Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64515.roa
File: AS64515.roa (raw, json)
Hash identifier: bbQHRttHJ7DEj8G5lGgRhXs0FITCI5JyKai1x/MNLRg=
Subject key identifier: 70:60:1B:13:7D:C0:16:96:95:7F:02:2A:6C:3D:63:39:6F:A3:8E:DD
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5B1348BDC08AF3C0970BA8B764ACD001735DB8CC
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64515.roa
Signing time: Sun 16 Apr 2023 00:36:31 +0000
ROA not before: Sun 16 Apr 2023 00:31:31 +0000
ROA not after: Sun 14 Apr 2024 00:36:31 +0000
asID: 64515
IP address blocks: 185.158.132.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:13:48:bd:c0:8a:f3:c0:97:0b:a8:b7:64:ac:d0:01:73:5d:b8:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 16 00:31:31 2023 GMT
Not After : Apr 14 00:36:31 2024 GMT
Subject: CN=70601B137DC01696957F022A6C3D63396FA38EDD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:08:e5:6e:ce:42:95:3b:72:6a:fc:70:35:7f:
9d:55:9a:55:3e:dc:e6:26:b4:cf:80:4f:9b:12:d8:
9b:ef:ca:b2:b7:14:c2:cb:91:10:5a:90:a3:ca:d4:
58:25:af:32:b2:6a:8a:e0:c2:1a:eb:75:cb:49:9e:
2e:a4:7f:89:76:a8:a4:e0:e9:9c:b7:1e:86:88:f7:
3a:b9:de:f7:8e:df:49:8b:53:db:e7:f7:39:ad:02:
2f:90:68:be:d1:1a:6e:8b:79:15:fa:b9:e2:ce:7f:
3c:f8:83:db:9b:14:61:5c:05:7a:69:6c:f5:74:b1:
2d:0a:a6:ea:af:f3:2d:d2:17:b8:ee:b8:c8:41:79:
5a:12:85:61:bc:ea:32:bf:33:1b:e2:be:29:77:63:
3e:91:bc:a7:0c:a7:38:6c:7e:69:11:a8:09:a1:07:
fd:5f:10:3a:3e:29:71:17:8c:71:f1:c3:16:3b:66:
63:bb:21:5d:a5:f1:ce:d3:bb:99:66:bc:20:1f:22:
21:c0:2a:b9:87:f2:b9:06:20:26:10:b3:a6:39:ea:
22:83:96:84:d8:c9:39:08:b1:a5:70:88:ab:87:df:
eb:17:3f:ce:eb:30:c1:a4:89:ba:7a:71:66:7e:d3:
70:75:e5:8a:fc:ea:94:03:5d:25:22:58:3b:9a:75:
d3:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:60:1B:13:7D:C0:16:96:95:7F:02:2A:6C:3D:63:39:6F:A3:8E:DD
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS64515.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.132.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:3d:f5:aa:ec:5a:0f:37:2f:b2:3d:26:e0:d2:7e:15:df:f9:
1a:1d:9e:be:5b:99:ad:44:8b:11:f5:72:14:ac:f1:d2:db:1c:
49:77:71:47:f3:bc:a7:e8:a3:e1:32:4d:b5:7f:30:5c:d7:81:
de:e0:c8:92:80:ec:2f:22:87:5f:56:bc:58:c7:67:20:b7:57:
9b:34:2c:2f:96:c3:3f:4e:bc:44:5d:58:d7:f0:55:4f:00:a0:
63:d9:0d:de:d5:e6:71:d3:9b:2c:6f:02:e1:97:df:e9:1c:06:
e0:7a:24:9e:b6:fe:cb:a4:1c:09:0f:f1:39:4f:c9:4c:95:23:
04:21:5e:e1:94:e8:04:cc:88:b1:39:c3:c8:13:a1:10:6b:9c:
25:f1:e4:7b:86:50:f1:7a:6e:50:78:7e:04:d7:5f:9f:d9:d1:
9f:ae:67:82:07:ac:ab:9c:f4:e1:ed:e4:ee:a6:fc:f3:2c:3d:
56:68:11:19:52:a7:f6:b6:7b:f6:6a:f9:ca:16:35:a3:df:b7:
cf:11:41:4f:41:5f:eb:04:5f:37:66:61:cb:af:dc:a2:6d:a8:
73:4e:f4:6d:e7:59:68:03:45:2a:03:ec:85:06:9f:f4:6a:a6:
06:1c:1b:6f:5d:1f:38:f9:db:5f:b3:52:1d:ec:dc:bd:e1:b3:
ee:e5:68:e4
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUWxNIvcCK88CXC6i3ZKzQAXNduMwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA0MTYwMDMxMzFaFw0yNDA0MTQwMDM2MzFaMDMxMTAvBgNV
BAMTKDcwNjAxQjEzN0RDMDE2OTY5NTdGMDIyQTZDM0Q2MzM5NkZBMzhFREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFCOVuzkKVO3Jq/HA1f51VmlU+
3OYmtM+AT5sS2JvvyrK3FMLLkRBakKPK1FglrzKyaorgwhrrdctJni6kf4l2qKTg
6Zy3HoaI9zq53veO30mLU9vn9zmtAi+QaL7RGm6LeRX6ueLOfzz4g9ubFGFcBXpp
bPV0sS0Kpuqv8y3SF7juuMhBeVoShWG86jK/Mxvivil3Yz6RvKcMpzhsfmkRqAmh
B/1fEDo+KXEXjHHxwxY7ZmO7IV2l8c7Tu5lmvCAfIiHAKrmH8rkGICYQs6Y56iKD
loTYyTkIsaVwiKuH3+sXP87rMMGkibp6cWZ+03B15Yr86pQDXSUiWDuaddMLAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUcGAbE33AFpaVfwIqbD1jOW+jjt0wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNjQ1MTUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5noQw
DQYJKoZIhvcNAQELBQADggEBAI099arsWg83L7I9JuDSfhXf+Rodnr5bma1EixH1
chSs8dLbHEl3cUfzvKfoo+EyTbV/MFzXgd7gyJKA7C8ih19WvFjHZyC3V5s0LC+W
wz9OvERdWNfwVU8AoGPZDd7V5nHTmyxvAuGX3+kcBuB6JJ62/sukHAkP8TlPyUyV
IwQhXuGU6ATMiLE5w8gToRBrnCXx5HuGUPF6blB4fgTXX5/Z0Z+uZ4IHrKuc9OHt
5O6m/PMsPVZoERlSp/a2e/Zq+coWNaPft88RQU9BX+sEXzdmYcuv3KJtqHNO9G3n
WWgDRSoD7IUGn/RqpgYcG29dHzj521+zUh3s3L3hs+7laOQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:16 2024 by rpki-client on console-fra.rpki-client.org