Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3280.roa
File: AS3280.roa (raw, json)
Hash identifier: ZkIcmC0GQYy/ispdsg9SYHzOavjCl059QsvlOmpdAlc=
Subject key identifier: 86:3E:7C:00:19:7C:69:D1:4D:EC:DB:8B:7F:9F:07:B6:A6:96:4B:42
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5527629B442080876B9EA6333EA351FAC7887086
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3280.roa
Signing time: Fri 10 Mar 2023 08:07:00 +0000
ROA not before: Fri 10 Mar 2023 08:02:00 +0000
ROA not after: Fri 08 Mar 2024 08:07:00 +0000
asID: 3280
IP address blocks: 181.214.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:27:62:9b:44:20:80:87:6b:9e:a6:33:3e:a3:51:fa:c7:88:70:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 10 08:02:00 2023 GMT
Not After : Mar 8 08:07:00 2024 GMT
Subject: CN=863E7C00197C69D14DECDB8B7F9F07B6A6964B42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:da:86:41:39:99:a3:42:b6:c6:6d:5d:61:97:
df:27:4c:9c:55:29:50:35:00:87:2a:53:f2:0b:0b:
ee:c1:4a:c3:8c:17:a0:8d:ee:e8:b8:63:4e:49:33:
a7:10:82:b9:b2:07:9e:62:25:d8:a6:aa:c3:2e:f9:
7a:e0:13:3d:df:f6:66:72:46:82:73:59:b3:65:e6:
43:d2:a5:ba:dd:28:a5:9c:61:64:c1:2f:bc:60:4e:
12:c0:ab:3d:99:4e:f2:1f:d5:0b:89:70:98:ff:ff:
60:bc:6f:7e:78:50:c1:b1:73:d2:e7:2b:9e:bd:7f:
5c:6f:d5:c2:82:a7:58:72:8a:8c:dd:bb:7e:7c:6a:
8d:c2:b1:fd:d8:0c:b7:98:31:9b:c0:5f:86:bc:d4:
64:89:38:4c:9f:49:d5:de:82:34:46:6b:b5:bd:b7:
99:7e:8b:42:56:75:39:44:ed:70:00:7c:5e:ff:38:
b5:2d:4c:6c:06:91:ad:83:bd:67:72:76:01:c0:ae:
50:cb:95:c6:d7:41:c4:90:37:d0:42:4f:00:db:5a:
87:26:d2:f9:45:f3:21:d5:de:23:77:61:51:3b:41:
4c:54:36:31:ad:7a:d2:d5:14:6b:8a:b6:50:13:dc:
40:37:42:4d:0f:d6:cd:1a:dd:be:f9:d4:d5:52:98:
2d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:3E:7C:00:19:7C:69:D1:4D:EC:DB:8B:7F:9F:07:B6:A6:96:4B:42
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3280.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.168.0/24
Signature Algorithm: sha256WithRSAEncryption
65:46:5c:ac:98:c9:a4:97:9d:03:1a:d7:ee:0b:06:ca:a7:13:
91:c3:af:c4:d8:9c:35:e0:f9:cc:eb:d7:24:86:1f:5f:27:06:
59:35:2b:d4:08:50:c4:be:08:41:f2:cd:3a:a5:1f:b8:43:cb:
9a:78:e2:4d:b1:e1:42:54:db:cb:26:4a:81:a0:1d:1c:f3:d2:
6e:5a:21:5d:78:36:42:e8:ea:e8:09:92:f5:86:e0:b8:0b:e9:
91:24:c8:8e:bf:19:a9:9e:42:8b:7d:91:7d:8e:a9:38:9d:97:
f8:5c:4c:3d:3d:f8:95:83:59:0e:4a:50:11:0b:f2:f1:9d:a1:
06:30:c9:11:84:f4:3c:5c:63:f0:9a:6e:e5:b5:b5:ff:51:97:
f0:9e:76:43:cd:cf:3a:c3:6e:38:07:ac:66:57:41:8a:90:6a:
e7:68:a8:8c:00:e4:fe:79:e9:31:01:dd:bc:28:12:2a:30:96:
21:47:b3:ec:b5:8e:18:4b:83:4f:87:d3:2e:99:fe:59:65:98:
64:ef:c7:32:0c:76:30:7a:6b:e9:a6:09:96:7d:2d:df:ed:69:
2d:ff:c8:4d:81:9e:65:50:c6:20:37:47:de:4f:79:22:43:c1:
17:50:a2:6c:1d:f0:11:53:9e:69:6c:93:23:e9:3d:04:0f:23:
01:7d:fc:ae
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUVSdim0QggIdrnqYzPqNR+seIcIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzAzMTAwODAyMDBaFw0yNDAzMDgwODA3MDBaMDMxMTAvBgNV
BAMTKDg2M0U3QzAwMTk3QzY5RDE0REVDREI4QjdGOUYwN0I2QTY5NjRCNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX2oZBOZmjQrbGbV1hl98nTJxV
KVA1AIcqU/ILC+7BSsOMF6CN7ui4Y05JM6cQgrmyB55iJdimqsMu+XrgEz3f9mZy
RoJzWbNl5kPSpbrdKKWcYWTBL7xgThLAqz2ZTvIf1QuJcJj//2C8b354UMGxc9Ln
K569f1xv1cKCp1hyiozdu358ao3Csf3YDLeYMZvAX4a81GSJOEyfSdXegjRGa7W9
t5l+i0JWdTlE7XAAfF7/OLUtTGwGka2DvWdydgHArlDLlcbXQcSQN9BCTwDbWocm
0vlF8yHV3iN3YVE7QUxUNjGtetLVFGuKtlAT3EA3Qk0P1s0a3b751NVSmC1RAgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUhj58ABl8adFN7NuLf58HtqaWS0IwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzI4MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALXWqDAN
BgkqhkiG9w0BAQsFAAOCAQEAZUZcrJjJpJedAxrX7gsGyqcTkcOvxNicNeD5zOvX
JIYfXycGWTUr1AhQxL4IQfLNOqUfuEPLmnjiTbHhQlTbyyZKgaAdHPPSblohXXg2
Qujq6AmS9YbguAvpkSTIjr8ZqZ5Ci32RfY6pOJ2X+FxMPT34lYNZDkpQEQvy8Z2h
BjDJEYT0PFxj8Jpu5bW1/1GX8J52Q83POsNuOAesZldBipBq52iojADk/nnpMQHd
vCgSKjCWIUez7LWOGEuDT4fTLpn+WWWYZO/HMgx2MHpr6aYJln0t3+1pLf/ITYGe
ZVDGIDdH3k95IkPBF1CibB3wEVOeaWyTI+k9BA8jAX38rg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:15 2024 by rpki-client on console-fra.rpki-client.org