Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/6c3cd4-5896-425e-95db-ffed50baa0da/1/ApfHnNK1bAOZDS1CjgqB3xC78GI.roa
File: ApfHnNK1bAOZDS1CjgqB3xC78GI.roa (raw, json)
Hash identifier: yMzMGe8b004Gz0ZoAqnzNeR7QPg981vGKFNJgWPkwx0=
Subject key identifier: 02:97:C7:9C:D2:B5:6C:03:99:0D:2D:42:8E:0A:81:DF:10:BB:F0:62
Certificate issuer: /CN=18db5fcfdc18ef8421e2651f1b26c165a01d53f1
Certificate serial: 08D0B5D3
Authority key identifier: 18:DB:5F:CF:DC:18:EF:84:21:E2:65:1F:1B:26:C1:65:A0:1D:53:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GNtfz9wY74Qh4mUfGybBZaAdU_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/6c3cd4-5896-425e-95db-ffed50baa0da/1/ApfHnNK1bAOZDS1CjgqB3xC78GI.roa
Signing time: Sat 01 Jan 2022 08:01:19 +0000
ROA not before: Sat 01 Jan 2022 08:01:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56919
IP address blocks: 176.32.40.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147895763 (0x8d0b5d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18db5fcfdc18ef8421e2651f1b26c165a01d53f1
Validity
Not Before: Jan 1 08:01:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0297c79cd2b56c03990d2d428e0a81df10bbf062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f2:c3:29:03:03:3f:14:66:0c:35:e1:95:6a:
3d:98:b9:bd:df:59:63:7d:f2:8b:95:40:95:7d:3a:
53:d5:b8:aa:8b:29:59:a1:8c:0c:2b:6a:93:ab:06:
66:5c:43:48:6e:e9:f1:88:d3:1e:7e:ae:21:ba:65:
95:e4:f2:ff:b0:75:59:f5:c8:a5:1d:06:8c:a6:7e:
df:8f:95:b5:42:d3:7c:0e:bb:2b:57:89:3b:b6:49:
ae:4c:b2:af:b6:c1:82:b6:19:91:c7:8f:6c:b7:5d:
7e:39:24:18:78:03:63:7e:46:a9:ef:d1:d7:cc:96:
5b:d8:92:73:4c:30:3f:53:82:74:26:ed:bc:56:b8:
bd:5a:41:aa:07:3d:c0:b5:d4:bb:a3:0d:0c:c9:f3:
d4:8e:6b:5a:04:0a:6c:96:87:c8:eb:c4:bd:d4:6d:
69:2a:7f:92:48:5a:37:ea:b3:61:5c:1d:df:e7:a1:
7e:e9:dd:a7:0f:ec:64:5f:79:a9:68:16:6d:c2:43:
bd:10:98:07:aa:4f:b1:58:06:5d:35:5c:0d:d6:3a:
37:43:1d:07:a2:29:bf:3c:86:aa:1f:83:32:74:51:
b3:ad:e9:02:05:36:f2:d6:8f:b8:0d:fd:58:29:29:
78:7d:e3:e2:a1:2f:1a:9a:87:9c:50:85:74:6d:78:
9f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:97:C7:9C:D2:B5:6C:03:99:0D:2D:42:8E:0A:81:DF:10:BB:F0:62
X509v3 Authority Key Identifier:
keyid:18:DB:5F:CF:DC:18:EF:84:21:E2:65:1F:1B:26:C1:65:A0:1D:53:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GNtfz9wY74Qh4mUfGybBZaAdU_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6c3cd4-5896-425e-95db-ffed50baa0da/1/ApfHnNK1bAOZDS1CjgqB3xC78GI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/6c3cd4-5896-425e-95db-ffed50baa0da/1/GNtfz9wY74Qh4mUfGybBZaAdU_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.40.0/21
Signature Algorithm: sha256WithRSAEncryption
8d:9d:4b:d9:88:00:10:5b:72:cf:36:c9:10:4d:aa:75:df:e9:
7e:ac:97:86:ef:dd:0d:c5:f3:7d:23:6a:b7:84:83:c8:82:93:
df:d4:76:7e:06:38:bc:c1:43:91:ef:20:4a:17:2c:19:6c:df:
65:aa:2a:5f:bc:09:4d:bd:07:3f:11:a2:5d:76:f3:f7:1f:0f:
c8:6d:18:2d:4e:b8:9d:77:94:25:fa:ad:0b:b5:2c:16:53:8d:
3f:5d:cf:6e:5b:46:e0:48:70:31:48:03:22:36:13:a2:3b:30:
6d:f9:3c:9d:37:96:f9:93:77:f2:50:12:96:57:f0:0b:bf:f8:
55:a9:a7:52:96:27:88:cd:68:4d:33:87:d9:d7:da:99:8e:94:
88:63:03:7f:01:65:da:a6:98:43:e6:df:76:db:96:53:46:8e:
1a:d1:87:52:74:dd:0b:19:9f:1d:a1:22:0c:2f:da:cf:e7:4a:
e4:46:c8:10:d9:18:9b:1f:37:8c:6f:fa:ad:80:96:1d:09:0d:
64:f1:38:ff:1c:8f:df:b4:62:76:fe:87:e7:af:5c:c3:ad:fa:
c6:99:45:3f:ee:01:6d:8e:f9:a5:ca:75:dc:81:9b:c9:61:2b:
6a:b8:4b:98:53:95:5c:e6:10:e5:22:98:c2:fd:ea:20:e5:2a:
05:0d:1f:c2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECNC10zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OGRiNWZjZmRjMThlZjg0MjFlMjY1MWYxYjI2YzE2NWEwMWQ1M2YxMB4XDTIyMDEw
MTA4MDExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDI5N2M3OWNkMmI1
NmMwMzk5MGQyZDQyOGUwYTgxZGYxMGJiZjA2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKvywykDAz8UZgw14ZVqPZi5vd9ZY33yi5VAlX06U9W4qosp
WaGMDCtqk6sGZlxDSG7p8YjTHn6uIbplleTy/7B1WfXIpR0GjKZ+34+VtULTfA67
K1eJO7ZJrkyyr7bBgrYZkcePbLddfjkkGHgDY35Gqe/R18yWW9iSc0wwP1OCdCbt
vFa4vVpBqgc9wLXUu6MNDMnz1I5rWgQKbJaHyOvEvdRtaSp/kkhaN+qzYVwd3+eh
fundpw/sZF95qWgWbcJDvRCYB6pPsVgGXTVcDdY6N0MdB6IpvzyGqh+DMnRRs63p
AgU28taPuA39WCkpeH3j4qEvGpqHnFCFdG14n5cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQCl8ec0rVsA5kNLUKOCoHfELvwYjAfBgNVHSMEGDAWgBQY21/P3BjvhCHi
ZR8bJsFloB1T8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dOdGZ6OXdZNzRRaDRtVWZHeWJCWmFBZFVfRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDQvNmMzY2Q0LTU4OTYtNDI1ZS05NWRiLWZmZWQ1MGJhYTBkYS8x
L0FwZkhuTksxYkFPWkRTMUNqZ3FCM3hDNzhHSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQv
NmMzY2Q0LTU4OTYtNDI1ZS05NWRiLWZmZWQ1MGJhYTBkYS8xL0dOdGZ6OXdZNzRR
aDRtVWZHeWJCWmFBZFVfRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7AgKDANBgkqhkiG9w0BAQsFAAOC
AQEAjZ1L2YgAEFtyzzbJEE2qdd/pfqyXhu/dDcXzfSNqt4SDyIKT39R2fgY4vMFD
ke8gShcsGWzfZaoqX7wJTb0HPxGiXXbz9x8PyG0YLU64nXeUJfqtC7UsFlONP13P
bltG4EhwMUgDIjYTojswbfk8nTeW+ZN38lASllfwC7/4VamnUpYniM1oTTOH2dfa
mY6UiGMDfwFl2qaYQ+bfdtuWU0aOGtGHUnTdCxmfHaEiDC/az+dK5EbIENkYmx83
jG/6rYCWHQkNZPE4/xyP37Ridv6H569cw636xplFP+4BbY75pcp13IGbyWErarhL
mFOVXOYQ5SKYwv3qIOUqBQ0fwg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:24 2023 by rpki-client on console.sobornost.net