Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS398465.roa
File: AS398465.roa (raw, json)
Hash identifier: 8S/kBMUOS3P3GUQaZj/m2OihXQgHQjr++zCz8FGhhUU=
Subject key identifier: 3B:32:95:66:05:95:3D:3D:9E:FE:DF:82:D1:74:06:3B:D6:A5:D4:40
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 184A0871E33D68C4F08651DBBA53DA934CD529F9
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS398465.roa
Signing time: Thu 08 Feb 2024 16:27:49 +0000
ROA not before: Thu 08 Feb 2024 16:22:49 +0000
ROA not after: Thu 06 Feb 2025 16:27:49 +0000
asID: 398465
IP address blocks: 147.78.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:4a:08:71:e3:3d:68:c4:f0:86:51:db:ba:53:da:93:4c:d5:29:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Feb 8 16:22:49 2024 GMT
Not After : Feb 6 16:27:49 2025 GMT
Subject: CN=3B32956605953D3D9EFEDF82D174063BD6A5D440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:94:83:ed:44:11:fe:e3:c5:e0:46:ce:8d:e1:
c5:76:cc:f0:c4:ab:f9:c9:ab:ab:cb:ba:37:12:67:
c5:a2:1f:72:51:ba:94:ea:b9:15:db:c7:14:f5:27:
5b:e1:5a:8b:6e:60:13:14:5b:4a:2d:70:db:63:e9:
19:b1:ed:32:90:35:47:db:67:44:6d:67:99:60:15:
52:5e:33:59:03:0d:55:bd:d1:4e:25:ca:f5:1c:49:
ce:f0:96:73:e3:28:99:cc:0a:b2:80:18:f6:b1:50:
c6:2e:b7:50:07:30:73:7b:99:53:c2:1d:e4:f7:9a:
46:b5:03:51:20:2e:5d:1a:88:f5:e5:c7:68:81:69:
ba:4e:59:35:48:06:0b:b0:2a:fc:8a:4a:5c:fc:7a:
1b:c9:6f:8a:b1:fc:a5:cf:b9:56:e8:17:6f:97:d3:
fc:16:8d:1f:3c:d4:ef:d1:4a:c0:31:20:2e:b1:81:
ae:cd:19:10:ef:14:6b:21:4d:c6:67:80:f2:4b:c5:
69:43:ab:99:8c:53:16:6b:3a:e6:74:fb:5c:76:b9:
ee:81:c5:c9:c3:07:f3:63:ff:53:ab:78:c2:ba:59:
6b:ec:a8:18:45:fd:dd:52:04:83:5e:84:78:74:dc:
0d:3c:8d:d0:57:80:81:21:72:5b:fb:a8:05:9d:34:
cd:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:32:95:66:05:95:3D:3D:9E:FE:DF:82:D1:74:06:3B:D6:A5:D4:40
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS398465.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.123.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:6a:21:0d:2a:54:46:6d:32:03:f2:4c:9b:c8:8b:a8:b9:67:
fe:46:18:fd:75:5f:f4:a3:d3:cc:f5:40:7b:38:f6:92:2f:67:
75:10:0c:5b:63:4c:13:16:76:c0:8a:87:eb:2e:7e:22:a3:51:
a0:00:91:c5:66:d3:21:d3:d1:7d:ab:c4:b9:57:85:70:c5:0f:
f9:19:32:dc:70:cb:21:09:e7:d6:28:25:80:af:e0:7a:f5:44:
e7:6f:2e:8f:f9:6a:bd:a2:f3:bf:9c:c8:d6:f3:22:82:71:d1:
bf:09:69:b1:54:45:bb:d4:2d:32:7c:4f:a8:9e:18:75:c9:41:
ed:55:3b:7d:a2:08:7c:3f:9e:75:85:c7:f2:64:47:37:33:f2:
5e:48:47:7d:dc:07:dd:61:2b:4d:9c:91:26:db:97:97:28:b8:
34:fa:0a:f2:39:7f:27:c4:fb:13:8d:df:7b:d4:e5:9a:0f:eb:
0d:09:66:ba:d1:03:db:9a:11:41:d8:e3:8b:5e:b4:74:c7:1a:
bc:82:c8:05:07:00:d9:32:cf:75:5a:fc:55:ad:b2:a6:33:48:
03:7a:31:f6:7b:f7:ec:7c:89:c6:9e:d1:16:c0:26:f1:14:9b:
81:55:a0:fc:c8:36:7a:8d:ae:92:c6:84:03:60:e3:c7:8a:d2:
7b:de:1a:2a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUGEoIceM9aMTwhlHbulPak0zVKfkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNDAyMDgxNjIyNDlaFw0yNTAyMDYxNjI3NDlaMDMxMTAvBgNV
BAMTKDNCMzI5NTY2MDU5NTNEM0Q5RUZFREY4MkQxNzQwNjNCRDZBNUQ0NDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGlIPtRBH+48XgRs6N4cV2zPDE
q/nJq6vLujcSZ8WiH3JRupTquRXbxxT1J1vhWotuYBMUW0otcNtj6Rmx7TKQNUfb
Z0RtZ5lgFVJeM1kDDVW90U4lyvUcSc7wlnPjKJnMCrKAGPaxUMYut1AHMHN7mVPC
HeT3mka1A1EgLl0aiPXlx2iBabpOWTVIBguwKvyKSlz8ehvJb4qx/KXPuVboF2+X
0/wWjR881O/RSsAxIC6xga7NGRDvFGshTcZngPJLxWlDq5mMUxZrOuZ0+1x2ue6B
xcnDB/Nj/1OreMK6WWvsqBhF/d1SBINehHh03A08jdBXgIEhclv7qAWdNM2JAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUOzKVZgWVPT2e/t+C0XQGO9al1EAwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMzk4NDY1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk057
MA0GCSqGSIb3DQEBCwUAA4IBAQDVaiENKlRGbTID8kybyIuouWf+Rhj9dV/0o9PM
9UB7OPaSL2d1EAxbY0wTFnbAiofrLn4io1GgAJHFZtMh09F9q8S5V4VwxQ/5GTLc
cMshCefWKCWAr+B69UTnby6P+Wq9ovO/nMjW8yKCcdG/CWmxVEW71C0yfE+onhh1
yUHtVTt9ogh8P551hcfyZEc3M/JeSEd93AfdYStNnJEm25eXKLg0+gryOX8nxPsT
jd971OWaD+sNCWa60QPbmhFB2OOLXrR0xxq8gsgFBwDZMs91WvxVrbKmM0gDejH2
e/fsfInGntEWwCbxFJuBVaD8yDZ6ja6SxoQDYOPHitJ73hoq
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:14:08 2025 by rpki-client