Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e302e302f31372d3234203d3e20383334.roa
File: 3134382e3133352e302e302f31372d3234203d3e20383334.roa (raw, json)
Hash identifier: 1wQKiwBEvjM5h7FHMR7C8aFOWkawj2Ch6efRGDKSfCc=
Subject key identifier: 17:6A:95:4F:CD:56:4E:BB:F9:E8:4B:E8:75:F9:CA:AC:44:FB:4E:17
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6C8FAC98D34CFFA95294896351B8F4F1C95CD4F1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e302e302f31372d3234203d3e20383334.roa
Signing time: Tue 30 May 2023 10:30:05 +0000
ROA not before: Tue 30 May 2023 10:25:05 +0000
ROA not after: Tue 28 May 2024 10:30:05 +0000
asID: 834
IP address blocks: 148.135.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:8f:ac:98:d3:4c:ff:a9:52:94:89:63:51:b8:f4:f1:c9:5c:d4:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 30 10:25:05 2023 GMT
Not After : May 28 10:30:05 2024 GMT
Subject: CN=176A954FCD564EBBF9E84BE875F9CAAC44FB4E17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:45:4a:4a:6c:9a:bc:66:55:ae:fc:a7:aa:e3:
3b:34:04:56:53:54:6e:13:30:16:30:28:66:ea:2d:
57:6a:07:96:e8:72:dc:2a:56:b4:b6:48:6e:3a:a9:
29:94:13:a7:8c:0c:f8:d9:cf:55:33:bd:a0:11:bf:
3f:53:1b:8f:6f:31:29:e2:8b:cb:1f:7a:77:f1:91:
90:d8:27:d3:b5:09:a9:fd:02:1b:db:66:f4:e3:39:
68:97:fd:ea:3a:0d:d7:34:85:1d:3f:5e:6e:7c:bd:
bb:39:af:3d:64:af:d1:13:6b:1d:75:aa:cc:f6:f8:
df:28:ac:a0:ee:9f:13:8e:79:ce:60:54:9d:4b:44:
58:10:ee:a2:f9:99:10:f0:1d:da:9a:15:f5:bc:e4:
62:50:1b:39:ab:95:d4:67:3f:cf:25:b0:b7:16:5c:
c6:9a:70:58:28:38:07:27:ef:0f:9d:4c:51:7d:7f:
99:d6:9f:da:ae:98:85:9b:b5:c5:a0:fd:3c:de:b9:
90:9e:1d:34:b0:a5:b4:ce:0b:76:5b:f6:87:68:80:
2e:53:1c:b4:d2:a7:7e:49:96:c7:3d:df:b3:35:8b:
6d:bf:4e:06:3c:2f:de:16:84:e1:71:15:1a:f1:ef:
e6:0c:7c:4d:9d:70:96:a5:2a:23:0d:f8:be:b6:11:
0d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:6A:95:4F:CD:56:4E:BB:F9:E8:4B:E8:75:F9:CA:AC:44:FB:4E:17
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e302e302f31372d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.0.0/17
Signature Algorithm: sha256WithRSAEncryption
ba:06:8c:f6:ad:0f:42:98:42:5b:42:e9:f0:71:ef:e8:29:dc:
db:b9:8b:74:f0:2b:d9:c8:b0:90:3f:51:4b:4b:bb:0b:15:22:
22:a0:d3:3a:24:5c:59:09:e0:df:6b:b0:eb:f9:50:41:cb:12:
55:89:3a:69:56:0f:74:c9:f5:ce:1a:cc:02:c8:30:c3:4d:8a:
3d:fd:22:94:87:0c:97:7a:f1:51:71:8b:78:50:ed:82:bf:4e:
5d:64:62:5d:cc:a2:c1:6e:73:25:47:21:9a:ff:2f:38:34:f6:
c6:d3:31:2b:c1:91:d7:23:64:2e:d8:7f:e1:e2:85:c3:eb:97:
61:21:e4:21:f1:b2:4a:d6:6c:ec:22:57:cb:72:34:7e:62:bf:
f8:c8:dd:5b:3d:79:56:a9:13:89:29:f5:99:39:ef:4e:49:82:
31:80:d2:5f:aa:c2:ce:f6:a4:d0:ad:e8:39:fb:82:dc:e4:e4:
1f:dc:b3:ac:0c:6a:1a:61:52:ac:d8:35:7b:43:2e:73:29:94:
ae:43:9a:58:68:7f:19:ff:5a:bd:db:4c:39:bd:16:5a:38:ca:
39:bc:3d:84:78:cf:fd:79:30:2e:e2:1b:e4:f1:78:f0:85:8e:
4a:d4:ed:92:32:3b:5d:04:8c:84:15:f0:ec:3d:55:00:73:b5:
23:77:e1:09
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUbI+smNNM/6lSlIljUbj08clc1PEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yMzA1MzAxMDI1MDVaFw0yNDA1MjgxMDMwMDVaMDMxMTAvBgNV
BAMTKDE3NkE5NTRGQ0Q1NjRFQkJGOUU4NEJFODc1RjlDQUFDNDRGQjRFMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrRUpKbJq8ZlWu/Keq4zs0BFZT
VG4TMBYwKGbqLVdqB5boctwqVrS2SG46qSmUE6eMDPjZz1UzvaARvz9TG49vMSni
i8sfenfxkZDYJ9O1Can9AhvbZvTjOWiX/eo6Ddc0hR0/Xm58vbs5rz1kr9ETax11
qsz2+N8orKDunxOOec5gVJ1LRFgQ7qL5mRDwHdqaFfW85GJQGzmrldRnP88lsLcW
XMaacFgoOAcn7w+dTFF9f5nWn9qumIWbtcWg/TzeuZCeHTSwpbTOC3Zb9odogC5T
HLTSp35Jlsc937M1i22/TgY8L94WhOFxFRrx7+YMfE2dcJalKiMN+L62EQ01AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUF2qVT81WTrv56EvodfnKrET7ThcwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM4MmUzMTMzMzUyZTMw
MmUzMDJmMzEzNzJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHlIcAMA0G
CSqGSIb3DQEBCwUAA4IBAQC6Boz2rQ9CmEJbQunwce/oKdzbuYt08CvZyLCQP1FL
S7sLFSIioNM6JFxZCeDfa7Dr+VBByxJViTppVg90yfXOGswCyDDDTYo9/SKUhwyX
evFRcYt4UO2Cv05dZGJdzKLBbnMlRyGa/y84NPbG0zErwZHXI2Qu2H/h4oXD65dh
IeQh8bJK1mzsIlfLcjR+Yr/4yN1bPXlWqROJKfWZOe9OSYIxgNJfqsLO9qTQreg5
+4Lc5OQf3LOsDGoaYVKs2DV7Qy5zKZSuQ5pYaH8Z/1q920w5vRZaOMo5vD2EeM/9
eTAu4hvk8XjwhY5K1O2SMjtdBIyEFfDsPVUAc7Ujd+EJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org