Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a32653a3a2f34382d3438203d3e20323033303639.roa
File: 326130353a646663353a32653a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier: xk/lcGQuhRClejQ0tEMynOpZ4s275G3oDMm9B+EKpv8=
Subject key identifier: BE:5B:CC:A8:C9:55:17:AC:B6:BF:8C:A2:34:13:D2:5C:F9:E6:D2:4A
Certificate issuer: /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial: 01B1D0267454CA02B3D74C3102936029EE51E91A
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a32653a3a2f34382d3438203d3e20323033303639.roa
Signing time: Fri 20 Jan 2023 16:34:02 +0000
ROA not before: Fri 20 Jan 2023 16:29:02 +0000
ROA not after: Fri 19 Jan 2024 16:34:02 +0000
asID: 203069
IP address blocks: 2a05:dfc5:2e::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:b1:d0:26:74:54:ca:02:b3:d7:4c:31:02:93:60:29:ee:51:e9:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
Validity
Not Before: Jan 20 16:29:02 2023 GMT
Not After : Jan 19 16:34:02 2024 GMT
Subject: CN=BE5BCCA8C95517ACB6BF8CA23413D25CF9E6D24A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:03:a4:6a:31:d0:a2:59:c3:7e:23:1e:bb:28:
8c:3f:88:fe:dd:f8:c7:8a:4e:20:2a:43:23:1d:5c:
7f:0b:d8:d4:18:72:c6:37:a2:f0:f9:ad:21:eb:24:
ab:28:a8:ed:2d:8c:6b:d0:2d:88:32:ff:7e:db:dc:
64:12:8f:3f:05:d8:6a:62:ad:5e:a2:44:9d:6a:f4:
25:33:ac:3e:2c:17:f8:7f:77:fe:e9:1e:7f:11:3d:
14:71:07:07:65:48:d7:9b:fc:88:74:7f:f6:da:34:
1f:79:75:ad:cc:61:d3:01:58:63:d5:c0:2a:81:6f:
d2:d0:9c:7b:6e:2e:0a:83:72:a9:b6:a6:d1:8e:09:
60:cf:02:bf:31:02:8c:27:a7:c8:b9:68:3a:bf:5c:
30:9d:d3:55:ca:4e:2d:ce:1d:03:83:9c:80:77:15:
41:db:d9:39:6c:40:e6:6b:31:49:08:42:0d:0a:e0:
14:0e:ba:66:29:c7:0a:e9:ba:51:ae:87:46:17:37:
77:a1:e7:74:18:6d:61:13:b2:f6:31:4d:c7:c7:e5:
a1:da:0c:8a:40:de:1a:df:15:9a:d4:24:62:d9:25:
86:9a:a5:35:cd:64:6f:2e:93:c1:df:e8:ab:fd:99:
6b:ed:34:43:1b:d4:26:5a:74:06:99:27:f7:2f:80:
f7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:5B:CC:A8:C9:55:17:AC:B6:BF:8C:A2:34:13:D2:5C:F9:E6:D2:4A
X509v3 Authority Key Identifier:
keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a32653a3a2f34382d3438203d3e20323033303639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc5:2e::/48
Signature Algorithm: sha256WithRSAEncryption
14:c5:cb:41:8d:4d:8d:e3:04:cf:8d:ef:03:cf:23:a7:b3:23:
2f:ce:23:5c:81:db:63:45:3f:9c:4a:d8:79:7a:b8:a2:b3:97:
16:97:04:21:96:19:77:ff:5d:4e:bd:a9:06:4c:7d:64:d4:b2:
97:64:b1:e2:4c:a6:ce:f4:8f:38:be:bd:6e:97:6d:cf:17:f0:
9a:d6:64:8e:0b:c7:15:dd:90:a9:df:8c:6e:dd:1f:9c:ee:f2:
12:a6:5f:64:0e:78:fb:93:12:9f:96:c5:96:88:bf:bb:f5:c8:
c7:9b:f1:d9:bd:01:94:cb:f1:fc:4d:bc:33:a7:0f:42:85:48:
1e:e7:b0:2a:fb:66:33:b5:7c:81:ac:5f:de:9a:a6:b5:fc:e3:
9c:9f:b2:09:87:6c:20:42:7b:f0:57:23:62:a4:3c:ee:d4:5b:
c9:f5:24:7f:66:e3:d6:36:2a:93:53:6b:0a:f9:f2:cc:11:90:
2c:b2:ac:1b:f9:43:29:7a:7a:85:7a:78:9a:8b:15:b2:a6:d6:
78:ce:15:4a:b5:c5:92:f5:4f:1f:b4:f9:8a:f0:36:de:5a:ac:
a1:94:00:d6:ff:74:68:28:a4:ab:0b:ca:7b:07:93:e9:1c:81:
97:01:c8:e3:3e:13:2d:f2:aa:5f:9f:5b:ad:a2:3a:d3:34:a5:
7b:2e:77:93
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUAbHQJnRUygKz10wxApNgKe5R6RowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzAxMjAxNjI5MDJaFw0yNDAxMTkxNjM0MDJaMDMxMTAvBgNV
BAMTKEJFNUJDQ0E4Qzk1NTE3QUNCNkJGOENBMjM0MTNEMjVDRjlFNkQyNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHA6RqMdCiWcN+Ix67KIw/iP7d
+MeKTiAqQyMdXH8L2NQYcsY3ovD5rSHrJKsoqO0tjGvQLYgy/37b3GQSjz8F2Gpi
rV6iRJ1q9CUzrD4sF/h/d/7pHn8RPRRxBwdlSNeb/Ih0f/baNB95da3MYdMBWGPV
wCqBb9LQnHtuLgqDcqm2ptGOCWDPAr8xAownp8i5aDq/XDCd01XKTi3OHQODnIB3
FUHb2TlsQOZrMUkIQg0K4BQOumYpxwrpulGuh0YXN3eh53QYbWETsvYxTcfH5aHa
DIpA3hrfFZrUJGLZJYaapTXNZG8uk8Hf6Kv9mWvtNEMb1CZadAaZJ/cvgPchAgMB
AAGjggJ2MIICcjAdBgNVHQ4EFgQUvlvMqMlVF6y2v4yiNBPSXPnm0kowHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2EzMjY1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDMzMzAzNjM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgXfxQAuMA0GCSqGSIb3DQEBCwUAA4IBAQAUxctBjU2N4wTPje8DzyOn
syMvziNcgdtjRT+cSth5eriis5cWlwQhlhl3/11OvakGTH1k1LKXZLHiTKbO9I84
vr1ul23PF/Ca1mSOC8cV3ZCp34xu3R+c7vISpl9kDnj7kxKflsWWiL+79cjHm/HZ
vQGUy/H8Tbwzpw9ChUge57Aq+2YztXyBrF/emqa1/OOcn7IJh2wgQnvwVyNipDzu
1FvJ9SR/ZuPWNiqTU2sK+fLMEZAssqwb+UMpenqFeniaixWyptZ4zhVKtcWS9U8f
tPmK8DbeWqyhlADW/3RoKKSrC8p7B5PpHIGXAcjjPhMt8qpfn1utojrTNKV7LneT
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:56 2024 by rpki-client on console-ams.rpki-client.org