Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33643a3a2f34382d3438203d3e20323033303639.roa
File: 326130353a646663353a33643a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier: zFwxQ2QLUqqF5YBmJkcWHepiiQQrcn9HT9csBAdCiPM=
Subject key identifier: 90:A2:F0:E5:EC:B7:B6:D4:C6:C5:8F:95:0F:17:04:0E:8C:46:E4:20
Certificate issuer: /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial: 2B2C9AB3E1B8B873910E4415ABDBF4797DDCE5CF
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33643a3a2f34382d3438203d3e20323033303639.roa
Signing time: Fri 20 Jan 2023 16:48:34 +0000
ROA not before: Fri 20 Jan 2023 16:43:34 +0000
ROA not after: Fri 19 Jan 2024 16:48:34 +0000
asID: 203069
IP address blocks: 2a05:dfc5:3d::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:2c:9a:b3:e1:b8:b8:73:91:0e:44:15:ab:db:f4:79:7d:dc:e5:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
Validity
Not Before: Jan 20 16:43:34 2023 GMT
Not After : Jan 19 16:48:34 2024 GMT
Subject: CN=90A2F0E5ECB7B6D4C6C58F950F17040E8C46E420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3f:ea:86:e6:fd:f8:e3:ef:f9:f3:06:cf:c1:
8a:02:b0:58:5c:31:12:66:8c:b4:3b:95:1b:c7:53:
a8:ba:cf:43:8d:f6:da:7d:c1:c6:2e:9c:d8:3b:5a:
4d:7b:11:a9:87:db:c3:71:7e:81:a7:80:42:55:cc:
53:3f:d8:48:56:a7:43:e4:5d:f5:cd:5a:d8:b6:b7:
5d:0b:24:af:98:ed:2f:af:f2:3e:91:3d:73:95:9e:
c1:21:18:6d:47:38:85:bd:3c:0b:38:b4:05:8d:cc:
a6:fe:60:be:47:78:b0:bb:fa:b5:41:14:64:6d:b9:
8e:55:05:97:83:92:5a:bd:0f:57:57:b3:41:3e:a9:
d7:c5:c6:cb:48:eb:41:b7:04:3f:af:64:bc:1a:af:
b9:2a:99:d8:ec:1f:3b:3c:a9:1c:d5:8c:6d:cf:fe:
99:43:68:bc:cc:ad:e4:cb:f3:de:32:dc:a3:a3:39:
3f:fe:b4:f3:34:bc:15:a6:8d:40:18:44:90:c2:97:
6b:99:14:d3:8b:7c:68:d9:f4:e1:66:4c:84:ad:f5:
2e:39:10:0c:1c:05:9d:d1:b2:4a:bc:cc:fb:5d:a1:
f5:f9:7f:69:5d:b5:b4:71:2f:f7:4f:d0:d6:36:05:
99:0e:f4:5f:be:55:1b:ee:74:d2:a8:b2:cd:6c:0f:
ce:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A2:F0:E5:EC:B7:B6:D4:C6:C5:8F:95:0F:17:04:0E:8C:46:E4:20
X509v3 Authority Key Identifier:
keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33643a3a2f34382d3438203d3e20323033303639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc5:3d::/48
Signature Algorithm: sha256WithRSAEncryption
20:99:a4:58:92:22:b5:f7:05:03:82:54:e9:a4:fe:4c:69:c1:
9c:9a:13:26:e5:af:24:5e:84:1b:f3:36:d8:64:8c:77:41:8e:
c6:93:7b:2c:66:55:41:1b:af:c9:47:e2:72:fb:ce:8e:16:62:
a2:6e:06:0e:9d:d2:3a:83:6e:e1:3c:19:94:b4:c4:7b:74:35:
b7:1b:93:98:a2:f4:ce:d2:87:3f:be:9e:62:9d:a1:2b:7e:fe:
8e:6f:c3:bf:89:07:15:b7:82:66:de:04:20:5c:54:ac:4f:81:
20:0e:97:c6:48:3f:2b:fa:44:b1:fd:4b:4e:97:ba:b8:fe:bb:
7c:0e:1a:26:ae:4a:ea:13:43:59:00:23:d9:85:00:52:fd:20:
ac:12:56:16:c4:0d:87:10:84:bc:2c:a7:cb:73:47:7e:70:7d:
6e:b4:08:fa:42:b0:18:f6:d7:4a:82:a7:f9:36:f6:16:3a:2c:
6b:73:c2:81:0f:86:15:67:15:a0:da:b9:bc:d7:e3:eb:26:1d:
20:14:69:5a:40:dd:8a:a8:e0:b7:c0:b9:e2:5a:f2:22:7f:33:
ff:bf:b3:a9:14:30:cb:22:90:51:cf:b2:b1:f2:db:18:28:66:
1a:23:3f:a9:cc:2f:b6:fc:0e:a7:a7:00:0f:0b:37:71:9a:c3:
a9:22:d9:9b
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUKyyas+G4uHORDkQVq9v0eX3c5c8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzAxMjAxNjQzMzRaFw0yNDAxMTkxNjQ4MzRaMDMxMTAvBgNV
BAMTKDkwQTJGMEU1RUNCN0I2RDRDNkM1OEY5NTBGMTcwNDBFOEM0NkU0MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKP+qG5v344+/58wbPwYoCsFhc
MRJmjLQ7lRvHU6i6z0ON9tp9wcYunNg7Wk17EamH28NxfoGngEJVzFM/2EhWp0Pk
XfXNWti2t10LJK+Y7S+v8j6RPXOVnsEhGG1HOIW9PAs4tAWNzKb+YL5HeLC7+rVB
FGRtuY5VBZeDklq9D1dXs0E+qdfFxstI60G3BD+vZLwar7kqmdjsHzs8qRzVjG3P
/plDaLzMreTL894y3KOjOT/+tPM0vBWmjUAYRJDCl2uZFNOLfGjZ9OFmTISt9S45
EAwcBZ3Rskq8zPtdofX5f2ldtbRxL/dP0NY2BZkO9F++VRvudNKoss1sD857AgMB
AAGjggJ2MIICcjAdBgNVHQ4EFgQUkKLw5ey3ttTGxY+VDxcEDoxG5CAwHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2EzMzY0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDMzMzAzNjM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgXfxQA9MA0GCSqGSIb3DQEBCwUAA4IBAQAgmaRYkiK19wUDglTppP5M
acGcmhMm5a8kXoQb8zbYZIx3QY7Gk3ssZlVBG6/JR+Jy+86OFmKibgYOndI6g27h
PBmUtMR7dDW3G5OYovTO0oc/vp5inaErfv6Ob8O/iQcVt4Jm3gQgXFSsT4EgDpfG
SD8r+kSx/UtOl7q4/rt8DhomrkrqE0NZACPZhQBS/SCsElYWxA2HEIS8LKfLc0d+
cH1utAj6QrAY9tdKgqf5NvYWOixrc8KBD4YVZxWg2rm81+PrJh0gFGlaQN2KqOC3
wLniWvIifzP/v7OpFDDLIpBRz7Kx8tsYKGYaIz+pzC+2/A6npwAPCzdxmsOpItmb
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:56 2024 by rpki-client on console-ams.rpki-client.org