Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS1129.roa
File: AS1129.roa (raw, json)
Hash identifier: fIDFQMLt8BdQsGD3padO+Bmyzp+K6tICDbYoDiavyEU=
Subject key identifier: 08:E9:FB:24:52:68:05:A7:81:1A:B1:D6:48:BD:14:FB:6F:6D:A3:B7
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6194D195F17B49FFD4B74EB846A0C60F00CD7747
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS1129.roa
Signing time: Tue 06 Jun 2023 12:14:15 +0000
ROA not before: Tue 06 Jun 2023 12:09:15 +0000
ROA not after: Tue 04 Jun 2024 12:14:15 +0000
asID: 1129
IP address blocks: 191.96.228.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:94:d1:95:f1:7b:49:ff:d4:b7:4e:b8:46:a0:c6:0f:00:cd:77:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 6 12:09:15 2023 GMT
Not After : Jun 4 12:14:15 2024 GMT
Subject: CN=08E9FB24526805A7811AB1D648BD14FB6F6DA3B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c2:8d:07:ac:69:52:9e:ee:f4:4d:54:9b:89:
29:3c:e9:31:92:f2:d8:62:12:5a:4b:39:8a:69:6a:
63:8a:e0:79:b6:ce:14:8b:85:e6:e6:97:e9:3d:4b:
f4:c1:c0:0a:48:53:9d:41:d4:6f:8e:62:aa:b4:e6:
cd:6b:cf:35:a0:0d:4b:b9:28:9b:8a:a3:e1:7c:6e:
ab:fc:c9:02:a9:d1:29:34:76:ab:92:f3:03:04:b9:
fc:76:3f:6b:26:96:7e:b1:f0:18:3c:b6:03:b3:37:
66:8a:34:1a:ca:9b:7b:dd:29:44:78:92:bf:26:ac:
3f:d2:6b:37:b3:76:66:c1:0c:c6:68:13:ed:b3:f9:
46:23:a0:5d:61:b0:54:9d:2c:9b:6b:ab:19:53:be:
78:31:3e:03:42:31:2f:27:ca:53:c0:a8:8d:bb:f2:
f3:98:6a:df:f9:55:de:01:d0:5d:4c:72:3b:3e:17:
dd:df:dd:e9:f9:5d:00:92:82:91:f2:0a:5d:a5:7a:
19:dc:e5:fb:4c:5f:c4:e2:d3:0e:57:ff:17:62:24:
2f:f8:fc:7a:75:08:76:32:66:20:2d:56:61:a7:a1:
d5:82:7c:6f:64:16:2f:c9:b7:42:0d:b7:62:cc:a8:
24:8b:cc:d4:7b:9e:bd:1c:37:3a:af:e1:7e:a9:b6:
39:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:E9:FB:24:52:68:05:A7:81:1A:B1:D6:48:BD:14:FB:6F:6D:A3:B7
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS1129.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.228.0/23
Signature Algorithm: sha256WithRSAEncryption
82:da:f4:c9:27:b2:0c:f3:bc:71:b5:be:f3:81:8b:db:dc:cd:
fb:22:86:76:3f:ad:ac:2c:8d:6f:2b:68:3f:92:f6:81:67:85:
b2:50:40:19:ec:e7:2d:c7:a0:e2:ca:47:1d:79:c8:95:e1:12:
cc:9c:0f:be:b5:24:43:2b:54:70:04:9c:12:d3:3d:42:60:f7:
9d:84:86:89:8c:d7:f0:5e:93:33:a7:96:07:1d:5e:cf:1d:da:
31:e0:dc:28:08:2c:23:94:30:7a:15:a4:da:2d:97:0d:fc:4a:
c9:d3:bb:7b:3a:8e:b7:9c:63:86:2d:38:d3:93:d0:cb:bd:eb:
57:99:7f:4b:2f:93:fb:01:51:08:49:17:48:f7:1e:a6:ae:73:
0e:a3:38:34:c9:2e:2c:d1:05:c7:13:df:c9:79:62:33:f1:83:
6e:9b:cc:8d:75:03:54:6f:0f:a8:68:3f:fc:47:6e:b5:86:1f:
af:3a:80:93:b3:43:7c:27:ce:91:ef:2e:5f:e7:30:dc:98:97:
04:2a:d8:c8:02:94:a8:88:15:3d:eb:bb:71:7c:52:e6:aa:8d:
c7:31:2f:e5:bb:31:03:82:4a:51:f4:96:81:fe:cf:2b:00:d7:
56:c1:57:42:12:cd:fd:16:d5:5e:fe:65:35:c7:d6:7b:fb:fc:
2f:45:40:8f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUYZTRlfF7Sf/Ut064RqDGDwDNd0cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA2MDYxMjA5MTVaFw0yNDA2MDQxMjE0MTVaMDMxMTAvBgNV
BAMTKDA4RTlGQjI0NTI2ODA1QTc4MTFBQjFENjQ4QkQxNEZCNkY2REEzQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0wo0HrGlSnu70TVSbiSk86TGS
8thiElpLOYppamOK4Hm2zhSLhebml+k9S/TBwApIU51B1G+OYqq05s1rzzWgDUu5
KJuKo+F8bqv8yQKp0Sk0dquS8wMEufx2P2smln6x8Bg8tgOzN2aKNBrKm3vdKUR4
kr8mrD/SazezdmbBDMZoE+2z+UYjoF1hsFSdLJtrqxlTvngxPgNCMS8nylPAqI27
8vOYat/5Vd4B0F1Mcjs+F93f3en5XQCSgpHyCl2lehnc5ftMX8Ti0w5X/xdiJC/4
/Hp1CHYyZiAtVmGnodWCfG9kFi/Jt0INt2LMqCSLzNR7nr0cNzqv4X6ptjlZAgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUCOn7JFJoBaeBGrHWSL0U+29to7cwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTEyOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAb9g5DAN
BgkqhkiG9w0BAQsFAAOCAQEAgtr0ySeyDPO8cbW+84GL29zN+yKGdj+trCyNbyto
P5L2gWeFslBAGeznLceg4spHHXnIleESzJwPvrUkQytUcAScEtM9QmD3nYSGiYzX
8F6TM6eWBx1ezx3aMeDcKAgsI5QwehWk2i2XDfxKydO7ezqOt5xjhi0405PQy73r
V5l/Sy+T+wFRCEkXSPcepq5zDqM4NMkuLNEFxxPfyXliM/GDbpvMjXUDVG8PqGg/
/EdutYYfrzqAk7NDfCfOke8uX+cw3JiXBCrYyAKUqIgVPeu7cXxS5qqNxzEv5bsx
A4JKUfSWgf7PKwDXVsFXQhLN/RbVXv5lNcfWe/v8L0VAjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:01 2024 by rpki-client on console-ams.rpki-client.org