Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e36342e302f32302d3230203d3e2030.roa
File: 3134382e3133352e36342e302f32302d3230203d3e2030.roa (raw, json)
Hash identifier: Ij/dBRcjQKvpb0AV4yQ8F6Hvtz05htMoDbU7/5w0R80=
Subject key identifier: 21:59:AB:7D:80:4B:1E:43:23:C0:63:6E:5B:92:C2:62:6B:EC:09:9D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5EB928A35CB538720FAC65B1AF1C381312309531
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e36342e302f32302d3230203d3e2030.roa
Signing time: Fri 03 Feb 2023 09:18:14 +0000
ROA not before: Fri 03 Feb 2023 09:13:14 +0000
ROA not after: Fri 02 Feb 2024 09:18:14 +0000
asID: 0
IP address blocks: 148.135.64.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:b9:28:a3:5c:b5:38:72:0f:ac:65:b1:af:1c:38:13:12:30:95:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 3 09:13:14 2023 GMT
Not After : Feb 2 09:18:14 2024 GMT
Subject: CN=2159AB7D804B1E4323C0636E5B92C2626BEC099D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:02:da:af:a3:6c:34:ae:6c:e9:61:34:ee:1a:
e2:aa:67:9d:03:de:fe:5b:70:df:43:a0:36:85:38:
c7:86:f3:fc:e5:0f:c2:1e:b9:12:e2:0a:59:87:d5:
d9:bd:15:48:0c:82:be:c5:9b:28:2f:65:11:0d:73:
04:00:42:05:d2:68:64:85:96:db:cf:ce:ad:2f:56:
dc:c0:05:42:ae:d2:eb:27:1b:20:66:55:1a:f6:34:
18:11:ea:2b:27:ee:f3:83:90:3a:e8:97:78:9f:c4:
45:c2:44:30:74:f4:fa:0f:f1:68:c5:20:cc:3c:c2:
97:b5:01:bb:d5:27:75:50:da:9d:d5:ef:99:22:e6:
82:9a:df:58:b6:4f:8b:83:df:5c:0f:3b:01:b3:4b:
ef:1e:3c:bb:26:d5:73:b6:30:1c:c7:7a:2b:fc:86:
ab:0e:9b:12:84:30:3c:e9:dd:98:91:80:16:26:7f:
2a:16:0a:7e:a1:c2:d4:5b:9e:72:e3:22:55:78:9b:
c8:89:ee:ac:4a:2b:52:ae:92:5e:c7:f6:a8:99:ca:
ad:39:68:6a:e5:c2:d5:dd:65:42:44:5e:8d:56:3c:
01:b7:61:b2:e0:ba:6e:21:d9:a7:75:8f:9b:36:25:
0e:0e:1e:3b:fe:1e:a1:77:0b:ca:d6:8d:dd:5b:bb:
a2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:59:AB:7D:80:4B:1E:43:23:C0:63:6E:5B:92:C2:62:6B:EC:09:9D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/3134382e3133352e36342e302f32302d3230203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
148.135.64.0/20
Signature Algorithm: sha256WithRSAEncryption
31:a2:f2:7d:b5:1c:59:db:62:29:c5:0e:2a:60:7d:48:72:e3:
3d:d6:c0:04:43:e9:11:6f:50:b3:89:11:44:e7:a0:fa:15:ae:
e9:cc:e5:c1:d8:a8:e7:a1:11:13:9f:91:03:54:29:4b:21:fa:
07:81:61:28:e2:91:42:cc:98:52:7a:09:ca:79:bb:a4:14:43:
11:8f:51:52:2a:4b:6a:8c:fb:fa:75:6a:bc:85:bf:59:05:90:
1a:81:b7:40:e2:1b:b6:a1:d0:09:31:be:69:86:7c:c3:64:8b:
77:a4:ae:2c:03:40:ca:9f:cd:a5:d1:75:ca:a5:47:a8:95:47:
60:51:45:af:2c:d5:1b:73:40:79:a3:f6:fe:51:71:19:5a:a7:
06:4d:b4:85:a1:06:b8:2c:05:b1:16:9f:01:09:03:9c:ff:51:
29:66:4d:48:0a:57:15:bd:33:c6:9c:92:e1:89:bd:0e:f4:9d:
c1:8a:a1:89:e9:c1:db:e1:ed:96:21:e6:0b:43:8f:78:57:13:
11:3a:cb:f9:b7:6d:24:20:09:19:4b:56:99:62:26:b8:1e:4c:
64:4e:4f:9a:b8:16:2d:8a:72:07:3e:5d:f4:22:50:4d:fb:e9:
ac:fb:ac:8c:17:42:33:5e:2e:d2:71:d6:33:f7:a4:b0:7b:cd:
e7:4e:f8:34
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUXrkoo1y1OHIPrGWxrxw4ExIwlTEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yMzAyMDMwOTEzMTRaFw0yNDAyMDIwOTE4MTRaMDMxMTAvBgNV
BAMTKDIxNTlBQjdEODA0QjFFNDMyM0MwNjM2RTVCOTJDMjYyNkJFQzA5OUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1Atqvo2w0rmzpYTTuGuKqZ50D
3v5bcN9DoDaFOMeG8/zlD8IeuRLiClmH1dm9FUgMgr7FmygvZRENcwQAQgXSaGSF
ltvPzq0vVtzABUKu0usnGyBmVRr2NBgR6isn7vODkDrol3ifxEXCRDB09PoP8WjF
IMw8wpe1AbvVJ3VQ2p3V75ki5oKa31i2T4uD31wPOwGzS+8ePLsm1XO2MBzHeiv8
hqsOmxKEMDzp3ZiRgBYmfyoWCn6hwtRbnnLjIlV4m8iJ7qxKK1Kukl7H9qiZyq05
aGrlwtXdZUJEXo1WPAG3YbLgum4h2ad1j5s2JQ4OHjv+HqF3C8rWjd1bu6KtAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUIVmrfYBLHkMjwGNuW5LCYmvsCZ0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDliZTNhYWUt
YWVhMS00MWRjLWIxYjktOTVhYzU5MTgyNDRkLzAvMzEzNDM4MmUzMTMzMzUyZTM2
MzQyZTMwMmYzMjMwMmQzMjMwMjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBJSHQDANBgkq
hkiG9w0BAQsFAAOCAQEAMaLyfbUcWdtiKcUOKmB9SHLjPdbABEPpEW9Qs4kRROeg
+hWu6czlwdio56ERE5+RA1QpSyH6B4FhKOKRQsyYUnoJynm7pBRDEY9RUipLaoz7
+nVqvIW/WQWQGoG3QOIbtqHQCTG+aYZ8w2SLd6SuLANAyp/NpdF1yqVHqJVHYFFF
ryzVG3NAeaP2/lFxGVqnBk20haEGuCwFsRafAQkDnP9RKWZNSApXFb0zxpyS4Ym9
DvSdwYqhienB2+HtliHmC0OPeFcTETrL+bdtJCAJGUtWmWImuB5MZE5PmrgWLYpy
Bz5d9CJQTfvprPusjBdCM14u0nHWM/eksHvN5074NA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:09 2024 by rpki-client on console-fra.rpki-client.org