Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38302e302f32312d3231203d3e2036383439.roa
File: 33372e35322e38302e302f32312d3231203d3e2036383439.roa (raw, json)
Hash identifier: cBlJQ1nZQiLHJgw14sp9kHHzA8jqA+d5b21yyeLn9Cc=
Subject key identifier: 24:8F:97:96:79:3A:4A:05:31:66:78:C2:96:91:2D:C1:15:8E:99:D2
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 6D817B490A1FE6840473A5EE6A4E784FCD9E8471
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38302e302f32312d3231203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:37:37 +0000
ROA not before: Tue 20 Feb 2024 14:32:37 +0000
ROA not after: Tue 18 Feb 2025 14:37:37 +0000
asID: 6849
IP address blocks: 37.52.80.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:81:7b:49:0a:1f:e6:84:04:73:a5:ee:6a:4e:78:4f:cd:9e:84:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:32:37 2024 GMT
Not After : Feb 18 14:37:37 2025 GMT
Subject: CN=248F9796793A4A05316678C296912DC1158E99D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a9:cb:51:11:da:d3:c4:c2:21:2d:19:90:39:
f1:2f:cc:d0:41:62:87:58:38:e3:e3:07:c5:3b:8e:
a6:48:48:88:39:9c:06:26:dc:fa:0d:0a:da:8d:df:
f5:87:04:dc:6c:c9:0e:24:88:15:b5:c3:82:d6:b1:
b4:d7:2a:f3:54:91:45:91:ec:2d:12:e6:2e:ad:15:
bc:cb:00:8a:6d:0b:76:0e:d2:f1:2b:f3:20:ae:eb:
b3:d6:80:29:f5:88:45:35:57:e3:aa:67:a9:f5:09:
54:26:f5:5e:5d:42:93:af:34:86:ef:5d:a6:cf:9a:
a6:41:90:73:eb:ea:ca:04:6c:df:c1:25:b1:61:10:
46:b7:f9:22:aa:1b:2e:50:0e:af:e3:c7:6f:5e:68:
2b:f5:b0:fb:05:40:48:ac:24:76:aa:68:7e:e9:dc:
ef:54:43:18:f7:47:fa:3f:1e:45:cb:8a:cb:e5:3a:
8f:db:fb:81:42:57:cc:3c:66:14:8f:76:c4:6b:32:
b0:37:e8:e8:cb:fc:9f:d1:7d:5f:eb:a9:9d:4b:77:
ad:50:6e:93:b7:cc:e7:0a:0e:5a:7c:e7:ff:9b:81:
8f:81:29:26:7c:48:47:39:10:da:62:4d:e5:78:3a:
a2:51:1d:a5:54:07:c3:fd:a4:da:23:88:18:99:34:
3f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8F:97:96:79:3A:4A:05:31:66:78:C2:96:91:2D:C1:15:8E:99:D2
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38302e302f32312d3231203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.80.0/21
Signature Algorithm: sha256WithRSAEncryption
65:0b:de:a3:04:dc:63:a7:7c:6b:7b:43:ed:cb:d0:29:1b:10:
0b:ca:1e:41:e9:9b:95:90:ae:6c:d9:6a:80:f7:51:7a:bb:4b:
d0:a0:bd:32:5a:0a:32:19:88:2c:ba:ce:61:e6:8a:25:1a:2e:
26:f6:30:2d:4d:5b:d1:54:5d:2f:4d:10:e4:3b:12:52:e0:29:
45:75:d1:38:31:f0:68:e5:1c:91:91:dc:9a:e1:c4:e0:ca:58:
e0:6d:80:6a:8c:93:38:5d:66:1e:86:e6:c6:9f:93:81:17:8b:
df:21:e1:35:59:94:24:2d:87:98:bf:e9:cb:a7:3e:44:ed:4a:
58:ac:ca:00:0a:7a:48:5b:01:88:46:91:b7:6d:2f:9b:a0:6d:
29:bb:99:5a:63:9b:fb:91:bb:f0:26:ea:46:4d:9e:44:09:36:
8f:d4:b3:71:f4:b2:0b:7f:05:71:12:d8:a0:b7:73:e5:2d:04:
b1:f7:40:83:06:67:ae:29:82:1c:b4:59:6f:29:e5:52:60:44:
16:52:ab:44:11:91:e7:57:50:6c:af:17:ef:3a:aa:42:ec:2c:
c2:04:75:3a:93:f6:e1:c6:4b:5e:31:f6:a2:20:b8:77:b4:99:
a0:8a:b7:a5:09:e7:59:ff:a1:03:95:f3:7c:ac:80:01:f1:fc:
26:62:32:7d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUbYF7SQof5oQEc6Xuak54T82ehHEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMyMzdaFw0yNTAyMTgxNDM3MzdaMDMxMTAvBgNV
BAMTKDI0OEY5Nzk2NzkzQTRBMDUzMTY2NzhDMjk2OTEyREMxMTU4RTk5RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKqctREdrTxMIhLRmQOfEvzNBB
YodYOOPjB8U7jqZISIg5nAYm3PoNCtqN3/WHBNxsyQ4kiBW1w4LWsbTXKvNUkUWR
7C0S5i6tFbzLAIptC3YO0vEr8yCu67PWgCn1iEU1V+OqZ6n1CVQm9V5dQpOvNIbv
XabPmqZBkHPr6soEbN/BJbFhEEa3+SKqGy5QDq/jx29eaCv1sPsFQEisJHaqaH7p
3O9UQxj3R/o/HkXLisvlOo/b+4FCV8w8ZhSPdsRrMrA36OjL/J/RfV/rqZ1Ld61Q
bpO3zOcKDlp85/+bgY+BKSZ8SEc5ENpiTeV4OqJRHaVUB8P9pNojiBiZND+tAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUJI+Xlnk6SgUxZnjClpEtwRWOmdIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzgzMDJl
MzAyZjMyMzEyZDMyMzEyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJTRQMA0G
CSqGSIb3DQEBCwUAA4IBAQBlC96jBNxjp3xre0Pty9ApGxALyh5B6ZuVkK5s2WqA
91F6u0vQoL0yWgoyGYgsus5h5oolGi4m9jAtTVvRVF0vTRDkOxJS4ClFddE4MfBo
5RyRkdya4cTgyljgbYBqjJM4XWYehubGn5OBF4vfIeE1WZQkLYeYv+nLpz5E7UpY
rMoACnpIWwGIRpG3bS+boG0pu5laY5v7kbvwJupGTZ5ECTaP1LNx9LILfwVxEtig
t3PlLQSx90CDBmeuKYIctFlvKeVSYEQWUqtEEZHnV1BsrxfvOqpC7CzCBHU6k/bh
xkteMfaiILh3tJmgirelCedZ/6EDlfN8rIAB8fwmYjJ9
-----END CERTIFICATE-----
Generated at Fri Mar 14 01:00:45 2025 by rpki-client