Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231312e33332e302f32342d3234203d3e203330383233.roa
File: 3138352e3231312e33332e302f32342d3234203d3e203330383233.roa (raw, json)
Hash identifier: 12m0/RdNPSk/fP3uGe/vzzuZMjAVYvahSKwKSTfwIYY=
Subject key identifier: C6:5B:8E:5B:FA:69:D6:27:F3:71:F1:93:17:22:4E:B4:96:08:EC:1A
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 3A02D46C23DA42072A84613ABDFD22E571ACEA33
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231312e33332e302f32342d3234203d3e203330383233.roa
Signing time: Mon 27 Mar 2023 08:27:40 +0000
ROA not before: Mon 27 Mar 2023 08:22:40 +0000
ROA not after: Mon 25 Mar 2024 08:27:40 +0000
asID: 30823
IP address blocks: 185.211.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:02:d4:6c:23:da:42:07:2a:84:61:3a:bd:fd:22:e5:71:ac:ea:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Mar 27 08:22:40 2023 GMT
Not After : Mar 25 08:27:40 2024 GMT
Subject: CN=C65B8E5BFA69D627F371F19317224EB49608EC1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f3:7c:62:3f:4e:4d:20:69:9d:b1:2c:db:5b:
07:26:c7:d1:74:88:2e:3e:32:f1:10:6b:a7:28:a0:
b4:37:ba:2b:30:ef:be:55:b2:85:eb:9a:54:0a:07:
ed:c9:63:22:e1:fb:ea:8a:29:79:8b:83:84:2d:e7:
97:16:cf:5e:c6:c2:b1:bd:2e:63:7c:45:df:73:f2:
0d:f9:4a:b2:17:49:04:b2:d4:a6:34:5e:17:f0:94:
6f:7d:d4:19:18:54:f3:2d:6a:83:58:66:40:e4:6a:
d5:ff:45:da:25:1a:bf:ee:b9:71:e8:cc:cd:99:2a:
e8:7b:f1:66:7f:94:28:e3:06:ed:f8:80:de:e4:49:
e0:d2:e1:b3:e1:f8:07:a4:20:cd:43:09:ec:6a:f8:
00:b8:97:9a:ea:f4:e9:a0:20:a9:4d:e7:30:3d:e0:
0a:a9:6c:52:52:c4:c2:73:f9:85:6a:40:e8:39:38:
f7:d8:7e:bb:35:5c:b1:c7:9e:da:ca:0c:b3:e6:9d:
ba:c7:38:c5:c3:be:30:dd:31:a9:38:7d:aa:62:a4:
a3:dd:76:b2:e3:e9:2c:9e:7f:10:dc:6e:31:d3:60:
bd:91:2b:bd:36:49:4d:f6:8a:88:b7:33:23:2a:68:
65:94:43:89:b3:f8:44:1c:8e:c5:58:81:ad:d3:46:
2b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:5B:8E:5B:FA:69:D6:27:F3:71:F1:93:17:22:4E:B4:96:08:EC:1A
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231312e33332e302f32342d3234203d3e203330383233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.33.0/24
Signature Algorithm: sha256WithRSAEncryption
63:3a:74:a7:4e:1e:ca:7b:7b:54:37:d7:a5:00:dd:aa:b4:0c:
3b:a8:af:1a:fb:cb:f6:91:88:37:cd:27:c6:5e:0b:93:71:17:
ec:91:e2:10:c9:59:7f:49:ed:8f:32:c2:d5:b6:8f:96:51:5f:
81:a8:30:66:ac:e6:d7:40:c0:bc:bf:c2:f0:36:0d:b4:68:09:
36:87:91:04:ba:9c:f1:6f:f1:ab:52:15:73:1e:39:72:70:c2:
82:81:41:95:57:c3:06:da:dc:a6:b7:2f:31:7c:57:ff:9d:19:
ff:16:81:5d:97:f8:79:b6:4d:44:67:b0:b1:c3:4c:63:39:7e:
97:7e:0f:7a:c4:a3:65:bf:7d:70:13:85:9e:bc:bd:db:c9:96:
07:6c:7a:8d:cc:cf:7c:45:0f:ce:f6:6c:c8:2c:e7:b1:a9:f3:
ff:ad:35:76:d5:d9:90:4a:3e:87:33:e0:44:30:5c:ba:c4:07:
7e:10:40:67:dc:d1:90:c4:e8:06:ec:7f:f8:56:9d:b4:14:b7:
59:c8:26:42:d3:fc:15:e8:71:6c:5c:58:b8:27:2e:08:5b:78:
a4:87:bd:b9:31:1c:d1:d8:94:6a:79:b6:42:04:fd:25:b6:e2:
37:bd:b1:29:78:60:23:19:92:05:9c:c8:d4:53:cd:be:46:af:
de:28:25:1b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOgLUbCPaQgcqhGE6vf0i5XGs6jMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yMzAzMjcwODIyNDBaFw0yNDAzMjUwODI3NDBaMDMxMTAvBgNV
BAMTKEM2NUI4RTVCRkE2OUQ2MjdGMzcxRjE5MzE3MjI0RUI0OTYwOEVDMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa83xiP05NIGmdsSzbWwcmx9F0
iC4+MvEQa6cooLQ3uisw775VsoXrmlQKB+3JYyLh++qKKXmLg4Qt55cWz17GwrG9
LmN8Rd9z8g35SrIXSQSy1KY0XhfwlG991BkYVPMtaoNYZkDkatX/RdolGr/uuXHo
zM2ZKuh78WZ/lCjjBu34gN7kSeDS4bPh+AekIM1DCexq+AC4l5rq9OmgIKlN5zA9
4AqpbFJSxMJz+YVqQOg5OPfYfrs1XLHHntrKDLPmnbrHOMXDvjDdMak4fapipKPd
drLj6SyefxDcbjHTYL2RK702SU32ioi3MyMqaGWUQ4mz+EQcjsVYga3TRivFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUxluOW/pp1ifzcfGTFyJOtJYI7BowHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjMxMzEyZTMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMwMzgzMjMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
udMhMA0GCSqGSIb3DQEBCwUAA4IBAQBjOnSnTh7Ke3tUN9elAN2qtAw7qK8a+8v2
kYg3zSfGXguTcRfskeIQyVl/Se2PMsLVto+WUV+BqDBmrObXQMC8v8LwNg20aAk2
h5EEupzxb/GrUhVzHjlycMKCgUGVV8MG2tymty8xfFf/nRn/FoFdl/h5tk1EZ7Cx
w0xjOX6Xfg96xKNlv31wE4WevL3byZYHbHqNzM98RQ/O9mzILOexqfP/rTV21dmQ
Sj6HM+BEMFy6xAd+EEBn3NGQxOgG7H/4Vp20FLdZyCZC0/wV6HFsXFi4Jy4IW3ik
h725MRzR2JRqebZCBP0ltuI3vbEpeGAjGZIFnMjUU82+Rq/eKCUb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org