Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS216159.roa
File: AS216159.roa (raw, json)
Hash identifier: Qg3+6Xx3IfzrM3lF47KY8r/sGydD4OJCr2lO+Ls8fKo=
Subject key identifier: 27:AB:67:22:28:E8:79:0A:21:BC:A7:6B:89:1E:1D:B1:C9:26:79:2E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 38E384F6D4865B734BA870E28456A8BD1894013B
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS216159.roa
Signing time: Mon 16 Oct 2023 10:27:17 +0000
ROA not before: Mon 16 Oct 2023 10:22:17 +0000
ROA not after: Mon 14 Oct 2024 10:27:17 +0000
asID: 216159
IP address blocks: 2.57.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:e3:84:f6:d4:86:5b:73:4b:a8:70:e2:84:56:a8:bd:18:94:01:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 16 10:22:17 2023 GMT
Not After : Oct 14 10:27:17 2024 GMT
Subject: CN=27AB672228E8790A21BCA76B891E1DB1C926792E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b8:3f:94:0b:d8:0e:ff:65:36:4f:06:82:9d:
ff:c4:60:e1:bd:51:15:61:d9:99:fc:0d:c2:88:5d:
0e:a1:f9:5f:bf:4f:a3:3b:b5:fe:d6:ce:c3:88:06:
c2:87:39:80:02:c5:cf:d3:00:27:e6:aa:a5:47:09:
03:b3:b4:99:ea:00:04:78:fe:e5:6d:9b:9a:82:e1:
8c:47:45:8f:ae:a5:c3:ad:9e:6f:db:2e:be:3d:26:
78:6b:c6:9f:ee:70:dd:c3:f7:e0:7b:49:c4:f5:a7:
f5:31:37:f3:86:9d:ce:42:6b:59:a5:f1:49:2a:1a:
bd:29:cd:59:19:f8:4a:0d:cd:a6:21:ba:8d:f1:db:
1d:2d:14:3f:26:6f:79:9b:aa:a1:86:ef:f2:06:19:
b0:99:43:fe:b5:d1:03:d3:5a:2e:1c:20:47:76:c9:
72:88:56:a7:b6:cd:c8:06:92:f0:4d:80:5d:eb:7e:
83:c8:69:85:64:fa:6f:f6:0e:b0:10:94:c5:d3:24:
6f:20:c0:bf:e1:34:9a:b5:d8:18:c1:ed:66:d3:50:
2d:1e:61:ec:e5:2e:b6:b9:18:f9:5a:86:4d:9f:60:
98:d9:d8:89:61:dc:89:59:cf:0e:11:39:dd:bb:41:
17:8d:0d:5a:79:9c:d2:fd:90:74:3b:b3:5a:d5:90:
df:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:AB:67:22:28:E8:79:0A:21:BC:A7:6B:89:1E:1D:B1:C9:26:79:2E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS216159.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.18.0/24
Signature Algorithm: sha256WithRSAEncryption
11:9f:84:df:42:39:56:d1:7e:b6:17:23:6a:85:00:0b:5c:35:
a6:a0:c2:ab:40:10:ff:e5:43:d1:00:5f:44:42:ee:60:cd:7f:
86:a4:45:5e:6e:54:7b:96:b1:6f:26:4e:7f:fc:09:86:ea:92:
15:4e:c8:a8:b3:fc:df:20:ce:f2:2d:38:b0:cd:e8:2d:a5:73:
54:b2:59:7c:5b:fc:f9:14:d1:39:f3:17:29:3f:06:d5:1f:0a:
a8:d4:3d:dd:27:d3:cd:56:68:d0:b8:c2:48:70:ac:f8:33:33:
61:b7:6f:8a:a6:46:39:01:04:17:d9:69:91:78:0b:92:5e:8e:
1e:e9:ea:c7:d0:9b:fa:f1:ab:79:c5:19:c0:d6:f2:53:8a:a9:
be:a1:d5:84:f2:78:bd:80:fd:2f:42:4c:c7:aa:38:ff:48:2e:
88:af:a9:a8:d9:40:1b:1f:4d:9b:d7:89:a0:db:c8:74:5c:f4:
d5:23:54:42:d3:09:6f:fe:e1:29:47:08:95:33:fe:2e:86:08:
69:5c:3c:01:53:6c:69:d2:99:c4:9e:4e:d3:d0:78:ee:b0:70:
c0:08:1a:1a:fb:b8:92:17:2d:ac:49:ea:45:b0:cb:0c:41:b2:
8b:d6:3a:11:d2:d8:58:92:2c:3d:7c:b2:89:6f:f1:df:d9:de:
77:0e:c1:2c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUOOOE9tSGW3NLqHDihFaovRiUATswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzEwMTYxMDIyMTdaFw0yNDEwMTQxMDI3MTdaMDMxMTAvBgNV
BAMTKDI3QUI2NzIyMjhFODc5MEEyMUJDQTc2Qjg5MUUxREIxQzkyNjc5MkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUuD+UC9gO/2U2TwaCnf/EYOG9
URVh2Zn8DcKIXQ6h+V+/T6M7tf7WzsOIBsKHOYACxc/TACfmqqVHCQOztJnqAAR4
/uVtm5qC4YxHRY+upcOtnm/bLr49Jnhrxp/ucN3D9+B7ScT1p/UxN/OGnc5Ca1ml
8UkqGr0pzVkZ+EoNzaYhuo3x2x0tFD8mb3mbqqGG7/IGGbCZQ/610QPTWi4cIEd2
yXKIVqe2zcgGkvBNgF3rfoPIaYVk+m/2DrAQlMXTJG8gwL/hNJq12BjB7WbTUC0e
YezlLra5GPlahk2fYJjZ2Ilh3IlZzw4ROd27QReNDVp5nNL9kHQ7s1rVkN93AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUJ6tnIijoeQohvKdriR4dsckmeS4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE2MTU5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjkS
MA0GCSqGSIb3DQEBCwUAA4IBAQARn4TfQjlW0X62FyNqhQALXDWmoMKrQBD/5UPR
AF9EQu5gzX+GpEVeblR7lrFvJk5//AmG6pIVTsios/zfIM7yLTiwzegtpXNUsll8
W/z5FNE58xcpPwbVHwqo1D3dJ9PNVmjQuMJIcKz4MzNht2+KpkY5AQQX2WmReAuS
Xo4e6erH0Jv68at5xRnA1vJTiqm+odWE8ni9gP0vQkzHqjj/SC6Ir6mo2UAbH02b
14mg28h0XPTVI1RC0wlv/uEpRwiVM/4uhghpXDwBU2xp0pnEnk7T0HjusHDACBoa
+7iSFy2sSepFsMsMQbKL1joR0thYkiw9fLKJb/Hf2d53DsEs
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:19:41 2025 by rpki-client