Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3231322e31382e3131342e302f32342d3234203d3e20383334.roa
File: 3231322e31382e3131342e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: zHYZ8wSnP602xObnKvoL+ldOtxgsfIGrozGKOxgbu/I=
Subject key identifier: FE:1A:E4:EF:FC:22:57:1F:AE:A5:47:7A:97:E6:40:1D:61:4F:F2:29
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 10AF4CE67AF8232F19DCCC78973ABF51D9976EEB
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3231322e31382e3131342e302f32342d3234203d3e20383334.roa
Signing time: Wed 27 Dec 2023 10:01:42 +0000
ROA not before: Wed 27 Dec 2023 09:56:42 +0000
ROA not after: Wed 25 Dec 2024 10:01:42 +0000
asID: 834
IP address blocks: 212.18.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:af:4c:e6:7a:f8:23:2f:19:dc:cc:78:97:3a:bf:51:d9:97:6e:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Dec 27 09:56:42 2023 GMT
Not After : Dec 25 10:01:42 2024 GMT
Subject: CN=FE1AE4EFFC22571FAEA5477A97E6401D614FF229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1c:da:08:59:81:e7:22:d2:be:92:0e:b1:54:
c1:80:1f:86:ed:5e:3c:51:c2:3b:07:30:f4:5d:03:
b3:7b:80:14:23:c0:c3:ef:15:20:f4:fe:d9:27:3b:
2b:d1:32:9f:83:6f:cd:de:92:91:46:68:76:eb:9d:
ca:b5:ee:d5:5c:dd:2f:4c:cb:71:8c:cc:48:01:ac:
3c:f2:d2:df:54:25:3a:40:3f:df:a2:a1:49:cd:13:
3c:67:13:da:4c:0d:a9:49:7a:1e:75:67:0d:cd:38:
0b:ec:29:88:77:27:24:d9:4a:da:45:83:31:bb:fe:
8e:10:33:4e:5a:34:08:74:7c:9b:da:85:b5:be:b2:
71:ee:38:90:5e:d1:fd:98:b4:b5:03:5a:8f:e8:98:
06:7a:0a:cd:e7:8c:3f:e2:64:89:34:05:9b:61:72:
1c:f3:81:7d:f8:15:51:55:93:2b:b1:68:c7:8d:82:
63:16:02:a8:fa:1f:35:5a:a9:0f:c1:72:3b:ca:d4:
3c:be:9b:ed:2d:ad:6f:ef:fc:40:a6:8d:8f:29:1d:
fc:ba:39:40:cb:ac:f9:04:ab:ae:cd:79:a9:c2:fc:
05:98:6c:12:a1:ad:f4:1e:bd:59:3a:15:08:a0:ec:
2d:89:20:e5:44:2a:4e:bc:87:c9:c5:35:65:65:e3:
f0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:1A:E4:EF:FC:22:57:1F:AE:A5:47:7A:97:E6:40:1D:61:4F:F2:29
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3231322e31382e3131342e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.18.114.0/24
Signature Algorithm: sha256WithRSAEncryption
15:5e:c1:cc:a6:2b:b4:fb:35:b9:8c:dd:e2:68:4b:58:14:6f:
96:90:17:73:88:5d:af:05:95:28:3d:3a:0b:9d:20:2f:e3:41:
37:34:ea:93:c6:e9:d9:df:da:ae:40:07:51:f0:17:e6:8c:ae:
1f:42:4d:30:d3:78:a0:b2:58:1c:33:87:a2:92:14:b4:8e:6d:
00:ec:2e:27:67:9b:8c:31:bd:c0:2c:d1:b8:82:75:c0:0a:ca:
c2:c8:3e:de:89:33:8e:1d:bf:d0:f2:c8:2e:6b:14:c0:4e:22:
aa:44:fd:54:c6:da:2d:f9:80:c9:12:46:16:b2:47:b6:7c:39:
9e:96:87:e5:a4:39:4c:63:24:0c:76:20:70:16:eb:90:77:bd:
ee:ed:5a:83:b0:dd:e2:97:08:78:d5:22:f1:d7:02:ce:37:09:
cf:b3:7c:43:fa:b8:49:7f:a2:c8:3c:50:b0:f1:2c:a9:fc:0f:
47:c7:9e:88:d6:67:25:79:68:b6:32:9d:57:14:8b:90:89:07:
c6:9e:fb:ae:3f:fe:5c:cc:38:51:5d:d7:04:20:9d:78:db:a1:
c1:4b:8b:d4:18:bb:60:66:a7:46:01:e2:ea:b0:77:cb:75:55:
8f:32:a6:cc:35:e3:e7:d8:c7:d0:7f:8e:0a:de:f4:7f:8e:4f:
82:c3:20:3d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUEK9M5nr4Iy8Z3Mx4lzq/UdmXbuswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzEyMjcwOTU2NDJaFw0yNDEyMjUxMDAxNDJaMDMxMTAvBgNV
BAMTKEZFMUFFNEVGRkMyMjU3MUZBRUE1NDc3QTk3RTY0MDFENjE0RkYyMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWHNoIWYHnItK+kg6xVMGAH4bt
XjxRwjsHMPRdA7N7gBQjwMPvFSD0/tknOyvRMp+Db83ekpFGaHbrncq17tVc3S9M
y3GMzEgBrDzy0t9UJTpAP9+ioUnNEzxnE9pMDalJeh51Zw3NOAvsKYh3JyTZStpF
gzG7/o4QM05aNAh0fJvahbW+snHuOJBe0f2YtLUDWo/omAZ6Cs3njD/iZIk0BZth
chzzgX34FVFVkyuxaMeNgmMWAqj6HzVaqQ/BcjvK1Dy+m+0trW/v/ECmjY8pHfy6
OUDLrPkEq67NeanC/AWYbBKhrfQevVk6FQig7C2JIOVEKk68h8nFNWVl4/C5AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU/hrk7/wiVx+upUd6l+ZAHWFP8ikwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzIzMTMyMmUzMTM4MmUzMTMx
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADUEnIw
DQYJKoZIhvcNAQELBQADggEBABVewcymK7T7NbmM3eJoS1gUb5aQF3OIXa8FlSg9
OgudIC/jQTc06pPG6dnf2q5AB1HwF+aMrh9CTTDTeKCyWBwzh6KSFLSObQDsLidn
m4wxvcAs0biCdcAKysLIPt6JM44dv9DyyC5rFMBOIqpE/VTG2i35gMkSRhayR7Z8
OZ6Wh+WkOUxjJAx2IHAW65B3ve7tWoOw3eKXCHjVIvHXAs43Cc+zfEP6uEl/osg8
ULDxLKn8D0fHnojWZyV5aLYynVcUi5CJB8ae+64//lzMOFFd1wQgnXjbocFLi9QY
u2Bmp0YB4uqwd8t1VY8ypsw14+fYx9B/jgre9H+OT4LDID0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:16:18 2025 by rpki-client