Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a326635653a3a2f34382d3438203d3e20323033303639.roa
File: 326130353a646663353a326635653a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier: SR3tQC3y5fCIYaqyOgo3NNMF7+13jr/yQxRBY/arrjY=
Subject key identifier: 96:DE:42:5A:01:EC:43:55:A9:93:B9:2A:44:B2:45:96:9C:44:66:5C
Certificate issuer: /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial: 4D52A8E61C6A8BD232E5674164F3626576E28889
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a326635653a3a2f34382d3438203d3e20323033303639.roa
Signing time: Fri 20 Jan 2023 16:33:15 +0000
ROA not before: Fri 20 Jan 2023 16:28:15 +0000
ROA not after: Fri 19 Jan 2024 16:33:15 +0000
asID: 203069
IP address blocks: 2a05:dfc5:2f5e::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:52:a8:e6:1c:6a:8b:d2:32:e5:67:41:64:f3:62:65:76:e2:88:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
Validity
Not Before: Jan 20 16:28:15 2023 GMT
Not After : Jan 19 16:33:15 2024 GMT
Subject: CN=96DE425A01EC4355A993B92A44B245969C44665C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a8:a3:26:a3:1f:dc:ee:76:19:4f:c3:d9:f2:
dd:ee:ef:17:49:75:d6:09:61:50:db:51:2c:64:81:
4c:cc:f7:fe:57:a7:25:67:b7:02:90:74:f4:9c:ca:
a1:20:4c:aa:ae:8e:68:fa:0a:b2:c7:1d:96:ef:e7:
ca:43:a4:93:73:7c:20:5d:dc:bc:74:e9:db:2a:0c:
5d:50:cb:7b:01:80:fe:a6:18:5a:8b:e9:e5:ee:0f:
59:bb:fd:3e:40:7e:3a:bf:7f:95:49:7a:ad:e6:01:
ad:fc:6b:4d:8e:a6:fd:39:4b:3a:5f:82:5b:bb:4a:
2b:f9:b3:ae:7f:2d:9f:8e:db:69:8e:8f:ca:35:9a:
9d:3b:c0:42:44:e1:3f:f0:a9:b7:5c:db:8c:61:08:
3b:9b:bd:73:25:a5:76:83:83:29:fd:a1:e7:44:f8:
da:e8:67:ed:32:78:0c:15:a0:da:c6:e6:03:72:2a:
16:aa:6d:75:88:98:51:03:45:ad:b2:e3:e7:68:0b:
e4:ff:04:70:f8:a5:19:19:08:cd:b6:7d:52:69:59:
3b:37:d5:aa:a6:83:4c:c5:7c:8f:da:2c:e5:6e:b9:
d8:32:42:65:c8:c0:a5:b1:5d:dd:1b:d4:e2:fc:3a:
c5:bd:83:4b:7c:08:1e:c7:a1:64:f7:3b:ca:e0:10:
86:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:DE:42:5A:01:EC:43:55:A9:93:B9:2A:44:B2:45:96:9C:44:66:5C
X509v3 Authority Key Identifier:
keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a326635653a3a2f34382d3438203d3e20323033303639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc5:2f5e::/48
Signature Algorithm: sha256WithRSAEncryption
7b:94:03:6d:16:37:6d:73:c0:44:b6:51:08:75:5e:8d:a5:04:
ce:57:f3:52:73:31:73:eb:d7:e3:25:64:61:19:20:3e:6f:de:
b7:32:36:63:d7:5c:71:ac:5e:ca:c8:e8:1d:d4:98:fe:4d:d1:
fc:af:ee:89:a9:d0:c5:24:ae:0c:f0:ab:ce:36:78:33:1b:d8:
bf:be:87:55:76:23:b9:fc:91:c4:09:9d:d9:8e:37:35:5d:ec:
23:7e:91:a5:5e:28:3e:34:27:83:9e:fb:1e:f8:a2:ed:3b:c4:
d2:a1:12:2e:7d:82:ac:7a:5e:93:ef:8e:92:be:83:f5:21:f6:
0e:86:b9:b2:bf:fa:57:2a:71:cd:90:8f:da:d1:ad:cf:e4:3e:
85:16:89:ae:22:d8:0d:61:64:49:64:42:9a:00:45:d9:43:67:
cb:a7:dc:33:bd:cc:e6:40:49:08:6c:cd:fa:5e:37:6c:64:95:
36:36:9f:75:4c:e7:69:c6:20:69:9a:71:c2:df:23:ef:0c:b2:
63:84:3e:47:a5:06:9c:6d:13:bf:74:5b:48:c6:ff:37:96:36:
6a:99:4a:a6:51:66:23:2e:9b:99:c1:c1:c4:f1:f5:01:44:4f:
5f:9b:a4:a6:18:53:13:3f:fc:47:6a:31:0c:bf:63:72:83:7f:
07:cd:47:b5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUTVKo5hxqi9Iy5WdBZPNiZXbiiIkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzAxMjAxNjI4MTVaFw0yNDAxMTkxNjMzMTVaMDMxMTAvBgNV
BAMTKDk2REU0MjVBMDFFQzQzNTVBOTkzQjkyQTQ0QjI0NTk2OUM0NDY2NUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+qKMmox/c7nYZT8PZ8t3u7xdJ
ddYJYVDbUSxkgUzM9/5XpyVntwKQdPScyqEgTKqujmj6CrLHHZbv58pDpJNzfCBd
3Lx06dsqDF1Qy3sBgP6mGFqL6eXuD1m7/T5Afjq/f5VJeq3mAa38a02Opv05Szpf
glu7Siv5s65/LZ+O22mOj8o1mp07wEJE4T/wqbdc24xhCDubvXMlpXaDgyn9oedE
+NroZ+0yeAwVoNrG5gNyKhaqbXWImFEDRa2y4+doC+T/BHD4pRkZCM22fVJpWTs3
1aqmg0zFfI/aLOVuudgyQmXIwKWxXd0b1OL8OsW9g0t8CB7HoWT3O8rgEIbjAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQUlt5CWgHsQ1Wpk7kqRLJFlpxEZlwwHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2EzMjY2MzU2NTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMzMwMzYzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoF38UvXjANBgkqhkiG9w0BAQsFAAOCAQEAe5QDbRY3bXPARLZR
CHVejaUEzlfzUnMxc+vX4yVkYRkgPm/etzI2Y9dccaxeysjoHdSY/k3R/K/uianQ
xSSuDPCrzjZ4MxvYv76HVXYjufyRxAmd2Y43NV3sI36RpV4oPjQng577Hvii7TvE
0qESLn2CrHpek++Okr6D9SH2Doa5sr/6VypxzZCP2tGtz+Q+hRaJriLYDWFkSWRC
mgBF2UNny6fcM73M5kBJCGzN+l43bGSVNjafdUznacYgaZpxwt8j7wyyY4Q+R6UG
nG0Tv3RbSMb/N5Y2aplKplFmIy6bmcHBxPH1AURPX5ukphhTEz/8R2oxDL9jcoN/
B81HtQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org