Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33663a3a2f34382d3438203d3e20323033303639.roa
File: 326130353a646663353a33663a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier: mbI51lFHplaMDO5jJJhHyoxKhdYihgg/Z/6GgQIzdFM=
Subject key identifier: C8:B9:DF:EA:24:A2:D5:12:F0:92:85:E8:92:E3:A5:34:BD:9E:33:3C
Certificate issuer: /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial: 365444E7D009B643400BADAF3F209114D7DC679A
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33663a3a2f34382d3438203d3e20323033303639.roa
Signing time: Fri 20 Jan 2023 16:48:21 +0000
ROA not before: Fri 20 Jan 2023 16:43:21 +0000
ROA not after: Fri 19 Jan 2024 16:48:21 +0000
asID: 203069
IP address blocks: 2a05:dfc5:3f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:54:44:e7:d0:09:b6:43:40:0b:ad:af:3f:20:91:14:d7:dc:67:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
Validity
Not Before: Jan 20 16:43:21 2023 GMT
Not After : Jan 19 16:48:21 2024 GMT
Subject: CN=C8B9DFEA24A2D512F09285E892E3A534BD9E333C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:55:63:5c:9c:97:10:21:ec:74:53:97:c3:f0:
5d:40:2e:a0:fe:c1:ee:b5:21:65:3d:8f:da:1b:b9:
68:03:c0:3d:ad:10:f7:4e:df:5e:e0:fe:2e:fe:65:
e4:d5:51:ba:bf:6f:f6:cc:5b:c8:56:68:55:34:3a:
1f:e7:a5:0d:9b:70:29:37:ef:3e:4f:9c:bd:91:a4:
0b:a0:1a:82:e9:1e:d3:c5:12:aa:3d:06:4e:2d:82:
28:6a:65:b0:69:c0:48:d8:cc:26:1f:1c:aa:20:fb:
af:90:09:23:3d:19:26:32:df:eb:24:07:f5:84:59:
79:f8:d0:ec:2f:dc:00:7d:38:cf:6f:3b:1f:61:ab:
e5:70:d5:a5:0f:68:3c:4e:38:78:11:fa:fa:c5:06:
26:34:4e:ff:14:a2:a3:93:80:17:2a:26:9c:a1:4c:
a9:8f:f4:c2:63:60:41:0f:e6:05:79:4e:21:ab:70:
ae:56:9b:31:ab:84:8d:5a:c4:5b:28:61:d5:a8:d8:
4a:43:e3:df:1d:05:c8:4d:c3:f7:30:5b:a5:29:30:
fb:63:1a:3a:17:e8:dd:83:fe:4d:45:06:c7:1b:4e:
9e:f1:c6:75:54:e7:e5:70:91:a0:91:bc:42:a5:0d:
87:49:9c:cc:03:20:9c:c9:cf:f0:f4:b2:73:86:1c:
e4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B9:DF:EA:24:A2:D5:12:F0:92:85:E8:92:E3:A5:34:BD:9E:33:3C
X509v3 Authority Key Identifier:
keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a33663a3a2f34382d3438203d3e20323033303639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc5:3f::/48
Signature Algorithm: sha256WithRSAEncryption
17:32:86:6b:5b:76:37:4a:e2:d0:cc:83:2b:44:b2:ab:32:92:
9b:67:dc:74:38:25:d9:df:1b:10:10:53:05:21:4a:d1:01:fc:
79:aa:32:82:91:3b:3d:ea:8f:68:0d:2a:9e:1d:5a:ea:90:b4:
e9:af:39:08:7a:83:95:ce:78:92:b3:30:d9:06:81:c1:d1:89:
d1:d9:15:b8:f0:4c:b0:7b:c1:bf:5e:84:97:9c:d7:29:41:40:
63:bb:7f:f7:a2:79:01:ed:19:f3:19:cf:b4:0e:bc:8c:59:a8:
45:4a:e9:73:bd:bc:cb:06:76:89:ad:e5:f7:30:c8:cc:c8:cb:
4e:78:96:5a:e9:91:6d:15:46:f6:11:e9:8c:ab:70:ee:57:9e:
c8:d7:d5:cc:25:ac:b5:db:47:db:26:f4:96:94:3a:90:b1:a6:
1f:e7:b0:8f:28:a7:ec:39:e7:bf:9c:3e:44:de:7e:d2:e0:6e:
d3:9e:9a:dd:4f:cf:73:b7:77:16:ad:56:1b:68:73:b8:d4:51:
d0:cb:e7:5b:1f:53:e5:72:fb:87:17:5d:fb:98:c2:62:f5:b9:
38:23:04:c3:9c:49:a8:cd:ef:97:95:35:9e:9a:d3:35:00:72:
28:1e:2c:94:bf:58:1a:53:5c:4b:43:b8:d8:7f:b5:d4:03:7d:
4d:bc:80:2a
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUNlRE59AJtkNAC62vPyCRFNfcZ5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzAxMjAxNjQzMjFaFw0yNDAxMTkxNjQ4MjFaMDMxMTAvBgNV
BAMTKEM4QjlERkVBMjRBMkQ1MTJGMDkyODVFODkyRTNBNTM0QkQ5RTMzM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoVWNcnJcQIex0U5fD8F1ALqD+
we61IWU9j9obuWgDwD2tEPdO317g/i7+ZeTVUbq/b/bMW8hWaFU0Oh/npQ2bcCk3
7z5PnL2RpAugGoLpHtPFEqo9Bk4tgihqZbBpwEjYzCYfHKog+6+QCSM9GSYy3+sk
B/WEWXn40Owv3AB9OM9vOx9hq+Vw1aUPaDxOOHgR+vrFBiY0Tv8UoqOTgBcqJpyh
TKmP9MJjYEEP5gV5TiGrcK5WmzGrhI1axFsoYdWo2EpD498dBchNw/cwW6UpMPtj
GjoX6N2D/k1FBscbTp7xxnVU5+VwkaCRvEKlDYdJnMwDIJzJz/D0snOGHOT9AgMB
AAGjggJ2MIICcjAdBgNVHQ4EFgQUyLnf6iSi1RLwkoXokuOlNL2eMzwwHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2EzMzY2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDMzMzAzNjM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgXfxQA/MA0GCSqGSIb3DQEBCwUAA4IBAQAXMoZrW3Y3SuLQzIMrRLKr
MpKbZ9x0OCXZ3xsQEFMFIUrRAfx5qjKCkTs96o9oDSqeHVrqkLTprzkIeoOVzniS
szDZBoHB0YnR2RW48Eywe8G/XoSXnNcpQUBju3/3onkB7RnzGc+0DryMWahFSulz
vbzLBnaJreX3MMjMyMtOeJZa6ZFtFUb2EemMq3DuV57I19XMJay120fbJvSWlDqQ
saYf57CPKKfsOee/nD5E3n7S4G7TnprdT89zt3cWrVYbaHO41FHQy+dbH1PlcvuH
F137mMJi9bk4IwTDnEmoze+XlTWemtM1AHIoHiyUv1gaU1xLQ7jYf7XUA31NvIAq
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:56 2024 by rpki-client on console-ams.rpki-client.org