Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210636.roa
File: AS210636.roa (raw, json)
Hash identifier: YXgeGaK2PzjyCjHXagiRlBnXAHU271g4Iau+kAZj2OE=
Subject key identifier: 3B:CC:64:4D:0D:7E:8D:81:82:55:67:4A:55:4B:B7:5D:0D:7D:AE:5D
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2936DC68092002AC9B2BE3CF46739C2BA04CFC1A
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210636.roa
Signing time: Wed 01 Mar 2023 07:08:15 +0000
ROA not before: Wed 01 Mar 2023 07:03:15 +0000
ROA not after: Wed 28 Feb 2024 07:08:15 +0000
asID: 210636
IP address blocks: 191.96.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:36:dc:68:09:20:02:ac:9b:2b:e3:cf:46:73:9c:2b:a0:4c:fc:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 1 07:03:15 2023 GMT
Not After : Feb 28 07:08:15 2024 GMT
Subject: CN=3BCC644D0D7E8D818255674A554BB75D0D7DAE5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:75:e6:98:cb:de:82:cc:31:d2:1b:73:f5:bd:
1d:45:85:96:91:ef:33:b3:96:89:67:92:e1:5e:a3:
af:b3:cd:34:71:03:ce:8d:c7:1b:a5:eb:4d:6d:1c:
c2:8c:f3:e5:e8:a3:ba:e6:9d:90:32:b0:72:a0:8e:
b1:ae:e6:d8:35:b9:6b:ff:d8:4d:a0:8a:03:09:d4:
81:9c:4c:54:b8:9f:e4:4e:b5:02:be:26:b4:48:0f:
7b:d1:52:25:0f:72:eb:b2:3b:f4:00:30:50:c8:b1:
3c:f1:01:80:59:67:ac:71:c8:64:2d:08:78:67:06:
32:ff:c5:cf:68:cf:54:58:b2:27:43:3c:87:7c:26:
dd:5f:95:c4:1a:10:08:84:1b:09:a6:c6:a0:d4:da:
6e:d6:c1:ed:54:2a:02:85:59:5e:02:97:30:44:e9:
e8:f7:9a:03:17:b5:81:c7:e4:7a:83:5f:a9:a0:ee:
be:3c:06:79:e5:7f:42:fc:15:24:7b:38:89:39:c1:
21:d5:c4:f9:48:c1:07:d5:9f:84:fe:ad:2d:89:32:
dc:9f:ad:78:65:d7:06:e9:30:63:c7:6a:3d:98:44:
b3:4f:a1:31:19:38:b2:4c:2c:e3:6d:35:10:7b:c0:
e3:fc:5b:55:39:2a:3f:f0:81:b0:27:85:8d:3b:27:
63:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CC:64:4D:0D:7E:8D:81:82:55:67:4A:55:4B:B7:5D:0D:7D:AE:5D
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.202.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:d3:3b:43:28:2f:4a:20:db:d8:5c:6d:4a:0f:f4:35:2f:c8:
58:7b:e3:10:00:b4:09:f2:8f:19:16:3f:c6:9a:77:31:a4:4a:
49:5c:6c:14:aa:7b:cd:4d:0d:78:0d:5b:f0:d1:9e:4c:9a:80:
5a:6d:12:d3:d8:fd:7a:55:72:7c:54:cf:26:49:99:40:78:9f:
d7:dc:c9:bf:71:9b:19:ec:6e:fd:da:4f:5f:0a:62:71:fc:26:
dc:f1:e9:05:8f:a6:28:d1:97:69:42:17:62:6b:1b:06:27:f4:
1b:2a:9d:31:77:32:26:f3:1d:a3:54:65:9b:0a:9e:c2:bd:e7:
d8:a0:2a:68:01:5b:f7:05:cd:05:84:eb:a7:56:84:7b:cb:fe:
63:ed:d4:a1:d9:33:c3:b0:bb:69:62:b6:ae:f6:a2:9c:c7:7e:
a4:1a:79:ed:3a:06:0a:bf:5d:58:02:9b:3e:0a:9c:3a:b0:96:
82:8f:92:fa:db:c8:03:48:fa:00:43:08:c9:df:8a:29:28:bf:
24:d2:9f:39:e8:0c:9f:b7:62:1d:43:7a:96:1f:76:c2:19:3a:
85:48:43:76:51:1e:16:96:4f:b8:93:c1:6c:df:f6:85:66:bc:
dc:b1:f7:e7:b5:59:c0:af:c3:7f:8d:98:49:70:50:dd:a4:fc:
78:c1:f0:51
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUKTbcaAkgAqybK+PPRnOcK6BM/BowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzAzMDEwNzAzMTVaFw0yNDAyMjgwNzA4MTVaMDMxMTAvBgNV
BAMTKDNCQ0M2NDREMEQ3RThEODE4MjU1Njc0QTU1NEJCNzVEMEQ3REFFNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzdeaYy96CzDHSG3P1vR1FhZaR
7zOzlolnkuFeo6+zzTRxA86Nxxul601tHMKM8+Xoo7rmnZAysHKgjrGu5tg1uWv/
2E2gigMJ1IGcTFS4n+ROtQK+JrRID3vRUiUPcuuyO/QAMFDIsTzxAYBZZ6xxyGQt
CHhnBjL/xc9oz1RYsidDPId8Jt1flcQaEAiEGwmmxqDU2m7Wwe1UKgKFWV4ClzBE
6ej3mgMXtYHH5HqDX6mg7r48Bnnlf0L8FSR7OIk5wSHVxPlIwQfVn4T+rS2JMtyf
rXhl1wbpMGPHaj2YRLNPoTEZOLJMLONtNRB7wOP8W1U5Kj/wgbAnhY07J2M5AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUO8xkTQ1+jYGCVWdKVUu3XQ19rl0wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEwNjM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2DK
MA0GCSqGSIb3DQEBCwUAA4IBAQB/0ztDKC9KINvYXG1KD/Q1L8hYe+MQALQJ8o8Z
Fj/GmncxpEpJXGwUqnvNTQ14DVvw0Z5MmoBabRLT2P16VXJ8VM8mSZlAeJ/X3Mm/
cZsZ7G792k9fCmJx/Cbc8ekFj6Yo0ZdpQhdiaxsGJ/QbKp0xdzIm8x2jVGWbCp7C
vefYoCpoAVv3Bc0FhOunVoR7y/5j7dSh2TPDsLtpYrau9qKcx36kGnntOgYKv11Y
Aps+Cpw6sJaCj5L628gDSPoAQwjJ34opKL8k0p856Ayft2IdQ3qWH3bCGTqFSEN2
UR4Wlk+4k8Fs3/aFZrzcsffntVnAr8N/jZhJcFDdpPx4wfBR
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:53 2025 by rpki-client