e2:1a:ae:
e4:84:d3:59:7c:b1:a4:75:81:42:32:59:1c:e4:78:a2:7a:5d:
10:3c:ff:f2:6a:f8:55:0f:2d:45:82:ea:66:0f:75:b6:0e:80:
0b:e5:ea:61:23:d4:73:8b:37:9a:32:e4:e9:4a:fa:05:de:52:
2d:b8:94:5a:15:69:af:8a:08:ba:90:bf:c8:f6:40:cf:86:19:
6b:4d:fe:07:a6:4e:ec:dd:c7:65:19:22:2d:f5:dd:2f:8b:78:
18:5e:84:67:c7:d7:d0:f6:bd:fa:5a:1a:3f:e4:53:97:eb:36:
5f:36:b0:ea:f5:fe:59:3c:82:da:7d:1c:47:03:af:85:ff:58:
d5:4f:c4:73:dd:6a:8e:8f:8f:bc:c4:02:f8:dd:f2:16:99:e9:
2a:2a:d9:0e:7b:ae:e3:f7:0e:f7:29:2c:85:a3:d2:f3:8d:40:
60:2c:05:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwcGydW13z/kC0nj2V8D+PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZTcxYjFmNGVlYTAxNTkyNDYxMjVmYzVhZTlhZDUxYTQ0
NzkyY2UwHhcNMjMwMTAyMDMwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWE1YmYwNzk5ZjIzYTZiYjMyZDM1ZTcyNDAzY2EyOWExYjU3MmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7brmRO6KjEwt039TduRezm3+PLG
A6ngzdWbeF1SD81TFt3MJ4coUNFTBDH3/9108wdVHIP8USmKy0nlVlpW/HiDeXc7
CwyzmfmyVsS/X51y3KJKI/cLjuLGDAg8SwVmkT269NKi0KQJmMSGtC/DKJT1LAkR
9hMCNUNq4+lsFnkaJikpbK5LtM+bIK4Af4gb93qvXbmdg1u2ifkdic2+75EhgETU
yfELK9j40DxWjeLkMz4AVIOJuPbYeeQyUeyXQCnALvHa8+E77yDgkXFWW9lOzpT3
9WRLnGppwhdC72RhRNdkVc/2+tlDM3LE0NZOm6iITURq7Yg49z0dgWhm2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCmlvweZ8jprsy015yQDyimhtXLoMB8GA1UdIwQY
MBaAFCznGx9O6gFZJGEl/FrprVGkR5LOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE9jYkgwN3FBVmtrWVNYOFd1bXRVYVJIa3M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mMWQ5NzYtNzI2Yi00Y2I3LTlmYTIt
MDJiMzM1ODJjNzQ3LzEvS2FXX0I1bnlPbXV6TFRYbkpBUEtLYUcxY3VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mMWQ5NzYtNzI2Yi00Y2I3LTlmYTItMDJiMzM1ODJjNzQ3
LzEvTE9jYkgwN3FBVmtrWVNYOFd1bXRVYVJIa3M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+IaMA0G
CSqGSIb3DQEBCwUAA4IBAQA0D9fHbvL14hsW5svISjg4Vod81PJY6ijjAgnYActS
N4NLL37GcGFtL9UTqTsHQUkVrO3jWajHKW/OPh5rKA7IJZBJ8P02SQ7AINzEEdwk
GYjfm6GyPM7iGq7khNNZfLGkdYFCMlkc5Hiiel0QPP/yavhVDy1FgupmD3W2DoAL
5ephI9RzizeaMuTpSvoF3lItuJRaFWmvigi6kL/I9kDPhhlrTf4Hpk7s3cdlGSIt
9d0vi3gYXoRnx9fQ9r36Who/5FOX6zZfNrDq9f5ZPILafRxHA6+F/1jVT8Rz3WqO
j4+8xAL43fIWmekqKtkOe67j9w73KSyFo9LzjUBgLAX0
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:28 2025 by rpki-client