Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139382e302f32342d3234203d3e2039303837.roa
File: 3139332e3130392e3139382e302f32342d3234203d3e2039303837.roa (raw, json)
Hash identifier: wVMrh8azS1swGR0oxPO2dYGOXNuBrfAPwRjC+O5emVs=
Subject key identifier: 1A:D3:B0:47:53:30:48:42:E6:8F:7F:71:08:AC:33:D0:EA:54:59:95
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 1159AD39B57A2DD5E0F481522253EAA08BD86F8B
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139382e302f32342d3234203d3e2039303837.roa
Signing time: Mon 13 Nov 2023 06:27:58 +0000
ROA not before: Mon 13 Nov 2023 06:22:58 +0000
ROA not after: Mon 11 Nov 2024 06:27:58 +0000
asID: 9087
IP address blocks: 193.109.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:59:ad:39:b5:7a:2d:d5:e0:f4:81:52:22:53:ea:a0:8b:d8:6f:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 13 06:22:58 2023 GMT
Not After : Nov 11 06:27:58 2024 GMT
Subject: CN=1AD3B04753304842E68F7F7108AC33D0EA545995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d4:5e:4f:a8:4a:05:58:8c:23:92:6a:25:70:
89:e0:43:16:fb:19:62:9c:f5:e0:a2:fc:99:ba:fd:
be:bf:0f:ab:1b:6c:e1:7e:cd:53:e3:17:2e:ce:00:
cb:5d:56:8c:34:87:d1:78:38:66:10:51:a5:e1:2d:
fc:13:9b:ee:12:4e:06:f9:b6:75:0e:07:16:bd:fe:
c1:e3:37:ce:28:c7:0a:d4:f1:84:d9:68:fb:b4:e3:
7c:8a:8f:be:8c:36:9d:90:24:af:4a:87:90:84:c7:
22:b3:b2:a2:9d:69:23:36:88:11:58:f1:c6:51:4a:
66:3b:54:09:11:50:95:cd:9d:8e:87:e4:1d:46:15:
b3:20:b3:9a:91:d8:8e:57:ab:e5:6d:e7:4a:00:43:
46:73:2a:37:a7:5e:11:a4:01:c3:82:6f:ca:27:69:
8e:02:5d:38:9b:01:15:b4:12:c4:e8:d1:0b:35:4b:
ad:f4:7c:4f:51:8c:c7:ac:96:59:ff:e1:bb:11:3e:
ff:5c:3e:86:07:31:9a:d4:b8:4f:04:96:5d:e3:7e:
af:26:3e:4f:99:89:b7:c1:3c:94:cc:3f:77:75:e7:
50:d6:ab:73:9c:b8:ee:86:ce:88:18:12:48:ac:dd:
8c:16:5d:17:9e:ef:8f:9b:26:22:04:53:53:f0:c2:
74:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:D3:B0:47:53:30:48:42:E6:8F:7F:71:08:AC:33:D0:EA:54:59:95
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139382e302f32342d3234203d3e2039303837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.198.0/24
Signature Algorithm: sha256WithRSAEncryption
81:0c:74:ac:90:c4:08:a1:7d:64:c1:6a:d2:d4:99:f1:c7:13:
80:60:10:8b:e1:06:2c:36:2a:86:58:93:7f:19:03:77:c7:e2:
52:a2:5a:35:16:cb:8d:d5:0f:57:b9:95:cf:a7:84:d3:b0:ac:
ad:80:e0:5a:88:06:87:ec:49:0b:f2:84:38:5b:f9:10:9a:95:
a0:1b:83:c8:e3:1f:31:84:c3:03:0f:9c:4f:00:69:5a:f9:39:
97:e8:3d:b0:76:f4:8d:81:19:18:56:b6:ec:62:58:c1:ba:9c:
c7:36:ff:4d:49:a8:b8:b4:a4:06:ba:39:a8:d2:69:31:9c:65:
d1:69:3b:ed:2f:3f:d3:b6:1b:7a:0c:f8:c3:d7:34:3a:d4:e3:
06:59:ea:aa:c8:5f:09:f5:db:1e:de:fe:c0:8f:14:0f:61:6a:
21:82:91:76:21:75:51:82:a7:10:82:74:3e:32:7b:f2:1b:06:
26:ec:a7:b8:9f:68:84:60:50:bd:b6:4b:53:87:e7:26:19:52:
3c:27:78:e1:83:26:05:e5:18:5e:67:d1:84:6e:55:c6:cb:1f:
ee:6e:89:d6:5b:3d:2d:0e:6a:34:8a:29:b3:e7:e9:ed:c3:09:
f5:6b:37:9d:a7:7c:78:7a:46:b2:53:b9:28:ae:39:7c:e8:2a:
fe:b5:62:4c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEVmtObV6LdXg9IFSIlPqoIvYb4swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMTMwNjIyNThaFw0yNDExMTEwNjI3NThaMDMxMTAvBgNV
BAMTKDFBRDNCMDQ3NTMzMDQ4NDJFNjhGN0Y3MTA4QUMzM0QwRUE1NDU5OTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZ1F5PqEoFWIwjkmolcIngQxb7
GWKc9eCi/Jm6/b6/D6sbbOF+zVPjFy7OAMtdVow0h9F4OGYQUaXhLfwTm+4STgb5
tnUOBxa9/sHjN84oxwrU8YTZaPu043yKj76MNp2QJK9Kh5CExyKzsqKdaSM2iBFY
8cZRSmY7VAkRUJXNnY6H5B1GFbMgs5qR2I5Xq+Vt50oAQ0ZzKjenXhGkAcOCb8on
aY4CXTibARW0EsTo0Qs1S630fE9RjMeslln/4bsRPv9cPoYHMZrUuE8Ell3jfq8m
Pk+ZibfBPJTMP3d151DWq3OcuO6GzogYEkis3YwWXRee74+bJiIEU1PwwnTZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUGtOwR1MwSELmj39xCKwz0OpUWZUwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTMzMmUzMTMwMzkyZTMx
MzkzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM5MzAzODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wW3GMA0GCSqGSIb3DQEBCwUAA4IBAQCBDHSskMQIoX1kwWrS1JnxxxOAYBCL4QYs
NiqGWJN/GQN3x+JSolo1FsuN1Q9XuZXPp4TTsKytgOBaiAaH7EkL8oQ4W/kQmpWg
G4PI4x8xhMMDD5xPAGla+TmX6D2wdvSNgRkYVrbsYljBupzHNv9NSai4tKQGujmo
0mkxnGXRaTvtLz/Ttht6DPjD1zQ61OMGWeqqyF8J9dse3v7AjxQPYWohgpF2IXVR
gqcQgnQ+MnvyGwYm7Ke4n2iEYFC9tktTh+cmGVI8J3jhgyYF5RheZ9GEblXGyx/u
bonWWz0tDmo0iimz5+ntwwn1azedp3x4ekayU7korjl86Cr+tWJM
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:47:43 2025 by rpki-client