Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3134382e302f32342d3234203d3e2036383439.roa
File: 33372e35322e3134382e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: APQ/S5w0DMyT2Ki3ttjWXDWkhfFZ8xq63FS7sTelifE=
Subject key identifier: 6B:58:6A:D9:0F:B4:9C:99:E1:57:6B:A1:92:FA:59:B5:B4:16:FC:45
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 20B1A8BF3AACD3934E384BC2231D14A6D58FD76B
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3134382e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:39:24 +0000
ROA not before: Tue 20 Feb 2024 14:34:24 +0000
ROA not after: Tue 18 Feb 2025 14:39:24 +0000
asID: 6849
IP address blocks: 37.52.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:b1:a8:bf:3a:ac:d3:93:4e:38:4b:c2:23:1d:14:a6:d5:8f:d7:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:34:24 2024 GMT
Not After : Feb 18 14:39:24 2025 GMT
Subject: CN=6B586AD90FB49C99E1576BA192FA59B5B416FC45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:23:7c:19:a9:4f:3b:a8:2f:d8:8f:f6:2e:86:
ec:52:f0:71:87:c5:a4:6a:58:df:66:4f:d7:e1:d8:
91:6e:a6:a0:59:77:e2:de:db:7e:fc:ce:af:6e:b2:
5b:6b:ab:31:d1:b9:84:bb:18:ff:ea:5e:34:6d:94:
fb:25:da:30:12:f0:e4:ab:ca:0a:1f:bc:24:eb:82:
83:b3:27:ba:d5:a0:a3:e1:1d:15:52:b6:81:e2:e5:
0a:f4:aa:92:53:31:8a:aa:44:ea:2e:ce:a3:a1:80:
99:80:af:96:ba:c8:aa:37:30:2a:06:fa:c7:99:cb:
96:25:98:1b:54:a5:86:98:dc:ae:e9:fc:8f:4d:f9:
dd:54:d1:fa:c1:c6:51:c0:ce:bd:a9:9c:13:9b:68:
52:6a:3a:19:ea:7e:36:8c:67:bb:2c:f2:a0:73:68:
6d:d1:df:4d:54:2a:3b:34:0c:30:4a:ba:1b:94:8a:
a1:69:08:46:1f:85:47:fe:d7:e0:45:7d:a1:98:42:
01:0f:2e:5b:81:f5:9d:fc:da:c6:7a:b9:57:ee:f3:
2f:50:8a:a0:19:4a:c2:92:94:d3:f6:03:aa:b6:5e:
60:7e:e2:9c:54:45:db:c9:53:73:ca:48:17:0b:ab:
7f:b9:8c:cf:20:e3:e8:a8:50:0b:ef:c2:55:b8:51:
28:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:58:6A:D9:0F:B4:9C:99:E1:57:6B:A1:92:FA:59:B5:B4:16:FC:45
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3134382e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.148.0/24
Signature Algorithm: sha256WithRSAEncryption
41:27:41:c6:37:3e:57:a4:42:3a:d5:b7:61:0f:11:f3:9c:b3:
7f:4d:89:0f:e9:95:e9:33:75:d0:cc:6f:fd:64:3a:e9:4b:a8:
7d:1d:77:06:a0:a6:f5:18:f0:69:0b:7e:72:ce:52:90:90:51:
58:05:02:c1:23:c0:b9:6f:02:18:75:31:8c:c5:3e:31:b6:94:
42:fd:ea:78:42:2b:4a:78:81:6c:eb:ec:3a:fe:28:93:b6:19:
23:78:e3:ba:c2:7a:3e:fc:fc:50:cd:2b:6a:15:b0:ef:41:55:
c7:9d:0e:58:4d:f4:6b:75:b0:5d:9b:dd:f2:04:91:24:03:bc:
5f:f4:19:03:67:de:ce:14:ae:af:b1:ab:d4:f4:ac:b8:a0:c4:
42:f5:73:2a:9c:cc:b8:bd:f9:5e:99:4d:31:60:0e:0e:c4:85:
c7:0a:04:d3:89:7d:00:09:0f:10:87:f1:94:f9:be:d7:64:4a:
db:08:25:00:ff:62:85:64:ba:cc:78:cb:9e:23:dd:1f:3e:24:
7c:f7:77:9f:eb:28:0d:4f:d9:cc:80:17:84:d8:57:81:c2:14:
13:41:de:f1:ca:c6:9a:94:36:17:95:67:9c:90:c5:7e:e9:e5:
3a:e3:59:bb:a9:19:f1:6a:f8:64:f5:31:ae:a9:b5:36:93:9c:
e4:4d:ac:87
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUILGovzqs05NOOEvCIx0UptWP12swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDM0MjRaFw0yNTAyMTgxNDM5MjRaMDMxMTAvBgNV
BAMTKDZCNTg2QUQ5MEZCNDlDOTlFMTU3NkJBMTkyRkE1OUI1QjQxNkZDNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0I3wZqU87qC/Yj/YuhuxS8HGH
xaRqWN9mT9fh2JFupqBZd+Le2378zq9usltrqzHRuYS7GP/qXjRtlPsl2jAS8OSr
ygofvCTrgoOzJ7rVoKPhHRVStoHi5Qr0qpJTMYqqROouzqOhgJmAr5a6yKo3MCoG
+seZy5YlmBtUpYaY3K7p/I9N+d1U0frBxlHAzr2pnBObaFJqOhnqfjaMZ7ss8qBz
aG3R301UKjs0DDBKuhuUiqFpCEYfhUf+1+BFfaGYQgEPLluB9Z382sZ6uVfu8y9Q
iqAZSsKSlNP2A6q2XmB+4pxURdvJU3PKSBcLq3+5jM8g4+ioUAvvwlW4UShvAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUa1hq2Q+0nJnhV2uhkvpZtbQW/EUwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzEzNDM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzODM0Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAlNJQw
DQYJKoZIhvcNAQELBQADggEBAEEnQcY3PlekQjrVt2EPEfOcs39NiQ/plekzddDM
b/1kOulLqH0ddwagpvUY8GkLfnLOUpCQUVgFAsEjwLlvAhh1MYzFPjG2lEL96nhC
K0p4gWzr7Dr+KJO2GSN447rCej78/FDNK2oVsO9BVcedDlhN9Gt1sF2b3fIEkSQD
vF/0GQNn3s4Urq+xq9T0rLigxEL1cyqczLi9+V6ZTTFgDg7EhccKBNOJfQAJDxCH
8ZT5vtdkStsIJQD/YoVkusx4y54j3R8+JHz3d5/rKA1P2cyAF4TYV4HCFBNB3vHK
xpqUNheVZ5yQxX7p5TrjWbupGfFq+GT1Ma6ptTaTnORNrIc=
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:23:38 2025 by rpki-client