Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38312e302f32342d3234203d3e2036383439.roa
File: 33372e35322e38312e302f32342d3234203d3e2036383439.roa (raw, json)
Hash identifier: V00xm5e3x+RZvBLIDp0T51lzLfUx3tc6z9c48YgHB9c=
Subject key identifier: 9F:C1:A8:03:46:21:C0:98:A9:C8:63:83:02:FF:53:DF:E9:3F:DE:1B
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 2D05F60AEB00B72B2AB2ED70D1F9B1B323673D38
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38312e302f32342d3234203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:37:34 +0000
ROA not before: Tue 20 Feb 2024 14:32:34 +0000
ROA not after: Tue 18 Feb 2025 14:37:34 +0000
asID: 6849
IP address blocks: 37.52.81.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:05:f6:0a:eb:00:b7:2b:2a:b2:ed:70:d1:f9:b1:b3:23:67:3d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:32:34 2024 GMT
Not After : Feb 18 14:37:34 2025 GMT
Subject: CN=9FC1A8034621C098A9C8638302FF53DFE93FDE1B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a3:e3:77:fb:10:27:3a:26:17:ef:ba:4a:b0:
ea:72:62:89:41:8e:e2:94:c9:85:3a:d2:7e:16:96:
bb:28:b2:30:1b:86:62:af:e7:f9:45:43:4a:5f:de:
4f:77:ab:fd:c4:ec:a0:78:d8:ed:94:99:bf:bd:48:
63:a6:6f:37:bf:90:3e:2c:53:83:e5:4f:38:54:ef:
0d:fb:b6:43:81:a7:28:37:d4:88:6d:72:ef:8c:8a:
1d:4f:bd:2f:8d:a4:39:f8:e6:f1:e8:4f:37:ec:76:
e7:59:f7:9d:47:dc:ea:8c:ec:18:eb:94:f2:b6:bd:
52:2b:0b:92:2e:82:66:93:4c:91:22:55:30:7e:b5:
81:77:dc:20:d4:78:04:0f:b8:c4:52:88:7d:8e:f9:
7f:d2:5e:e4:2d:4b:02:0c:a1:d3:b5:dc:80:15:2b:
7f:9d:ba:e5:cf:aa:de:2b:03:bc:5b:e2:1b:46:1f:
ad:e7:4b:8b:92:46:22:2b:40:7b:bc:87:86:c1:42:
0f:a3:17:e9:be:8e:7c:12:7a:df:90:c1:05:64:1e:
e0:a9:fd:11:34:0f:e2:6a:77:10:68:65:00:45:da:
da:a6:24:a5:70:97:ca:ca:37:38:ca:c0:84:c1:04:
67:7f:41:7b:65:65:dc:28:88:f4:d5:e3:d2:d2:11:
b6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:C1:A8:03:46:21:C0:98:A9:C8:63:83:02:FF:53:DF:E9:3F:DE:1B
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e38312e302f32342d3234203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.81.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:17:03:46:b5:d6:90:81:88:c9:5b:a7:48:a2:f7:44:ba:f4:
02:85:ae:6a:f7:e4:f4:0c:dd:da:62:93:04:f1:b6:d7:2b:48:
f1:d7:69:e6:97:ea:cb:fd:55:5a:a1:96:37:57:0c:55:67:af:
f4:81:85:6f:f9:ab:bf:98:69:48:bc:05:4e:6d:17:06:92:2c:
3e:99:e5:d7:c2:cd:25:5d:0e:9e:ff:bb:aa:1a:52:dd:d2:8e:
fc:fe:4d:86:f9:3e:39:58:28:09:f6:e4:33:01:21:c6:a6:bd:
cf:b9:5e:bd:0b:a1:94:55:23:c2:9f:3d:69:54:77:f4:2a:40:
df:c4:15:d9:f8:55:78:fe:c2:1e:c0:08:df:bb:d5:c4:43:96:
14:17:98:d9:75:db:9f:d9:a1:8e:e6:c6:46:06:6e:b2:33:54:
70:ee:90:c6:fb:26:95:81:98:8e:62:0a:d7:02:58:49:be:d5:
85:b0:49:d1:4d:b7:b2:89:a3:81:12:40:cf:54:23:5c:86:00:
9e:0d:51:4a:03:d9:e3:22:2f:49:a7:39:83:a4:a9:5e:54:2a:
d6:70:8b:c0:ed:d1:25:f2:17:09:a1:25:73:14:97:2c:8c:3a:
16:1d:a6:08:10:ef:78:09:4c:45:72:c6:40:af:e8:e4:07:be:
e2:cd:fd:15
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIULQX2CusAtysqsu1w0fmxsyNnPTgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDAyMjAxNDMyMzRaFw0yNTAyMTgxNDM3MzRaMDMxMTAvBgNV
BAMTKDlGQzFBODAzNDYyMUMwOThBOUM4NjM4MzAyRkY1M0RGRTkzRkRFMUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9o+N3+xAnOiYX77pKsOpyYolB
juKUyYU60n4WlrsosjAbhmKv5/lFQ0pf3k93q/3E7KB42O2Umb+9SGOmbze/kD4s
U4PlTzhU7w37tkOBpyg31Ihtcu+Mih1PvS+NpDn45vHoTzfsdudZ951H3OqM7Bjr
lPK2vVIrC5IugmaTTJEiVTB+tYF33CDUeAQPuMRSiH2O+X/SXuQtSwIModO13IAV
K3+duuXPqt4rA7xb4htGH63nS4uSRiIrQHu8h4bBQg+jF+m+jnwSet+QwQVkHuCp
/RE0D+JqdxBoZQBF2tqmJKVwl8rKNzjKwITBBGd/QXtlZdwoiPTV49LSEbY/AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUn8GoA0YhwJipyGODAv9T3+k/3hswHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUt
NDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThmNmI0LzAvMzMzNzJlMzUzMjJlMzgzMTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzgzNDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTRRMA0G
CSqGSIb3DQEBCwUAA4IBAQAeFwNGtdaQgYjJW6dIovdEuvQCha5q9+T0DN3aYpME
8bbXK0jx12nml+rL/VVaoZY3VwxVZ6/0gYVv+au/mGlIvAVObRcGkiw+meXXws0l
XQ6e/7uqGlLd0o78/k2G+T45WCgJ9uQzASHGpr3PuV69C6GUVSPCnz1pVHf0KkDf
xBXZ+FV4/sIewAjfu9XEQ5YUF5jZdduf2aGO5sZGBm6yM1Rw7pDG+yaVgZiOYgrX
AlhJvtWFsEnRTbeyiaOBEkDPVCNchgCeDVFKA9njIi9JpzmDpKleVCrWcIvA7dEl
8hcJoSVzFJcsjDoWHaYIEO94CUxFcsZAr+jkB77izf0V
-----END CERTIFICATE-----
Generated at Fri Mar 14 00:57:37 2025 by rpki-client