Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e312e302f32342d3234203d3e2036383439.roa
File: 33372e35322e312e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: im8UqtydVu0NcFbK2F/ZdLVxoieXaXukeMl0EwfubJw=
Subject key identifier: BB:4D:58:8F:20:FA:3D:D1:54:A5:A0:D5:91:6B:96:95:96:31:1C:EF
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 040544B5F87A5B6653DE970545B39342D08864F6
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e312e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:36:12 +0000
ROA not before: Tue 20 Feb 2024 14:31:12 +0000
ROA not after: Tue 18 Feb 2025 14:36:12 +0000
asID: 6849
IP address blocks: 37.52.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:05:44:b5:f8:7a:5b:66:53:de:97:05:45:b3:93:42:d0:88:64:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:31:12 2024 GMT
Not After : Feb 18 14:36:12 2025 GMT
Subject: CN=BB4D588F20FA3DD154A5A0D5916B969596311CEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f6:57:c1:3e:45:db:9d:3f:c1:d6:95:99:c0:
5d:f4:24:6f:69:9d:a8:9a:ad:f9:37:0b:62:c5:a3:
aa:15:79:71:ce:19:d9:a1:f5:2e:1f:79:35:72:20:
65:0a:05:d9:72:45:69:d9:2a:23:23:e0:34:31:7a:
94:99:7f:eb:0c:94:35:59:36:3d:19:7d:91:53:80:
25:1b:be:1a:a1:75:a4:12:8f:32:a3:29:6b:98:ba:
4e:19:12:7a:49:3c:ff:b7:db:c5:6c:cb:cc:a0:ae:
47:25:df:33:c9:a9:5e:ff:32:12:b8:3d:13:f3:f8:
d0:e4:7a:e9:8d:80:31:a4:33:6c:c5:23:b7:4f:8d:
f5:1b:9f:fc:91:be:04:5c:7e:e9:21:c0:5c:87:24:
c9:f2:c9:1b:b8:80:81:ea:67:c7:75:bc:4c:35:f1:
15:77:1e:eb:d9:b0:a2:4e:60:cd:14:39:87:1e:fc:
bb:7e:2e:c7:1d:6b:05:fa:47:92:7c:db:de:62:26:
4b:84:e8:44:b8:92:f5:84:21:79:a6:7e:a9:12:43:
6a:66:c8:42:dc:e9:c8:5c:d7:61:3a:30:3c:27:87:
a4:85:27:a4:ee:37:19:c4:44:3e:0b:81:a0:1e:c1:
76:91:be:a9:44:21:58:f6:6f:e8:ff:95:bc:be:b8:
94:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:4D:58:8F:20:FA:3D:D1:54:A5:A0:D5:91:6B:96:95:96:31:1C:EF
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e312e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.1.0/24
Signature Algorithm: sha256WithRSAEncryption
94:b3:9d:91:d1:e5:1b:af:ed:5e:f4:4a:d1:a5:c7:f7:fd:34:
69:78:bb:b8:3e:53:21:8e:a6:30:07:be:34:6b:7f:e2:f4:3c:
66:32:0a:4e:e8:b7:d2:30:6a:37:b6:6b:b2:e6:70:33:27:83:
55:05:a7:4f:48:4c:61:ad:f2:9b:4d:ff:25:20:46:0f:df:6e:
f4:96:26:12:fe:49:f6:79:c4:14:17:9e:cc:11:c2:d0:7b:5e:
b3:b6:63:48:27:c2:08:1f:14:59:56:0a:7f:74:8e:04:96:04:
18:8e:12:f9:34:83:17:63:2f:22:bc:d5:ba:50:c3:75:a8:e1:
f5:64:43:8f:9e:0f:99:76:0e:4e:e5:1a:2f:d4:81:0e:73:e3:
77:a8:7d:b2:63:ac:b9:b3:4d:45:50:9e:39:2e:9b:57:98:8e:
a9:ff:ca:11:6b:90:c6:e0:8a:5c:01:fe:22:00:ec:0e:0e:87:
b5:06:06:21:b7:ae:9a:cf:91:b7:7f:f1:d7:68:28:2f:f5:32:
08:84:9e:6b:18:94:4f:fc:77:ba:1a:b3:cb:dc:f9:ed:c9:93:
1d:78:65:ff:58:ff:1c:e4:e7:08:9e:ed:c5:52:d7:0a:5b:25:
47:4d:9a:6e:2a:13:97:36:39:9f:2c:a1:9b:be:43:cb:8f:9f:
da:23:f6:2a
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUBAVEtfh6W2ZT3pcFRbOTQtCIZPYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMxMTJaFw0yNTAyMTgxNDM2MTJaMDMxMTAvBgNV
BAMTKEJCNEQ1ODhGMjBGQTNERDE1NEE1QTBENTkxNkI5Njk1OTYzMTFDRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn9lfBPkXbnT/B1pWZwF30JG9p
naiarfk3C2LFo6oVeXHOGdmh9S4feTVyIGUKBdlyRWnZKiMj4DQxepSZf+sMlDVZ
Nj0ZfZFTgCUbvhqhdaQSjzKjKWuYuk4ZEnpJPP+328Vsy8ygrkcl3zPJqV7/MhK4
PRPz+NDkeumNgDGkM2zFI7dPjfUbn/yRvgRcfukhwFyHJMnyyRu4gIHqZ8d1vEw1
8RV3HuvZsKJOYM0UOYce/Lt+LscdawX6R5J8295iJkuE6ES4kvWEIXmmfqkSQ2pm
yELc6chc12E6MDwnh6SFJ6TuNxnERD4LgaAewXaRvqlEIVj2b+j/lby+uJRnAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUu01YjyD6PdFUpaDVkWuWlZYxHO8wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzEyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNjM4MzQzOS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACU0ATANBgkq
hkiG9w0BAQsFAAOCAQEAlLOdkdHlG6/tXvRK0aXH9/00aXi7uD5TIY6mMAe+NGt/
4vQ8ZjIKTui30jBqN7ZrsuZwMyeDVQWnT0hMYa3ym03/JSBGD99u9JYmEv5J9nnE
FBeezBHC0Htes7ZjSCfCCB8UWVYKf3SOBJYEGI4S+TSDF2MvIrzVulDDdajh9WRD
j54PmXYOTuUaL9SBDnPjd6h9smOsubNNRVCeOS6bV5iOqf/KEWuQxuCKXAH+IgDs
Dg6HtQYGIbeums+Rt3/x12goL/UyCISeaxiUT/x3uhqzy9z57cmTHXhl/1j/HOTn
CJ7txVLXClslR02abioTlzY5nyyhm75Dy4+f2iP2Kg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:19:03 2025 by rpki-client