Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e31362e302f32302d3230203d3e2030.roa
File: 3134382e3133352e31362e302f32302d3230203d3e2030.roa (raw, json)
Hash identifier: 98cBT0y1aCFx5GKlhCJmXJ1aTtSejP4+ks1Oe4hldl8=
Subject key identifier: 42:A7:FA:27:2C:ED:72:28:4E:16:74:53:90:CB:B2:E2:03:27:20:93
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6C452A9FA7C49B3B83BD39993C4A89C9D51F4CB9
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e31362e302f32302d3230203d3e2030.roa
Signing time: Fri 03 Feb 2023 09:17:27 +0000
ROA not before: Fri 03 Feb 2023 09:12:27 +0000
ROA not after: Fri 02 Feb 2024 09:17:27 +0000
asID: 0
IP address blocks: 148.135.16.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:45:2a:9f:a7:c4:9b:3b:83:bd:39:99:3c:4a:89:c9:d5:1f:4c:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 3 09:12:27 2023 GMT
Not After : Feb 2 09:17:27 2024 GMT
Subject: CN=42A7FA272CED72284E16745390CBB2E203272093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6c:14:a2:f4:19:53:ff:4d:92:bc:f9:ba:25:
f4:8d:8c:5f:bc:65:e2:70:76:3f:e3:08:50:03:6f:
65:0d:82:fd:30:e9:db:6a:6b:07:ad:64:4b:d3:cd:
7b:bc:b0:88:f8:78:9a:f2:25:12:bf:c1:47:8f:3c:
97:bb:a4:e4:f9:9c:fd:7d:ee:5a:f7:d1:b0:1d:9c:
8d:ad:04:68:92:e6:e0:dd:44:ea:ca:66:2b:9a:8f:
90:03:0a:03:47:ca:48:6f:8e:c2:8f:28:64:b3:72:
f4:9a:d3:11:72:ce:38:24:54:5a:4a:de:1b:ff:6e:
01:9f:54:28:09:d9:24:48:40:f7:7b:3a:89:c1:13:
08:7d:bd:ee:4d:56:b8:7f:85:e3:30:b9:9b:7a:60:
63:d7:33:40:3f:3a:38:ba:bd:4c:c2:0d:ba:92:5e:
5a:f4:d3:b3:84:b1:ae:74:e5:66:83:0b:33:f3:f7:
ea:70:ca:9e:c6:ae:ba:b8:2d:5c:c8:9e:b6:b9:6c:
b2:bb:ac:d5:f5:8e:f9:64:4c:49:2c:46:9f:3d:e0:
7c:c1:08:ca:d8:ff:c1:a4:0d:e3:f4:df:93:7a:aa:
c2:47:a4:b0:d2:52:f0:01:4a:3c:9d:18:e5:48:25:
1e:b1:98:ab:57:90:d6:30:a5:7a:68:9c:31:9e:a2:
f8:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A7:FA:27:2C:ED:72:28:4E:16:74:53:90:CB:B2:E2:03:27:20:93
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e31362e302f32302d3230203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.16.0/20
Signature Algorithm: sha256WithRSAEncryption
15:37:04:08:01:8e:39:27:f3:aa:4a:5e:d4:43:52:6d:81:38:
16:69:ac:4b:7e:4d:04:6a:93:d3:9b:5b:83:f8:76:22:11:d2:
54:6d:3e:f4:27:85:52:7b:a2:23:18:2b:e2:c6:e4:64:c8:47:
5a:bd:7c:ee:24:2c:a9:d2:38:b9:e9:27:f0:53:82:db:2c:95:
7e:06:eb:0e:52:6f:55:f9:3a:5c:ba:38:e4:ce:c4:17:bd:d8:
99:de:f0:58:20:41:0b:dd:2b:a1:9a:6f:b5:4e:54:f2:18:39:
4c:f9:9d:4b:de:a0:77:8f:1b:b6:f3:64:9d:8a:42:29:f2:47:
21:b0:cb:54:c0:71:42:a0:61:c1:2f:31:cc:8a:98:97:86:0d:
07:8c:cd:06:81:99:8f:f1:87:ba:ae:a9:7a:2d:30:02:29:8f:
16:be:3c:b6:fb:ff:81:7c:a4:c7:3e:e9:4f:37:48:51:38:b2:
ec:89:7e:6d:3e:d2:e6:07:24:1b:4f:c3:b8:58:07:45:f4:43:
08:90:a5:09:5e:aa:f2:3e:0a:e6:a9:b0:e6:ac:33:e8:0b:4e:
fe:59:67:41:4b:f9:e8:4f:93:66:6f:96:00:14:59:a5:8e:91:
c5:f0:33:3f:66:6e:0e:e0:38:95:bc:e3:1d:d5:98:e6:7a:d3:
b8:1d:23:28
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUbEUqn6fEmzuDvTmZPEqJydUfTLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yMzAyMDMwOTEyMjdaFw0yNDAyMDIwOTE3MjdaMDMxMTAvBgNV
BAMTKDQyQTdGQTI3MkNFRDcyMjg0RTE2NzQ1MzkwQ0JCMkUyMDMyNzIwOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjbBSi9BlT/02SvPm6JfSNjF+8
ZeJwdj/jCFADb2UNgv0w6dtqawetZEvTzXu8sIj4eJryJRK/wUePPJe7pOT5nP19
7lr30bAdnI2tBGiS5uDdROrKZiuaj5ADCgNHykhvjsKPKGSzcvSa0xFyzjgkVFpK
3hv/bgGfVCgJ2SRIQPd7OonBEwh9ve5NVrh/heMwuZt6YGPXM0A/Oji6vUzCDbqS
Xlr007OEsa505WaDCzPz9+pwyp7Grrq4LVzInra5bLK7rNX1jvlkTEksRp894HzB
CMrY/8GkDeP035N6qsJHpLDSUvABSjydGOVIJR6xmKtXkNYwpXponDGeovj3AgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUQqf6JyztcihOFnRTkMuy4gMnIJMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM4MmUzMTMzMzUyZTMx
MzYyZTMwMmYzMjMwMmQzMjMwMjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBJSHEDANBgkq
hkiG9w0BAQsFAAOCAQEAFTcECAGOOSfzqkpe1ENSbYE4FmmsS35NBGqT05tbg/h2
IhHSVG0+9CeFUnuiIxgr4sbkZMhHWr187iQsqdI4uekn8FOC2yyVfgbrDlJvVfk6
XLo45M7EF73Ymd7wWCBBC90roZpvtU5U8hg5TPmdS96gd48btvNknYpCKfJHIbDL
VMBxQqBhwS8xzIqYl4YNB4zNBoGZj/GHuq6pei0wAimPFr48tvv/gXykxz7pTzdI
UTiy7Il+bT7S5gckG0/DuFgHRfRDCJClCV6q8j4K5qmw5qwz6AtO/llnQUv56E+T
Zm+WABRZpY6RxfAzP2ZuDuA4lbzjHdWY5nrTuB0jKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org