Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS398464.roa
File: AS398464.roa (raw, json)
Hash identifier: xoNzD6neydOzP2SYnd8lpLgPPUpH5IFaWA/8Fk8tLP8=
Subject key identifier: FA:E3:09:94:53:77:FD:6F:E7:8A:F3:2F:BB:0D:54:B3:0A:D2:82:A1
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 57F90B5994E0DA54325FFD0671D75DA6DE50F8E6
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS398464.roa
Signing time: Wed 01 Mar 2023 07:08:14 +0000
ROA not before: Wed 01 Mar 2023 07:03:14 +0000
ROA not after: Wed 28 Feb 2024 07:08:14 +0000
asID: 398464
IP address blocks: 181.214.122.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:f9:0b:59:94:e0:da:54:32:5f:fd:06:71:d7:5d:a6:de:50:f8:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 1 07:03:14 2023 GMT
Not After : Feb 28 07:08:14 2024 GMT
Subject: CN=FAE309945377FD6FE78AF32FBB0D54B30AD282A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:97:79:48:fa:32:93:e4:ca:38:46:00:0b:9c:
9a:6c:1a:d0:2e:a0:0a:a9:35:eb:f5:0f:ea:f8:d0:
7a:bc:f1:fb:a8:04:fb:70:f7:30:b1:a7:0c:3f:92:
f8:06:b6:df:8c:44:55:eb:e5:45:6e:d5:e4:be:19:
8b:d4:b0:f2:af:93:30:03:07:c9:75:a9:0a:ee:58:
a7:ba:86:2d:5d:3a:b8:46:0a:41:d7:29:c0:bd:ed:
33:83:89:34:af:b9:8a:42:54:eb:39:e0:e7:62:4a:
08:30:24:d2:e0:84:ff:93:e0:03:a6:7b:9b:73:83:
99:e6:6d:9f:c1:7a:56:74:4b:11:7d:84:3f:c7:b1:
db:e2:78:20:69:ec:c3:7c:2f:bd:a0:af:1e:f7:35:
74:a8:0a:aa:6e:31:7c:6d:b5:f8:b9:59:79:b6:45:
06:04:18:93:fa:b8:2e:76:ee:84:de:4d:dd:1f:bc:
44:d3:4e:26:b9:74:c7:fc:69:a0:6b:2a:0e:75:f0:
8c:d0:06:f3:d1:b1:68:3a:67:03:52:c6:38:9b:f0:
74:f3:77:ec:a8:b1:90:7f:3e:4f:53:2a:b1:d3:96:
53:91:fc:f1:5f:02:c5:72:89:66:43:64:fc:4d:e5:
94:1c:40:3a:74:1e:52:06:ff:53:02:a9:03:6d:a6:
e3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:E3:09:94:53:77:FD:6F:E7:8A:F3:2F:BB:0D:54:B3:0A:D2:82:A1
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS398464.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.122.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:df:9a:65:7b:d6:5f:21:e2:11:c3:11:74:d3:72:d9:d5:fa:
2b:d1:70:39:81:9a:a4:9e:aa:5e:6d:5f:0b:45:aa:69:ab:b2:
d8:b8:a2:af:a2:54:a4:e0:3f:14:3b:17:1c:0c:99:31:ae:dc:
0b:9f:8b:c0:00:7f:0f:da:01:31:f3:18:64:88:20:cf:ba:77:
1b:c2:a5:77:cd:9f:f4:f4:b1:11:c7:21:0e:74:af:21:d9:72:
cb:a5:e5:5a:65:59:6a:9c:ab:ef:2a:64:d5:4e:74:77:2b:92:
f4:a3:ea:97:3e:c6:1c:19:2f:dc:c0:e7:f6:0c:7c:73:2d:71:
03:c4:ff:02:9d:eb:ae:bb:f7:60:45:15:0a:fd:8e:bf:5a:f8:
c3:6a:77:32:23:3d:3a:24:6e:cb:f8:9a:f4:7c:e7:e3:97:51:
1e:cb:77:9c:e1:f6:7f:68:73:e0:0a:64:35:67:6c:40:38:3c:
86:69:b9:00:a1:9f:63:a6:1c:7a:c3:1d:95:60:f0:46:3e:2f:
25:44:0f:10:b0:b0:89:ff:80:28:d9:2a:d0:4d:8b:56:99:41:
50:5d:47:09:21:97:dd:51:5c:54:b7:be:40:b0:96:9d:6d:89:
a3:d3:11:bc:57:fc:f5:7a:f7:06:46:b9:ca:5e:d4:5c:c3:ae:
44:a0:8f:48
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUV/kLWZTg2lQyX/0Gcdddpt5Q+OYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzAzMDEwNzAzMTRaFw0yNDAyMjgwNzA4MTRaMDMxMTAvBgNV
BAMTKEZBRTMwOTk0NTM3N0ZENkZFNzhBRjMyRkJCMEQ1NEIzMEFEMjgyQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQl3lI+jKT5Mo4RgALnJpsGtAu
oAqpNev1D+r40Hq88fuoBPtw9zCxpww/kvgGtt+MRFXr5UVu1eS+GYvUsPKvkzAD
B8l1qQruWKe6hi1dOrhGCkHXKcC97TODiTSvuYpCVOs54OdiSggwJNLghP+T4AOm
e5tzg5nmbZ/BelZ0SxF9hD/HsdvieCBp7MN8L72grx73NXSoCqpuMXxttfi5WXm2
RQYEGJP6uC527oTeTd0fvETTTia5dMf8aaBrKg518IzQBvPRsWg6ZwNSxjib8HTz
d+yosZB/Pk9TKrHTllOR/PFfAsVyiWZDZPxN5ZQcQDp0HlIG/1MCqQNtpuNbAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU+uMJlFN3/W/nivMvuw1UswrSgqEwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk4NDY0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtdZ6
MA0GCSqGSIb3DQEBCwUAA4IBAQBP35ple9ZfIeIRwxF003LZ1for0XA5gZqknqpe
bV8LRappq7LYuKKvolSk4D8UOxccDJkxrtwLn4vAAH8P2gEx8xhkiCDPuncbwqV3
zZ/09LERxyEOdK8h2XLLpeVaZVlqnKvvKmTVTnR3K5L0o+qXPsYcGS/cwOf2DHxz
LXEDxP8Cneuuu/dgRRUK/Y6/WvjDancyIz06JG7L+Jr0fOfjl1Eey3ec4fZ/aHPg
CmQ1Z2xAODyGabkAoZ9jphx6wx2VYPBGPi8lRA8QsLCJ/4Ao2SrQTYtWmUFQXUcJ
IZfdUVxUt75AsJadbYmj0xG8V/z1evcGRrnKXtRcw65EoI9I
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:15:10 2025 by rpki-client