Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43043.roa
File: AS43043.roa (raw, json)
Hash identifier: PE92VHobnFLSfHWqLvNY0g9kHCZwmvJ3k3uH8TZuaB4=
Subject key identifier: E5:C6:90:EB:E9:A7:EB:CC:22:FD:58:97:81:49:26:61:B0:99:F6:3E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 21BEB82D667657F5E7A0F2AB96301BF69FCC35A4
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43043.roa
Signing time: Wed 27 Sep 2023 07:00:06 +0000
ROA not before: Wed 27 Sep 2023 06:55:06 +0000
ROA not after: Wed 25 Sep 2024 07:00:06 +0000
asID: 43043
IP address blocks: 191.96.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:be:b8:2d:66:76:57:f5:e7:a0:f2:ab:96:30:1b:f6:9f:cc:35:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Sep 27 06:55:06 2023 GMT
Not After : Sep 25 07:00:06 2024 GMT
Subject: CN=E5C690EBE9A7EBCC22FD589781492661B099F63E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:75:aa:ae:2d:a6:fc:6a:cb:94:4f:ab:8e:0f:
76:2c:4e:13:80:6b:a9:ad:19:e0:c6:cf:39:b0:e3:
ab:a9:15:5a:1e:ab:b1:af:20:72:bb:fe:e8:c4:90:
10:8a:69:62:df:ff:21:b3:81:66:b0:4f:f1:0d:5c:
56:cd:6e:59:b6:e9:fa:43:4c:13:7f:b4:15:fa:99:
01:3d:f1:2a:cb:30:37:7d:cf:27:9c:e1:7a:fd:69:
c1:97:2b:d0:cf:15:d3:f6:1b:c9:95:72:45:80:c8:
9c:e3:e4:06:1d:60:49:11:e3:9f:36:94:70:39:c8:
58:58:a6:bc:18:41:1a:d0:57:53:97:65:6e:41:fe:
8e:be:73:8d:d6:15:81:5e:c9:43:37:e9:b8:dc:9b:
23:d9:b9:50:3a:dd:09:54:76:ae:86:20:b9:e1:97:
6a:b0:20:06:87:de:67:a4:ec:24:cd:f1:48:bb:6c:
dc:fd:9c:0e:e3:01:39:e9:bd:7d:33:09:54:cd:eb:
91:b1:ea:32:ce:c0:ed:e6:a8:dd:af:a1:a4:ab:33:
0a:da:22:58:50:89:f9:b2:1d:c9:1d:55:e2:1e:c9:
41:54:90:63:2b:39:33:e4:89:9c:76:15:92:62:1a:
ee:71:3c:2f:48:69:72:fd:da:c2:07:de:90:4f:87:
35:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:C6:90:EB:E9:A7:EB:CC:22:FD:58:97:81:49:26:61:B0:99:F6:3E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43043.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.94.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:dc:0c:aa:57:7f:bf:e5:d2:47:dd:3d:8d:90:51:ba:74:03:
92:ad:ab:3e:44:9d:dd:9d:e6:06:db:c2:a8:3d:46:11:44:11:
f4:36:47:8c:01:6e:b0:b4:55:fb:5c:36:12:e2:bb:50:bd:12:
28:c0:65:bf:51:a5:89:e2:cd:26:94:49:14:28:10:e4:61:a5:
6e:d7:b6:5a:e2:ff:05:2e:bf:a9:81:1e:ec:78:65:0c:5c:27:
ed:fc:ed:91:20:fe:43:a7:77:47:1b:74:42:f7:fe:55:f4:7a:
8e:bb:53:2a:0b:91:c0:91:9e:97:8e:f0:85:b0:0d:d6:32:6a:
02:aa:9a:95:da:c7:42:ee:01:80:f9:e4:45:fe:3b:e7:2d:5b:
11:08:08:31:05:a1:78:1c:df:2b:8d:41:ae:7f:23:18:1c:71:
c1:9c:7d:a9:72:27:f9:02:16:92:c9:5a:e0:e5:a6:da:c7:ee:
0d:43:18:7f:24:ff:33:8a:62:ff:e7:a4:89:fc:f8:4a:be:27:
e9:ee:2c:0b:d1:ed:d6:ac:a9:b9:2f:c8:17:7b:ab:f8:04:c1:
64:2e:7b:f7:91:c6:63:25:63:3d:44:56:b1:86:48:88:4d:f3:
e3:21:4c:03:20:09:ac:7c:c4:39:30:46:8b:db:19:4b:89:20:
75:0b:2a:09
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUIb64LWZ2V/XnoPKrljAb9p/MNaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA5MjcwNjU1MDZaFw0yNDA5MjUwNzAwMDZaMDMxMTAvBgNV
BAMTKEU1QzY5MEVCRTlBN0VCQ0MyMkZENTg5NzgxNDkyNjYxQjA5OUY2M0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmdaquLab8asuUT6uOD3YsThOA
a6mtGeDGzzmw46upFVoeq7GvIHK7/ujEkBCKaWLf/yGzgWawT/ENXFbNblm26fpD
TBN/tBX6mQE98SrLMDd9zyec4Xr9acGXK9DPFdP2G8mVckWAyJzj5AYdYEkR4582
lHA5yFhYprwYQRrQV1OXZW5B/o6+c43WFYFeyUM36bjcmyPZuVA63QlUdq6GILnh
l2qwIAaH3mek7CTN8Ui7bNz9nA7jATnpvX0zCVTN65Gx6jLOwO3mqN2voaSrMwra
IlhQifmyHckdVeIeyUFUkGMrOTPkiZx2FZJiGu5xPC9IaXL92sIH3pBPhzW3AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQU5caQ6+mn68wi/ViXgUkmYbCZ9j4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDMwNDMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC/YF4w
DQYJKoZIhvcNAQELBQADggEBAC/cDKpXf7/l0kfdPY2QUbp0A5Ktqz5End2d5gbb
wqg9RhFEEfQ2R4wBbrC0VftcNhLiu1C9EijAZb9RpYnizSaUSRQoEORhpW7Xtlri
/wUuv6mBHux4ZQxcJ+387ZEg/kOnd0cbdEL3/lX0eo67UyoLkcCRnpeO8IWwDdYy
agKqmpXax0LuAYD55EX+O+ctWxEICDEFoXgc3yuNQa5/IxgcccGcfalyJ/kCFpLJ
WuDlptrH7g1DGH8k/zOKYv/npIn8+Eq+J+nuLAvR7dasqbkvyBd7q/gEwWQue/eR
xmMlYz1EVrGGSIhN8+MhTAMgCax8xDkwRovbGUuJIHULKgk=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:09:05 2025 by rpki-client