Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138382e302f32342d3234203d3e203631333137.roa
File: 3138352e3131312e3138382e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: S+oiH0lDbkCGOhNLdjA3jXSzkrn1zMqGBhd59jZn8BM=
Subject key identifier: 47:75:6F:37:12:A0:3B:A4:93:87:F7:5D:21:E8:88:E7:48:71:FE:14
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 1EB1F8BD66CD2454417E35C5C29D8861BDD88DF7
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138382e302f32342d3234203d3e203631333137.roa
Signing time: Tue 03 Jan 2023 16:11:55 +0000
ROA not before: Tue 03 Jan 2023 16:06:55 +0000
ROA not after: Tue 02 Jan 2024 16:11:55 +0000
asID: 61317
IP address blocks: 185.111.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:b1:f8:bd:66:cd:24:54:41:7e:35:c5:c2:9d:88:61:bd:d8:8d:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Jan 3 16:06:55 2023 GMT
Not After : Jan 2 16:11:55 2024 GMT
Subject: CN=47756F3712A03BA49387F75D21E888E74871FE14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:44:40:2f:04:41:37:fc:e5:e9:66:96:2b:32:
22:13:d2:07:c6:29:cd:6f:f6:6b:e3:fe:18:15:61:
df:3e:53:5c:fe:b8:ca:84:0b:b5:02:8e:c2:fe:46:
cc:bf:0b:5c:93:ed:9e:97:c6:40:fb:c9:3d:b8:c6:
66:10:e7:34:16:d5:00:e6:15:a6:49:04:59:ae:3e:
84:ac:ab:18:35:ad:74:39:42:54:c9:b8:d7:03:31:
63:03:c6:0e:35:37:bb:73:58:84:20:b9:d8:5c:46:
59:ab:6a:51:8e:d7:1a:6c:1b:d9:a9:68:43:51:b0:
b8:1b:9f:51:69:b1:92:22:71:56:7a:09:71:64:8b:
0d:91:dd:49:82:b4:ef:43:9c:db:17:86:21:4c:c3:
30:b0:2a:ca:ca:2e:da:f1:36:ac:4e:3a:dd:f2:ea:
5a:90:e5:ad:da:3f:f6:a4:f8:08:6c:0f:90:2f:e9:
e1:58:ad:7f:f2:7e:c7:c1:68:2e:9d:31:1d:af:14:
07:4a:5e:7d:55:00:77:03:29:bc:03:75:c8:ca:71:
60:5b:3c:85:67:ca:54:9e:2b:3d:c1:1e:58:62:23:
a9:db:45:4f:ca:9f:59:a2:36:b2:ff:33:81:b5:b6:
b4:ef:3f:95:8d:44:a7:63:82:8b:c9:9c:cc:54:18:
47:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:75:6F:37:12:A0:3B:A4:93:87:F7:5D:21:E8:88:E7:48:71:FE:14
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138382e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.188.0/24
Signature Algorithm: sha256WithRSAEncryption
48:29:49:8d:84:22:a6:7a:34:8b:66:4c:16:c0:80:ab:88:bc:
a7:92:db:04:fc:12:b0:c8:a0:bc:96:e7:ed:4b:7e:a7:3d:54:
8b:de:61:31:e8:09:34:c8:e9:3e:63:be:81:0b:42:2c:34:d3:
7f:94:bc:85:62:c8:02:fb:48:6b:2d:3a:8f:89:ef:01:72:c4:
ac:8c:43:b6:42:1f:7a:21:6a:a0:bf:43:e5:cf:87:fe:62:e0:
16:e8:c2:9e:ac:91:b3:d7:ae:98:03:53:2e:54:9d:43:da:9a:
d0:27:6b:a9:4f:8b:05:35:07:15:08:61:74:b9:73:d9:12:a6:
d0:54:2a:79:01:af:22:b1:00:e7:88:c5:f3:24:8d:e9:c5:ea:
08:fe:05:7c:43:79:d2:cf:b1:ab:9a:0c:a6:27:de:0e:3e:ad:
0e:83:16:02:ca:06:20:fa:a5:48:fb:09:bd:04:df:c8:ed:39:
1d:9d:cb:bf:17:af:2a:14:0a:ec:fc:17:b4:1d:72:36:e7:d4:
99:2d:e7:b0:14:71:7c:93:79:90:73:b5:1f:9d:ae:60:cd:4f:
f5:9b:91:d6:67:e5:15:33:25:1d:d0:5b:ab:d2:21:5d:eb:37:
50:77:15:c9:f7:8a:77:82:a6:d9:04:02:ca:88:00:ae:93:2a:
2d:ce:a8:18
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHrH4vWbNJFRBfjXFwp2IYb3YjfcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzAxMDMxNjA2NTVaFw0yNDAxMDIxNjExNTVaMDMxMTAvBgNV
BAMTKDQ3NzU2RjM3MTJBMDNCQTQ5Mzg3Rjc1RDIxRTg4OEU3NDg3MUZFMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9REAvBEE3/OXpZpYrMiIT0gfG
Kc1v9mvj/hgVYd8+U1z+uMqEC7UCjsL+Rsy/C1yT7Z6XxkD7yT24xmYQ5zQW1QDm
FaZJBFmuPoSsqxg1rXQ5QlTJuNcDMWMDxg41N7tzWIQgudhcRlmralGO1xpsG9mp
aENRsLgbn1FpsZIicVZ6CXFkiw2R3UmCtO9DnNsXhiFMwzCwKsrKLtrxNqxOOt3y
6lqQ5a3aP/ak+AhsD5Av6eFYrX/yfsfBaC6dMR2vFAdKXn1VAHcDKbwDdcjKcWBb
PIVnylSeKz3BHlhiI6nbRU/Kn1miNrL/M4G1trTvP5WNRKdjgovJnMxUGEf/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUR3VvNxKgO6STh/ddIeiI50hx/hQwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMTMxMzEyZTMx
MzgzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5b7wwDQYJKoZIhvcNAQELBQADggEBAEgpSY2EIqZ6NItmTBbAgKuIvKeS2wT8
ErDIoLyW5+1Lfqc9VIveYTHoCTTI6T5jvoELQiw003+UvIViyAL7SGstOo+J7wFy
xKyMQ7ZCH3ohaqC/Q+XPh/5i4Bbowp6skbPXrpgDUy5UnUPamtAna6lPiwU1BxUI
YXS5c9kSptBUKnkBryKxAOeIxfMkjenF6gj+BXxDedLPsauaDKYn3g4+rQ6DFgLK
BiD6pUj7Cb0E38jtOR2dy78XryoUCuz8F7Qdcjbn1Jkt57AUcXyTeZBztR+drmDN
T/WbkdZn5RUzJR3QW6vSIV3rN1B3Fcn3ineCptkEAsqIAK6TKi3OqBg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:19 2024 by rpki-client on console-fra.rpki-client.org