Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS207152.roa
File: AS207152.roa (raw, json)
Hash identifier: Ksxr3/P55ciX1QTGuquTgGIPdjR/NFjgY421wFfIMwk=
Subject key identifier: 43:AA:AA:92:2C:05:FC:18:C9:A3:82:B1:05:24:ED:F5:EE:B4:05:2F
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 1A0B22F3E6483492A15791CB0D4E5B50C9E4C519
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS207152.roa
Signing time: Wed 01 Mar 2023 07:08:12 +0000
ROA not before: Wed 01 Mar 2023 07:03:12 +0000
ROA not after: Wed 28 Feb 2024 07:08:12 +0000
asID: 207152
IP address blocks: 2a0a:9e00:f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:0b:22:f3:e6:48:34:92:a1:57:91:cb:0d:4e:5b:50:c9:e4:c5:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 1 07:03:12 2023 GMT
Not After : Feb 28 07:08:12 2024 GMT
Subject: CN=43AAAA922C05FC18C9A382B10524EDF5EEB4052F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:46:43:2c:f0:0c:9e:1b:c4:32:d9:db:42:ab:
cf:d6:fb:3c:b7:b7:0c:0b:c8:11:51:b0:fb:90:c1:
f2:6d:81:54:28:64:1e:3d:cb:e5:6a:97:28:e5:83:
10:db:a0:44:ee:f5:78:b4:c3:0c:7b:35:4b:e8:4b:
2e:df:3e:0e:a3:d3:d7:ab:99:d2:93:29:3c:b1:00:
fd:9d:70:ae:e9:c3:da:8a:9d:c2:3d:86:8f:bd:df:
24:2a:a6:6d:c5:73:29:7a:62:86:54:cd:cc:07:69:
a5:ee:bf:a2:8b:51:db:4f:81:5a:bc:39:0e:2c:9a:
c1:f6:0f:13:f2:09:be:b3:61:28:78:91:bf:ec:9f:
03:2e:0e:e6:30:d1:fb:66:69:22:ed:85:61:96:16:
17:5e:5c:8b:49:52:16:3b:dd:40:92:ad:0a:be:18:
06:67:40:96:b2:44:23:82:9c:79:a7:e5:a0:fe:86:
e6:16:fc:44:68:b4:05:20:e0:0c:eb:c9:bd:c8:75:
3a:c8:c1:d4:94:ee:a9:38:51:15:b5:9e:f5:08:bb:
f4:50:dd:80:7b:16:a5:72:92:42:aa:5d:0c:88:97:
b4:1e:15:15:f9:4e:5b:67:c9:b8:9c:d0:ec:23:87:
d9:b0:1a:9a:07:e7:32:dc:5b:0e:87:ab:60:09:8c:
1a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:AA:AA:92:2C:05:FC:18:C9:A3:82:B1:05:24:ED:F5:EE:B4:05:2F
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS207152.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:9e00:f::/48
Signature Algorithm: sha256WithRSAEncryption
27:30:d7:ef:3f:f7:87:d8:13:45:e2:a7:a3:a3:66:9a:93:61:
20:5e:de:0d:57:21:af:e6:06:2c:2d:00:54:f4:25:88:ea:97:
82:b9:95:63:a5:72:ba:83:eb:93:d5:42:24:5d:e9:59:cb:47:
7c:9d:65:2b:53:82:0b:a9:13:8d:5c:d3:db:8f:55:5e:36:91:
77:05:dd:3c:ab:0a:02:78:ee:09:e6:3e:6d:b5:25:a0:c3:2d:
24:f5:a5:bc:40:3e:67:d8:d0:89:0c:cf:ca:29:56:f7:97:29:
e2:90:e2:5e:48:ff:80:ca:15:d6:d0:ca:73:d0:43:c6:a5:4c:
b5:6f:33:cd:52:d9:08:61:b0:07:11:65:b3:6f:13:67:3a:cc:
30:1b:02:be:28:33:a1:1b:17:b8:33:0c:e2:e9:03:05:ec:66:
b4:00:ee:dc:47:84:6e:3b:5b:af:d3:71:c9:2c:28:fe:f3:32:
e2:d1:d4:95:67:7b:91:72:55:6c:92:3d:6f:16:51:5a:85:10:
5c:b0:3f:98:b3:2c:96:63:cd:54:a3:b9:a4:32:31:7a:12:e8:
62:77:56:47:c9:6c:74:ee:f9:3f:88:22:e9:b1:99:3a:9c:a8:
cd:fb:6f:a9:3a:84:11:f3:eb:bc:65:4e:e4:f7:c8:e3:4c:3b:
44:2b:11:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUGgsi8+ZINJKhV5HLDU5bUMnkxRkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzAzMDEwNzAzMTJaFw0yNDAyMjgwNzA4MTJaMDMxMTAvBgNV
BAMTKDQzQUFBQTkyMkMwNUZDMThDOUEzODJCMTA1MjRFREY1RUVCNDA1MkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyRkMs8AyeG8Qy2dtCq8/W+zy3
twwLyBFRsPuQwfJtgVQoZB49y+VqlyjlgxDboETu9Xi0wwx7NUvoSy7fPg6j09er
mdKTKTyxAP2dcK7pw9qKncI9ho+93yQqpm3Fcyl6YoZUzcwHaaXuv6KLUdtPgVq8
OQ4smsH2DxPyCb6zYSh4kb/snwMuDuYw0ftmaSLthWGWFhdeXItJUhY73UCSrQq+
GAZnQJayRCOCnHmn5aD+huYW/ERotAUg4Azryb3IdTrIwdSU7qk4URW1nvUIu/RQ
3YB7FqVykkKqXQyIl7QeFRX5Tltnybic0Owjh9mwGpoH5zLcWw6Hq2AJjBozAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUQ6qqkiwF/BjJo4KxBSTt9e60BS8wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA3MTUyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgqe
AAAPMA0GCSqGSIb3DQEBCwUAA4IBAQAnMNfvP/eH2BNF4qejo2aak2EgXt4NVyGv
5gYsLQBU9CWI6peCuZVjpXK6g+uT1UIkXelZy0d8nWUrU4ILqRONXNPbj1VeNpF3
Bd08qwoCeO4J5j5ttSWgwy0k9aW8QD5n2NCJDM/KKVb3lynikOJeSP+AyhXW0Mpz
0EPGpUy1bzPNUtkIYbAHEWWzbxNnOswwGwK+KDOhGxe4Mwzi6QMF7Ga0AO7cR4Ru
O1uv03HJLCj+8zLi0dSVZ3uRclVskj1vFlFahRBcsD+YsyyWY81Uo7mkMjF6Euhi
d1ZHyWx07vk/iCLpsZk6nKjN+2+pOoQR8+u8ZU7k98jjTDtEKxGC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:14 2024 by rpki-client on console-fra.rpki-client.org