Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3131312e302f32342d3234203d3e2036383439.roa
File: 33372e35322e3131312e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: lgTs/DZDIlXGGh0cNI8Rl08rHFV8jDlJtAb5dG7jPC0=
Subject key identifier: 4E:B2:B5:61:0C:26:44:4C:91:AA:0A:E7:17:6E:28:12:1F:07:2E:93
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5AC77371352732C943200F0342508144D97F7B14
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3131312e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:38:45 +0000
ROA not before: Tue 20 Feb 2024 14:33:45 +0000
ROA not after: Tue 18 Feb 2025 14:38:45 +0000
asID: 6849
IP address blocks: 37.52.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:c7:73:71:35:27:32:c9:43:20:0f:03:42:50:81:44:d9:7f:7b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:33:45 2024 GMT
Not After : Feb 18 14:38:45 2025 GMT
Subject: CN=4EB2B5610C26444C91AA0AE7176E28121F072E93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:20:55:96:d0:ba:c9:48:95:9b:c8:fb:97:70:
3a:39:6c:49:d7:ff:2b:1e:c1:b5:f9:b3:bb:47:5b:
5f:ac:8e:a5:c2:84:c3:1f:3c:29:c5:d2:68:f3:1c:
e5:50:1b:3c:5a:18:07:aa:64:bd:dd:27:6e:1e:96:
77:6d:c5:da:10:5b:7b:ec:c2:70:af:b0:80:ae:37:
f2:7e:9b:67:84:a1:14:95:d3:d1:12:ba:c3:1f:37:
b3:44:c7:99:14:ca:1a:a1:31:92:44:03:8a:96:e9:
90:8d:b0:86:ac:cd:38:26:64:e4:93:e2:3e:3c:95:
50:1d:5d:aa:a8:14:a6:19:1b:87:b8:0a:76:5b:8c:
d9:65:d4:e4:2f:c7:0b:41:6d:e4:d1:48:b9:46:10:
e4:58:42:3b:d9:5d:d8:31:84:77:7a:0a:ab:8c:b1:
92:a4:29:24:26:f1:a6:55:74:e3:4b:e5:5c:69:36:
94:02:54:fb:84:bd:31:39:a1:ec:b5:60:9c:cd:22:
c4:19:7c:ff:4e:01:b4:1c:7f:2c:a0:f8:ba:21:42:
fd:f2:be:ed:9e:90:ef:5e:8d:ab:ba:ea:c6:8e:cd:
50:49:30:ac:01:08:57:59:f2:3f:fa:31:ba:bb:cf:
b1:c8:84:5f:a0:f9:94:82:54:1a:35:7b:a0:fa:6d:
e6:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B2:B5:61:0C:26:44:4C:91:AA:0A:E7:17:6E:28:12:1F:07:2E:93
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3131312e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.111.0/24
Signature Algorithm: sha256WithRSAEncryption
94:ab:52:fc:62:14:e0:a3:2a:d3:88:ab:9a:8e:5d:ad:56:b0:
1d:29:f1:71:4b:1e:7e:05:9d:ed:9a:10:2a:f3:14:99:65:b8:
e7:57:94:36:d7:ff:41:dc:33:23:a8:bc:c2:8f:ac:95:50:98:
ac:fe:65:c8:c7:c8:05:af:f7:d9:8b:6c:55:7c:0f:ad:9f:ca:
ee:87:ca:5d:34:62:b7:a0:ec:a4:81:cd:f5:6b:23:f3:0d:0e:
c5:93:c4:fa:b5:2e:17:b2:01:92:dd:92:15:51:3a:1f:2d:08:
41:af:3e:ab:23:74:b4:d6:dc:e4:b3:3e:de:e7:4e:4c:f8:93:
91:f5:c2:29:18:58:2f:c1:45:47:f5:33:28:aa:c7:f3:33:24:
bf:ef:9b:ee:5b:23:a3:f0:03:cd:0b:6e:8d:94:4c:a4:50:55:
ac:6d:ca:71:e3:5c:1b:22:45:53:ee:a2:5b:fc:6d:a3:32:29:
18:1a:e6:62:1a:e1:7f:0f:d8:32:5b:b3:2b:08:71:2d:a1:f2:
97:07:ac:00:a3:49:41:3b:1d:7c:fb:c2:40:0c:e2:ac:87:8b:
d7:1d:cf:5c:67:5a:e7:de:d9:8f:34:60:1b:47:01:5b:af:bf:
2e:0f:12:9d:dc:8b:25:4d:93:8f:1f:2b:a6:e4:96:8f:d7:63:
6e:fe:9c:90
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUWsdzcTUnMslDIA8DQlCBRNl/exQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMzNDVaFw0yNTAyMTgxNDM4NDVaMDMxMTAvBgNV
BAMTKDRFQjJCNTYxMEMyNjQ0NEM5MUFBMEFFNzE3NkUyODEyMUYwNzJFOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD+IFWW0LrJSJWbyPuXcDo5bEnX
/ysewbX5s7tHW1+sjqXChMMfPCnF0mjzHOVQGzxaGAeqZL3dJ24elndtxdoQW3vs
wnCvsICuN/J+m2eEoRSV09ESusMfN7NEx5kUyhqhMZJEA4qW6ZCNsIaszTgmZOST
4j48lVAdXaqoFKYZG4e4CnZbjNll1OQvxwtBbeTRSLlGEORYQjvZXdgxhHd6CquM
sZKkKSQm8aZVdONL5VxpNpQCVPuEvTE5oey1YJzNIsQZfP9OAbQcfyyg+LohQv3y
vu2ekO9ejau66saOzVBJMKwBCFdZ8j/6Mbq7z7HIhF+g+ZSCVBo1e6D6beZ5AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUTrK1YQwmREyRqgrnF24oEh8HLpMwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzEzMTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzODM0Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAlNG8w
DQYJKoZIhvcNAQELBQADggEBAJSrUvxiFOCjKtOIq5qOXa1WsB0p8XFLHn4Fne2a
ECrzFJlluOdXlDbX/0HcMyOovMKPrJVQmKz+ZcjHyAWv99mLbFV8D62fyu6Hyl00
Yreg7KSBzfVrI/MNDsWTxPq1LheyAZLdkhVROh8tCEGvPqsjdLTW3OSzPt7nTkz4
k5H1wikYWC/BRUf1Myiqx/MzJL/vm+5bI6PwA80Lbo2UTKRQVaxtynHjXBsiRVPu
olv8baMyKRga5mIa4X8P2DJbsysIcS2h8pcHrACjSUE7HXz7wkAM4qyHi9cdz1xn
Wufe2Y80YBtHAVuvvy4PEp3ciyVNk48fK6bklo/XY27+nJA=
-----END CERTIFICATE-----
Generated at Fri Mar 14 01:51:01 2025 by rpki-client