Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS33387.roa
File: AS33387.roa (raw, json)
Hash identifier: jrLT+bRlvggK3OEH57Q2OvQb8q7tcDxfpM6xjBAFV9k=
Subject key identifier: E5:DA:0C:95:90:6C:AB:76:87:74:8B:CF:3C:94:8E:19:2A:30:97:14
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 588989F179551464E6544B4BD667B14E97A17D42
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS33387.roa
Signing time: Wed 01 Mar 2023 07:08:17 +0000
ROA not before: Wed 01 Mar 2023 07:03:17 +0000
ROA not after: Wed 28 Feb 2024 07:08:17 +0000
asID: 33387
IP address blocks: 181.214.118.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:89:89:f1:79:55:14:64:e6:54:4b:4b:d6:67:b1:4e:97:a1:7d:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 1 07:03:17 2023 GMT
Not After : Feb 28 07:08:17 2024 GMT
Subject: CN=E5DA0C95906CAB7687748BCF3C948E192A309714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:17:18:aa:fa:43:88:3d:4a:ab:a5:c3:d0:8f:
01:ba:8e:d7:54:8d:52:2f:0e:2d:00:7d:24:40:77:
a1:cb:0e:b5:8e:f9:fe:3d:69:cb:4d:ff:60:8b:19:
ad:71:3a:01:80:50:2d:9a:ce:a5:c8:98:35:06:4a:
d0:48:cd:87:bc:a4:96:77:0a:8f:d4:1b:58:b6:74:
45:eb:7a:c3:97:f0:48:b0:4a:f0:52:67:15:49:3b:
d6:c7:74:d7:91:48:7e:01:3c:cf:d9:d1:a6:f9:12:
f6:e7:8d:29:af:e1:5b:94:70:df:3c:2f:d6:4a:61:
03:26:27:d0:9f:60:e8:ab:b2:35:c9:9f:41:91:5f:
05:bd:e6:06:dd:e3:6d:cb:35:6d:33:26:0f:cb:43:
13:0b:e8:df:aa:b3:c8:80:7b:2e:11:fd:0b:8e:7f:
94:e2:ae:35:fc:2f:4d:05:4d:a8:46:76:2a:77:3e:
a2:62:00:09:33:3a:2a:e7:59:d3:23:d5:db:12:12:
b3:09:bd:b8:f0:91:d6:cd:1f:12:e6:89:83:d3:a2:
1c:6b:05:30:f5:e8:48:69:2d:db:b2:3f:3c:e1:a3:
22:f1:6e:f7:39:fe:97:98:66:63:91:74:16:62:3f:
b0:9d:b9:ad:f8:11:2a:d7:c1:01:c9:ec:39:bf:43:
0e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:DA:0C:95:90:6C:AB:76:87:74:8B:CF:3C:94:8E:19:2A:30:97:14
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS33387.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.118.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:93:fc:eb:cd:73:6f:cf:af:7e:8f:86:7b:83:b5:fd:b1:48:
84:36:0f:c7:f8:db:fa:1f:56:d9:96:4d:ac:ec:d2:bc:6b:1c:
07:6d:7c:fc:67:ae:0d:23:49:fd:77:e7:c5:90:a2:c4:b5:47:
69:49:21:dd:01:30:9d:b3:21:a5:01:f1:dd:93:b2:c4:d9:ef:
1d:3d:7d:09:07:cf:f3:a8:23:86:02:4e:dc:77:73:63:e9:2d:
3b:df:5a:cd:07:ca:e2:c5:6a:b7:53:2a:de:72:a8:57:e6:d8:
68:5d:1b:18:0a:c7:bd:ab:00:82:bf:10:25:b8:33:b2:64:83:
d4:c5:ae:cc:aa:75:54:b5:bd:29:e5:93:dc:a7:16:c9:ea:79:
4a:72:76:43:ed:63:b4:dd:2b:4e:3a:c6:35:7a:cf:9f:c6:d1:
a7:4c:e9:76:5a:96:84:fe:db:95:33:a8:cc:dd:85:61:b6:f1:
ac:34:00:11:ce:c7:61:52:11:f9:38:cf:39:33:d5:7a:93:5e:
d6:0f:52:c4:cb:15:00:2d:3c:6b:95:a4:c5:07:f0:9a:58:1e:
8c:05:b2:8e:14:45:80:63:e0:4f:cc:70:87:93:1d:07:4c:58:
5e:cd:b2:d0:4d:5a:a7:0e:e6:d1:53:2d:cf:c6:54:b6:2c:a5:
31:c8:7e:67
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUWImJ8XlVFGTmVEtL1mexTpehfUIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzAzMDEwNzAzMTdaFw0yNDAyMjgwNzA4MTdaMDMxMTAvBgNV
BAMTKEU1REEwQzk1OTA2Q0FCNzY4Nzc0OEJDRjNDOTQ4RTE5MkEzMDk3MTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMFxiq+kOIPUqrpcPQjwG6jtdU
jVIvDi0AfSRAd6HLDrWO+f49actN/2CLGa1xOgGAUC2azqXImDUGStBIzYe8pJZ3
Co/UG1i2dEXresOX8EiwSvBSZxVJO9bHdNeRSH4BPM/Z0ab5EvbnjSmv4VuUcN88
L9ZKYQMmJ9CfYOirsjXJn0GRXwW95gbd423LNW0zJg/LQxML6N+qs8iAey4R/QuO
f5TirjX8L00FTahGdip3PqJiAAkzOirnWdMj1dsSErMJvbjwkdbNHxLmiYPTohxr
BTD16EhpLduyPzzhoyLxbvc5/peYZmORdBZiP7Cdua34ESrXwQHJ7Dm/Qw4NAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU5doMlZBsq3aHdIvPPJSOGSowlxQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzMzODcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC11nYw
DQYJKoZIhvcNAQELBQADggEBAGyT/OvNc2/Pr36PhnuDtf2xSIQ2D8f42/ofVtmW
Tazs0rxrHAdtfPxnrg0jSf1358WQosS1R2lJId0BMJ2zIaUB8d2TssTZ7x09fQkH
z/OoI4YCTtx3c2PpLTvfWs0HyuLFardTKt5yqFfm2GhdGxgKx72rAIK/ECW4M7Jk
g9TFrsyqdVS1vSnlk9ynFsnqeUpydkPtY7TdK046xjV6z5/G0adM6XZaloT+25Uz
qMzdhWG28aw0ABHOx2FSEfk4zzkz1XqTXtYPUsTLFQAtPGuVpMUH8JpYHowFso4U
RYBj4E/McIeTHQdMWF7NstBNWqcO5tFTLc/GVLYspTHIfmc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:04 2024 by rpki-client on console-ams.rpki-client.org