Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/5539e4-d10d-49c5-bdce-eb7e9c0d3747/1/ApyYTZKQCNE_e2DVgCb4y-ZCPsM.roa
File: ApyYTZKQCNE_e2DVgCb4y-ZCPsM.roa (raw, json)
Hash identifier: EA2GlswYQA1sE5lCTtZDNug+njWrWqh64hODg+vE8MY=
Subject key identifier: 02:9C:98:4D:92:90:08:D1:3F:7B:60:D5:80:26:F8:CB:E6:42:3E:C3
Certificate issuer: /CN=d5d0bf1ad7fc369d8fbf43e62de97a4facfef6b5
Certificate serial: 01856F0206F5D4D7282BF4740867569E3D42
Authority key identifier: D5:D0:BF:1A:D7:FC:36:9D:8F:BF:43:E6:2D:E9:7A:4F:AC:FE:F6:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1dC_Gtf8Np2Pv0PmLel6T6z-9rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/5539e4-d10d-49c5-bdce-eb7e9c0d3747/1/ApyYTZKQCNE_e2DVgCb4y-ZCPsM.roa
Signing time: Sun 01 Jan 2023 20:24:41 +0000
ROA not before: Sun 01 Jan 2023 20:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1257
IP address blocks: 185.118.160.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:06:f5:d4:d7:28:2b:f4:74:08:67:56:9e:3d:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5d0bf1ad7fc369d8fbf43e62de97a4facfef6b5
Validity
Not Before: Jan 1 20:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=029c984d929008d13f7b60d58026f8cbe6423ec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d1:29:41:74:d8:61:54:eb:a9:3e:6b:55:3d:
37:fa:b8:f7:e3:3b:3a:8f:4a:7a:f2:e6:a4:35:af:
b2:32:36:08:b9:8b:19:1d:59:d2:a2:9d:a3:e5:f9:
34:5c:84:fa:52:06:f3:75:27:50:8a:c1:f0:40:9a:
a0:0a:40:bd:54:8f:8b:8e:eb:61:e6:01:7b:46:77:
81:fb:ad:d9:2b:b5:5f:5f:95:b9:5c:f7:f6:51:1c:
72:18:b8:53:76:ae:d9:fd:be:6d:7a:6a:66:37:ca:
ba:a8:b6:e2:a7:16:d7:97:c6:69:84:1d:8d:a8:0e:
9f:9d:bd:21:a2:9b:76:a7:9a:f6:23:5b:a7:b8:67:
ec:c6:78:1f:9c:26:89:36:3a:8b:f3:f2:d0:3a:82:
9b:bc:b2:e1:f1:0b:e0:43:fc:bc:a8:6a:02:a1:b2:
31:ab:f6:87:18:4c:d9:2a:e1:05:9a:77:8b:a6:ff:
d9:72:90:3e:d3:24:a6:18:c3:08:ba:d2:5e:07:09:
c7:54:36:c2:d1:97:2e:c3:e6:14:4f:e9:a2:e6:58:
69:e7:53:11:ef:86:ba:64:54:bf:77:0a:0b:03:e8:
bd:7b:da:03:c4:8d:fa:09:56:73:8a:c1:6f:a6:1d:
cb:85:f4:f6:ec:eb:49:c5:c0:77:11:9b:e6:41:81:
2b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:9C:98:4D:92:90:08:D1:3F:7B:60:D5:80:26:F8:CB:E6:42:3E:C3
X509v3 Authority Key Identifier:
keyid:D5:D0:BF:1A:D7:FC:36:9D:8F:BF:43:E6:2D:E9:7A:4F:AC:FE:F6:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1dC_Gtf8Np2Pv0PmLel6T6z-9rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5539e4-d10d-49c5-bdce-eb7e9c0d3747/1/ApyYTZKQCNE_e2DVgCb4y-ZCPsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/5539e4-d10d-49c5-bdce-eb7e9c0d3747/1/1dC_Gtf8Np2Pv0PmLel6T6z-9rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.160.0/22
Signature Algorithm: sha256WithRSAEncryption
14:83:f8:51:a7:6a:21:ed:fb:80:5b:c3:a1:94:88:90:ac:f9:
79:8d:aa:00:a0:0c:e5:b1:26:aa:c5:b4:37:a4:e0:96:47:28:
a1:63:9f:a6:c7:6c:e0:75:6a:44:e0:cf:15:80:79:71:73:48:
28:0a:f8:c7:65:f3:c0:c5:7a:b6:76:ca:df:23:b5:b2:4e:3d:
61:04:23:85:d2:f3:33:e0:54:99:bd:03:b4:99:8a:c2:4b:04:
47:19:8e:42:db:ff:01:54:d0:46:b5:16:39:bf:b6:f3:5e:c3:
d8:24:9b:53:d8:e1:09:25:dd:fe:ad:6b:9d:7c:07:7b:1e:03:
f4:ba:60:65:90:99:98:3f:c1:7d:23:d8:da:98:81:b5:17:dc:
4c:c8:7b:af:57:f9:36:a4:b0:d4:cc:b6:1e:90:9b:11:7b:12:
36:e1:1b:e3:09:bc:99:70:84:ac:5a:30:dc:03:4f:23:fd:33:
b6:c4:88:60:2f:1f:d2:b8:24:9e:fc:c7:ee:7d:0e:63:0b:46:
34:92:2d:03:e3:5d:ef:a6:9f:9d:12:3c:d5:f1:58:3e:36:e3:
ec:61:40:77:e6:64:2e:84:0f:57:ac:a1:d1:f0:9c:d7:61:38:
6e:9f:58:b4:b3:3c:5a:1b:f0:44:1a:3b:c6:02:15:95:6f:b0:
94:6a:1c:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAgb11NcoK/R0CGdWnj1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZDBiZjFhZDdmYzM2OWQ4ZmJmNDNlNjJkZTk3YTRmYWNm
ZWY2YjUwHhcNMjMwMTAxMjAyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjljOTg0ZDkyOTAwOGQxM2Y3YjYwZDU4MDI2ZjhjYmU2NDIzZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9EpQXTYYVTrqT5rVT03+rj34zs6
j0p68uakNa+yMjYIuYsZHVnSop2j5fk0XIT6UgbzdSdQisHwQJqgCkC9VI+Ljuth
5gF7RneB+63ZK7VfX5W5XPf2URxyGLhTdq7Z/b5tempmN8q6qLbipxbXl8ZphB2N
qA6fnb0hopt2p5r2I1unuGfsxngfnCaJNjqL8/LQOoKbvLLh8QvgQ/y8qGoCobIx
q/aHGEzZKuEFmneLpv/ZcpA+0ySmGMMIutJeBwnHVDbC0Zcuw+YUT+mi5lhp51MR
74a6ZFS/dwoLA+i9e9oDxI36CVZzisFvph3LhfT27OtJxcB3EZvmQYErVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAKcmE2SkAjRP3tg1YAm+MvmQj7DMB8GA1UdIwQY
MBaAFNXQvxrX/Dadj79D5i3pek+s/va1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWRDX0d0ZjhOcDJQdjBQbUxlbDZUNnotOXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi81NTM5ZTQtZDEwZC00OWM1LWJkY2Ut
ZWI3ZTljMGQzNzQ3LzEvQXB5WVRaS1FDTkVfZTJEVmdDYjR5LVpDUHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi81NTM5ZTQtZDEwZC00OWM1LWJkY2UtZWI3ZTljMGQzNzQ3
LzEvMWRDX0d0ZjhOcDJQdjBQbUxlbDZUNnotOXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXagMA0G
CSqGSIb3DQEBCwUAA4IBAQAUg/hRp2oh7fuAW8OhlIiQrPl5jaoAoAzlsSaqxbQ3
pOCWRyihY5+mx2zgdWpE4M8VgHlxc0goCvjHZfPAxXq2dsrfI7WyTj1hBCOF0vMz
4FSZvQO0mYrCSwRHGY5C2/8BVNBGtRY5v7bzXsPYJJtT2OEJJd3+rWudfAd7HgP0
umBlkJmYP8F9I9jamIG1F9xMyHuvV/k2pLDUzLYekJsRexI24RvjCbyZcISsWjDc
A08j/TO2xIhgLx/SuCSe/MfufQ5jC0Y0ki0D413vpp+dEjzV8Vg+NuPsYUB35mQu
hA9XrKHR8JzXYThun1i0szxaG/BEGjvGAhWVb7CUahws
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:12 2025 by rpki-client