Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e20323037323739.roa
File: 38352e3230392e3232382e302f32342d3234203d3e20323037323739.roa (raw, json)
Hash identifier: vqxJxe4F5PKKFbUXF6HDZ7JckX6b+7NUkNwnp5C49yg=
Subject key identifier: 87:7C:71:F0:25:03:0F:41:40:BF:48:2A:30:A7:8C:7A:ED:23:C4:16
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 5E9470D0CCF7630AD3473F8EA89CFC159EE93A5F
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e20323037323739.roa
Signing time: Fri 24 Feb 2023 11:06:47 +0000
ROA not before: Fri 24 Feb 2023 11:01:47 +0000
ROA not after: Fri 23 Feb 2024 11:06:47 +0000
asID: 207279
IP address blocks: 85.209.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:94:70:d0:cc:f7:63:0a:d3:47:3f:8e:a8:9c:fc:15:9e:e9:3a:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Feb 24 11:01:47 2023 GMT
Not After : Feb 23 11:06:47 2024 GMT
Subject: CN=877C71F025030F4140BF482A30A78C7AED23C416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2d:a4:62:57:a4:ee:65:f3:d4:6c:bb:64:08:
c8:08:21:32:0a:22:3a:8e:b6:e7:f8:fe:12:e4:18:
41:d4:3c:01:b4:c9:d8:48:e8:35:9e:bc:e7:6c:6a:
df:30:89:03:8a:38:45:76:5e:66:01:53:1a:b2:55:
9c:11:2c:d7:62:10:ff:8a:75:f5:60:90:54:ef:8b:
33:af:0a:ba:f9:4e:c4:ce:a2:c6:8f:2c:9a:7f:5d:
58:77:c3:c4:f0:9d:a2:e5:d1:02:eb:a0:bc:d4:a7:
2e:7b:52:bf:0d:8f:c1:be:df:f8:56:64:59:7f:34:
c1:0c:7f:84:87:87:76:09:d7:f9:ab:35:b3:f9:6a:
9b:93:04:7c:aa:d9:12:2e:55:5e:ff:01:f2:5f:bb:
89:6a:e4:b4:2e:a5:92:d7:75:72:b5:53:0e:10:d2:
2b:76:19:dd:77:05:aa:98:07:45:7f:8e:2c:49:4f:
ab:31:79:14:93:3a:fa:b5:8c:52:52:12:91:d6:9d:
68:20:f5:6f:5b:80:09:9c:13:da:e0:01:54:80:cb:
9a:fa:2c:84:54:8d:94:c7:ce:31:bf:81:5a:02:72:
e5:c8:58:70:01:ea:fb:95:54:70:86:48:98:1d:23:
61:54:15:bf:f6:4e:b3:ae:ff:42:f1:4c:c3:f5:0c:
6e:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:7C:71:F0:25:03:0F:41:40:BF:48:2A:30:A7:8C:7A:ED:23:C4:16
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e20323037323739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.228.0/24
Signature Algorithm: sha256WithRSAEncryption
35:61:02:d2:5b:a3:7c:a0:a0:56:9e:42:06:86:28:a0:dd:bc:
80:21:9d:07:99:2a:e5:1a:c5:c3:01:dd:95:a3:3f:66:a2:2b:
98:82:f9:87:03:c0:1d:53:ff:df:a3:a7:cc:80:ab:db:f5:45:
2e:ae:6b:57:41:10:2c:f6:17:0e:9d:69:1c:f7:fb:2f:ae:5d:
37:de:11:4a:45:ff:9e:6b:39:35:37:ef:2e:99:fc:31:0d:fa:
ac:5c:e2:24:fe:d0:a1:47:28:3d:9d:e5:9a:52:c8:1b:2f:ca:
af:bc:58:93:d2:29:03:ff:74:9a:3b:89:31:80:a5:03:0f:3b:
ca:dc:ae:a1:62:7c:cd:83:40:c8:68:ce:d8:ca:d2:76:cf:7d:
b0:cc:b4:76:0b:6a:03:8e:61:f2:87:53:9d:e3:08:2b:d5:b6:
d0:7f:aa:b4:6e:f5:ac:26:f6:fb:7e:0d:b3:ff:c4:93:2c:24:
e0:97:39:e9:5e:5b:b8:7e:73:20:fa:48:ca:96:43:6e:09:7a:
89:18:b0:a8:5d:d0:88:eb:57:93:17:99:ea:63:b4:fc:84:e7:
7c:0d:70:66:e6:d5:63:25:38:4f:82:27:1e:b4:c6:2e:50:bf:
c6:9c:94:01:67:53:9c:55:36:8a:c6:b3:9d:7a:4f:06:96:ff:
ed:b3:e2:d5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXpRw0Mz3YwrTRz+OqJz8FZ7pOl8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzAyMjQxMTAxNDdaFw0yNDAyMjMxMTA2NDdaMDMxMTAvBgNV
BAMTKDg3N0M3MUYwMjUwMzBGNDE0MEJGNDgyQTMwQTc4QzdBRUQyM0M0MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTLaRiV6TuZfPUbLtkCMgIITIK
IjqOtuf4/hLkGEHUPAG0ydhI6DWevOdsat8wiQOKOEV2XmYBUxqyVZwRLNdiEP+K
dfVgkFTvizOvCrr5TsTOosaPLJp/XVh3w8TwnaLl0QLroLzUpy57Ur8Nj8G+3/hW
ZFl/NMEMf4SHh3YJ1/mrNbP5apuTBHyq2RIuVV7/AfJfu4lq5LQupZLXdXK1Uw4Q
0it2Gd13BaqYB0V/jixJT6sxeRSTOvq1jFJSEpHWnWgg9W9bgAmcE9rgAVSAy5r6
LIRUjZTHzjG/gVoCcuXIWHAB6vuVVHCGSJgdI2FUFb/2TrOu/0LxTMP1DG79AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUh3xx8CUDD0FAv0gqMKeMeu0jxBYwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzczMjM3Mzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV0eQwDQYJKoZIhvcNAQELBQADggEBADVhAtJbo3ygoFaeQgaGKKDdvIAhnQeZ
KuUaxcMB3ZWjP2aiK5iC+YcDwB1T/9+jp8yAq9v1RS6ua1dBECz2Fw6daRz3+y+u
XTfeEUpF/55rOTU37y6Z/DEN+qxc4iT+0KFHKD2d5ZpSyBsvyq+8WJPSKQP/dJo7
iTGApQMPO8rcrqFifM2DQMhoztjK0nbPfbDMtHYLagOOYfKHU53jCCvVttB/qrRu
9awm9vt+DbP/xJMsJOCXOeleW7h+cyD6SMqWQ24JeokYsKhd0IjrV5MXmepjtPyE
53wNcGbm1WMlOE+CJx60xi5Qv8aclAFnU5xVNorGs516TwaW/+2z4tU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:10 2024 by rpki-client on console-fra.rpki-client.org