Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS216304.roa
File: AS216304.roa (raw, json)
Hash identifier: fSQN2jorHZ8J24oEbRAV+2f6+nHBhp9+HiTOuRDP3Lk=
Subject key identifier: 89:AD:8C:BA:1B:4F:24:3C:13:5C:AA:AD:79:1F:78:CD:7D:FF:2D:AF
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 15ACDBFA53E14E0A8298892F339AE127C372EADB
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS216304.roa
Signing time: Fri 22 Sep 2023 17:18:17 +0000
ROA not before: Fri 22 Sep 2023 17:13:17 +0000
ROA not after: Fri 20 Sep 2024 17:18:17 +0000
asID: 216304
IP address blocks: 2a07:54c4:175f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:ac:db:fa:53:e1:4e:0a:82:98:89:2f:33:9a:e1:27:c3:72:ea:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Sep 22 17:13:17 2023 GMT
Not After : Sep 20 17:18:17 2024 GMT
Subject: CN=89AD8CBA1B4F243C135CAAAD791F78CD7DFF2DAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ca:c1:e8:d3:88:f3:38:a9:2d:d3:96:3d:a3:
49:9c:94:d5:b5:37:10:c1:64:c3:57:ed:e0:d7:03:
b2:d7:83:32:91:ea:91:84:18:11:0f:6d:01:8c:44:
d3:ac:db:48:38:f7:2b:59:fa:05:07:89:9c:7e:b9:
bb:30:bf:7e:ab:cb:4d:cb:08:f0:13:4e:bf:ec:7f:
57:0c:93:0c:f6:ba:49:fb:24:41:4e:af:74:f5:62:
28:c9:7f:67:d4:5a:23:b0:d3:c3:40:05:b4:f2:f8:
86:b1:2a:22:71:c7:fc:3f:f4:0e:52:52:74:36:ad:
9b:ad:38:58:b8:97:b3:a2:d2:da:f1:21:26:de:ca:
26:4b:1e:52:2d:eb:c0:b9:95:b5:72:0c:fe:c3:b2:
07:22:15:5f:90:ac:50:12:78:c2:7c:7e:03:54:a9:
0c:41:fb:e0:4b:02:31:17:0a:ed:d4:32:ad:53:2a:
ae:83:29:d5:cc:c3:e7:9d:73:ba:ee:da:0d:66:62:
0a:92:04:a8:e9:03:b9:88:a0:05:bf:11:d6:39:60:
9d:25:36:bf:08:3a:5c:6d:a5:77:69:1c:3b:de:4f:
27:b3:2f:13:82:d6:a4:ba:c8:0a:fa:94:4a:ca:e1:
56:b1:2a:06:5a:6d:85:42:9c:70:2b:6a:93:ed:b3:
5a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:AD:8C:BA:1B:4F:24:3C:13:5C:AA:AD:79:1F:78:CD:7D:FF:2D:AF
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS216304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c4:175f::/48
Signature Algorithm: sha256WithRSAEncryption
27:dc:84:9c:ec:3b:5f:9b:67:3d:5b:79:7f:cb:7d:1c:a0:d3:
22:33:da:42:9e:f9:de:5d:67:a2:9f:da:44:40:a6:27:74:59:
a9:03:c2:47:8d:a9:18:14:25:5f:d2:e2:52:e8:6b:d6:ac:cf:
b3:f9:07:b4:c1:16:da:c5:d4:2a:ef:d9:a8:3b:c3:9b:ec:bb:
6f:c8:e3:e1:00:82:1f:db:33:cc:de:d3:2a:17:2b:78:05:05:
90:50:51:50:a6:32:cd:8c:0e:3b:54:95:1b:dc:c3:4b:02:42:
ed:48:c3:85:60:fc:be:be:38:95:a5:6d:68:41:a0:dc:eb:48:
d7:6c:cd:0e:83:c7:9f:15:b5:32:bc:9e:07:2e:b0:0f:55:29:
37:80:58:37:bc:81:ae:9c:76:4d:15:21:ad:f1:f3:92:d3:91:
bb:e9:d4:f7:02:7b:8a:c2:7b:58:d0:15:ed:a2:65:76:47:f4:
86:57:24:e9:e3:27:c2:dc:36:5c:e2:66:12:b3:56:ce:3b:ab:
f0:5e:de:dd:13:7e:8f:82:20:c7:e2:fe:a2:a7:d4:b2:b9:67:
a7:40:a8:16:6b:92:ed:f6:e9:35:35:27:b3:70:5c:80:78:78:
ea:6a:81:42:15:dc:8a:8d:6d:a2:55:4c:2e:08:23:fb:f2:04:
88:8a:2f:e5
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFazb+lPhTgqCmIkvM5rhJ8Ny6tswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yMzA5MjIxNzEzMTdaFw0yNDA5MjAxNzE4MTdaMDMxMTAvBgNV
BAMTKDg5QUQ4Q0JBMUI0RjI0M0MxMzVDQUFBRDc5MUY3OENEN0RGRjJEQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+ysHo04jzOKkt05Y9o0mclNW1
NxDBZMNX7eDXA7LXgzKR6pGEGBEPbQGMRNOs20g49ytZ+gUHiZx+ubswv36ry03L
CPATTr/sf1cMkwz2ukn7JEFOr3T1YijJf2fUWiOw08NABbTy+IaxKiJxx/w/9A5S
UnQ2rZutOFi4l7Oi0trxISbeyiZLHlIt68C5lbVyDP7DsgciFV+QrFASeMJ8fgNU
qQxB++BLAjEXCu3UMq1TKq6DKdXMw+edc7ru2g1mYgqSBKjpA7mIoAW/EdY5YJ0l
Nr8IOlxtpXdpHDveTyezLxOC1qS6yAr6lErK4VaxKgZabYVCnHArapPts1oPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUia2MuhtPJDwTXKqteR94zX3/La8wHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE2MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
xBdfMA0GCSqGSIb3DQEBCwUAA4IBAQAn3ISc7Dtfm2c9W3l/y30coNMiM9pCnvne
XWein9pEQKYndFmpA8JHjakYFCVf0uJS6GvWrM+z+Qe0wRbaxdQq79moO8Ob7Ltv
yOPhAIIf2zPM3tMqFyt4BQWQUFFQpjLNjA47VJUb3MNLAkLtSMOFYPy+vjiVpW1o
QaDc60jXbM0Og8efFbUyvJ4HLrAPVSk3gFg3vIGunHZNFSGt8fOS05G76dT3AnuK
wntY0BXtomV2R/SGVyTp4yfC3DZc4mYSs1bOO6vwXt7dE36PgiDH4v6ip9SyuWen
QKgWa5Lt9uk1NSezcFyAeHjqaoFCFdyKjW2iVUwuCCP78gSIii/l
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:06:53 2025 by rpki-client