Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a34653a3a2f34382d3438203d3e20323033303639.roa
File: 326130353a646663353a34653a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier: SIIb8PEgHCMmKkKVEYeDwce+laxMtR0/5izSQETBlRk=
Subject key identifier: 73:9B:E1:68:CF:B3:F6:6B:7E:AF:1D:43:3B:68:FF:9F:06:3F:80:A0
Certificate issuer: /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial: 6A02D835BC38481ECC5B7AF73A525D2BE859DD7A
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a34653a3a2f34382d3438203d3e20323033303639.roa
Signing time: Fri 20 Jan 2023 16:56:31 +0000
ROA not before: Fri 20 Jan 2023 16:51:31 +0000
ROA not after: Fri 19 Jan 2024 16:56:31 +0000
asID: 203069
IP address blocks: 2a05:dfc5:4e::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:02:d8:35:bc:38:48:1e:cc:5b:7a:f7:3a:52:5d:2b:e8:59:dd:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
Validity
Not Before: Jan 20 16:51:31 2023 GMT
Not After : Jan 19 16:56:31 2024 GMT
Subject: CN=739BE168CFB3F66B7EAF1D433B68FF9F063F80A0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:43:de:33:23:82:e4:da:bb:0b:76:d1:3a:04:
c3:5b:36:31:f7:8d:41:11:b2:bb:0e:ae:01:ab:8e:
f0:e5:05:04:99:28:45:b3:93:d9:34:c5:c3:c1:6d:
ef:53:5b:8c:12:25:7e:b7:c3:93:10:b6:b0:93:c9:
1b:94:ec:46:d2:28:ba:69:a5:c0:e0:fa:ba:e4:df:
a9:61:53:15:67:d9:b7:8a:7c:d3:f0:3a:28:c4:5d:
33:42:10:27:81:11:d3:7b:ff:97:24:5b:9d:b4:f4:
c5:54:2d:30:30:60:b8:ed:42:a6:bf:c2:b4:bf:b5:
63:77:5f:0a:79:57:7a:6d:ea:73:cd:a5:23:63:7b:
e1:6d:22:17:99:f2:88:99:6b:f0:e7:a9:45:06:8b:
eb:9e:47:a6:21:39:1d:86:93:3b:93:1d:27:e9:c6:
3d:93:e0:a2:c7:ba:98:e4:a7:6c:e0:4e:6a:3a:b1:
d9:95:37:7f:c1:e1:f5:6e:cd:9b:c9:9f:05:5f:1a:
38:00:85:5a:5d:ed:6e:d3:a0:56:40:b7:33:46:1d:
6a:25:54:f9:eb:90:0a:26:be:e9:ec:e5:91:d2:9e:
3f:80:36:12:34:9d:17:45:9c:eb:73:51:54:6a:46:
e8:4f:98:d8:bf:72:a6:64:73:20:0f:79:cf:f2:2b:
77:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:9B:E1:68:CF:B3:F6:6B:7E:AF:1D:43:3B:68:FF:9F:06:3F:80:A0
X509v3 Authority Key Identifier:
keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a34653a3a2f34382d3438203d3e20323033303639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc5:4e::/48
Signature Algorithm: sha256WithRSAEncryption
1e:5c:d0:d1:68:d7:af:05:b6:6f:fb:4f:38:f6:8e:60:53:3e:
1d:6f:44:a2:b4:9a:e8:a3:fe:36:61:24:9b:7b:16:85:72:cf:
c7:4f:2a:91:bd:ab:41:8f:9c:24:d5:05:37:cb:6d:91:87:41:
92:ce:6a:45:ff:98:40:87:8a:a9:92:89:7f:5b:f7:4e:85:d5:
9d:b5:c6:cf:21:9c:65:24:4b:d2:38:27:ef:a2:69:01:39:d4:
e1:fc:09:95:d2:4d:a7:f9:86:6e:80:d1:c2:19:ed:2a:3e:66:
67:c1:85:b1:69:c4:a8:33:c1:e4:87:69:6a:ca:48:d8:52:70:
cc:77:85:5e:3c:e1:2a:b3:fa:1f:af:18:7d:8c:54:6b:e6:eb:
5b:89:99:a5:99:76:a6:23:bf:d6:b3:82:fb:35:e4:c3:ae:e5:
99:24:3a:83:a4:18:f6:aa:46:0a:24:2a:c3:ce:d1:44:51:71:
9a:af:7a:54:0e:a7:a1:ce:86:98:14:7f:a7:97:a1:52:43:b0:
0a:f2:fe:29:af:8b:0d:25:a7:bb:7d:df:ab:ae:cb:8d:c0:9d:
f5:58:2f:7c:77:b7:c1:c7:af:62:d9:01:db:34:ed:f4:ac:43:
60:e2:a0:7d:43:c4:27:b6:83:8c:6f:f9:33:c9:74:5c:59:21:
18:8f:8d:2c
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUagLYNbw4SB7MW3r3OlJdK+hZ3XowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzAxMjAxNjUxMzFaFw0yNDAxMTkxNjU2MzFaMDMxMTAvBgNV
BAMTKDczOUJFMTY4Q0ZCM0Y2NkI3RUFGMUQ0MzNCNjhGRjlGMDYzRjgwQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQQ94zI4Lk2rsLdtE6BMNbNjH3
jUERsrsOrgGrjvDlBQSZKEWzk9k0xcPBbe9TW4wSJX63w5MQtrCTyRuU7EbSKLpp
pcDg+rrk36lhUxVn2beKfNPwOijEXTNCECeBEdN7/5ckW5209MVULTAwYLjtQqa/
wrS/tWN3Xwp5V3pt6nPNpSNje+FtIheZ8oiZa/DnqUUGi+ueR6YhOR2GkzuTHSfp
xj2T4KLHupjkp2zgTmo6sdmVN3/B4fVuzZvJnwVfGjgAhVpd7W7ToFZAtzNGHWol
VPnrkAomvuns5ZHSnj+ANhI0nRdFnOtzUVRqRuhPmNi/cqZkcyAPec/yK3crAgMB
AAGjggJ2MIICcjAdBgNVHQ4EFgQUc5vhaM+z9mt+rx1DO2j/nwY/gKAwHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2EzNDY1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzMDMzMzAzNjM5LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgXfxQBOMA0GCSqGSIb3DQEBCwUAA4IBAQAeXNDRaNevBbZv+0849o5g
Uz4db0SitJroo/42YSSbexaFcs/HTyqRvatBj5wk1QU3y22Rh0GSzmpF/5hAh4qp
kol/W/dOhdWdtcbPIZxlJEvSOCfvomkBOdTh/AmV0k2n+YZugNHCGe0qPmZnwYWx
acSoM8Hkh2lqykjYUnDMd4VePOEqs/ofrxh9jFRr5utbiZmlmXamI7/Ws4L7NeTD
ruWZJDqDpBj2qkYKJCrDztFEUXGar3pUDqehzoaYFH+nl6FSQ7AK8v4pr4sNJae7
fd+rrsuNwJ31WC98d7fBx69i2QHbNO30rENg4qB9Q8QntoOMb/kzyXRcWSEYj40s
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:56 2024 by rpki-client on console-ams.rpki-client.org