Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS207709.roa
File: AS207709.roa (raw, json)
Hash identifier: 517M/JOz8Y2d3NNnNGxrI3Xq0tJ5TLHOrBCxsFWtn1o=
Subject key identifier: D7:91:EC:EE:FC:69:29:1D:AE:77:59:DB:79:4C:06:B6:83:F6:85:F6
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7FFCF06F8FBEBE03205B02AE64BAA54C720FA148
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS207709.roa
Signing time: Sun 21 Jan 2024 16:48:02 +0000
ROA not before: Sun 21 Jan 2024 16:43:02 +0000
ROA not after: Sun 19 Jan 2025 16:48:02 +0000
asID: 207709
IP address blocks: 92.119.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:fc:f0:6f:8f:be:be:03:20:5b:02:ae:64:ba:a5:4c:72:0f:a1:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 21 16:43:02 2024 GMT
Not After : Jan 19 16:48:02 2025 GMT
Subject: CN=D791ECEEFC69291DAE7759DB794C06B683F685F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:68:85:4d:f1:61:16:99:2a:92:97:c1:9d:ac:
d3:cf:29:7c:91:a7:63:f0:59:5b:3f:70:b8:52:82:
f1:df:1a:42:4b:65:a3:c0:7a:d1:1e:da:69:a5:93:
60:e5:05:70:49:92:69:1e:83:28:bf:32:e5:16:77:
5b:f7:c6:05:67:b7:96:32:ad:d9:88:40:bd:47:77:
95:d2:de:23:4a:f4:e9:a7:be:58:7f:11:43:3d:c7:
33:5d:c1:55:47:23:f2:0b:de:e6:1b:54:65:0d:fe:
42:a9:8d:5b:89:a7:06:c2:6a:36:43:8f:8e:06:7a:
71:d8:82:ec:21:45:5a:e4:e5:c3:88:19:73:e5:87:
28:e9:f9:5a:2d:67:ea:d7:24:aa:10:96:b2:0f:3a:
e8:df:df:95:2a:36:f5:eb:46:b9:27:57:eb:67:da:
00:00:50:88:fa:61:7c:e9:3c:cf:50:b5:0c:b2:02:
f6:cb:33:8a:f8:7e:14:3b:f9:83:82:23:19:06:f2:
26:33:ee:44:f5:7c:06:3c:49:8d:cd:ba:4f:c3:bf:
40:49:17:07:64:4d:cc:28:c4:d9:f3:a7:f5:09:d1:
3a:72:5a:66:4b:7d:e4:e7:11:47:15:07:9c:cf:e6:
8b:be:b9:b1:df:dd:83:97:a9:0b:02:4b:26:42:15:
7c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:91:EC:EE:FC:69:29:1D:AE:77:59:DB:79:4C:06:B6:83:F6:85:F6
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS207709.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.32.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:c3:7f:ea:13:4d:92:c9:21:10:aa:9d:7f:64:0f:dc:3d:d2:
5c:66:7b:fb:f6:61:9d:10:bd:cd:c0:d3:2c:a0:1d:ab:76:cf:
3c:50:45:4a:5c:13:01:3c:55:57:60:08:91:fb:a6:64:e9:39:
a9:ee:47:e1:54:7b:f4:aa:08:06:fc:36:74:f9:9e:aa:98:66:
7d:f9:e8:21:b4:26:aa:dd:01:50:b9:7f:d5:62:87:c0:11:8b:
4a:f8:a4:dc:8d:1b:03:e8:7a:d9:c2:4a:d6:7b:a9:0b:ee:b7:
b3:64:14:1e:8a:1e:34:82:7c:03:9a:18:ae:f9:de:a1:e6:56:
74:af:8c:66:a0:5a:ca:04:3f:1a:7d:bc:bb:9b:98:6c:d8:95:
23:41:6b:b7:f3:96:28:b9:7e:7b:d8:30:1d:43:68:df:ab:1f:
62:d9:08:b8:d3:7a:47:8c:b0:86:00:27:fa:78:dd:17:26:03:
c6:c8:d7:08:51:6b:1f:bd:75:81:68:de:21:f9:25:e7:b5:72:
04:9c:ec:f8:d6:dd:32:1f:78:fd:ec:f5:b4:bf:7b:68:c7:21:
f2:ee:a5:c4:fb:b3:75:31:50:61:8b:14:cd:6b:8c:70:70:a1:
de:f6:e3:9c:fc:f5:ff:f1:65:49:31:b6:a2:2b:1f:58:54:3f:
30:a3:b4:81
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUf/zwb4++vgMgWwKuZLqlTHIPoUgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAxMjExNjQzMDJaFw0yNTAxMTkxNjQ4MDJaMDMxMTAvBgNV
BAMTKEQ3OTFFQ0VFRkM2OTI5MURBRTc3NTlEQjc5NEMwNkI2ODNGNjg1RjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9aIVN8WEWmSqSl8GdrNPPKXyR
p2PwWVs/cLhSgvHfGkJLZaPAetEe2mmlk2DlBXBJkmkegyi/MuUWd1v3xgVnt5Yy
rdmIQL1Hd5XS3iNK9Omnvlh/EUM9xzNdwVVHI/IL3uYbVGUN/kKpjVuJpwbCajZD
j44GenHYguwhRVrk5cOIGXPlhyjp+VotZ+rXJKoQlrIPOujf35UqNvXrRrknV+tn
2gAAUIj6YXzpPM9QtQyyAvbLM4r4fhQ7+YOCIxkG8iYz7kT1fAY8SY3Nuk/Dv0BJ
FwdkTcwoxNnzp/UJ0TpyWmZLfeTnEUcVB5zP5ou+ubHf3YOXqQsCSyZCFXxVAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU15Hs7vxpKR2ud1nbeUwGtoP2hfYwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA3NzA5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHcg
MA0GCSqGSIb3DQEBCwUAA4IBAQC3w3/qE02SySEQqp1/ZA/cPdJcZnv79mGdEL3N
wNMsoB2rds88UEVKXBMBPFVXYAiR+6Zk6Tmp7kfhVHv0qggG/DZ0+Z6qmGZ9+egh
tCaq3QFQuX/VYofAEYtK+KTcjRsD6HrZwkrWe6kL7rezZBQeih40gnwDmhiu+d6h
5lZ0r4xmoFrKBD8afby7m5hs2JUjQWu385YouX572DAdQ2jfqx9i2Qi403pHjLCG
ACf6eN0XJgPGyNcIUWsfvXWBaN4h+SXntXIEnOz41t0yH3j97PW0v3toxyHy7qXE
+7N1MVBhixTNa4xwcKHe9uOc/PX/8WVJMbaiKx9YVD8wo7SB
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:25 2025 by rpki-client