Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: vkBx1/LRoekTHoGT9aztdfIplwUjuQigNRHlM1N4jtk=
Subject key identifier: FC:3A:18:76:9D:D1:CC:ED:AF:B7:C3:76:98:FD:DE:97:B9:11:D3:06
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3DC5EA7B3209AB7BA687B58F57514D7DE384C111
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS0.roa
Signing time: Thu 09 Nov 2023 13:04:43 +0000
ROA not before: Thu 09 Nov 2023 12:59:43 +0000
ROA not after: Thu 07 Nov 2024 13:04:43 +0000
asID: 0
IP address blocks: 181.214.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:c5:ea:7b:32:09:ab:7b:a6:87:b5:8f:57:51:4d:7d:e3:84:c1:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 9 12:59:43 2023 GMT
Not After : Nov 7 13:04:43 2024 GMT
Subject: CN=FC3A18769DD1CCEDAFB7C37698FDDE97B911D306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fb:ef:ec:09:f4:41:e9:41:d2:c5:7f:1a:1b:
65:12:a9:04:f2:ee:c1:19:87:1f:c1:6b:63:ba:e1:
14:ca:2d:87:17:3c:01:8c:83:b7:28:fb:fd:2f:10:
f7:bc:70:85:04:dc:2c:47:fc:e4:8b:52:88:f0:6d:
f1:0f:89:77:ad:ac:88:25:b2:03:bb:28:f3:78:36:
48:dd:89:e8:af:c9:79:4e:20:df:4b:f3:af:a6:96:
16:26:30:15:5d:47:80:bf:66:7d:a1:65:ab:94:c3:
43:3b:9d:19:55:4c:72:75:3d:24:35:72:c0:78:a0:
29:94:37:fc:ae:bc:c8:b5:ae:1b:f6:bc:1b:9c:5c:
e0:1b:2c:11:64:00:cf:f8:7c:8a:39:b3:94:04:ed:
af:bf:e2:a9:2f:1c:73:ac:47:6e:3e:bd:83:bd:bb:
c7:53:db:d8:69:5a:2a:1d:d3:79:c4:1e:1d:f4:fb:
20:b8:e9:87:04:02:b6:52:e5:5f:db:35:db:11:26:
ba:79:23:93:65:66:d0:49:23:0f:6d:40:2c:57:73:
11:06:b6:c5:9b:5a:9e:0f:c4:8a:74:09:07:d5:ca:
95:5c:23:fa:99:b6:49:40:b3:54:7b:0e:86:81:68:
38:27:1a:4f:60:de:92:93:a9:00:42:02:78:33:e1:
ac:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:3A:18:76:9D:D1:CC:ED:AF:B7:C3:76:98:FD:DE:97:B9:11:D3:06
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.128.0/24
Signature Algorithm: sha256WithRSAEncryption
72:63:a1:e4:37:0c:ea:68:b2:c6:47:d7:c3:e2:e3:f2:d0:01:
a5:01:7c:0b:8f:37:ad:f9:e5:af:b7:5b:0b:34:49:5c:ad:01:
49:a2:61:73:9e:b3:d0:2b:4d:e4:0e:7a:aa:9c:3b:2c:7a:5a:
df:0c:cb:97:f3:ba:9d:7c:e1:af:7a:6b:5f:64:ad:5f:ca:19:
db:fd:03:ec:86:39:e3:90:fe:85:75:06:6f:3e:bd:3d:f6:63:
4a:61:6b:b0:21:54:1a:5b:af:08:48:bf:ab:cb:cd:9b:20:44:
24:9a:c1:fb:96:29:aa:ad:20:1e:2a:dd:ef:56:26:d5:f6:93:
64:27:91:8f:27:cc:3e:5d:2f:31:2c:79:1c:cb:78:41:0e:66:
65:64:34:fa:fc:48:07:a2:1c:e2:04:44:bb:42:24:ba:7d:15:
f3:83:52:8a:d0:3a:a8:e5:08:dc:63:95:cc:9c:d2:2c:e4:b2:
e2:0d:80:b1:df:8d:88:99:3a:1b:21:cb:63:47:6c:78:d3:7e:
ec:45:3d:4d:a3:36:20:3f:b9:f2:8d:51:27:59:f3:b5:f1:c3:
1c:29:aa:11:a9:20:6c:b5:54:cb:12:55:bb:c1:d8:71:f3:7c:
cb:dd:a9:80:ba:3a:c0:a8:81:8a:74:83:64:1d:3f:93:33:02:
ab:6d:78:2a
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIUPcXqezIJq3umh7WPV1FNfeOEwREwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzExMDkxMjU5NDNaFw0yNDExMDcxMzA0NDNaMDMxMTAvBgNV
BAMTKEZDM0ExODc2OUREMUNDRURBRkI3QzM3Njk4RkRERTk3QjkxMUQzMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3++/sCfRB6UHSxX8aG2USqQTy
7sEZhx/Ba2O64RTKLYcXPAGMg7co+/0vEPe8cIUE3CxH/OSLUojwbfEPiXetrIgl
sgO7KPN4NkjdieivyXlOIN9L86+mlhYmMBVdR4C/Zn2hZauUw0M7nRlVTHJ1PSQ1
csB4oCmUN/yuvMi1rhv2vBucXOAbLBFkAM/4fIo5s5QE7a+/4qkvHHOsR24+vYO9
u8dT29hpWiod03nEHh30+yC46YcEArZS5V/bNdsRJrp5I5NlZtBJIw9tQCxXcxEG
tsWbWp4PxIp0CQfVypVcI/qZtklAs1R7DoaBaDgnGk9g3pKTqQBCAngz4aznAgMB
AAGjggIFMIICATAdBgNVHQ4EFgQU/DoYdp3RzO2vt8N2mP3el7kR0wYwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALXWgDANBgkq
hkiG9w0BAQsFAAOCAQEAcmOh5DcM6miyxkfXw+Lj8tABpQF8C483rfnlr7dbCzRJ
XK0BSaJhc56z0CtN5A56qpw7LHpa3wzLl/O6nXzhr3prX2StX8oZ2/0D7IY545D+
hXUGbz69PfZjSmFrsCFUGluvCEi/q8vNmyBEJJrB+5Ypqq0gHird71Ym1faTZCeR
jyfMPl0vMSx5HMt4QQ5mZWQ0+vxIB6Ic4gREu0Ikun0V84NSitA6qOUI3GOVzJzS
LOSy4g2Asd+NiJk6GyHLY0dseNN+7EU9TaM2ID+58o1RJ1nztfHDHCmqEakgbLVU
yxJVu8HYcfN8y92pgLo6wKiBinSDZB0/kzMCq214Kg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:19:59 2025 by rpki-client