Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32332d3234203d3e203239313139.roa
File: 3139342e33312e3139362e302f32332d3234203d3e203239313139.roa (raw, json)
Hash identifier: A11pXemaecnNi/OzcOzMWLL4WDJO8c83Hlje9Vow6Qo=
Subject key identifier: DE:27:8D:BD:4B:30:1D:FF:37:77:23:CB:7E:96:54:33:A1:6B:9D:F9
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 610E508710C3971297BE99C8C9F7F859682A6DFE
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32332d3234203d3e203239313139.roa
Signing time: Tue 24 Jan 2023 15:39:26 +0000
ROA not before: Tue 24 Jan 2023 15:34:26 +0000
ROA not after: Tue 23 Jan 2024 15:39:26 +0000
asID: 29119
IP address blocks: 194.31.196.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:0e:50:87:10:c3:97:12:97:be:99:c8:c9:f7:f8:59:68:2a:6d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jan 24 15:34:26 2023 GMT
Not After : Jan 23 15:39:26 2024 GMT
Subject: CN=DE278DBD4B301DFF377723CB7E965433A16B9DF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:04:b3:aa:fe:d0:ca:60:66:c7:5c:42:8a:25:
77:ae:53:28:94:19:e0:c9:ee:01:d2:fa:7f:16:d1:
c5:7a:52:43:5e:fe:37:6a:46:e4:6d:d1:77:f9:af:
11:1c:a1:f3:77:f7:73:0d:38:34:77:6d:55:80:d8:
08:6c:33:cb:c4:f8:a2:4e:53:df:0f:e7:af:8e:53:
59:0b:d0:01:f5:16:7e:9e:96:63:61:41:78:ae:74:
d0:46:8f:79:b4:70:30:07:15:f0:35:11:0e:52:95:
69:08:b4:8c:04:8b:cf:2b:8e:1a:56:fe:54:55:40:
90:17:a9:e7:63:73:ef:1b:05:15:5f:5c:f1:73:78:
bc:11:cb:bb:f2:0a:6a:3e:c5:cd:57:25:1c:6d:e3:
0a:0d:95:3a:4e:d2:a2:3c:0e:3d:f1:f6:36:7a:3e:
e1:22:bf:33:e2:2e:0d:90:6b:67:fc:39:6a:37:93:
f8:b2:57:a0:c4:33:9c:1e:46:f7:18:22:c1:fd:17:
37:b5:ed:12:ab:79:19:cf:6c:c8:07:ee:f4:e8:1e:
60:d4:d0:b6:1d:0e:c1:d1:02:cf:18:25:74:3c:f9:
6d:bb:79:ab:28:b4:89:24:4f:a3:4a:7f:83:62:69:
b5:29:36:11:64:e9:a7:2b:4c:dc:ff:b0:a4:f9:10:
e9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:27:8D:BD:4B:30:1D:FF:37:77:23:CB:7E:96:54:33:A1:6B:9D:F9
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32332d3234203d3e203239313139.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.196.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:20:13:14:5a:5a:0e:d5:f0:d1:18:93:d8:ee:5d:76:71:13:
28:68:76:ce:c9:04:f3:68:82:18:f3:db:71:30:27:04:d8:31:
a4:0c:f6:88:6a:84:87:eb:a3:7c:de:fc:b4:d4:65:14:71:ad:
12:57:f8:44:34:41:be:51:f3:66:9b:27:bb:d8:17:91:fb:5a:
4f:b8:84:a5:18:74:b7:01:b8:e2:de:b3:ba:79:6d:6c:d8:54:
43:96:97:e6:34:5f:94:fc:e2:85:1f:0d:df:05:51:49:af:4b:
92:58:4d:d8:61:52:42:81:fd:b8:d0:0b:79:10:69:ae:ad:54:
6a:1c:de:0c:96:d7:df:11:3e:1a:54:3f:cb:70:30:8f:00:bf:
e1:a6:a5:e3:07:c5:86:fe:ec:44:34:e5:e1:a5:ab:1e:ac:5d:
6f:d8:29:3b:a9:e9:99:51:af:cd:38:66:85:f5:83:67:eb:af:
b1:eb:f4:8b:1e:8d:c3:67:c3:4b:a9:7d:5d:02:e6:4b:be:55:
2f:61:2f:68:39:43:97:29:0f:7c:bc:9c:c7:b2:5a:fc:8b:e0:
da:e1:0f:47:a5:e1:f2:e3:7e:d6:10:de:03:bd:85:9a:73:ac:
b3:cd:d1:fb:ae:27:1d:18:56:41:1d:2e:2d:c0:a7:fa:51:15:
c1:eb:bd:13
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYQ5QhxDDlxKXvpnIyff4WWgqbf4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzAxMjQxNTM0MjZaFw0yNDAxMjMxNTM5MjZaMDMxMTAvBgNV
BAMTKERFMjc4REJENEIzMDFERkYzNzc3MjNDQjdFOTY1NDMzQTE2QjlERjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/BLOq/tDKYGbHXEKKJXeuUyiU
GeDJ7gHS+n8W0cV6UkNe/jdqRuRt0Xf5rxEcofN393MNODR3bVWA2AhsM8vE+KJO
U98P56+OU1kL0AH1Fn6elmNhQXiudNBGj3m0cDAHFfA1EQ5SlWkItIwEi88rjhpW
/lRVQJAXqedjc+8bBRVfXPFzeLwRy7vyCmo+xc1XJRxt4woNlTpO0qI8Dj3x9jZ6
PuEivzPiLg2Qa2f8OWo3k/iyV6DEM5weRvcYIsH9Fze17RKreRnPbMgH7vToHmDU
0LYdDsHRAs8YJXQ8+W27easotIkkT6NKf4NiabUpNhFk6acrTNz/sKT5EOmhAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU3ieNvUswHf83dyPLfpZUM6FrnfkwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzYyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMjM5MzEzMTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
wh/EMA0GCSqGSIb3DQEBCwUAA4IBAQCgIBMUWloO1fDRGJPY7l12cRMoaHbOyQTz
aIIY89txMCcE2DGkDPaIaoSH66N83vy01GUUca0SV/hENEG+UfNmmye72BeR+1pP
uISlGHS3Abji3rO6eW1s2FRDlpfmNF+U/OKFHw3fBVFJr0uSWE3YYVJCgf240At5
EGmurVRqHN4MltffET4aVD/LcDCPAL/hpqXjB8WG/uxENOXhpaserF1v2Ck7qemZ
Ua/NOGaF9YNn66+x6/SLHo3DZ8NLqX1dAuZLvlUvYS9oOUOXKQ98vJzHslr8i+Da
4Q9HpeHy437WEN4DvYWac6yzzdH7ricdGFZBHS4twKf6URXB670T
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:10 2024 by rpki-client on console-fra.rpki-client.org