Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS28.roa
File: AS28.roa (raw, json)
Hash identifier: TO/EfVUBAj10xR7T1/Yqxr8PG3HmAroNhDOhaQswteI=
Subject key identifier: 7C:F3:1B:E6:E1:68:33:9D:9D:CB:F3:58:E6:57:C0:40:5D:80:3B:3F
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 42F7DEF5782F67EA0BA4859279EFD707F5472C93
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS28.roa
Signing time: Sat 30 Dec 2023 00:15:12 +0000
ROA not before: Sat 30 Dec 2023 00:10:12 +0000
ROA not after: Sat 28 Dec 2024 00:15:12 +0000
asID: 28
IP address blocks: 2a07:54c4:1763::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:f7:de:f5:78:2f:67:ea:0b:a4:85:92:79:ef:d7:07:f5:47:2c:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Dec 30 00:10:12 2023 GMT
Not After : Dec 28 00:15:12 2024 GMT
Subject: CN=7CF31BE6E168339D9DCBF358E657C0405D803B3F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d6:3b:3f:7a:2f:55:b3:ab:9b:9a:af:ee:ee:
f6:e1:02:1f:dd:f9:5d:59:79:bf:2b:38:cf:9a:6a:
82:d9:66:81:ae:5e:5b:3f:01:df:91:c7:83:36:b7:
a7:1f:f6:34:24:9c:bd:24:01:ed:d9:9b:a7:a2:7b:
0d:d5:49:05:2b:0a:fe:63:64:6f:9a:88:5b:d3:4c:
c4:75:80:2c:6b:ec:17:f4:cf:b5:64:8c:6a:db:17:
71:6f:5d:b1:fd:a1:d1:f0:ed:a0:fd:26:91:7c:d5:
d4:ff:5f:66:c2:8e:98:9b:98:e7:64:ca:0e:8c:56:
99:b3:92:a2:b3:eb:3b:88:45:c9:18:70:c6:85:ea:
0f:8a:70:4f:d4:72:70:8d:7d:08:f2:95:f4:7f:7b:
b2:4c:ac:75:47:be:f5:c4:23:80:6a:07:7a:d4:08:
50:9b:4d:f5:16:dc:9f:52:3c:23:12:f7:5b:a0:67:
34:25:6f:22:50:28:89:4b:12:d4:9f:9e:96:44:86:
65:a5:d0:93:15:62:8f:a4:27:09:3b:eb:8c:02:ed:
9b:60:4b:77:c6:5e:45:32:49:20:c9:e0:4b:07:c6:
f5:95:27:f3:a7:9a:8e:6e:0a:7d:0f:0f:dc:ff:d4:
61:a2:a6:95:96:43:58:42:85:36:05:54:94:f4:7c:
86:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:F3:1B:E6:E1:68:33:9D:9D:CB:F3:58:E6:57:C0:40:5D:80:3B:3F
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS28.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c4:1763::/48
Signature Algorithm: sha256WithRSAEncryption
54:af:8a:db:a2:7a:fa:9b:aa:5a:8c:1c:82:d6:2f:59:6c:b5:
43:ed:14:71:24:73:1b:e9:75:f0:77:0c:3c:57:2c:90:2d:6e:
5f:a7:bd:43:81:f9:ba:76:d2:04:95:55:66:6f:c2:13:76:93:
a4:1c:1e:d1:67:54:ee:dd:da:8d:6f:c3:4d:80:2a:66:05:b9:
9c:b0:bc:33:7c:0f:40:fb:ff:10:fb:a4:60:11:9b:ce:4e:a3:
9e:79:e4:0e:8c:2e:89:3d:55:e0:bf:34:d3:23:c3:96:84:50:
0b:cc:87:30:94:b9:ec:af:45:7d:f9:46:77:7f:b4:61:3f:97:
b8:b5:0f:ee:41:52:ec:df:d8:a5:a8:e9:a4:05:41:55:7e:a6:
67:bc:e9:28:aa:bb:22:57:63:8a:49:a7:ea:94:6b:fd:fa:76:
29:93:a6:bd:c8:d6:4c:06:40:e9:1a:bf:e8:05:76:cd:20:62:
95:bd:fb:5d:9c:8d:47:5a:66:72:d3:7b:d8:2d:f5:c7:e2:91:
27:9a:c2:52:e3:1a:fc:5d:ec:52:2d:50:40:41:80:65:71:59:
28:ee:07:a9:39:c4:6f:c0:c3:b6:f9:8e:df:10:f9:ec:bb:34:
eb:c5:1c:10:2f:d7:78:60:11:9b:fe:57:91:0b:3c:8c:b4:8b:
4e:42:e0:39
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUQvfe9XgvZ+oLpIWSee/XB/VHLJMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yMzEyMzAwMDEwMTJaFw0yNDEyMjgwMDE1MTJaMDMxMTAvBgNV
BAMTKDdDRjMxQkU2RTE2ODMzOUQ5RENCRjM1OEU2NTdDMDQwNUQ4MDNCM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy1js/ei9Vs6ubmq/u7vbhAh/d
+V1Zeb8rOM+aaoLZZoGuXls/Ad+Rx4M2t6cf9jQknL0kAe3Zm6eiew3VSQUrCv5j
ZG+aiFvTTMR1gCxr7Bf0z7VkjGrbF3FvXbH9odHw7aD9JpF81dT/X2bCjpibmOdk
yg6MVpmzkqKz6zuIRckYcMaF6g+KcE/UcnCNfQjylfR/e7JMrHVHvvXEI4BqB3rU
CFCbTfUW3J9SPCMS91ugZzQlbyJQKIlLEtSfnpZEhmWl0JMVYo+kJwk764wC7Ztg
S3fGXkUySSDJ4EsHxvWVJ/Onmo5uCn0PD9z/1GGippWWQ1hChTYFVJT0fIZXAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUfPMb5uFoM52dy/NY5lfAQF2AOz8wHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwdwYIKwYBBQUHAQsEazBpMGcGCCsGAQUFBzALhltyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqB1TEF2Mw
DQYJKoZIhvcNAQELBQADggEBAFSvituievqbqlqMHILWL1lstUPtFHEkcxvpdfB3
DDxXLJAtbl+nvUOB+bp20gSVVWZvwhN2k6QcHtFnVO7d2o1vw02AKmYFuZywvDN8
D0D7/xD7pGARm85Oo5555A6MLok9VeC/NNMjw5aEUAvMhzCUueyvRX35Rnd/tGE/
l7i1D+5BUuzf2KWo6aQFQVV+pme86SiquyJXY4pJp+qUa/36dimTpr3I1kwGQOka
v+gFds0gYpW9+12cjUdaZnLTe9gt9cfikSeawlLjGvxd7FItUEBBgGVxWSjuB6k5
xG/Aw7b5jt8Q+ey7NOvFHBAv13hgEZv+V5ELPIy0i05C4Dk=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:06:14 2025 by rpki-client