Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232392e302f32342d3234203d3e203631333137.roa
File: 38352e3230392e3232392e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: eFLUMn89UiuVZcP7x2RH2L5y3bD0bjI+mZeK44c3KNQ=
Subject key identifier: 26:3A:F2:6C:A0:83:81:FD:24:C9:85:E3:BD:09:C1:C6:1B:E9:08:3E
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 5912BDC40B24E28BC0024D5F0E9B5DDD41B3E3CC
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232392e302f32342d3234203d3e203631333137.roa
Signing time: Tue 24 Jan 2023 18:33:24 +0000
ROA not before: Tue 24 Jan 2023 18:28:24 +0000
ROA not after: Tue 23 Jan 2024 18:33:24 +0000
asID: 61317
IP address blocks: 85.209.229.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:12:bd:c4:0b:24:e2:8b:c0:02:4d:5f:0e:9b:5d:dd:41:b3:e3:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jan 24 18:28:24 2023 GMT
Not After : Jan 23 18:33:24 2024 GMT
Subject: CN=263AF26CA08381FD24C985E3BD09C1C61BE9083E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:4a:c7:af:90:71:6d:ef:67:19:c7:7b:0c:07:
ff:2d:bf:d2:f4:00:5a:36:9e:f1:4c:64:f6:18:5a:
f0:b4:96:53:dc:b5:61:0e:5f:86:e5:6e:f5:6c:56:
59:bc:95:0e:7a:08:45:7a:06:bc:0a:b0:f4:9e:de:
14:9f:ac:34:b3:ee:69:53:51:ff:a8:9a:6e:9f:00:
8a:f5:67:61:f5:8e:99:4a:6c:4d:c6:61:c1:f6:9b:
04:3a:26:06:09:b3:a4:4c:36:ce:48:a7:a6:e0:98:
76:e1:5a:fa:87:b6:09:c6:ed:0d:36:34:4a:23:61:
5d:10:c6:29:8c:3e:3c:55:80:89:79:c6:2b:f9:61:
0d:be:2e:cf:0f:04:4b:47:5f:81:d3:cf:e4:9e:46:
7f:a5:98:9e:e5:78:db:52:86:08:82:08:f6:1a:b4:
03:2c:40:02:13:60:73:45:a9:48:15:36:b2:dd:a0:
bc:bd:cd:e3:e8:f6:90:2e:c3:c4:67:10:f9:42:3b:
31:3c:75:59:3d:d3:84:94:92:f6:91:5b:43:96:d8:
9d:86:e8:98:85:11:02:15:2a:a0:1e:69:cf:c6:38:
da:29:76:9c:1e:2d:d8:6a:f6:2c:3f:25:c9:e1:4e:
b2:b3:4a:45:78:fc:cd:b8:12:9c:b1:aa:71:d6:62:
12:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:3A:F2:6C:A0:83:81:FD:24:C9:85:E3:BD:09:C1:C6:1B:E9:08:3E
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232392e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.229.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:b3:7a:12:10:d4:f7:1a:7e:07:89:16:73:9c:ed:6f:f7:32:
b7:c6:1e:ad:db:df:60:d1:fb:a9:40:17:e3:87:9d:e9:6c:20:
5a:b5:36:8a:5e:10:fe:4c:7f:e0:2f:44:83:be:78:47:50:c8:
08:21:9b:46:93:86:81:79:35:e3:b8:de:93:f3:03:ea:0c:7b:
30:f4:b0:04:cb:a2:92:e3:e3:b9:fd:87:69:8d:f9:18:35:ac:
0d:42:60:9c:98:20:ba:9f:d5:8f:e6:53:dc:aa:91:0e:5c:63:
fe:89:dd:3e:73:d4:c2:0f:df:0d:34:22:a8:b3:34:7c:ba:89:
08:82:69:a4:1f:e1:18:fb:12:67:07:f9:f6:1c:81:58:9c:21:
86:4b:b7:dc:4b:02:a5:d5:f9:59:78:e1:a8:be:45:e1:80:00:
85:b8:d2:7c:ff:86:f6:ce:c2:de:18:1a:fd:c3:24:85:cd:96:
02:a1:22:e2:d2:4f:bf:85:8d:8d:e8:f7:b7:15:10:b1:42:28:
79:38:73:35:a4:2f:74:d0:e3:96:56:0a:7b:ee:3b:b0:63:2d:
c6:67:46:cf:93:0e:f8:6b:86:56:87:6f:fb:9d:06:5d:ef:3e:
3e:b8:26:f5:30:51:c6:7b:46:3a:9a:26:74:8d:67:76:bc:2f:
e2:ca:12:1a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWRK9xAsk4ovAAk1fDptd3UGz48wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzAxMjQxODI4MjRaFw0yNDAxMjMxODMzMjRaMDMxMTAvBgNV
BAMTKDI2M0FGMjZDQTA4MzgxRkQyNEM5ODVFM0JEMDlDMUM2MUJFOTA4M0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgSsevkHFt72cZx3sMB/8tv9L0
AFo2nvFMZPYYWvC0llPctWEOX4blbvVsVlm8lQ56CEV6BrwKsPSe3hSfrDSz7mlT
Uf+omm6fAIr1Z2H1jplKbE3GYcH2mwQ6JgYJs6RMNs5Ip6bgmHbhWvqHtgnG7Q02
NEojYV0QximMPjxVgIl5xiv5YQ2+Ls8PBEtHX4HTz+SeRn+lmJ7leNtShgiCCPYa
tAMsQAITYHNFqUgVNrLdoLy9zePo9pAuw8RnEPlCOzE8dVk904SUkvaRW0OW2J2G
6JiFEQIVKqAeac/GONopdpweLdhq9iw/JcnhTrKzSkV4/M24EpyxqnHWYhI1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUJjrybKCDgf0kyYXjvQnBxhvpCD4wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHlMA0GCSqGSIb3DQEBCwUAA4IBAQCks3oSENT3Gn4HiRZznO1v9zK3xh6t299g
0fupQBfjh53pbCBatTaKXhD+TH/gL0SDvnhHUMgIIZtGk4aBeTXjuN6T8wPqDHsw
9LAEy6KS4+O5/YdpjfkYNawNQmCcmCC6n9WP5lPcqpEOXGP+id0+c9TCD98NNCKo
szR8uokIgmmkH+EY+xJnB/n2HIFYnCGGS7fcSwKl1flZeOGovkXhgACFuNJ8/4b2
zsLeGBr9wySFzZYCoSLi0k+/hY2N6Pe3FRCxQih5OHM1pC900OOWVgp77juwYy3G
Z0bPkw74a4ZWh2/7nQZd7z4+uCb1MFHGe0Y6miZ0jWd2vC/iyhIa
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:56 2024 by rpki-client on console-ams.rpki-client.org