Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/ApLC2KOayilXcjgGbAj_ur4irqU.roa
File: ApLC2KOayilXcjgGbAj_ur4irqU.roa (raw, json)
Hash identifier: E3gGYygL7mdvEGM1WT3+5U9B8vJ6vicS3MFGwaHK8BY=
Subject key identifier: 02:92:C2:D8:A3:9A:CA:29:57:72:38:06:6C:08:FF:BA:BE:22:AE:A5
Certificate issuer: /CN=8fbc7f1707b6d0b22bcd8180f4fbb1b63efc99f9
Certificate serial: 01857015188D2A05BECA72987E242E27E459
Authority key identifier: 8F:BC:7F:17:07:B6:D0:B2:2B:CD:81:80:F4:FB:B1:B6:3E:FC:99:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j7x_Fwe20LIrzYGA9Puxtj78mfk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/ApLC2KOayilXcjgGbAj_ur4irqU.roa
Signing time: Mon 02 Jan 2023 01:25:08 +0000
ROA not before: Mon 02 Jan 2023 01:25:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51661
IP address blocks: 185.99.71.80/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:18:8d:2a:05:be:ca:72:98:7e:24:2e:27:e4:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fbc7f1707b6d0b22bcd8180f4fbb1b63efc99f9
Validity
Not Before: Jan 2 01:25:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0292c2d8a39aca29577238066c08ffbabe22aea5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cb:6d:7b:5b:4d:5f:4a:32:55:67:cc:c6:65:
dc:8c:10:2d:1e:e8:27:7a:c6:f8:8e:aa:2e:6f:b4:
05:4e:8a:39:cf:90:46:05:49:69:d3:75:45:e9:50:
ff:bd:10:a7:34:a4:81:73:12:b8:3f:dd:11:d2:9d:
d6:96:f7:b6:24:4a:f7:f1:21:58:f2:38:00:6a:03:
cf:b3:f2:57:0b:d5:f6:9f:07:2a:5e:c1:1e:e3:55:
43:c5:b1:00:6b:04:1f:91:aa:9d:35:5b:f8:e6:f7:
8e:be:5b:d5:79:8a:b9:d1:12:ad:51:de:81:20:88:
b5:74:43:1e:4a:41:f7:5b:c8:61:06:96:93:e6:05:
c9:26:00:36:c2:f0:1e:78:7a:ac:5e:a5:80:62:40:
f2:c3:ab:b5:d9:01:41:1b:c7:a7:f7:4c:70:d0:2c:
86:0a:3d:ed:e6:7c:9a:a4:1a:b6:a3:d7:66:b4:01:
35:a0:85:89:d0:74:09:54:83:b9:a6:7b:e4:2a:72:
98:8c:a7:c6:52:af:51:f5:a6:d0:e3:80:fc:99:14:
8e:ae:ca:1e:1b:e8:32:fa:04:3e:ca:bd:5b:4c:c9:
8c:fa:34:b5:73:e2:ce:d5:bd:a8:a8:c3:ad:0b:27:
3a:30:3d:72:fb:73:7f:6c:5d:9e:c0:77:b1:2d:e3:
44:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:92:C2:D8:A3:9A:CA:29:57:72:38:06:6C:08:FF:BA:BE:22:AE:A5
X509v3 Authority Key Identifier:
keyid:8F:BC:7F:17:07:B6:D0:B2:2B:CD:81:80:F4:FB:B1:B6:3E:FC:99:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j7x_Fwe20LIrzYGA9Puxtj78mfk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/ApLC2KOayilXcjgGbAj_ur4irqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/9355ef-e0bf-4c63-99a7-7852206213e0/1/j7x_Fwe20LIrzYGA9Puxtj78mfk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.71.80/29
Signature Algorithm: sha256WithRSAEncryption
54:df:1f:c5:00:b6:9b:e4:cc:88:1f:73:6b:8e:0d:f2:ca:59:
dd:2d:9b:ef:63:f0:ae:f3:61:60:d2:60:03:48:89:5d:21:ed:
29:d4:bd:fb:f7:4d:95:b5:48:00:49:77:ca:fb:98:21:51:c2:
03:e2:19:ae:94:bb:e9:5e:94:60:b6:d5:f5:c3:db:d4:9f:3c:
1d:55:0f:89:17:b4:5e:52:66:d2:d1:44:60:d6:46:0a:b6:58:
d9:1b:8b:df:af:db:ae:79:ac:27:41:d2:1d:e6:8b:54:46:ff:
67:54:c6:3c:20:d1:e6:c0:7c:db:52:f0:68:d4:3d:34:90:d0:
36:d9:31:91:2e:04:35:43:e2:3f:96:f0:ab:92:ce:7c:30:b7:
ea:4e:ae:4d:39:6a:51:39:6e:b3:55:30:1d:e4:43:d7:1e:62:
24:bd:02:3e:7e:28:73:91:69:59:7c:8a:46:cb:c6:2f:69:fb:
61:f0:ff:76:09:28:fe:9a:08:13:8d:2e:07:7b:47:65:27:15:
b4:8e:98:83:e7:df:04:3e:cc:cb:f2:e5:0a:f1:dc:d3:7a:00:
7f:b0:21:2a:ea:d5:58:c8:80:6d:75:da:a9:a7:11:07:35:f2:
ab:f1:45:93:75:fb:ac:fa:01:bd:7f:78:fc:fb:3b:3a:cc:ee:
27:a9:3a:6e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwFRiNKgW+ynKYfiQuJ+RZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYmM3ZjE3MDdiNmQwYjIyYmNkODE4MGY0ZmJiMWI2M2Vm
Yzk5ZjkwHhcNMjMwMTAyMDEyNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjkyYzJkOGEzOWFjYTI5NTc3MjM4MDY2YzA4ZmZiYWJlMjJhZWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8tte1tNX0oyVWfMxmXcjBAtHugn
esb4jqoub7QFToo5z5BGBUlp03VF6VD/vRCnNKSBcxK4P90R0p3Wlve2JEr38SFY
8jgAagPPs/JXC9X2nwcqXsEe41VDxbEAawQfkaqdNVv45veOvlvVeYq50RKtUd6B
IIi1dEMeSkH3W8hhBpaT5gXJJgA2wvAeeHqsXqWAYkDyw6u12QFBG8en90xw0CyG
Cj3t5nyapBq2o9dmtAE1oIWJ0HQJVIO5pnvkKnKYjKfGUq9R9abQ44D8mRSOrsoe
G+gy+gQ+yr1bTMmM+jS1c+LO1b2oqMOtCyc6MD1y+3N/bF2ewHexLeNEiQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAKSwtijmsopV3I4BmwI/7q+Iq6lMB8GA1UdIwQY
MBaAFI+8fxcHttCyK82BgPT7sbY+/Jn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajd4X0Z3ZTIwTElyellHQTlQdXh0ajc4bWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS85MzU1ZWYtZTBiZi00YzYzLTk5YTct
Nzg1MjIwNjIxM2UwLzEvQXBMQzJLT2F5aWxYY2pnR2JBal91cjRpcnFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS85MzU1ZWYtZTBiZi00YzYzLTk5YTctNzg1MjIwNjIxM2Uw
LzEvajd4X0Z3ZTIwTElyellHQTlQdXh0ajc4bWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUDuWNHUDAN
BgkqhkiG9w0BAQsFAAOCAQEAVN8fxQC2m+TMiB9za44N8spZ3S2b72PwrvNhYNJg
A0iJXSHtKdS9+/dNlbVIAEl3yvuYIVHCA+IZrpS76V6UYLbV9cPb1J88HVUPiRe0
XlJm0tFEYNZGCrZY2RuL36/brnmsJ0HSHeaLVEb/Z1TGPCDR5sB821LwaNQ9NJDQ
NtkxkS4ENUPiP5bwq5LOfDC36k6uTTlqUTlus1UwHeRD1x5iJL0CPn4oc5FpWXyK
RsvGL2n7YfD/dgko/poIE40uB3tHZScVtI6Yg+ffBD7My/LlCvHc03oAf7AhKurV
WMiAbXXaqacRBzXyq/FFk3X7rPoBvX94/Ps7OszuJ6k6bg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:13 2025 by rpki-client