Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3136382e302f32312d3234203d3e203339353231.roa
File: 3134302e3135302e3136382e302f32312d3234203d3e203339353231.roa (raw, json)
Hash identifier: 8FCnqhuFv+RDwQyIHMlT0heGLaQvLYbEQcHRL0Y38uk=
Subject key identifier: 69:08:D1:E9:B9:5F:A0:7B:F9:9F:FD:A2:DB:E8:5F:6F:08:3B:C2:14
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 36DA44FAB1856FEB40F28D521540CA4027C04838
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3136382e302f32312d3234203d3e203339353231.roa
Signing time: Thu 16 Mar 2023 14:40:18 +0000
ROA not before: Thu 16 Mar 2023 14:35:18 +0000
ROA not after: Thu 14 Mar 2024 14:40:18 +0000
asID: 39521
IP address blocks: 140.150.168.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:da:44:fa:b1:85:6f:eb:40:f2:8d:52:15:40:ca:40:27:c0:48:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 16 14:35:18 2023 GMT
Not After : Mar 14 14:40:18 2024 GMT
Subject: CN=6908D1E9B95FA07BF99FFDA2DBE85F6F083BC214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f3:d6:b1:c9:06:e0:c0:8b:62:0a:d9:a6:1a:
67:cd:36:79:5d:c0:1d:ff:5f:98:3b:cf:9c:c4:cf:
52:81:17:a7:79:53:5e:bd:3b:a2:03:05:47:2f:d1:
fd:7b:0c:16:9e:49:03:18:c7:d9:ac:29:17:a3:23:
15:4c:01:ad:2b:19:26:f6:32:e6:37:f9:6a:17:b1:
c8:23:a9:c7:f2:60:7e:f7:a8:e5:6a:70:56:cf:0e:
ca:26:67:fc:6b:02:60:79:a0:32:b2:2f:48:f1:58:
17:1b:68:ba:f1:bd:31:87:38:79:e4:0f:1b:b3:6d:
8d:ac:75:57:05:c5:c5:ef:76:91:fc:29:1d:61:84:
94:76:89:26:58:04:00:81:90:51:0f:7b:c5:e3:52:
1e:af:1e:3f:22:95:f6:fb:ea:bc:01:9f:e5:63:a1:
aa:01:a1:20:5b:44:0b:82:13:d4:91:31:61:1a:3b:
c3:44:9e:1b:60:2c:92:3d:0a:13:1b:8d:37:50:9d:
d4:cd:ed:56:2c:44:41:13:bc:c8:8e:81:b5:3d:2a:
83:7a:c5:fe:bb:3a:f5:a0:21:44:96:07:04:e8:0b:
4c:15:17:1c:07:67:d7:2a:57:72:21:93:ba:dc:99:
fd:74:d5:b8:a1:3f:f1:4e:d6:b5:fc:ac:2f:74:43:
2b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:08:D1:E9:B9:5F:A0:7B:F9:9F:FD:A2:DB:E8:5F:6F:08:3B:C2:14
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3136382e302f32312d3234203d3e203339353231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.168.0/21
Signature Algorithm: sha256WithRSAEncryption
b5:d2:c7:61:0d:03:76:c8:f0:54:3a:87:54:0d:d0:8c:f2:f5:
a4:6a:ab:d2:d5:49:f6:95:20:99:4b:3e:09:d7:65:81:e9:24:
fd:ef:a1:97:5a:c1:c1:94:2a:51:53:2d:19:b3:3b:64:b1:fd:
df:d9:3f:72:46:da:ae:05:68:63:01:3a:ea:00:c8:80:a2:8a:
ae:c2:51:fc:0b:b9:f7:f3:2f:db:43:69:4e:bc:3a:00:34:8e:
9b:12:6c:96:6f:18:f9:53:1c:6f:8d:40:87:1a:64:f3:68:08:
c8:9b:e2:75:5f:6e:b8:5c:cd:b3:19:5b:62:c9:9c:f7:54:ab:
4f:89:b3:47:be:11:52:87:51:4e:05:9a:01:60:d4:19:a1:e4:
9a:f0:cd:6e:18:3f:bb:13:08:d5:9c:f4:ee:8b:58:c2:e9:bc:
cb:b9:bb:9b:62:48:1f:f1:88:fb:16:41:f2:38:84:3e:90:a2:
4c:4a:84:65:a6:a5:2e:34:24:19:0b:6f:fc:5d:61:19:0a:1b:
0b:92:f8:fd:e2:27:93:10:56:c4:04:41:2d:cc:99:b8:2e:a3:
8a:92:05:e9:8d:36:e0:f7:f0:1a:65:74:34:b9:6b:f1:31:17:
d7:a9:5e:d2:ad:88:de:61:f6:f0:6b:06:3e:55:be:47:8b:82:
fe:0f:e9:05
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNtpE+rGFb+tA8o1SFUDKQCfASDgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yMzAzMTYxNDM1MThaFw0yNDAzMTQxNDQwMThaMDMxMTAvBgNV
BAMTKDY5MDhEMUU5Qjk1RkEwN0JGOTlGRkRBMkRCRTg1RjZGMDgzQkMyMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC189axyQbgwItiCtmmGmfNNnld
wB3/X5g7z5zEz1KBF6d5U169O6IDBUcv0f17DBaeSQMYx9msKRejIxVMAa0rGSb2
MuY3+WoXscgjqcfyYH73qOVqcFbPDsomZ/xrAmB5oDKyL0jxWBcbaLrxvTGHOHnk
DxuzbY2sdVcFxcXvdpH8KR1hhJR2iSZYBACBkFEPe8XjUh6vHj8ilfb76rwBn+Vj
oaoBoSBbRAuCE9SRMWEaO8NEnhtgLJI9ChMbjTdQndTN7VYsREETvMiOgbU9KoN6
xf67OvWgIUSWBwToC0wVFxwHZ9cqV3Ihk7rcmf101bihP/FO1rX8rC90QyulAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUaQjR6blfoHv5n/2i2+hfbwg7whQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMTM1MzAyZTMx
MzYzODJlMzAyZjMyMzEyZDMyMzQyMDNkM2UyMDMzMzkzNTMyMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAOMlqgwDQYJKoZIhvcNAQELBQADggEBALXSx2ENA3bI8FQ6h1QN0Izy9aRqq9LV
SfaVIJlLPgnXZYHpJP3voZdawcGUKlFTLRmzO2Sx/d/ZP3JG2q4FaGMBOuoAyICi
iq7CUfwLuffzL9tDaU68OgA0jpsSbJZvGPlTHG+NQIcaZPNoCMib4nVfbrhczbMZ
W2LJnPdUq0+Js0e+EVKHUU4FmgFg1Bmh5JrwzW4YP7sTCNWc9O6LWMLpvMu5u5ti
SB/xiPsWQfI4hD6QokxKhGWmpS40JBkLb/xdYRkKGwuS+P3iJ5MQVsQEQS3Mmbgu
o4qSBemNNuD38BpldDS5a/ExF9epXtKtiN5h9vBrBj5VvkeLgv4P6QU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:54 2024 by rpki-client on console-ams.rpki-client.org