Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e34382e302f32302d3230203d3e2030.roa
File: 3134382e3133352e34382e302f32302d3230203d3e2030.roa (raw, json)
Hash identifier: cPJhtr8uZO04xGuN2w5y+8kX83DmEEERGBefKjO61/U=
Subject key identifier: 78:73:7A:D5:C7:3D:C0:FB:FE:49:AF:C1:B2:5B:18:98:67:0B:59:0F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6FB6DDD37043961BB0ED99271D68269CE4329CA3
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e34382e302f32302d3230203d3e2030.roa
Signing time: Fri 03 Feb 2023 09:18:00 +0000
ROA not before: Fri 03 Feb 2023 09:13:00 +0000
ROA not after: Fri 02 Feb 2024 09:18:00 +0000
asID: 0
IP address blocks: 148.135.48.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:b6:dd:d3:70:43:96:1b:b0:ed:99:27:1d:68:26:9c:e4:32:9c:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 3 09:13:00 2023 GMT
Not After : Feb 2 09:18:00 2024 GMT
Subject: CN=78737AD5C73DC0FBFE49AFC1B25B1898670B590F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5e:51:b6:6b:f8:fb:97:fe:a9:13:81:8b:61:
a2:ff:16:be:d2:19:78:79:b8:f9:fc:66:c1:72:c0:
b1:87:c3:19:3e:cb:ad:1b:f5:dc:c9:78:1b:d7:d0:
2c:30:f0:65:3a:97:b0:f9:e5:69:00:e0:57:81:9a:
c4:39:ce:ea:d5:54:cb:0c:06:38:34:70:f6:8a:4b:
4f:7f:9e:87:9f:9f:3f:a4:14:0d:16:6d:b4:aa:20:
14:ca:dc:04:fb:9d:f8:f4:f5:cb:52:9a:9d:25:7e:
3c:08:f3:ca:65:a4:f6:96:d9:7c:fc:9e:31:a0:f5:
86:39:64:6a:04:ad:c5:63:be:27:7b:32:16:c7:6c:
c6:a8:20:f6:46:ea:16:ce:3e:6e:f9:60:62:6d:5f:
50:71:6e:6b:af:97:a6:27:30:6c:3c:b9:c2:7d:07:
fd:5b:e0:ea:58:ee:52:d1:4b:89:66:ff:59:9a:a2:
75:4b:0e:e8:3f:3c:e1:f1:5d:e1:0c:9e:46:a6:3b:
89:ba:91:8c:9f:46:f5:b8:64:b8:74:67:36:c8:ca:
a7:e1:5d:31:56:cd:5d:e4:6a:c9:df:55:c3:90:d3:
cc:bd:2b:fb:07:8c:48:40:67:f8:db:f2:72:a6:31:
8d:af:88:12:b5:29:c3:4b:c8:3f:7d:6e:84:79:f7:
d6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:73:7A:D5:C7:3D:C0:FB:FE:49:AF:C1:B2:5B:18:98:67:0B:59:0F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e34382e302f32302d3230203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.48.0/20
Signature Algorithm: sha256WithRSAEncryption
6b:bb:f8:76:b6:da:a7:a7:e4:dc:b0:78:b9:6f:c9:bc:2c:b0:
02:e6:7a:36:55:0e:fb:c4:01:f1:66:1d:7d:ca:51:9f:c0:df:
23:0d:4d:d6:a6:13:5d:a3:9e:b3:15:53:e0:1b:c3:50:db:e4:
eb:76:94:c3:40:49:12:ca:d4:02:12:e9:b8:fd:89:6f:0f:22:
c1:95:1e:70:43:37:3b:09:6a:4d:a0:8a:9c:56:32:9b:ad:22:
46:13:36:ee:17:b5:b2:9d:01:47:a5:89:90:10:bc:e1:33:50:
c5:39:0e:f9:cc:ca:ce:f6:4f:c5:ed:a4:b9:d2:cc:08:cd:df:
49:a4:39:df:c9:01:fc:ae:98:5c:af:f9:13:a7:c2:15:16:20:
b4:10:da:07:6a:18:a1:62:e5:a4:61:85:2d:49:1c:5c:d0:b4:
85:6b:fe:5e:18:a6:0f:61:a0:ec:61:36:d4:64:4a:38:ed:5f:
72:df:24:f5:ea:22:93:93:84:f3:e3:e1:cb:2e:7b:36:59:8e:
21:1b:3a:48:22:94:7e:2d:a4:55:04:e8:3a:a9:ae:cc:15:45:
23:29:dd:b4:4f:17:c9:4e:11:a0:31:87:36:2f:15:c0:11:73:
40:c0:f9:fe:35:60:37:fa:30:32:e9:4a:ea:21:23:11:3a:0c:
c5:4a:3a:2b
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUb7bd03BDlhuw7ZknHWgmnOQynKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yMzAyMDMwOTEzMDBaFw0yNDAyMDIwOTE4MDBaMDMxMTAvBgNV
BAMTKDc4NzM3QUQ1QzczREMwRkJGRTQ5QUZDMUIyNUIxODk4NjcwQjU5MEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3XlG2a/j7l/6pE4GLYaL/Fr7S
GXh5uPn8ZsFywLGHwxk+y60b9dzJeBvX0Cww8GU6l7D55WkA4FeBmsQ5zurVVMsM
Bjg0cPaKS09/noefnz+kFA0WbbSqIBTK3AT7nfj09ctSmp0lfjwI88plpPaW2Xz8
njGg9YY5ZGoErcVjvid7MhbHbMaoIPZG6hbOPm75YGJtX1Bxbmuvl6YnMGw8ucJ9
B/1b4OpY7lLRS4lm/1maonVLDug/POHxXeEMnkamO4m6kYyfRvW4ZLh0ZzbIyqfh
XTFWzV3kasnfVcOQ08y9K/sHjEhAZ/jb8nKmMY2viBK1KcNLyD99boR599blAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUeHN61cc9wPv+Sa/BslsYmGcLWQ8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM4MmUzMTMzMzUyZTM0
MzgyZTMwMmYzMjMwMmQzMjMwMjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBJSHMDANBgkq
hkiG9w0BAQsFAAOCAQEAa7v4drbap6fk3LB4uW/JvCywAuZ6NlUO+8QB8WYdfcpR
n8DfIw1N1qYTXaOesxVT4BvDUNvk63aUw0BJEsrUAhLpuP2Jbw8iwZUecEM3Owlq
TaCKnFYym60iRhM27he1sp0BR6WJkBC84TNQxTkO+czKzvZPxe2kudLMCM3fSaQ5
38kB/K6YXK/5E6fCFRYgtBDaB2oYoWLlpGGFLUkcXNC0hWv+XhimD2Gg7GE21GRK
OO1fct8k9eoik5OE8+Phyy57NlmOIRs6SCKUfi2kVQToOqmuzBVFIyndtE8XyU4R
oDGHNi8VwBFzQMD5/jVgN/owMulK6iEjEToMxUo6Kw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org