Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33653a3a2f34382d3438203d3e20323033303639.roa
File: 326130353a646663353a33653a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier: zV7576smpfnji7F75le993FQQuUnHQUdy3I26B12iiw=
Subject key identifier: ED:69:C3:92:4F:42:68:DC:EE:3A:D2:EB:A8:94:7A:6E:07:F4:C8:97
Certificate issuer: /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial: 409516BBF9D8C176ECBE64AE52E9A150D62E3D76
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33653a3a2f34382d3438203d3e20323033303639.roa
Signing time: Fri 20 Jan 2023 16:48:49 +0000
ROA not before: Fri 20 Jan 2023 16:43:49 +0000
ROA not after: Fri 19 Jan 2024 16:48:49 +0000
asID: 203069
IP address blocks: 2a05:dfc5:3e::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:95:16:bb:f9:d8:c1:76:ec:be:64:ae:52:e9:a1:50:d6:2e:3d:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
Validity
Not Before: Jan 20 16:43:49 2023 GMT
Not After : Jan 19 16:48:49 2024 GMT
Subject: CN=ED69C3924F4268DCEE3AD2EBA8947A6E07F4C897
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e8:91:3d:53:b4:fc:99:fb:45:bd:af:d2:bd:
e0:4b:e1:0a:60:3f:13:c2:52:24:58:7c:18:09:5a:
02:a6:23:f2:72:c4:d0:fe:76:7e:bb:c1:fa:ba:c7:
93:c7:ed:a8:24:72:0c:82:72:56:ff:68:89:e3:86:
3b:93:16:e0:69:7f:be:22:b1:ea:4f:56:6c:88:7a:
5b:d7:84:5d:9d:24:bb:ff:d4:35:f7:51:94:90:5f:
33:6e:fa:6b:5b:5a:b4:bb:76:45:df:d8:ca:cf:4f:
0d:35:44:cf:19:67:d5:d7:55:8e:20:62:51:4d:e6:
44:92:74:67:6d:56:21:8b:30:76:66:e5:b7:10:56:
c4:ab:50:3c:0f:5f:ca:bf:6a:a8:99:e0:88:45:af:
03:0b:4b:c1:d3:e0:dd:c6:7c:15:11:80:e9:db:61:
c4:c9:a6:66:d4:e4:28:a1:ee:01:69:04:f5:2b:e1:
d9:11:9b:66:26:79:f8:71:d7:79:9d:f8:2d:f6:e4:
11:8d:e3:1e:7e:af:86:d4:3f:76:e1:c2:cc:b7:85:
d5:8d:b8:9f:ba:94:ef:0f:cf:a6:83:a6:29:65:c2:
45:bc:1d:cd:6a:a6:08:3e:c5:07:ab:1f:de:b7:63:
97:78:72:1c:4c:c4:9c:fe:fa:3f:cf:0d:5e:a7:a8:
78:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:69:C3:92:4F:42:68:DC:EE:3A:D2:EB:A8:94:7A:6E:07:F4:C8:97
X509v3 Authority Key Identifier:
keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33653a3a2f34382d3438203d3e20323033303639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc5:3e::/48
Signature Algorithm: sha256WithRSAEncryption
83:9e:de:e4:70:0b:86:b2:66:42:c3:26:38:fd:44:90:8c:55:
4b:e8:e1:2e:c4:02:4c:49:59:f0:05:0d:ab:e8:f7:22:49:1b:
e0:58:37:cf:5f:0b:26:29:2d:66:2a:66:47:47:2c:c5:99:07:
90:83:ec:60:d4:dd:c6:a5:29:a5:64:64:1a:a6:1c:57:f6:cb:
aa:e1:db:2b:cc:02:43:56:ff:89:cd:a0:7b:b6:38:98:45:02:
e3:01:90:9c:ef:48:7c:c3:cc:60:86:4d:8c:1b:10:b7:23:db:
33:74:e3:c5:56:9d:00:20:19:d7:e2:11:a6:86:66:11:b6:50:
99:2e:d0:7a:94:a4:bc:cc:a2:3a:11:e2:1f:71:6d:1f:6a:16:
ca:90:3e:a6:64:e5:41:27:90:45:4a:ec:07:be:91:1d:47:11:
d4:eb:1b:2a:db:49:39:71:c4:ed:5f:24:d3:77:a4:9c:e9:8b:
70:31:27:37:1b:45:29:4d:c9:49:06:a8:ad:b5:10:3c:71:48:
ce:78:0d:f3:6a:b4:84:e7:dc:b0:d8:2a:62:b9:27:92:b7:26:
49:af:37:e2:e1:33:c0:04:fd:04:90:4e:7e:7e:e1:ab:38:fd:
08:bd:5a:c6:6a:28:85:72:dc:18:56:71:21:1e:37:24:06:3f:
03:ce:49:3e
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUQJUWu/nYwXbsvmSuUumhUNYuPXYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzAxMjAxNjQzNDlaFw0yNDAxMTkxNjQ4NDlaMDMxMTAvBgNV
BAMTKEVENjlDMzkyNEY0MjY4RENFRTNBRDJFQkE4OTQ3QTZFMDdGNEM4OTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs6JE9U7T8mftFva/SveBL4Qpg
PxPCUiRYfBgJWgKmI/JyxND+dn67wfq6x5PH7agkcgyCclb/aInjhjuTFuBpf74i
sepPVmyIelvXhF2dJLv/1DX3UZSQXzNu+mtbWrS7dkXf2MrPTw01RM8ZZ9XXVY4g
YlFN5kSSdGdtViGLMHZm5bcQVsSrUDwPX8q/aqiZ4IhFrwMLS8HT4N3GfBURgOnb
YcTJpmbU5Cih7gFpBPUr4dkRm2Ymefhx13md+C325BGN4x5+r4bUP3bhwsy3hdWN
uJ+6lO8Pz6aDpillwkW8Hc1qpgg+xQerH963Y5d4chxMxJz++j/PDV6nqHjJAgMB
AAGjggJ2MIICcjAdBgNVHQ4EFgQU7WnDkk9CaNzuOtLrqJR6bgf0yJcwHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2EzMzY1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDMzMzAzNjM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgXfxQA+MA0GCSqGSIb3DQEBCwUAA4IBAQCDnt7kcAuGsmZCwyY4/USQ
jFVL6OEuxAJMSVnwBQ2r6PciSRvgWDfPXwsmKS1mKmZHRyzFmQeQg+xg1N3GpSml
ZGQaphxX9suq4dsrzAJDVv+JzaB7tjiYRQLjAZCc70h8w8xghk2MGxC3I9szdOPF
Vp0AIBnX4hGmhmYRtlCZLtB6lKS8zKI6EeIfcW0fahbKkD6mZOVBJ5BFSuwHvpEd
RxHU6xsq20k5ccTtXyTTd6Sc6YtwMSc3G0UpTclJBqittRA8cUjOeA3zarSE59yw
2CpiuSeStyZJrzfi4TPABP0EkE5+fuGrOP0IvVrGaiiFctwYVnEhHjckBj8Dzkk+
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:56 2024 by rpki-client on console-ams.rpki-client.org