Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138372e302f32342d3234203d3e203633303233.roa
File: 352e3138312e3138372e302f32342d3234203d3e203633303233.roa (raw, json)
Hash identifier: a/zF2l10+ZWKY1yK8MgKYQ2tiN/mjKh3IR/f/vPxg3E=
Subject key identifier: 23:F3:83:1B:30:47:D5:1C:F4:21:E2:F0:C6:99:71:16:44:53:B3:01
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 4606392E1CEDDC4B338CE27A8BA8567EF5D57B36
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138372e302f32342d3234203d3e203633303233.roa
Signing time: Fri 20 Jan 2023 07:44:13 +0000
ROA not before: Fri 20 Jan 2023 07:39:13 +0000
ROA not after: Fri 19 Jan 2024 07:44:13 +0000
asID: 63023
IP address blocks: 5.181.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:06:39:2e:1c:ed:dc:4b:33:8c:e2:7a:8b:a8:56:7e:f5:d5:7b:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jan 20 07:39:13 2023 GMT
Not After : Jan 19 07:44:13 2024 GMT
Subject: CN=23F3831B3047D51CF421E2F0C69971164453B301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b9:f3:63:6c:00:a9:1b:62:22:4f:c4:01:db:
4a:39:23:39:58:99:40:32:ac:cd:5b:8a:b9:16:04:
d8:c6:31:37:cc:8e:a7:06:5d:78:63:19:58:51:e8:
61:f3:f0:d6:39:ee:a9:a6:0f:48:63:b8:73:15:f8:
bf:c4:cd:8e:7d:d8:8e:18:f1:a9:5b:53:3c:b0:7f:
4f:6b:69:38:1a:ca:5b:ad:3b:e2:28:c0:64:f2:58:
19:9f:4f:20:e9:a3:f2:91:5f:5b:41:a0:04:ec:48:
6b:ca:1b:b7:6b:eb:2b:cd:59:7d:cf:04:2d:1b:2a:
1c:51:3a:98:7b:e0:83:78:63:89:3e:87:35:3b:56:
94:d7:8a:fc:d5:7c:ba:a0:bb:fd:c8:f1:f5:1f:e6:
8d:c7:f2:de:55:85:d0:7b:e5:55:99:8e:51:fe:d3:
5e:24:a9:96:0c:34:bd:ec:0d:1e:d3:c7:b4:9f:70:
a3:2d:2b:67:b3:96:d8:b7:55:74:2f:41:69:41:36:
68:f2:95:03:54:9d:99:79:bb:10:57:fb:fd:c1:39:
7c:95:30:1f:82:94:73:a5:b1:1c:40:34:53:bb:ff:
28:a2:f7:4b:49:c4:87:b6:9e:b5:af:fc:f1:51:6e:
bc:7a:f2:73:27:c5:89:96:ca:b5:d1:2e:da:3b:da:
b4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F3:83:1B:30:47:D5:1C:F4:21:E2:F0:C6:99:71:16:44:53:B3:01
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/352e3138312e3138372e302f32342d3234203d3e203633303233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.187.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:98:bb:4d:76:f7:85:ff:01:a8:88:69:55:0a:ed:74:cb:6c:
e9:d4:1f:14:34:d7:1a:78:86:87:ad:58:64:80:e9:c5:b6:d2:
6b:fa:a3:ee:66:de:8a:a3:4b:cc:be:f7:d4:ab:19:12:c3:5b:
28:76:e4:5e:f9:41:7b:26:e0:85:4a:8c:26:34:a2:4e:a8:09:
3b:cd:3e:37:aa:63:94:91:44:59:46:10:06:d3:29:c7:40:73:
04:0f:bd:5c:88:71:9e:d2:e0:85:d0:1e:56:78:ae:8b:a2:9a:
ea:54:e8:b6:24:dc:a6:a5:9f:72:23:68:f4:ef:c9:09:18:04:
6d:93:cf:17:e7:22:ab:05:91:e7:91:2c:88:16:22:76:f1:42:
53:28:6a:34:24:66:d5:60:d5:13:99:ac:53:6a:96:a7:df:2e:
12:ee:e9:b9:65:8c:0d:38:d8:2b:3f:ec:03:04:2a:15:48:8b:
2c:4f:38:a1:90:09:72:e7:9a:62:c7:c9:91:be:20:31:18:d3:
43:b0:7d:52:87:4e:f9:f5:7a:10:31:07:80:88:be:22:b0:96:
33:21:f0:19:a5:70:e6:42:b8:b7:7f:cc:c1:d0:09:c7:5c:30:
2d:20:0b:a0:e1:18:de:31:de:40:d6:2f:46:79:ac:76:2a:40:
da:62:f1:34
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIURgY5Lhzt3EszjOJ6i6hWfvXVezYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzAxMjAwNzM5MTNaFw0yNDAxMTkwNzQ0MTNaMDMxMTAvBgNV
BAMTKDIzRjM4MzFCMzA0N0Q1MUNGNDIxRTJGMEM2OTk3MTE2NDQ1M0IzMDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUufNjbACpG2IiT8QB20o5IzlY
mUAyrM1birkWBNjGMTfMjqcGXXhjGVhR6GHz8NY57qmmD0hjuHMV+L/EzY592I4Y
8albUzywf09raTgaylutO+IowGTyWBmfTyDpo/KRX1tBoATsSGvKG7dr6yvNWX3P
BC0bKhxROph74IN4Y4k+hzU7VpTXivzVfLqgu/3I8fUf5o3H8t5VhdB75VWZjlH+
014kqZYMNL3sDR7Tx7SfcKMtK2ezlti3VXQvQWlBNmjylQNUnZl5uxBX+/3BOXyV
MB+ClHOlsRxANFO7/yii90tJxIe2nrWv/PFRbrx68nMnxYmWyrXRLto72rSFAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUI/ODGzBH1Rz0IeLwxplxFkRTswEwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzUyZTMxMzgzMTJlMzEzODM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMzMwMzIzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAW1
uzANBgkqhkiG9w0BAQsFAAOCAQEAbpi7TXb3hf8BqIhpVQrtdMts6dQfFDTXGniG
h61YZIDpxbbSa/qj7mbeiqNLzL731KsZEsNbKHbkXvlBeybghUqMJjSiTqgJO80+
N6pjlJFEWUYQBtMpx0BzBA+9XIhxntLghdAeVniui6Ka6lTotiTcpqWfciNo9O/J
CRgEbZPPF+ciqwWR55EsiBYidvFCUyhqNCRm1WDVE5msU2qWp98uEu7puWWMDTjY
Kz/sAwQqFUiLLE84oZAJcueaYsfJkb4gMRjTQ7B9UodO+fV6EDEHgIi+IrCWMyHw
GaVw5kK4t3/MwdAJx1wwLSALoOEY3jHeQNYvRnmsdipA2mLxNA==
-----END CERTIFICATE-----
Generated at Fri Mar 14 03:01:38 2025 by rpki-client