Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32332d3234203d3e203335393133.roa
File: 3139342e33312e3139362e302f32332d3234203d3e203335393133.roa (raw, json)
Hash identifier: bjk33VbKNtqGW52o9cQu2gHyu9rMU96ZHLW4i2UnlFE=
Subject key identifier: 8D:B3:3A:93:73:7F:4E:4E:74:E3:CA:C2:05:1A:1C:5C:A1:2C:2A:DD
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 4B4746384BFF391837F34C2E857A94146200CAB9
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32332d3234203d3e203335393133.roa
Signing time: Wed 26 Jul 2023 07:13:28 +0000
ROA not before: Wed 26 Jul 2023 07:08:28 +0000
ROA not after: Wed 24 Jul 2024 07:13:28 +0000
asID: 35913
IP address blocks: 194.31.196.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:47:46:38:4b:ff:39:18:37:f3:4c:2e:85:7a:94:14:62:00:ca:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jul 26 07:08:28 2023 GMT
Not After : Jul 24 07:13:28 2024 GMT
Subject: CN=8DB33A93737F4E4E74E3CAC2051A1C5CA12C2ADD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:95:5c:b0:03:fb:49:51:58:10:82:0c:65:4f:
ac:41:84:ac:a9:20:6b:70:00:00:47:1d:40:65:a5:
a8:04:ae:38:8f:f1:6d:cb:51:a5:fb:05:69:81:13:
a2:29:fc:eb:90:9f:f1:d1:4e:12:85:7c:c7:27:f8:
2e:38:15:be:69:d4:07:71:68:4b:df:42:69:b2:5b:
ef:64:e1:f6:99:3a:a6:fa:9b:82:0b:4e:fa:5b:e1:
6d:85:5c:93:52:32:0b:21:3c:ac:dc:85:0a:b1:a0:
5c:70:7c:ad:ef:09:0a:cc:d2:79:d0:e9:ba:bf:7e:
a0:43:db:11:fd:4f:ee:4c:58:71:27:56:2c:e2:79:
c8:62:12:40:9c:50:2f:30:98:c8:db:fe:d5:08:30:
73:59:fd:53:e1:e8:dc:69:06:63:3a:1e:69:a8:3f:
23:f3:5f:f7:93:db:a1:3e:ea:ff:2f:15:49:7a:a7:
97:a8:57:82:63:fa:59:9f:ad:25:48:52:06:57:ec:
6b:60:9b:d4:e1:63:b6:4a:20:ac:9e:8b:73:ef:a2:
05:8e:53:a4:58:09:cb:86:e6:1e:1d:27:fe:68:94:
4a:09:3a:c8:3f:ec:20:98:53:e4:d2:4c:ca:70:2e:
73:51:bd:9f:07:dd:96:5b:a4:d4:3a:c9:dc:f8:31:
a4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:B3:3A:93:73:7F:4E:4E:74:E3:CA:C2:05:1A:1C:5C:A1:2C:2A:DD
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32332d3234203d3e203335393133.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.196.0/23
Signature Algorithm: sha256WithRSAEncryption
23:bc:f1:7d:cd:3d:33:99:bb:a3:75:f0:79:e2:ee:8a:40:43:
7e:7e:28:77:c3:80:07:35:45:64:61:bd:47:b6:3e:da:d9:b0:
7b:d5:b9:67:0d:52:2d:9c:de:a1:7e:c6:68:20:24:c5:d0:c4:
7c:73:7f:2f:91:d5:28:4a:a7:02:04:0f:8e:bf:1c:ae:18:8e:
27:59:73:f8:2e:02:2e:39:23:f6:7b:ac:51:57:ba:9a:c2:c7:
73:38:b3:59:07:e9:3c:a1:9a:3f:0d:9c:4d:c5:d8:82:7a:bf:
18:f1:d9:45:8e:ff:79:97:5a:b1:8a:1f:7c:02:36:51:26:14:
5f:25:9b:51:df:8f:8b:09:00:08:05:04:94:96:ab:66:07:34:
49:7b:e4:1e:5e:79:9b:d2:37:49:5e:9d:36:65:9d:f2:7b:45:
90:92:f3:84:1c:e4:27:2b:f2:62:90:d3:ae:a4:8c:93:e1:05:
36:15:c4:85:24:58:9b:a4:48:33:a4:21:a7:34:78:7c:ff:f4:
8c:13:f3:46:aa:9a:37:ce:a5:7f:53:35:cd:f5:2c:b7:45:96:
dc:9f:aa:b4:ee:2b:3a:77:fb:75:e8:a7:0d:5a:5f:63:72:4a:
6f:7b:26:0d:ad:ae:16:6d:59:7e:27:40:a8:1e:f7:98:db:b2:
9d:4e:26:1f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUS0dGOEv/ORg380wuhXqUFGIAyrkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzA3MjYwNzA4MjhaFw0yNDA3MjQwNzEzMjhaMDMxMTAvBgNV
BAMTKDhEQjMzQTkzNzM3RjRFNEU3NEUzQ0FDMjA1MUExQzVDQTEyQzJBREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTlVywA/tJUVgQggxlT6xBhKyp
IGtwAABHHUBlpagErjiP8W3LUaX7BWmBE6Ip/OuQn/HRThKFfMcn+C44Fb5p1Adx
aEvfQmmyW+9k4faZOqb6m4ILTvpb4W2FXJNSMgshPKzchQqxoFxwfK3vCQrM0nnQ
6bq/fqBD2xH9T+5MWHEnViziechiEkCcUC8wmMjb/tUIMHNZ/VPh6NxpBmM6Hmmo
PyPzX/eT26E+6v8vFUl6p5eoV4Jj+lmfrSVIUgZX7Gtgm9ThY7ZKIKyei3PvogWO
U6RYCcuG5h4dJ/5olEoJOsg/7CCYU+TSTMpwLnNRvZ8H3ZZbpNQ6ydz4MaSPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUjbM6k3N/Tk5048rCBRocXKEsKt0wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzYyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMzM1MzkzMTMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
wh/EMA0GCSqGSIb3DQEBCwUAA4IBAQAjvPF9zT0zmbujdfB54u6KQEN+fih3w4AH
NUVkYb1Htj7a2bB71blnDVItnN6hfsZoICTF0MR8c38vkdUoSqcCBA+OvxyuGI4n
WXP4LgIuOSP2e6xRV7qawsdzOLNZB+k8oZo/DZxNxdiCer8Y8dlFjv95l1qxih98
AjZRJhRfJZtR34+LCQAIBQSUlqtmBzRJe+QeXnmb0jdJXp02ZZ3ye0WQkvOEHOQn
K/JikNOupIyT4QU2FcSFJFibpEgzpCGnNHh8//SME/NGqpo3zqV/UzXN9Sy3RZbc
n6q07is6d/t16KcNWl9jckpveyYNra4WbVl+J0CoHveY27KdTiYf
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:10:54 2025 by rpki-client