Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e203632323430.roa
File: 38352e3230392e3232382e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: s9995LUDVcD9uMF9q/9gDCbmiVPSinQCu/Roq2lPvy0=
Subject key identifier: 94:01:1F:47:F4:93:56:74:72:4E:B2:B8:28:6A:23:E3:31:8D:21:2C
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 64AE1EB0BB45FE9E89520EF75605F6622B72CFFA
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e203632323430.roa
Signing time: Tue 02 May 2023 01:09:46 +0000
ROA not before: Tue 02 May 2023 01:04:46 +0000
ROA not after: Tue 30 Apr 2024 01:09:46 +0000
asID: 62240
IP address blocks: 85.209.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:ae:1e:b0:bb:45:fe:9e:89:52:0e:f7:56:05:f6:62:2b:72:cf:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: May 2 01:04:46 2023 GMT
Not After : Apr 30 01:09:46 2024 GMT
Subject: CN=94011F47F4935674724EB2B8286A23E3318D212C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:55:ef:e6:bb:7e:6a:40:0f:34:ae:2d:9c:02:
40:16:3d:37:df:f5:b8:2e:92:60:cd:48:2e:cd:10:
34:e6:60:b1:61:14:05:56:8a:74:5d:23:f7:bc:b7:
bf:91:f1:fa:00:db:6c:0e:9a:ef:05:e9:40:c5:9b:
8a:fd:fc:4a:fd:04:d1:f5:d9:ad:df:d1:42:e2:39:
fc:98:95:91:73:b6:9d:1f:84:23:9d:79:48:c9:da:
8d:20:5d:8a:94:87:75:05:e8:7f:52:22:ff:44:e3:
51:f5:16:d9:00:eb:93:55:ef:c6:f6:f4:7b:f7:3f:
03:fb:69:ec:03:5e:b0:c4:44:37:1f:0d:fe:f6:a3:
ee:2f:d5:d8:4e:be:84:b4:97:cf:38:83:cc:da:7a:
a6:49:a7:bb:d2:b3:18:4a:7f:3c:2a:7a:72:68:fe:
b5:50:bb:6b:b2:20:82:2d:3a:50:8e:d7:06:e8:fc:
b1:e1:f3:3a:fc:4d:10:f0:38:3e:b6:33:f8:97:da:
19:72:b3:56:ba:c1:da:6a:69:8c:d4:67:94:7b:9e:
cf:c7:3b:34:0a:dc:e8:6d:5c:45:ec:fd:9f:fd:b4:
d8:89:1c:89:eb:46:16:6c:17:03:dd:bb:82:5c:be:
04:5d:91:a3:c5:93:6f:f4:ad:13:e5:02:7f:ad:9d:
9b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:01:1F:47:F4:93:56:74:72:4E:B2:B8:28:6A:23:E3:31:8D:21:2C
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.228.0/24
Signature Algorithm: sha256WithRSAEncryption
07:1a:e7:4c:dc:2d:41:4f:20:0d:21:22:f6:08:b6:48:bd:4d:
9b:45:82:4e:23:74:ac:11:5d:84:68:d0:20:f1:85:a0:3c:f9:
b1:c3:31:81:73:fe:e9:d8:e1:7a:29:0d:2b:b1:6f:50:22:b1:
11:16:07:ca:d4:61:8a:a6:47:2d:d0:cd:2d:0a:f8:74:7f:a6:
be:05:ee:c5:52:5f:2d:74:88:58:c5:02:fa:ae:1f:47:f2:4e:
a5:b7:80:77:59:6a:ff:fd:28:d3:5e:cc:f3:c5:cb:b8:0c:ee:
ed:39:b3:e2:30:d5:04:a5:89:5e:6f:6b:a0:34:83:8a:0d:bd:
e8:d4:f6:7c:67:09:d8:12:43:f0:e7:35:0a:35:ac:22:56:7f:
74:06:19:7b:04:12:39:2a:f9:00:0e:45:17:a1:b3:cb:3e:30:
b5:b7:48:4b:80:aa:ea:b8:53:85:02:9a:fb:ea:c3:28:c2:7d:
06:95:46:45:8a:8d:78:b6:6a:7c:d7:47:ce:64:a0:fe:68:3b:
aa:7f:1a:b8:f1:ae:64:73:ab:f3:c5:bb:33:a7:ea:93:b0:f4:
3e:c4:36:5a:13:28:f5:80:0a:c4:58:45:f3:6f:fe:68:77:99:
33:42:48:8a:a0:74:9c:39:ad:d0:4e:c7:4d:67:6c:cc:27:e1:
af:87:57:2e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZK4esLtF/p6JUg73VgX2Yityz/owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzA1MDIwMTA0NDZaFw0yNDA0MzAwMTA5NDZaMDMxMTAvBgNV
BAMTKDk0MDExRjQ3RjQ5MzU2NzQ3MjRFQjJCODI4NkEyM0UzMzE4RDIxMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbVe/mu35qQA80ri2cAkAWPTff
9bgukmDNSC7NEDTmYLFhFAVWinRdI/e8t7+R8foA22wOmu8F6UDFm4r9/Er9BNH1
2a3f0ULiOfyYlZFztp0fhCOdeUjJ2o0gXYqUh3UF6H9SIv9E41H1FtkA65NV78b2
9Hv3PwP7aewDXrDERDcfDf72o+4v1dhOvoS0l884g8zaeqZJp7vSsxhKfzwqenJo
/rVQu2uyIIItOlCO1wbo/LHh8zr8TRDwOD62M/iX2hlys1a6wdpqaYzUZ5R7ns/H
OzQK3OhtXEXs/Z/9tNiJHInrRhZsFwPdu4JcvgRdkaPFk2/0rRPlAn+tnZvvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUlAEfR/STVnRyTrK4KGoj4zGNISwwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMyMzIzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHkMA0GCSqGSIb3DQEBCwUAA4IBAQAHGudM3C1BTyANISL2CLZIvU2bRYJOI3Ss
EV2EaNAg8YWgPPmxwzGBc/7p2OF6KQ0rsW9QIrERFgfK1GGKpkct0M0tCvh0f6a+
Be7FUl8tdIhYxQL6rh9H8k6lt4B3WWr//SjTXszzxcu4DO7tObPiMNUEpYleb2ug
NIOKDb3o1PZ8ZwnYEkPw5zUKNawiVn90Bhl7BBI5KvkADkUXobPLPjC1t0hLgKrq
uFOFApr76sMown0GlUZFio14tmp810fOZKD+aDuqfxq48a5kc6vzxbszp+qTsPQ+
xDZaEyj1gArEWEXzb/5od5kzQkiKoHScOa3QTsdNZ2zMJ+Gvh1cu
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:56 2024 by rpki-client on console-ams.rpki-client.org