Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e32302e302f32322d3232203d3e203135343139.roa
File: 38392e3131362e32302e302f32322d3232203d3e203135343139.roa (raw, json)
Hash identifier: wvC6gHGc2+WGyDmsc2F1xH92GSkXc1pRYj+74cz2w08=
Subject key identifier: 12:93:85:74:B6:AD:A4:36:8B:E5:18:5A:D6:AB:89:71:7C:95:EE:6A
Certificate issuer: /CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Certificate serial: 43C139F07EB5278EADB522D0A0B40A717C95335A
Authority key identifier: 9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e32302e302f32322d3232203d3e203135343139.roa
Signing time: Fri 07 Jul 2023 08:08:14 +0000
ROA not before: Fri 07 Jul 2023 08:03:14 +0000
ROA not after: Fri 05 Jul 2024 08:08:14 +0000
asID: 15419
IP address blocks: 89.116.20.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:c1:39:f0:7e:b5:27:8e:ad:b5:22:d0:a0:b4:0a:71:7c:95:33:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df85997b1b9b358e1c43f36765aa0a4a02144ae
Validity
Not Before: Jul 7 08:03:14 2023 GMT
Not After : Jul 5 08:08:14 2024 GMT
Subject: CN=12938574B6ADA4368BE5185AD6AB89717C95EE6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:da:57:19:74:41:dd:d2:8f:0b:33:b2:77:a7:
40:21:44:8a:45:6c:db:ab:e1:e3:66:ac:86:41:1d:
3b:41:ed:96:9f:ca:1b:bd:7c:80:35:12:04:b2:61:
0a:96:7c:d8:d8:91:a8:d4:e0:af:0e:05:70:65:aa:
9f:00:61:86:b6:ed:bb:15:0d:48:13:ad:15:7e:32:
b0:74:1d:d2:5d:dc:3a:45:7c:86:2f:9c:d3:c2:a7:
38:63:e8:28:4b:be:2a:67:66:4e:ee:2e:47:93:58:
ce:45:f9:73:d2:90:f2:71:e7:1b:e2:74:be:2d:49:
6f:8d:c7:6b:d0:35:19:2a:3c:90:ed:52:bb:f3:3b:
29:6f:50:a4:0f:a2:fd:00:bf:29:f5:21:37:ad:a8:
8f:55:e0:98:b0:4c:22:f2:30:8e:12:e4:83:65:e0:
6a:db:5d:b5:6d:34:65:2d:7c:e1:e4:31:94:3c:76:
e6:ad:02:c4:72:49:3f:2e:27:e7:57:90:e8:e3:d5:
3d:e8:6b:f3:c1:34:01:02:e0:67:89:49:07:d1:ba:
2c:7d:e6:a3:3a:22:59:93:b1:43:73:e1:73:98:2b:
88:c3:5d:4e:c6:05:f6:c3:56:e5:7e:61:40:2d:ca:
35:f0:5c:e8:d7:b9:a0:b8:14:56:b4:16:7b:cf:a8:
ac:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:93:85:74:B6:AD:A4:36:8B:E5:18:5A:D6:AB:89:71:7C:95:EE:6A
X509v3 Authority Key Identifier:
keyid:9D:F8:59:97:B1:B9:B3:58:E1:C4:3F:36:76:5A:A0:A4:A0:21:44:AE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/38392e3131362e32302e302f32322d3232203d3e203135343139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.116.20.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:0d:a6:0c:aa:53:df:a9:ad:3d:43:44:d3:f3:2f:54:dd:71:
1b:69:da:92:8d:35:9d:de:46:6c:f5:3d:10:48:0b:3b:84:46:
ba:4e:d7:31:39:4b:84:9a:84:cf:6d:d0:23:b6:5f:0e:e0:11:
b9:b6:f1:b1:25:5b:f0:f9:db:66:fa:99:1b:e5:d8:0c:2f:49:
54:c5:d8:b3:a9:8f:f6:f4:d8:fb:99:65:74:07:b5:6c:84:06:
65:3b:74:b4:53:94:21:1a:0f:f9:27:8b:2d:4a:44:76:be:c2:
e2:d4:58:ca:2d:2d:86:1c:4f:a8:8b:3c:37:8b:0e:7b:26:7a:
a2:5c:16:d8:a3:19:44:ad:14:60:ba:be:77:ff:0d:99:ae:0a:
e8:09:de:49:df:c9:d4:8c:41:9b:2b:a9:f0:5e:0a:b7:75:07:
96:63:48:4a:40:0d:d3:61:e6:d3:44:f7:6e:9b:73:9f:bc:60:
1b:34:04:c8:fe:27:58:dd:f2:43:cf:73:5c:43:e6:b2:4e:0c:
27:26:04:12:f1:da:0c:e1:bd:33:f3:3c:1b:34:b5:c2:6e:c4:
00:67:7a:b3:7c:b5:54:7f:fb:db:c8:f7:b5:a6:17:cb:57:93:
e6:22:15:c2:6c:e6:85:ac:2a:78:73:51:07:36:b9:83:90:d2:
dc:99:44:2a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUQ8E58H61J46ttSLQoLQKcXyVM1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmODU5OTdiMWI5YjM1OGUxYzQzZjM2NzY1YWEwYTRh
MDIxNDRhZTAeFw0yMzA3MDcwODAzMTRaFw0yNDA3MDUwODA4MTRaMDMxMTAvBgNV
BAMTKDEyOTM4NTc0QjZBREE0MzY4QkU1MTg1QUQ2QUI4OTcxN0M5NUVFNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC82lcZdEHd0o8LM7J3p0AhRIpF
bNur4eNmrIZBHTtB7Zafyhu9fIA1EgSyYQqWfNjYkajU4K8OBXBlqp8AYYa27bsV
DUgTrRV+MrB0HdJd3DpFfIYvnNPCpzhj6ChLvipnZk7uLkeTWM5F+XPSkPJx5xvi
dL4tSW+Nx2vQNRkqPJDtUrvzOylvUKQPov0Avyn1ITetqI9V4JiwTCLyMI4S5INl
4GrbXbVtNGUtfOHkMZQ8duatAsRyST8uJ+dXkOjj1T3oa/PBNAEC4GeJSQfRuix9
5qM6IlmTsUNz4XOYK4jDXU7GBfbDVuV+YUAtyjXwXOjXuaC4FFa0FnvPqKz7AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUEpOFdLatpDaL5Rha1quJcXyV7mowHwYDVR0j
BBgwFoAUnfhZl7G5s1jhxD82dlqgpKAhRK4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMtZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0
M2IxLzMvOURGODU5OTdCMUI5QjM1OEUxQzQzRjM2NzY1QUEwQTRBMDIxNDRBRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25maFpsN0c1czFqaHhEODJkbHFncEtB
aFJLNC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDAyZTBiYTMt
ZmU2MC00NWIxLTkxNjAtODY4YTJmOGE0M2IxLzMvMzgzOTJlMzEzMTM2MmUzMjMw
MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzEzNTM0MzEzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAll0
FDANBgkqhkiG9w0BAQsFAAOCAQEALw2mDKpT36mtPUNE0/MvVN1xG2nako01nd5G
bPU9EEgLO4RGuk7XMTlLhJqEz23QI7ZfDuARubbxsSVb8PnbZvqZG+XYDC9JVMXY
s6mP9vTY+5lldAe1bIQGZTt0tFOUIRoP+SeLLUpEdr7C4tRYyi0thhxPqIs8N4sO
eyZ6olwW2KMZRK0UYLq+d/8Nma4K6AneSd/J1IxBmyup8F4Kt3UHlmNISkAN02Hm
00T3bptzn7xgGzQEyP4nWN3yQ89zXEPmsk4MJyYEEvHaDOG9M/M8GzS1wm7EAGd6
s3y1VH/728j3taYXy1eT5iIVwmzmhawqeHNRBza5g5DS3JlEKg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:12:13 2025 by rpki-client