Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e33322e302f32302d3230203d3e2030.roa
File: 3134382e3133352e33322e302f32302d3230203d3e2030.roa (raw, json)
Hash identifier: ezvesy523sqoWrs+oZA6eTQzqUN0IgEccSVZATwkmz8=
Subject key identifier: 0F:F1:C1:6F:2F:B8:33:E9:7C:D4:EA:01:70:52:D9:27:69:57:8F:09
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 3E33AF453F99BAB33F547313733F28D6540BB154
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e33322e302f32302d3230203d3e2030.roa
Signing time: Fri 03 Feb 2023 09:17:48 +0000
ROA not before: Fri 03 Feb 2023 09:12:48 +0000
ROA not after: Fri 02 Feb 2024 09:17:48 +0000
asID: 0
IP address blocks: 148.135.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:33:af:45:3f:99:ba:b3:3f:54:73:13:73:3f:28:d6:54:0b:b1:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 3 09:12:48 2023 GMT
Not After : Feb 2 09:17:48 2024 GMT
Subject: CN=0FF1C16F2FB833E97CD4EA017052D92769578F09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:12:7c:77:7d:09:f4:a9:4b:22:33:40:5d:47:
3a:33:2c:48:60:01:97:20:70:dc:3b:84:7b:0c:ee:
91:cb:ff:50:a4:4f:fa:45:0a:ac:6e:77:15:cf:d6:
fc:15:f9:35:ef:ca:ad:15:5a:54:93:57:c8:57:45:
7e:8f:79:2a:a4:4f:f6:38:2f:66:fc:0f:1b:29:92:
fb:d2:50:b3:88:47:d6:7a:bb:ab:a0:54:d9:4b:82:
f2:18:1b:09:bd:ce:d7:ce:b4:60:eb:73:c1:27:14:
83:0c:a9:c4:06:d2:4e:c8:86:b9:41:ec:6b:37:a2:
07:b5:c2:52:99:ff:ce:a6:c9:c5:1b:68:32:03:e3:
7f:53:e3:e5:ff:1b:66:ca:77:53:ec:1e:5d:15:fc:
61:4f:ab:80:3f:09:02:41:03:5b:37:43:15:4b:8a:
ad:18:f8:b0:a9:f9:52:65:9a:8b:92:25:7c:ea:43:
7f:72:86:62:c5:4f:84:5a:1d:9a:84:d5:3f:fc:fc:
0a:3c:3f:5c:06:34:60:fb:14:bd:c4:95:a8:5f:13:
ec:4e:16:2e:51:c4:55:f0:22:f4:53:dc:93:09:9f:
49:a5:c7:b6:41:04:52:37:74:4c:81:7a:85:27:2f:
9d:8f:44:a5:a6:07:8f:2e:a5:8a:79:3e:dc:0a:d1:
ff:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F1:C1:6F:2F:B8:33:E9:7C:D4:EA:01:70:52:D9:27:69:57:8F:09
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e33322e302f32302d3230203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.32.0/20
Signature Algorithm: sha256WithRSAEncryption
1e:69:ad:84:f3:10:fb:3e:0a:e0:46:08:f4:94:a8:b6:4f:73:
64:91:60:1d:3a:9f:21:c7:89:33:07:d1:27:f3:4b:c9:b6:f9:
76:76:d7:34:4a:0d:aa:7e:7a:19:a9:3a:81:f5:f0:6f:f5:d1:
02:04:42:9e:c8:51:f2:81:e8:9b:4a:94:f2:2b:50:89:6c:c1:
cf:48:28:3c:8f:bd:58:87:00:bc:95:3f:39:f7:f9:72:3e:bd:
66:e6:18:e9:7d:53:de:e0:a5:86:08:04:1f:39:9d:a7:03:a2:
b4:7e:6c:99:6b:38:4b:03:20:9b:ae:91:44:c1:60:54:70:dd:
20:12:40:89:52:f5:43:a0:dd:6c:8e:4b:92:e1:b5:20:c1:fc:
8e:75:53:d7:2e:31:71:75:27:5d:37:70:90:cc:22:75:f3:75:
6f:10:97:31:c2:51:cf:77:d5:f4:79:39:cf:33:b2:ce:f8:3f:
42:c9:94:22:22:d9:6f:b0:ad:ff:93:20:5e:b6:21:92:b7:c4:
aa:ae:4a:b9:24:6f:85:fe:bd:83:94:68:1c:3c:f8:27:05:dc:
41:58:a5:61:21:57:54:68:b5:ef:95:72:7c:8b:4a:1b:73:36:
2a:17:d4:76:01:91:4d:ec:25:2d:1e:10:ff:39:75:de:b5:5b:
27:37:63:a2
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUPjOvRT+ZurM/VHMTcz8o1lQLsVQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yMzAyMDMwOTEyNDhaFw0yNDAyMDIwOTE3NDhaMDMxMTAvBgNV
BAMTKDBGRjFDMTZGMkZCODMzRTk3Q0Q0RUEwMTcwNTJEOTI3Njk1NzhGMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIEnx3fQn0qUsiM0BdRzozLEhg
AZcgcNw7hHsM7pHL/1CkT/pFCqxudxXP1vwV+TXvyq0VWlSTV8hXRX6PeSqkT/Y4
L2b8DxspkvvSULOIR9Z6u6ugVNlLgvIYGwm9ztfOtGDrc8EnFIMMqcQG0k7IhrlB
7Gs3oge1wlKZ/86mycUbaDID439T4+X/G2bKd1PsHl0V/GFPq4A/CQJBA1s3QxVL
iq0Y+LCp+VJlmouSJXzqQ39yhmLFT4RaHZqE1T/8/Ao8P1wGNGD7FL3ElahfE+xO
Fi5RxFXwIvRT3JMJn0mlx7ZBBFI3dEyBeoUnL52PRKWmB48upYp5PtwK0f+jAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUD/HBby+4M+l81OoBcFLZJ2lXjwkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM4MmUzMTMzMzUyZTMz
MzIyZTMwMmYzMjMwMmQzMjMwMjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBJSHIDANBgkq
hkiG9w0BAQsFAAOCAQEAHmmthPMQ+z4K4EYI9JSotk9zZJFgHTqfIceJMwfRJ/NL
ybb5dnbXNEoNqn56Gak6gfXwb/XRAgRCnshR8oHom0qU8itQiWzBz0goPI+9WIcA
vJU/Off5cj69ZuYY6X1T3uClhggEHzmdpwOitH5smWs4SwMgm66RRMFgVHDdIBJA
iVL1Q6DdbI5LkuG1IMH8jnVT1y4xcXUnXTdwkMwidfN1bxCXMcJRz3fV9Hk5zzOy
zvg/QsmUIiLZb7Ct/5MgXrYhkrfEqq5KuSRvhf69g5RoHDz4JwXcQVilYSFXVGi1
75VyfItKG3M2KhfUdgGRTewlLR4Q/zl13rVbJzdjog==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org