Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/fbd911-8d37-4e3e-9599-fc29caa5db7a/1/APYkWBR-JD5TRabue8vEFBNqZwA.roa
File: APYkWBR-JD5TRabue8vEFBNqZwA.roa (raw, json)
Hash identifier: OuWA8GypMusQ19ZIXF2OHR2IukLDVTcDwzuUQ9GkQhI=
Subject key identifier: 00:F6:24:58:14:7E:24:3E:53:45:A6:EE:7B:CB:C4:14:13:6A:67:00
Certificate issuer: /CN=bdb143996dfeff5f49cd2b09b941d0d5e578b3ff
Certificate serial: 04499B3F
Authority key identifier: BD:B1:43:99:6D:FE:FF:5F:49:CD:2B:09:B9:41:D0:D5:E5:78:B3:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vbFDmW3-_19JzSsJuUHQ1eV4s_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/fbd911-8d37-4e3e-9599-fc29caa5db7a/1/APYkWBR-JD5TRabue8vEFBNqZwA.roa
Signing time: Sat 01 Jan 2022 05:01:00 +0000
ROA not before: Sat 01 Jan 2022 05:01:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44706
IP address blocks: 185.135.128.0/24 maxlen: 24
195.191.165.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71932735 (0x4499b3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdb143996dfeff5f49cd2b09b941d0d5e578b3ff
Validity
Not Before: Jan 1 05:01:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00f62458147e243e5345a6ee7bcbc414136a6700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:32:62:08:be:3f:cf:df:10:1d:0a:d7:f6:27:
5a:55:3e:0a:cd:6d:7a:47:78:1a:5e:10:81:5d:d5:
4b:bd:53:cf:5c:c6:0d:ad:67:e5:ee:ab:94:40:9e:
33:5b:9b:55:bb:8d:90:6a:4a:32:07:8d:8b:ff:4f:
c7:9e:63:1d:85:26:17:d9:ba:7e:7a:64:d8:72:1d:
f8:52:5c:09:18:b7:54:89:aa:78:c6:54:34:b8:53:
13:62:4b:a9:e5:32:f7:52:f6:3f:20:2d:33:b4:f0:
cf:40:dd:af:40:9b:0c:9d:d5:1f:c5:e3:5a:1c:25:
b5:71:35:78:9b:1a:df:69:66:bb:74:a0:83:e0:92:
92:30:17:b9:17:04:f3:70:4d:cc:42:fa:2c:d9:7d:
4d:0f:24:2b:cd:be:7c:9f:2b:88:69:ef:23:1d:2a:
48:27:8c:e5:14:c3:38:a1:c4:b7:be:f9:2c:3a:66:
dd:3d:1f:5c:15:05:2a:0f:e9:03:7a:16:89:a7:5a:
1c:0f:99:4a:16:11:ca:4e:f8:4f:c8:ca:8f:d9:82:
35:ca:6f:f1:f1:4f:72:ab:14:03:e4:f9:42:60:6e:
c2:91:38:6a:e7:94:c4:39:a9:da:6c:ac:57:75:72:
f0:43:17:14:51:37:d4:98:b5:b6:5d:b4:9b:4c:e6:
af:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:F6:24:58:14:7E:24:3E:53:45:A6:EE:7B:CB:C4:14:13:6A:67:00
X509v3 Authority Key Identifier:
keyid:BD:B1:43:99:6D:FE:FF:5F:49:CD:2B:09:B9:41:D0:D5:E5:78:B3:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vbFDmW3-_19JzSsJuUHQ1eV4s_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/fbd911-8d37-4e3e-9599-fc29caa5db7a/1/APYkWBR-JD5TRabue8vEFBNqZwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/fbd911-8d37-4e3e-9599-fc29caa5db7a/1/vbFDmW3-_19JzSsJuUHQ1eV4s_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.128.0/24
195.191.165.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:23:80:87:f8:e9:9d:06:23:52:b9:b6:80:35:86:17:7b:d4:
cb:f1:db:6b:e0:47:2b:40:d0:61:d3:cf:8e:c9:c8:b4:11:a3:
04:b3:4d:83:9f:39:c0:de:69:53:0a:43:75:67:5f:04:22:e5:
49:ad:f3:ad:b0:23:d1:5d:cb:a9:ca:eb:0b:03:89:38:8c:ad:
c1:9b:17:06:35:ac:f7:0c:d4:74:f8:4b:33:17:65:12:e6:36:
97:08:a2:78:c0:d7:d7:51:17:26:be:19:1c:34:c7:7f:57:65:
d5:a1:52:31:c6:da:35:f7:21:7d:d7:2a:8d:86:90:25:df:9a:
f0:6a:7c:45:71:c4:13:fe:17:77:45:49:5a:ca:6d:fb:92:7a:
6a:53:2b:56:fb:6e:a5:65:4d:09:0d:f0:b0:be:9c:8c:f3:43:
c2:69:94:d4:4e:1b:4c:02:3a:fd:72:07:2c:a1:6d:4e:f1:8b:
2b:99:e2:40:19:a0:04:db:23:f6:71:c1:c2:eb:6a:a8:9a:50:
08:b5:4f:0f:62:e3:74:bb:9a:74:8a:b2:a7:b0:b7:1a:e4:bc:
ca:ec:bc:63:2e:96:34:a5:87:dc:11:91:f4:02:7f:df:9d:3e:
79:43:af:b8:1f:7b:90:4c:3f:58:63:f3:25:1a:75:ee:fe:e2:
db:2e:89:95
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBEmbPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZGIxNDM5OTZkZmVmZjVmNDljZDJiMDliOTQxZDBkNWU1NzhiM2ZmMB4XDTIyMDEw
MTA1MDEwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDBmNjI0NTgxNDdl
MjQzZTUzNDVhNmVlN2JjYmM0MTQxMzZhNjcwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANgyYgi+P8/fEB0K1/YnWlU+Cs1tekd4Gl4QgV3VS71Tz1zG
Da1n5e6rlECeM1ubVbuNkGpKMgeNi/9Px55jHYUmF9m6fnpk2HId+FJcCRi3VImq
eMZUNLhTE2JLqeUy91L2PyAtM7Twz0Ddr0CbDJ3VH8XjWhwltXE1eJsa32lmu3Sg
g+CSkjAXuRcE83BNzEL6LNl9TQ8kK82+fJ8riGnvIx0qSCeM5RTDOKHEt775LDpm
3T0fXBUFKg/pA3oWiadaHA+ZShYRyk74T8jKj9mCNcpv8fFPcqsUA+T5QmBuwpE4
aueUxDmp2mysV3Vy8EMXFFE31Ji1tl20m0zmr+MCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQA9iRYFH4kPlNFpu57y8QUE2pnADAfBgNVHSMEGDAWgBS9sUOZbf7/X0nN
Kwm5QdDV5Xiz/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZiRkRtVzMtXzE5SnpTc0p1VUhRMWVWNHNfOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTgvZmJkOTExLThkMzctNGUzZS05NTk5LWZjMjljYWE1ZGI3YS8x
L0FQWWtXQlItSkQ1VFJhYnVlOHZFRkJOcVp3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTgv
ZmJkOTExLThkMzctNGUzZS05NTk5LWZjMjljYWE1ZGI3YS8xL3ZiRkRtVzMtXzE5
SnpTc0p1VUhRMWVWNHNfOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALmHgAMEAMO/pTANBgkqhkiG9w0B
AQsFAAOCAQEApCOAh/jpnQYjUrm2gDWGF3vUy/Hba+BHK0DQYdPPjsnItBGjBLNN
g585wN5pUwpDdWdfBCLlSa3zrbAj0V3LqcrrCwOJOIytwZsXBjWs9wzUdPhLMxdl
EuY2lwiieMDX11EXJr4ZHDTHf1dl1aFSMcbaNfchfdcqjYaQJd+a8Gp8RXHEE/4X
d0VJWspt+5J6alMrVvtupWVNCQ3wsL6cjPNDwmmU1E4bTAI6/XIHLKFtTvGLK5ni
QBmgBNsj9nHBwutqqJpQCLVPD2LjdLuadIqyp7C3GuS8yuy8Yy6WNKWH3BGR9AJ/
350+eUOvuB97kEw/WGPzJRp17v7i2y6JlQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:20 2024 by rpki-client on console-ams.rpki-client.org