Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS203726.roa
File: AS203726.roa (raw, json)
Hash identifier: ycSqZDmijIPSgZxAoTBNFdc0DCTO+He/cSDv0WMQAQk=
Subject key identifier: 26:7B:F1:2E:2E:63:67:C8:33:01:EB:75:CC:28:45:8C:D4:C9:CA:DF
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 26310C5C453FCB8A9DAF4F39EDC99EA92439E929
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS203726.roa
Signing time: Wed 01 Mar 2023 07:08:19 +0000
ROA not before: Wed 01 Mar 2023 07:03:19 +0000
ROA not after: Wed 28 Feb 2024 07:08:19 +0000
asID: 203726
IP address blocks: 45.89.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:31:0c:5c:45:3f:cb:8a:9d:af:4f:39:ed:c9:9e:a9:24:39:e9:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 1 07:03:19 2023 GMT
Not After : Feb 28 07:08:19 2024 GMT
Subject: CN=267BF12E2E6367C83301EB75CC28458CD4C9CADF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:14:86:d0:cb:c9:6a:61:ba:f6:50:be:e8:1e:
41:5e:a6:b3:51:e4:b6:5b:e4:64:0f:54:2a:3c:d1:
e9:1f:e7:82:a5:e8:52:f7:7b:6b:5e:53:d6:85:79:
2e:68:ed:8e:4d:7a:29:37:65:49:3b:89:03:06:83:
10:9a:c9:97:03:cf:df:f4:40:2d:17:1a:07:e9:f6:
bf:a7:29:ce:78:26:4f:96:9f:b1:0f:bc:c5:27:9b:
32:d3:37:aa:1f:e3:94:98:1d:94:2a:ba:5d:f7:d1:
3e:94:73:68:46:16:f0:bd:0f:1f:9d:17:33:cd:5b:
f0:08:b6:5e:83:01:dd:2b:b7:69:1d:f2:36:5c:9a:
24:8b:04:82:e9:9c:ad:c6:0b:90:75:6a:55:5c:d2:
31:4b:2b:41:f9:6e:eb:30:7a:a8:76:10:cb:db:40:
aa:b4:dd:a7:de:84:4d:c2:9d:e2:07:61:92:83:ae:
17:0d:87:18:58:c7:3b:0b:72:b0:9a:59:6b:82:2d:
09:43:39:b0:b6:4b:d7:1e:cb:b2:ca:ae:81:ff:b2:
c2:91:58:66:b5:3f:15:19:6e:25:d8:fe:19:c9:9c:
f9:6b:40:90:4f:6a:90:33:3f:c6:ca:e0:4d:4a:79:
fa:c3:0d:bd:5e:82:81:23:92:e1:06:4b:e0:3e:c4:
be:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:7B:F1:2E:2E:63:67:C8:33:01:EB:75:CC:28:45:8C:D4:C9:CA:DF
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS203726.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.249.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:93:04:66:6b:fe:1b:8e:0b:ac:25:d7:93:46:0b:d2:75:69:
2e:38:0c:68:47:40:34:9f:cb:67:0c:ca:0a:98:98:4a:4d:18:
31:7b:e9:a8:f6:a7:c7:50:fa:49:d0:21:87:1e:42:de:fc:49:
88:bd:bb:1d:a1:30:2a:b1:49:1d:81:bd:60:7a:39:9d:c7:df:
51:f3:72:11:ae:11:ad:04:54:44:aa:dc:d7:55:85:4e:af:54:
36:5d:d2:63:d4:20:f4:88:56:e9:46:c8:91:f5:a9:2d:1a:cd:
7a:02:e2:a6:5e:be:51:6a:bb:6b:bb:1d:41:cd:4b:e9:d7:c5:
6d:bf:aa:32:41:6d:a0:3d:4c:e9:c8:c7:5c:57:eb:e3:be:10:
c4:88:fa:1f:41:de:6b:ec:b5:2e:26:2e:62:92:01:30:54:86:
40:e8:48:a5:44:8d:a6:80:fb:42:44:cd:26:82:d5:ae:70:d0:
10:f9:69:1b:96:db:cc:07:49:90:79:20:a9:60:b2:3d:d7:ae:
f4:21:b1:3f:17:d9:b2:ca:1d:ba:3d:7c:0f:f0:ed:ce:53:ab:
5d:dd:88:d7:eb:7b:65:63:ea:0a:7d:6e:45:dd:8f:b8:4d:44:
e5:64:2f:b3:b0:78:83:ec:e1:f4:27:fe:b0:3a:01:a8:4c:21:
a5:89:6a:df
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUJjEMXEU/y4qdr0857cmeqSQ56SkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzAzMDEwNzAzMTlaFw0yNDAyMjgwNzA4MTlaMDMxMTAvBgNV
BAMTKDI2N0JGMTJFMkU2MzY3QzgzMzAxRUI3NUNDMjg0NThDRDRDOUNBREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeFIbQy8lqYbr2UL7oHkFeprNR
5LZb5GQPVCo80ekf54Kl6FL3e2teU9aFeS5o7Y5Neik3ZUk7iQMGgxCayZcDz9/0
QC0XGgfp9r+nKc54Jk+Wn7EPvMUnmzLTN6of45SYHZQqul330T6Uc2hGFvC9Dx+d
FzPNW/AItl6DAd0rt2kd8jZcmiSLBILpnK3GC5B1alVc0jFLK0H5busweqh2EMvb
QKq03afehE3CneIHYZKDrhcNhxhYxzsLcrCaWWuCLQlDObC2S9cey7LKroH/ssKR
WGa1PxUZbiXY/hnJnPlrQJBPapAzP8bK4E1KefrDDb1egoEjkuEGS+A+xL6rAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUJnvxLi5jZ8gzAet1zChFjNTJyt8wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjAzNzI2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVn5
MA0GCSqGSIb3DQEBCwUAA4IBAQBakwRma/4bjgusJdeTRgvSdWkuOAxoR0A0n8tn
DMoKmJhKTRgxe+mo9qfHUPpJ0CGHHkLe/EmIvbsdoTAqsUkdgb1gejmdx99R83IR
rhGtBFREqtzXVYVOr1Q2XdJj1CD0iFbpRsiR9aktGs16AuKmXr5Rartrux1BzUvp
18Vtv6oyQW2gPUzpyMdcV+vjvhDEiPofQd5r7LUuJi5ikgEwVIZA6EilRI2mgPtC
RM0mgtWucNAQ+WkbltvMB0mQeSCpYLI91670IbE/F9myyh26PXwP8O3OU6td3YjX
63tlY+oKfW5F3Y+4TUTlZC+zsHiD7OH0J/6wOgGoTCGliWrf
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:21:43 2025 by rpki-client