Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3133362e302f32312d3231203d3e2036383439.roa
File: 33372e35322e3133362e302f32312d3231203d3e2036383439.roa (raw, json)
Hash identifier: nwVK3aZl8BHuo7CfTSit8uOqLAM89yVLet2UMK0yy9I=
Subject key identifier: 04:D1:DE:52:82:3D:E3:C7:74:89:09:1B:49:78:4D:0C:29:D1:CF:C3
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 748763F0EDE54FD01A97D9A96AC78100464209
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3133362e302f32312d3231203d3e2036383439.roa
Signing time: Tue 20 Feb 2024 14:39:03 +0000
ROA not before: Tue 20 Feb 2024 14:34:03 +0000
ROA not after: Tue 18 Feb 2025 14:39:03 +0000
asID: 6849
IP address blocks: 37.52.136.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:87:63:f0:ed:e5:4f:d0:1a:97:d9:a9:6a:c7:81:00:46:42:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 20 14:34:03 2024 GMT
Not After : Feb 18 14:39:03 2025 GMT
Subject: CN=04D1DE52823DE3C77489091B49784D0C29D1CFC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0d:ea:c6:51:3a:c0:3e:45:e9:17:b6:c8:52:
a8:45:9a:d6:05:43:93:da:e3:57:97:b8:3c:70:43:
f8:f3:9b:5b:52:d7:1e:18:be:e2:80:b6:d6:de:4d:
6a:99:dd:76:e4:ed:20:93:f6:26:d1:88:6f:4b:5c:
5d:db:3d:2a:19:aa:e5:b4:55:be:11:94:35:8c:c0:
e6:60:d0:c2:11:34:5e:31:92:41:52:42:34:78:1c:
dd:7c:51:33:68:36:ab:05:02:7a:9a:90:06:5e:3a:
91:5c:3b:19:3f:a8:2b:09:a1:5f:12:18:79:3d:77:
5b:cf:85:df:23:18:ea:e5:4b:78:9e:07:7b:a3:0a:
5e:e4:9c:49:bb:c4:92:4d:ba:70:49:b5:85:3d:7b:
f1:9e:09:2a:b1:fc:28:89:6a:06:46:3a:f8:96:fa:
04:28:3c:ac:e3:71:60:64:7b:df:ef:a6:a5:9d:0b:
e2:89:96:92:ca:c1:84:a6:c7:08:11:0d:64:6b:ae:
c7:8e:21:13:ef:6c:69:9e:1b:cb:f4:7d:e9:29:de:
f7:4d:c7:d9:17:85:20:51:d3:bc:a7:a9:0b:fa:f7:
07:46:9f:97:da:52:fb:ff:ef:12:b6:f9:06:9f:fc:
71:93:0a:0a:8a:5b:76:88:f3:35:74:f4:30:3e:0c:
81:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:D1:DE:52:82:3D:E3:C7:74:89:09:1B:49:78:4D:0C:29:D1:CF:C3
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/33372e35322e3133362e302f32312d3231203d3e2036383439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.136.0/21
Signature Algorithm: sha256WithRSAEncryption
90:6f:13:3b:1b:01:cd:0f:64:26:ea:08:15:f2:e1:29:c7:69:
c1:f5:81:b3:2c:5e:b6:e2:03:10:35:ae:5f:73:83:ec:a8:75:
62:5a:d3:0a:f3:0b:44:75:0f:c0:ad:50:42:ff:3d:1f:b8:37:
c9:73:21:4b:96:a6:02:b9:d6:3d:8e:e3:16:47:69:fc:c1:e3:
36:09:ec:70:08:80:a3:f9:6c:c9:8b:ed:85:e9:be:31:fa:04:
37:fd:9e:bb:66:c9:86:84:bc:dc:43:16:1c:ae:2b:e5:da:04:
16:2b:a0:c5:f1:b2:ae:7e:c1:cd:dd:99:a0:c9:e5:71:2e:09:
77:fc:ed:e2:30:81:d2:6e:3c:f4:15:44:b1:31:27:2f:11:cb:
48:8d:45:a0:e6:03:f0:c4:43:d3:b0:c5:b5:1d:6e:7e:5c:52:
e3:d9:bd:db:67:7f:65:29:fe:bb:34:10:88:08:67:36:26:ee:
97:d2:0c:f8:96:a0:9e:e7:cd:78:dc:bf:a1:95:03:f9:f7:d5:
51:58:47:2f:d4:4d:e4:3f:3f:58:ee:3c:30:e6:c7:d2:b6:f9:
03:46:4c:12:fe:24:07:4c:59:0c:85:f9:f2:9d:4c:db:a9:f9:
6b:6e:04:c9:b2:98:e4:85:62:5f:d6:56:bd:6e:58:70:d7:1e:
50:41:a3:08
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgITdIdj8O3lT9Aal9mpaseBAEZCCTANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg5YmQ4MTMzOTFlNGFmMmFlMzEwM2MxODkxYjIyNzJkNGQ1
YzEzYjVmMB4XDTI0MDIyMDE0MzQwM1oXDTI1MDIxODE0MzkwM1owMzExMC8GA1UE
AxMoMDREMURFNTI4MjNERTNDNzc0ODkwOTFCNDk3ODREMEMyOUQxQ0ZDMzCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMYN6sZROsA+RekXtshSqEWa1gVD
k9rjV5e4PHBD+PObW1LXHhi+4oC21t5NapndduTtIJP2JtGIb0tcXds9Khmq5bRV
vhGUNYzA5mDQwhE0XjGSQVJCNHgc3XxRM2g2qwUCepqQBl46kVw7GT+oKwmhXxIY
eT13W8+F3yMY6uVLeJ4He6MKXuScSbvEkk26cEm1hT178Z4JKrH8KIlqBkY6+Jb6
BCg8rONxYGR73++mpZ0L4omWksrBhKbHCBENZGuux44hE+9saZ4by/R96Sne903H
2ReFIFHTvKepC/r3B0afl9pS+//vErb5Bp/8cZMKCopbdojzNXT0MD4MgZsCAwEA
AaOCAjkwggI1MB0GA1UdDgQWBBQE0d5Sgj3jx3SJCRtJeE0MKdHPwzAfBgNVHSME
GDAWgBSb2BM5HkryrjEDwYkbInLU1cE7XzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS9jNDc4ZjZmNS00NDlhLTQ4MjctOTlkNS1iZjZiOTNhOGY2
YjQvMC85QkQ4MTMzOTFFNEFGMkFFMzEwM0MxODkxQjIyNzJENEQ1QzEzQjVGLmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvbTlnVE9SNUs4cTR4QThHSkd5SnkxTlhC
TzE4LmNlcjCBqQYIKwYBBQUHAQsEgZwwgZkwgZYGCCsGAQUFBzALhoGJcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9jNDc4ZjZmNS00
NDlhLTQ4MjctOTlkNS1iZjZiOTNhOGY2YjQvMC8zMzM3MmUzNTMyMmUzMTMzMzYy
ZTMwMmYzMjMxMmQzMjMxMjAzZDNlMjAzNjM4MzQzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAyU0iDAN
BgkqhkiG9w0BAQsFAAOCAQEAkG8TOxsBzQ9kJuoIFfLhKcdpwfWBsyxetuIDEDWu
X3OD7Kh1YlrTCvMLRHUPwK1QQv89H7g3yXMhS5amArnWPY7jFkdp/MHjNgnscAiA
o/lsyYvthem+MfoEN/2eu2bJhoS83EMWHK4r5doEFiugxfGyrn7Bzd2ZoMnlcS4J
d/zt4jCB0m489BVEsTEnLxHLSI1FoOYD8MRD07DFtR1uflxS49m922d/ZSn+uzQQ
iAhnNibul9IM+JagnufNeNy/oZUD+ffVUVhHL9RN5D8/WO48MObH0rb5A0ZMEv4k
B0xZDIX58p1M26n5a24EybKY5IViX9ZWvW5YcNceUEGjCA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:58:29 2025 by rpki-client