Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33382e302f32342d3234203d3e2036383439.roa
File: 33372e35322e33382e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: g2KQs8oPJ5srvAy1P+GaeqyXA+9I5pVWUzVxyuh3RqE=
Subject key identifier: D4:6B:01:35:00:03:46:4C:2B:C9:E5:5C:6D:60:B6:F8:EF:0D:97:1A
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 371291706F582BBB4402ED386869DE229A9EBD6A
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33382e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:36:44 +0000
ROA not before: Tue 20 Feb 2024 14:31:44 +0000
ROA not after: Tue 18 Feb 2025 14:36:44 +0000
asID: 6849
IP address blocks: 37.52.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:12:91:70:6f:58:2b:bb:44:02:ed:38:68:69:de:22:9a:9e:bd:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:31:44 2024 GMT
Not After : Feb 18 14:36:44 2025 GMT
Subject: CN=D46B01350003464C2BC9E55C6D60B6F8EF0D971A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:48:26:bc:f0:51:eb:6d:55:09:5c:46:03:78:
77:7e:26:dc:eb:03:fd:e4:6a:f3:48:5a:fb:2a:e3:
3e:45:78:8d:30:8c:c3:75:d7:5d:55:c3:ba:99:0b:
cf:f7:38:d7:4d:c7:9d:d1:c3:a8:2a:3c:64:51:ef:
5a:59:e3:45:3c:fc:57:2b:d3:84:ce:5f:ac:fc:74:
fe:e9:ce:89:56:49:53:74:b5:fa:c2:c3:3a:ed:4f:
b5:45:a1:38:f8:4c:35:e9:69:16:ed:2e:4a:dc:55:
43:d9:72:36:bc:ca:08:db:de:03:8a:08:64:48:01:
0c:57:b1:ff:b7:f5:92:36:71:a5:77:13:a4:fa:98:
93:5a:08:07:3b:14:2e:ab:9c:40:69:69:df:87:6a:
41:ef:22:e2:6d:9a:8c:d0:f4:1a:b7:43:7f:5a:03:
f9:f3:f7:42:d5:f0:64:e9:8c:16:4d:d6:b1:61:a2:
95:a4:85:b5:8b:4c:00:db:b8:5a:ce:7b:a5:af:52:
17:7a:fa:04:58:c6:0e:7e:2c:7f:33:2b:1d:09:d7:
2e:5b:11:c6:69:85:f4:7a:a4:86:77:6f:7e:82:d6:
8b:31:d9:6f:53:4e:eb:c6:93:a7:1f:0a:ec:74:5c:
c9:8a:d1:00:f1:11:99:36:15:a7:f2:13:a3:09:7a:
7c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:6B:01:35:00:03:46:4C:2B:C9:E5:5C:6D:60:B6:F8:EF:0D:97:1A
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e33382e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.38.0/24
Signature Algorithm: sha256WithRSAEncryption
05:81:27:37:0a:e7:03:b3:82:e2:a0:16:18:90:6d:b0:c4:38:
ab:d1:3c:ab:3b:b2:fe:47:1e:46:6a:24:c2:82:df:41:18:9c:
75:6d:ac:b2:f6:ba:42:6f:bc:f9:9f:bc:8d:90:93:ae:55:b1:
e9:b6:df:e0:5b:40:d8:c5:7e:0f:eb:09:b4:82:41:0b:50:ed:
3b:2d:95:6d:3c:61:7c:42:a5:1b:0d:21:f1:fd:2c:21:a5:80:
1d:9a:1c:07:13:0d:3d:f9:9e:a2:c2:b7:d1:d0:35:32:18:20:
43:cd:32:c8:2c:c0:36:16:e3:82:39:a9:1f:51:e8:be:13:05:
48:94:5b:f4:a4:54:0b:16:87:cb:23:7a:74:3c:d8:92:32:76:
55:5f:94:b8:94:c9:3d:ce:88:1b:b1:5c:c2:b9:5d:d4:d0:f6:
7b:21:0d:35:f4:e8:64:36:30:e9:c3:f5:2e:56:28:fc:8b:13:
02:41:38:d2:96:16:09:f9:93:70:9f:a0:b6:5a:ef:e1:9a:79:
bb:8c:b7:78:55:ae:c4:0a:79:d8:57:46:c8:eb:97:e3:17:49:
ea:7e:1e:f6:53:01:f3:74:40:6b:a3:5c:c1:8a:88:79:d2:b9:
45:02:1d:19:31:43:c0:a8:68:18:6d:59:d5:86:da:a2:99:ef:
b4:d6:72:e9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUNxKRcG9YK7tEAu04aGneIpqevWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMxNDRaFw0yNTAyMTgxNDM2NDRaMDMxMTAvBgNV
BAMTKEQ0NkIwMTM1MDAwMzQ2NEMyQkM5RTU1QzZENjBCNkY4RUYwRDk3MUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxSCa88FHrbVUJXEYDeHd+Jtzr
A/3kavNIWvsq4z5FeI0wjMN1111Vw7qZC8/3ONdNx53Rw6gqPGRR71pZ40U8/Fcr
04TOX6z8dP7pzolWSVN0tfrCwzrtT7VFoTj4TDXpaRbtLkrcVUPZcja8ygjb3gOK
CGRIAQxXsf+39ZI2caV3E6T6mJNaCAc7FC6rnEBpad+HakHvIuJtmozQ9Bq3Q39a
A/nz90LV8GTpjBZN1rFhopWkhbWLTADbuFrOe6WvUhd6+gRYxg5+LH8zKx0J1y5b
EcZphfR6pIZ3b36C1osx2W9TTuvGk6cfCux0XMmK0QDxEZk2FafyE6MJenz1AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU1GsBNQADRkwryeVcbWC2+O8NlxowHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzMzODJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTQmMA0G
CSqGSIb3DQEBCwUAA4IBAQAFgSc3CucDs4LioBYYkG2wxDir0TyrO7L+Rx5GaiTC
gt9BGJx1bayy9rpCb7z5n7yNkJOuVbHptt/gW0DYxX4P6wm0gkELUO07LZVtPGF8
QqUbDSHx/SwhpYAdmhwHEw09+Z6iwrfR0DUyGCBDzTLILMA2FuOCOakfUei+EwVI
lFv0pFQLFofLI3p0PNiSMnZVX5S4lMk9zogbsVzCuV3U0PZ7IQ019OhkNjDpw/Uu
Vij8ixMCQTjSlhYJ+ZNwn6C2Wu/hmnm7jLd4Va7ECnnYV0bI65fjF0nqfh72UwHz
dEBro1zBioh50rlFAh0ZMUPAqGgYbVnVhtqime+01nLp
-----END CERTIFICATE-----
Generated at Fri Mar 14 00:58:05 2025 by rpki-client