Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3232342e302f32322d3234203d3e20323131373135.roa
File: 3134302e3135302e3232342e302f32322d3234203d3e20323131373135.roa (raw, json)
Hash identifier: gpewlQPBqntipouRAg9BzjoRCP9h67XBqFAbnGKk/F4=
Subject key identifier: D3:F4:43:7A:4D:D4:72:D2:7E:A7:D8:31:35:37:6D:D6:E1:57:EF:C0
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6539D3DF1AC9C1309DC9B850F72A988269C3C46F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3232342e302f32322d3234203d3e20323131373135.roa
Signing time: Wed 22 Feb 2023 17:36:59 +0000
ROA not before: Wed 22 Feb 2023 17:31:59 +0000
ROA not after: Wed 21 Feb 2024 17:36:59 +0000
asID: 211715
IP address blocks: 140.150.224.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:39:d3:df:1a:c9:c1:30:9d:c9:b8:50:f7:2a:98:82:69:c3:c4:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 22 17:31:59 2023 GMT
Not After : Feb 21 17:36:59 2024 GMT
Subject: CN=D3F4437A4DD472D27EA7D83135376DD6E157EFC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3a:0c:0b:1b:fc:ca:c4:36:79:63:36:7f:e7:
4c:e0:80:b1:92:1a:9c:f9:7f:c2:12:7a:df:17:56:
d9:5a:79:51:f7:ac:30:8a:c3:3e:db:48:44:bd:ce:
6e:a1:05:29:34:4c:40:60:29:af:7e:c4:7b:97:d3:
8a:96:06:44:d1:43:7c:2b:f4:67:e5:3b:b5:44:5d:
e3:ab:34:1d:de:20:9d:0f:91:ce:19:0b:2e:6b:01:
94:93:6d:48:81:57:63:01:ea:27:dd:52:f2:ac:ac:
ee:8e:55:db:39:eb:e3:82:5b:86:ca:95:4f:d7:f3:
03:7f:3a:b7:63:d5:25:45:46:82:9e:56:71:79:40:
6d:b7:07:ec:42:b1:47:c4:aa:c0:7a:45:ea:0a:89:
41:17:f5:55:cc:9a:c0:3e:97:b0:bd:89:11:a5:7e:
bc:5d:86:9c:96:bb:a4:4b:c4:87:0d:84:17:99:1b:
85:2c:5a:c9:86:78:dd:e9:79:79:61:90:b4:b4:35:
88:da:3e:da:17:e0:8c:9b:c5:93:68:31:cc:dc:03:
e1:a6:f4:5e:b6:4d:6a:4c:8c:a0:b2:8a:7a:9b:53:
ce:55:cf:cc:09:25:d3:32:27:6b:41:68:00:6d:45:
e8:66:1c:9d:d4:51:b6:64:57:bc:73:6a:fa:26:89:
5b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:F4:43:7A:4D:D4:72:D2:7E:A7:D8:31:35:37:6D:D6:E1:57:EF:C0
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134302e3135302e3232342e302f32322d3234203d3e20323131373135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.224.0/22
Signature Algorithm: sha256WithRSAEncryption
01:c7:88:d8:8e:00:12:87:45:0a:51:7b:d8:d5:62:c9:01:a5:
b0:3f:04:9e:69:a6:a5:18:e6:17:93:37:6d:d2:3d:5d:4e:18:
14:19:7a:1f:c6:20:7b:b5:8a:12:00:6c:23:49:d9:f8:b6:ae:
69:4c:49:28:44:f1:9f:6e:fb:1d:f7:75:38:bf:3c:da:37:9b:
ab:f9:78:94:ce:71:66:e8:49:f2:8f:2e:ba:cd:80:08:d4:42:
8d:56:b5:15:45:58:83:5c:b0:47:ee:79:9a:ae:e2:0a:6d:60:
e6:47:6f:f1:54:63:3a:43:f5:d3:cb:7a:d2:9e:29:e9:35:7c:
7e:9f:6c:79:82:19:70:b6:d4:75:92:ba:af:65:60:4b:fa:5a:
82:b1:1c:0b:a6:53:9e:2a:b9:c1:4f:db:4e:89:cc:80:cb:49:
18:d3:4f:30:af:8f:89:bf:c2:01:b4:1e:88:d4:49:0f:f3:79:
64:0f:ff:f2:bc:ea:d3:9b:70:3a:73:14:74:a1:f2:f9:9e:0a:
69:22:7c:4b:d6:78:3c:2f:8f:23:ae:34:e1:44:07:a7:20:cc:
c3:c4:aa:5c:cf:92:f3:a7:98:e7:18:76:69:08:2c:b6:66:f6:
eb:7a:ad:05:d0:7d:93:72:8f:cc:2c:99:9d:94:4e:50:81:63:
c0:26:fc:cc
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZTnT3xrJwTCdybhQ9yqYgmnDxG8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yMzAyMjIxNzMxNTlaFw0yNDAyMjExNzM2NTlaMDMxMTAvBgNV
BAMTKEQzRjQ0MzdBNERENDcyRDI3RUE3RDgzMTM1Mzc2REQ2RTE1N0VGQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyOgwLG/zKxDZ5YzZ/50zggLGS
Gpz5f8ISet8XVtlaeVH3rDCKwz7bSES9zm6hBSk0TEBgKa9+xHuX04qWBkTRQ3wr
9GflO7VEXeOrNB3eIJ0Pkc4ZCy5rAZSTbUiBV2MB6ifdUvKsrO6OVds56+OCW4bK
lU/X8wN/Ordj1SVFRoKeVnF5QG23B+xCsUfEqsB6ReoKiUEX9VXMmsA+l7C9iRGl
frxdhpyWu6RLxIcNhBeZG4UsWsmGeN3peXlhkLS0NYjaPtoX4IybxZNoMczcA+Gm
9F62TWpMjKCyinqbU85Vz8wJJdMyJ2tBaABtRehmHJ3UUbZkV7xzavomiVtHAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU0/RDek3UctJ+p9gxNTdt1uFX78AwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDMwMmUzMTM1MzAyZTMy
MzIzNDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzEzMTM3MzEzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAoyW4DANBgkqhkiG9w0BAQsFAAOCAQEAAceI2I4AEodFClF72NViyQGlsD8E
nmmmpRjmF5M3bdI9XU4YFBl6H8Yge7WKEgBsI0nZ+LauaUxJKETxn277Hfd1OL88
2jebq/l4lM5xZuhJ8o8uus2ACNRCjVa1FUVYg1ywR+55mq7iCm1g5kdv8VRjOkP1
08t60p4p6TV8fp9seYIZcLbUdZK6r2VgS/pagrEcC6ZTniq5wU/bTonMgMtJGNNP
MK+Pib/CAbQeiNRJD/N5ZA//8rzq05twOnMUdKHy+Z4KaSJ8S9Z4PC+PI6404UQH
pyDMw8SqXM+S86eY5xh2aQgstmb263qtBdB9k3KPzCyZnZROUIFjwCb8zA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org