Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e203233343730.roa
File: 38352e3230392e3232382e302f32342d3234203d3e203233343730.roa (raw, json)
Hash identifier: ajIG69Em5cZ54V0j8ygaTN89dG21ArIy4zEHm3Nes6k=
Subject key identifier: 17:DF:D5:2C:A2:72:C7:9F:49:64:20:C5:3E:70:2D:26:F8:6D:37:7A
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 6468CBB250E8F7AE1BDB0B5BEBF12B37DBF23D5C
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e203233343730.roa
Signing time: Sat 10 Feb 2024 05:59:46 +0000
ROA not before: Sat 10 Feb 2024 05:54:46 +0000
ROA not after: Sat 08 Feb 2025 05:59:46 +0000
asID: 23470
IP address blocks: 85.209.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:68:cb:b2:50:e8:f7:ae:1b:db:0b:5b:eb:f1:2b:37:db:f2:3d:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Feb 10 05:54:46 2024 GMT
Not After : Feb 8 05:59:46 2025 GMT
Subject: CN=17DFD52CA272C79F496420C53E702D26F86D377A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8b:36:73:e7:e4:69:6f:f9:c7:4a:80:9b:40:
45:01:f6:8e:64:f3:42:14:75:6b:5b:5c:b4:2e:02:
63:e5:5d:30:bc:cf:85:20:95:6d:bd:cd:d8:06:6e:
5c:5f:58:d1:46:f3:ef:51:47:48:52:f1:2b:e7:d5:
dc:44:82:7f:61:cf:d3:b5:1a:cc:b8:33:ae:fe:c8:
6b:7a:d4:85:44:2f:f0:d3:25:96:89:9d:29:62:a1:
d6:f6:5f:36:2e:00:34:23:79:44:2e:35:a8:bb:fa:
64:a1:25:91:3d:95:e4:79:8b:34:14:b6:c9:86:dc:
ce:c3:8e:44:37:21:ea:ba:c2:7f:cc:df:36:34:63:
53:74:7c:c1:47:c9:4a:6f:96:20:37:f1:26:4e:43:
a5:96:83:32:82:8d:a1:25:ba:af:a6:45:8c:8b:6c:
db:09:bc:de:ce:cf:f0:26:80:ab:90:e0:4a:a2:13:
bd:c3:79:71:cd:e2:c0:34:64:85:ba:be:1d:7b:38:
ef:1f:0c:84:41:26:96:39:4a:25:6c:46:ee:66:5a:
22:75:df:f6:c3:04:92:8a:cd:a7:0e:44:99:00:49:
3e:c0:84:eb:46:d4:52:ed:84:15:bd:1b:5d:af:64:
ee:c3:14:96:b2:e9:76:c6:80:1a:91:61:8c:37:d6:
71:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:DF:D5:2C:A2:72:C7:9F:49:64:20:C5:3E:70:2D:26:F8:6D:37:7A
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e203233343730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.228.0/24
Signature Algorithm: sha256WithRSAEncryption
72:f6:4b:b8:29:0d:61:44:73:9e:9b:7f:de:44:2a:06:eb:41:
99:37:cc:9f:2f:f0:36:b2:ae:8a:59:93:3e:00:f3:f2:48:d3:
6b:86:b1:9d:e0:c5:34:6d:82:92:04:32:f4:a1:95:5d:cc:79:
87:8a:f2:72:83:e4:a7:e6:14:c0:44:31:8b:1e:34:5a:af:97:
5f:db:eb:e9:bb:cf:da:a7:33:44:91:69:a3:c9:1b:ad:ff:6a:
82:60:1c:a0:30:e1:98:e2:31:f9:eb:9b:1b:aa:10:df:ba:14:
da:19:30:23:b9:48:65:6b:7d:76:18:c6:f7:0d:c5:a6:f2:ce:
b8:0c:c1:a6:be:19:f7:be:58:dd:3d:0e:fd:ac:dc:15:6d:4a:
e3:f7:92:1b:46:27:d8:9a:09:31:80:57:26:40:94:98:60:2a:
6d:2b:fc:03:40:7c:a2:7d:57:52:8d:c9:87:54:29:f0:75:fb:
8f:1e:81:3f:14:aa:13:1d:42:d8:85:14:99:8c:1e:47:fa:42:
57:6c:2e:63:05:18:2d:24:d8:b1:99:1b:fb:04:46:9f:14:42:
b0:c2:5d:24:4b:58:37:6e:1f:71:0f:18:2f:79:d1:b9:f3:7d:
56:5b:63:55:c3:6a:87:19:4d:27:00:ea:a4:b0:d1:33:ec:a4:
b3:1d:d3:7c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZGjLslDo964b2wtb6/ErN9vyPVwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNDAyMTAwNTU0NDZaFw0yNTAyMDgwNTU5NDZaMDMxMTAvBgNV
BAMTKDE3REZENTJDQTI3MkM3OUY0OTY0MjBDNTNFNzAyRDI2Rjg2RDM3N0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvizZz5+Rpb/nHSoCbQEUB9o5k
80IUdWtbXLQuAmPlXTC8z4UglW29zdgGblxfWNFG8+9RR0hS8Svn1dxEgn9hz9O1
Gsy4M67+yGt61IVEL/DTJZaJnSliodb2XzYuADQjeUQuNai7+mShJZE9leR5izQU
tsmG3M7DjkQ3Ieq6wn/M3zY0Y1N0fMFHyUpvliA38SZOQ6WWgzKCjaEluq+mRYyL
bNsJvN7Oz/AmgKuQ4EqiE73DeXHN4sA0ZIW6vh17OO8fDIRBJpY5SiVsRu5mWiJ1
3/bDBJKKzacORJkAST7AhOtG1FLthBW9G12vZO7DFJay6XbGgBqRYYw31nF5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUF9/VLKJyx59JZCDFPnAtJvhtN3owHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMzMzQzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHkMA0GCSqGSIb3DQEBCwUAA4IBAQBy9ku4KQ1hRHOem3/eRCoG60GZN8yfL/A2
sq6KWZM+APPySNNrhrGd4MU0bYKSBDL0oZVdzHmHivJyg+Sn5hTARDGLHjRar5df
2+vpu8/apzNEkWmjyRut/2qCYBygMOGY4jH565sbqhDfuhTaGTAjuUhla312GMb3
DcWm8s64DMGmvhn3vljdPQ79rNwVbUrj95IbRifYmgkxgFcmQJSYYCptK/wDQHyi
fVdSjcmHVCnwdfuPHoE/FKoTHULYhRSZjB5H+kJXbC5jBRgtJNixmRv7BEafFEKw
wl0kS1g3bh9xDxgvedG5831WW2NVw2qHGU0nAOqksNEz7KSzHdN8
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:22:28 2025 by rpki-client