Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/apsKl1TBLCeS8fVNCBwfughVlI4.roa
File: apsKl1TBLCeS8fVNCBwfughVlI4.roa (raw, json)
Hash identifier: XOKsNDcttxEQW2WzijransSVwvWPSrqv826WeSYaVpA=
Subject key identifier: 6A:9B:0A:97:54:C1:2C:27:92:F1:F5:4D:08:1C:1F:BA:08:55:94:8E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 02C4C8CC
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/apsKl1TBLCeS8fVNCBwfughVlI4.roa
Signing time: Thu 14 Apr 2022 19:31:35 +0000
ROA not before: Thu 14 Apr 2022 19:31:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400601
IP address blocks: 194.33.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46450892 (0x2c4c8cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 14 19:31:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a9b0a9754c12c2792f1f54d081c1fba0855948e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e6:22:ea:00:67:5d:37:37:28:c2:20:68:93:
ea:5b:6f:c9:c7:ec:cb:c1:e9:43:8a:b0:50:18:c8:
9a:d4:53:b1:7e:dd:fa:d8:fa:57:70:4a:c4:1c:ab:
95:b1:1d:9c:12:ff:fa:78:0e:56:86:d0:a0:ca:b9:
52:6a:69:14:ae:0e:08:ba:97:8d:56:dd:67:fa:6b:
91:b4:e4:27:f7:10:29:49:3c:2b:d7:ce:6e:7a:ec:
90:69:3f:d4:32:64:20:76:e4:bf:3e:d8:0a:20:fd:
5e:1f:1b:1d:06:2a:00:bf:af:be:09:27:ae:6d:70:
f0:16:dc:45:47:b5:4c:6b:5f:4b:d2:e9:93:6f:d7:
bd:d5:da:e8:bf:65:1d:c5:f3:18:2e:f7:7b:75:51:
98:93:d1:9a:4d:4b:8f:66:90:e4:b5:69:30:d0:e1:
f0:f7:95:35:d9:fe:3c:51:20:e4:39:6d:39:ab:5d:
ae:08:68:ae:c5:32:77:6a:02:8d:eb:aa:17:9f:9f:
9a:85:4d:9b:c9:c7:59:2a:b8:c4:69:70:0b:18:e2:
40:4b:a0:d3:59:e3:1c:c0:fb:88:c0:42:ea:44:ea:
3c:df:f7:8d:62:08:59:6e:84:44:9b:06:b8:e7:8c:
22:61:b0:b8:e3:07:8a:fc:7a:bf:96:44:b9:9e:37:
f6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:9B:0A:97:54:C1:2C:27:92:F1:F5:4D:08:1C:1F:BA:08:55:94:8E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/apsKl1TBLCeS8fVNCBwfughVlI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.32.0/24
Signature Algorithm: sha256WithRSAEncryption
49:ad:bd:18:b1:09:3e:45:dd:25:b0:75:5c:21:3b:ec:1f:64:
c2:dc:ad:a7:17:4e:f6:a2:cb:bc:7b:1b:cd:ee:89:e4:d8:9d:
41:75:75:a4:31:ab:3b:70:fd:98:51:8e:9d:98:d0:cf:b0:60:
50:d7:2b:08:74:59:b3:dd:91:ba:3b:94:8a:87:23:da:0e:ae:
68:f4:58:ca:76:71:b1:75:37:21:4e:08:c2:1a:12:f6:b9:3b:
2d:88:7a:22:f6:7d:86:07:90:92:b4:75:18:fb:78:e9:6d:f4:
39:37:4b:b8:a9:c9:44:cb:51:72:60:5c:b8:fb:9e:d9:9c:79:
4e:e1:52:3a:c8:c0:e3:9d:cc:68:bd:9b:cd:ae:40:da:68:89:
8c:e5:f4:21:cb:a0:e0:3a:4b:a3:e2:e6:a8:c8:22:6d:66:1c:
0e:15:dd:05:65:fe:f7:b2:64:ca:4b:93:16:f8:c4:56:ef:ba:
f9:84:70:89:c2:53:22:a6:5c:70:a3:d9:3e:ba:24:96:52:af:
29:49:28:28:c4:7b:fc:cf:56:a5:ac:9f:b9:65:24:61:37:ec:
a4:83:8a:05:5d:92:64:21:a0:ae:62:a2:f0:75:2c:78:f5:6f:
7f:cb:30:c4:77:f4:32:34:43:e5:77:f4:a7:1f:56:a1:b0:23:
ee:b5:fa:ba
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAsTIzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDU1OWFhZmJmYzA5MzEyNDJlMWQ2MzcyOThjZjFkZDIyM2U0YzI2MB4XDTIyMDQx
NDE5MzEzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmE5YjBhOTc1NGMx
MmMyNzkyZjFmNTRkMDgxYzFmYmEwODU1OTQ4ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/mIuoAZ103NyjCIGiT6ltvycfsy8HpQ4qwUBjImtRTsX7d
+tj6V3BKxByrlbEdnBL/+ngOVobQoMq5UmppFK4OCLqXjVbdZ/prkbTkJ/cQKUk8
K9fObnrskGk/1DJkIHbkvz7YCiD9Xh8bHQYqAL+vvgknrm1w8BbcRUe1TGtfS9Lp
k2/XvdXa6L9lHcXzGC73e3VRmJPRmk1Lj2aQ5LVpMNDh8PeVNdn+PFEg5DltOatd
rghorsUyd2oCjeuqF5+fmoVNm8nHWSq4xGlwCxjiQEug01njHMD7iMBC6kTqPN/3
jWIIWW6ERJsGuOeMImGwuOMHivx6v5ZEuZ439gkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRqmwqXVMEsJ5Lx9U0IHB+6CFWUjjAfBgNVHSMEGDAWgBR9VZqvv8CTEkLh
1jcpjPHdIj5MJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8x
L2Fwc0tsMVRCTENlUzhmVk5DQndmdWdoVmxJNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8xL2ZWV2FyN19Ba3hK
QzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIhIDANBgkqhkiG9w0BAQsFAAOC
AQEASa29GLEJPkXdJbB1XCE77B9kwtytpxdO9qLLvHsbze6J5NidQXV1pDGrO3D9
mFGOnZjQz7BgUNcrCHRZs92RujuUiocj2g6uaPRYynZxsXU3IU4IwhoS9rk7LYh6
IvZ9hgeQkrR1GPt46W30OTdLuKnJRMtRcmBcuPue2Zx5TuFSOsjA453MaL2bza5A
2miJjOX0Icug4DpLo+LmqMgibWYcDhXdBWX+97JkykuTFvjEVu+6+YRwicJTIqZc
cKPZProkllKvKUkoKMR7/M9WpayfuWUkYTfspIOKBV2SZCGgrmKi8HUsePVvf8sw
xHf0MjRD5Xf0px9WobAj7rX6ug==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:14:50 2025 by rpki-client