Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a636465663a3a2f34382d3438203d3e20323033303639.roa
File: 326130353a646663353a636465663a3a2f34382d3438203d3e20323033303639.roa (raw, json)
Hash identifier: mL/UkqAn/1NsEDWybx4T2tPYlNtcNbc7H46x5dBpo0M=
Subject key identifier: E9:15:29:3A:32:28:0D:C0:55:FE:74:04:73:F7:07:C5:61:71:D3:B8
Certificate issuer: /CN=847138B5401830B89B52403C777718BB40B2B6B5
Certificate serial: 589504F1C586B2F9F5DB61D3FE50E8A780E617F4
Authority key identifier: 84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a636465663a3a2f34382d3438203d3e20323033303639.roa
Signing time: Tue 18 Apr 2023 08:01:56 +0000
ROA not before: Tue 18 Apr 2023 07:56:56 +0000
ROA not after: Tue 16 Apr 2024 08:01:56 +0000
asID: 203069
IP address blocks: 2a05:dfc5:cdef::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:95:04:f1:c5:86:b2:f9:f5:db:61:d3:fe:50:e8:a7:80:e6:17:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=847138B5401830B89B52403C777718BB40B2B6B5
Validity
Not Before: Apr 18 07:56:56 2023 GMT
Not After : Apr 16 08:01:56 2024 GMT
Subject: CN=E915293A32280DC055FE740473F707C56171D3B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8f:c7:e8:c5:da:72:60:2f:30:31:6f:8a:05:
29:2b:53:57:68:8b:1f:43:18:4d:56:1f:47:1a:71:
01:c2:62:59:64:e6:2f:cd:92:11:a0:2f:63:2f:a1:
30:16:8d:69:a3:67:0c:31:c7:62:9c:67:de:fa:bc:
18:66:6f:23:cf:0b:0a:66:e1:1e:07:f1:c6:e9:82:
bb:6c:d0:db:a5:e8:a6:1a:38:bb:bd:bf:90:cd:9d:
86:25:75:f0:a3:cd:8e:29:f0:ea:e4:24:1f:24:ed:
49:0a:81:a7:76:0f:f0:32:62:ad:86:1c:71:30:64:
57:83:34:36:fb:b9:57:b6:38:61:c0:2b:00:78:2e:
62:5c:a9:d0:b8:49:3e:e9:cc:17:a0:30:24:58:9c:
b1:64:61:2c:62:a2:de:8d:ed:ae:4a:a7:be:1b:5d:
14:c9:46:48:c0:23:35:05:35:a8:4f:0a:ea:26:c8:
b1:70:a2:eb:6b:4e:bd:a1:ca:30:1f:10:e3:5d:1e:
f0:b5:5e:cb:ae:fd:77:40:b8:30:ff:e4:1d:3f:a9:
d6:7d:e5:be:01:87:61:50:e7:3a:ee:c9:a5:60:9e:
fc:10:1d:5c:d2:b4:c2:a6:70:e0:db:ec:8b:4d:51:
4e:cd:b4:dc:95:94:5c:85:74:27:90:a0:f7:07:6a:
fd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:15:29:3A:32:28:0D:C0:55:FE:74:04:73:F7:07:C5:61:71:D3:B8
X509v3 Authority Key Identifier:
keyid:84:71:38:B5:40:18:30:B8:9B:52:40:3C:77:77:18:BB:40:B2:B6:B5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/847138B5401830B89B52403C777718BB40B2B6B5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/847138B5401830B89B52403C777718BB40B2B6B5.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/4/326130353a646663353a636465663a3a2f34382d3438203d3e20323033303639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc5:cdef::/48
Signature Algorithm: sha256WithRSAEncryption
72:1f:0d:24:90:35:e1:df:6b:e7:af:60:44:df:c3:2d:97:31:
2b:24:da:ef:ec:8f:50:bd:88:fd:49:7d:85:21:8b:e9:23:03:
9e:6c:75:3b:76:2c:80:d6:9f:f8:52:f8:41:e5:73:a8:14:e1:
6d:8e:34:d4:b8:4d:a1:18:13:6d:35:fd:98:1b:d9:36:52:d6:
bc:b1:cb:a3:13:62:35:1e:26:2a:e8:57:a8:ee:05:51:5d:98:
db:39:f4:8c:68:c2:04:11:6a:f8:c1:88:1e:5f:60:ae:41:b0:
19:3a:8c:67:7a:d6:0a:0f:3c:ef:42:60:db:8e:34:4d:65:38:
94:f4:98:4f:02:c0:7a:e6:34:cc:c3:a0:58:2c:dc:8c:4b:39:
51:8d:93:da:42:26:3c:85:eb:f8:99:ef:e1:df:fa:78:63:42:
a9:d3:d9:f0:66:be:9f:67:9a:ee:9e:02:5e:be:54:f9:2c:0a:
d1:76:50:89:cb:3b:02:11:4e:b5:df:d5:0f:d3:c6:7b:e3:50:
ca:9e:33:db:f8:54:ed:97:92:49:72:9d:cd:94:0a:a8:9b:7a:
13:54:5b:85:b4:08:5b:28:2f:f9:2d:4d:87:b9:2e:45:ec:0e:
39:16:3a:91:85:7f:8e:0d:d9:ec:20:10:26:17:6b:1d:d1:80:
f2:81:f3:21
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIUWJUE8cWGsvn122HT/lDop4DmF/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0
MEIyQjZCNTAeFw0yMzA0MTgwNzU2NTZaFw0yNDA0MTYwODAxNTZaMDMxMTAvBgNV
BAMTKEU5MTUyOTNBMzIyODBEQzA1NUZFNzQwNDczRjcwN0M1NjE3MUQzQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyj8foxdpyYC8wMW+KBSkrU1do
ix9DGE1WH0cacQHCYllk5i/NkhGgL2MvoTAWjWmjZwwxx2KcZ976vBhmbyPPCwpm
4R4H8cbpgrts0Nul6KYaOLu9v5DNnYYldfCjzY4p8OrkJB8k7UkKgad2D/AyYq2G
HHEwZFeDNDb7uVe2OGHAKwB4LmJcqdC4ST7pzBegMCRYnLFkYSxiot6N7a5Kp74b
XRTJRkjAIzUFNahPCuomyLFwoutrTr2hyjAfEONdHvC1Xsuu/XdAuDD/5B0/qdZ9
5b4Bh2FQ5zruyaVgnvwQHVzStMKmcODb7ItNUU7NtNyVlFyFdCeQoPcHav3PAgMB
AAGjggJ6MIICdjAdBgNVHQ4EFgQU6RUpOjIoDcBV/nQEc/cHxWFx07gwHwYDVR0j
BBgwFoAUhHE4tUAYMLibUkA8d3cYu0CytrUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzQvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIyQjZCNS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvODQ3MTM4QjU0MDE4MzBCODlCNTI0MDNDNzc3NzE4QkI0MEIy
QjZCNS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJmOGU5Nzct
NzI3OC00NmNmLWFiZDEtOTljZDFmZDJiZTRlLzQvMzI2MTMwMzUzYTY0NjY2MzM1
M2E2MzY0NjU2NjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAzMzMwMzYzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHACoF38XN7zANBgkqhkiG9w0BAQsFAAOCAQEAch8NJJA14d9r569g
RN/DLZcxKyTa7+yPUL2I/Ul9hSGL6SMDnmx1O3YsgNaf+FL4QeVzqBThbY401LhN
oRgTbTX9mBvZNlLWvLHLoxNiNR4mKuhXqO4FUV2Y2zn0jGjCBBFq+MGIHl9grkGw
GTqMZ3rWCg8870Jg2440TWU4lPSYTwLAeuY0zMOgWCzcjEs5UY2T2kImPIXr+Jnv
4d/6eGNCqdPZ8Ga+n2ea7p4CXr5U+SwK0XZQics7AhFOtd/VD9PGe+NQyp4z2/hU
7ZeSSXKdzZQKqJt6E1RbhbQIWygv+S1Nh7kuRewOORY6kYV/jg3Z7CAQJhdrHdGA
8oHzIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org