Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a32663a3a2f34382d3438203d3e20323033303639.roa
File: 326130353a646663353a32663a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier: It+9RTyx2Hzov3Ot0w7JIgHEwFyVemO0lyxDdMrd750=
Subject key identifier: 6F:60:96:A5:B1:2E:4B:00:0E:6F:97:47:C2:5B:6E:39:FA:DD:49:DF
Certificate issuer: /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial: 1C8930DF983D0B6AA2E77B8EC4DC30D7C2E4D07D
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a32663a3a2f34382d3438203d3e20323033303639.roa
Signing time: Fri 20 Jan 2023 16:33:39 +0000
ROA not before: Fri 20 Jan 2023 16:28:39 +0000
ROA not after: Fri 19 Jan 2024 16:33:39 +0000
asID: 203069
IP address blocks: 2a05:dfc5:2f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:89:30:df:98:3d:0b:6a:a2:e7:7b:8e:c4:dc:30:d7:c2:e4:d0:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
Validity
Not Before: Jan 20 16:28:39 2023 GMT
Not After : Jan 19 16:33:39 2024 GMT
Subject: CN=6F6096A5B12E4B000E6F9747C25B6E39FADD49DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e9:20:97:82:16:c6:eb:80:c7:15:d2:2c:d9:
5b:fe:3e:0e:60:a0:7e:66:fd:7a:42:55:d8:05:3e:
08:4f:07:2a:60:23:02:3b:9d:79:3a:bc:8f:b6:95:
b3:48:e1:6b:da:50:4c:c3:f0:30:cc:8e:f0:73:e0:
1b:aa:3e:64:ef:e2:b0:79:da:10:ef:10:2f:8b:2f:
80:b0:26:49:e4:02:65:a9:5f:25:6b:51:16:4d:8c:
a8:c8:44:0e:17:10:c5:13:8c:ff:f7:24:3a:8e:5c:
da:bc:d2:b3:e8:22:da:7b:e7:a0:3b:1e:a4:e7:11:
14:b0:1e:60:aa:6a:08:63:01:ac:57:2c:6a:ca:a4:
c2:18:13:54:c7:3c:4a:86:18:35:f6:d5:24:2b:c2:
e2:b2:02:75:1a:7b:c4:c5:03:dd:c3:db:aa:be:47:
3b:93:ec:45:85:69:4a:5b:95:73:9c:b2:01:52:46:
0a:bb:21:c4:80:aa:87:00:ff:70:be:17:cb:da:df:
c4:6e:65:56:91:12:01:df:42:ff:67:6f:65:d5:13:
5d:d8:2a:d1:ee:9c:d7:10:f3:ab:3b:e9:be:df:52:
87:79:51:98:59:7f:c9:c8:de:dd:ed:2e:e1:a2:7e:
ef:77:7c:10:17:69:35:d5:a4:1a:79:dc:e6:f4:a7:
fe:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:60:96:A5:B1:2E:4B:00:0E:6F:97:47:C2:5B:6E:39:FA:DD:49:DF
X509v3 Authority Key Identifier:
keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a32663a3a2f34382d3438203d3e20323033303639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc5:2f::/48
Signature Algorithm: sha256WithRSAEncryption
83:46:67:ef:2b:21:f5:37:3b:65:05:aa:7f:83:8c:4f:99:02:
06:06:fc:ef:78:6b:50:28:e3:33:64:02:a9:35:1e:da:97:cb:
8d:af:a9:ec:01:dc:d1:ec:15:be:db:cd:9e:45:18:89:21:03:
3e:ca:c7:f4:3f:0a:c8:b1:bb:9f:35:7e:ba:36:ff:23:e7:79:
94:16:99:2d:4c:5b:88:5f:02:1d:2d:2f:00:1f:60:22:88:33:
24:63:33:08:99:42:3c:9b:19:1f:0c:11:00:89:14:5c:81:5f:
4f:21:74:d2:0f:fe:2f:91:94:ea:00:b0:ba:0a:c2:80:d6:a2:
64:0d:63:e1:b7:6c:b2:08:5d:58:e7:80:43:f2:d3:22:d3:f8:
a3:98:6f:ae:f1:b9:9d:be:48:19:1b:5c:ad:0d:3b:1b:ba:3e:
a1:15:b5:b0:ae:38:6d:0a:65:1a:05:46:31:7d:21:42:64:3c:
70:87:79:44:78:de:46:71:7e:d4:2f:c4:22:9d:bc:bb:4b:bc:
e0:da:94:43:2a:4a:25:d7:a2:16:e5:87:a0:ec:3e:4b:ea:e9:
31:60:5c:d2:9c:84:8a:5e:5c:88:4e:e9:fc:cb:1c:f6:f6:1f:
5c:20:ba:62:05:a1:47:3f:5b:fa:50:1d:75:09:a1:2f:c1:bd:
23:a8:e3:8c
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUHIkw35g9C2qi53uOxNww18Lk0H0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzAxMjAxNjI4MzlaFw0yNDAxMTkxNjMzMzlaMDMxMTAvBgNV
BAMTKDZGNjA5NkE1QjEyRTRCMDAwRTZGOTc0N0MyNUI2RTM5RkFERDQ5REYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC16SCXghbG64DHFdIs2Vv+Pg5g
oH5m/XpCVdgFPghPBypgIwI7nXk6vI+2lbNI4WvaUEzD8DDMjvBz4BuqPmTv4rB5
2hDvEC+LL4CwJknkAmWpXyVrURZNjKjIRA4XEMUTjP/3JDqOXNq80rPoItp756A7
HqTnERSwHmCqaghjAaxXLGrKpMIYE1THPEqGGDX21SQrwuKyAnUae8TFA93D26q+
RzuT7EWFaUpblXOcsgFSRgq7IcSAqocA/3C+F8va38RuZVaREgHfQv9nb2XVE13Y
KtHunNcQ86s76b7fUod5UZhZf8nI3t3tLuGifu93fBAXaTXVpBp53Ob0p/4rAgMB
AAGjggJ2MIICcjAdBgNVHQ4EFgQUb2CWpbEuSwAOb5dHwltuOfrdSd8wHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2EzMjY2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDMzMzAzNjM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgXfxQAvMA0GCSqGSIb3DQEBCwUAA4IBAQCDRmfvKyH1NztlBap/g4xP
mQIGBvzveGtQKOMzZAKpNR7al8uNr6nsAdzR7BW+282eRRiJIQM+ysf0PwrIsbuf
NX66Nv8j53mUFpktTFuIXwIdLS8AH2AiiDMkYzMImUI8mxkfDBEAiRRcgV9PIXTS
D/4vkZTqALC6CsKA1qJkDWPht2yyCF1Y54BD8tMi0/ijmG+u8bmdvkgZG1ytDTsb
uj6hFbWwrjhtCmUaBUYxfSFCZDxwh3lEeN5GcX7UL8Qinby7S7zg2pRDKkol16IW
5Yeg7D5L6ukxYFzSnISKXlyITun8yxz29h9cILpiBaFHP1v6UB11CaEvwb0jqOOM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org