Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210107.roa
File: AS210107.roa (raw, json)
Hash identifier: +3g6in2Ga1/yKUBdoVOwsnHZ4CmBoA1QalCBu9Fj3T4=
Subject key identifier: 42:00:ED:43:FE:53:AC:0F:0E:BD:97:F9:33:2E:5D:51:C3:31:1D:F1
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7218BA2F91EDB5747F7717628593FEF5ABF5923C
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210107.roa
Signing time: Fri 10 Nov 2023 12:26:49 +0000
ROA not before: Fri 10 Nov 2023 12:21:49 +0000
ROA not after: Fri 08 Nov 2024 12:26:49 +0000
asID: 210107
IP address blocks: 191.96.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:18:ba:2f:91:ed:b5:74:7f:77:17:62:85:93:fe:f5:ab:f5:92:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 10 12:21:49 2023 GMT
Not After : Nov 8 12:26:49 2024 GMT
Subject: CN=4200ED43FE53AC0F0EBD97F9332E5D51C3311DF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:30:53:d5:81:4d:b5:8e:52:78:47:94:07:cc:
6e:75:64:95:27:9d:11:3b:dc:99:47:a0:6b:35:e2:
cf:8b:05:6a:6b:75:62:77:3e:4e:56:d5:66:ba:bb:
3f:87:dc:5c:04:59:2a:f5:80:0d:e6:c1:e5:4f:4a:
c6:4e:04:23:27:b5:5f:66:91:08:4c:52:03:f9:2a:
48:29:45:e7:c7:8b:65:8e:b7:3d:ef:60:5f:eb:29:
08:81:e0:9c:28:91:2a:e6:a5:a8:dd:10:41:2b:38:
da:5e:83:40:85:21:b6:d9:a8:21:fb:02:8a:e7:52:
74:34:1e:44:28:32:3b:b4:67:ee:35:53:f1:6c:18:
ea:9c:cd:73:1b:d6:59:50:36:f8:ed:ca:3d:1a:fc:
ef:3d:11:94:29:36:4c:15:4a:43:59:90:41:67:d8:
09:44:c5:ee:fc:8a:40:c3:44:47:c0:7c:3f:94:39:
90:4c:d5:71:a3:4e:f1:48:4a:cd:9d:45:7a:41:7c:
3d:e3:3e:76:45:cf:48:2c:80:1a:f9:20:7f:32:0f:
db:b0:de:83:47:16:9e:aa:67:9c:db:df:b6:da:07:
e6:a6:91:c4:a4:54:39:a8:20:53:3c:df:2f:de:c7:
08:16:1e:d7:37:4e:e5:7a:3d:6b:68:6e:60:ed:5d:
6d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:00:ED:43:FE:53:AC:0F:0E:BD:97:F9:33:2E:5D:51:C3:31:1D:F1
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210107.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.233.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:1a:a4:08:7f:02:10:3b:28:38:7d:f7:76:aa:f7:79:31:ca:
b3:7c:e7:93:40:07:4a:e2:7e:f3:f7:01:11:44:9a:9a:65:8f:
29:5a:19:db:ed:4c:4d:ea:bf:4e:4a:ad:3c:44:9b:49:5c:bc:
e9:87:7f:43:d4:9d:fb:b2:48:8c:1a:99:3d:2f:eb:87:3a:c0:
3b:41:c7:de:8b:d3:55:d8:a8:e1:d2:3d:c5:93:28:de:e3:b8:
f7:36:a8:c3:0c:dd:a5:aa:31:d3:8a:1a:1b:a8:38:3a:3f:d6:
a8:2d:e4:ad:a4:df:f7:6a:0d:5b:4f:91:2d:46:1d:93:76:ec:
2c:2f:42:d9:32:25:5c:59:90:69:65:f8:e4:11:d6:26:be:64:
f2:13:a7:5d:e3:10:ee:53:d3:f2:0f:9c:ff:91:e3:f5:77:0a:
bd:d2:53:b9:15:84:df:4c:af:ea:ad:fb:e3:3c:9f:d5:59:fc:
4c:8c:06:1c:dd:fe:b5:05:93:c2:43:7b:b9:01:67:ac:1e:cc:
68:4d:51:c6:19:23:d6:58:4d:88:01:b2:b1:10:7d:24:d9:7e:
1b:de:8a:b2:74:86:ba:ad:96:69:64:08:73:06:7f:11:0d:97:
8c:93:38:6d:26:0b:96:4c:96:99:03:1d:a0:4e:95:78:a5:32:
ca:cc:40:9b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUchi6L5HttXR/dxdihZP+9av1kjwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzExMTAxMjIxNDlaFw0yNDExMDgxMjI2NDlaMDMxMTAvBgNV
BAMTKDQyMDBFRDQzRkU1M0FDMEYwRUJEOTdGOTMzMkU1RDUxQzMzMTFERjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrMFPVgU21jlJ4R5QHzG51ZJUn
nRE73JlHoGs14s+LBWprdWJ3Pk5W1Wa6uz+H3FwEWSr1gA3mweVPSsZOBCMntV9m
kQhMUgP5KkgpRefHi2WOtz3vYF/rKQiB4JwokSrmpajdEEErONpeg0CFIbbZqCH7
AornUnQ0HkQoMju0Z+41U/FsGOqczXMb1llQNvjtyj0a/O89EZQpNkwVSkNZkEFn
2AlExe78ikDDREfAfD+UOZBM1XGjTvFISs2dRXpBfD3jPnZFz0gsgBr5IH8yD9uw
3oNHFp6qZ5zb37baB+amkcSkVDmoIFM83y/exwgWHtc3TuV6PWtobmDtXW13AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUQgDtQ/5TrA8OvZf5My5dUcMxHfEwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEwMTA3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2Dp
MA0GCSqGSIb3DQEBCwUAA4IBAQA7GqQIfwIQOyg4ffd2qvd5McqzfOeTQAdK4n7z
9wERRJqaZY8pWhnb7UxN6r9OSq08RJtJXLzph39D1J37skiMGpk9L+uHOsA7Qcfe
i9NV2Kjh0j3Fkyje47j3NqjDDN2lqjHTihobqDg6P9aoLeStpN/3ag1bT5EtRh2T
duwsL0LZMiVcWZBpZfjkEdYmvmTyE6dd4xDuU9PyD5z/keP1dwq90lO5FYTfTK/q
rfvjPJ/VWfxMjAYc3f61BZPCQ3u5AWesHsxoTVHGGSPWWE2IAbKxEH0k2X4b3oqy
dIa6rZZpZAhzBn8RDZeMkzhtJguWTJaZAx2gTpV4pTLKzECb
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:32:50 2025 by rpki-client