Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35382e302f32342d3234203d3e203231383539.roa
File: 38352e3135382e35382e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: u+tIvt3hkzhnd9FJW7euJAjEzdcxSlhcTL2U5xVWbM4=
Subject key identifier: F8:F8:59:97:AB:66:81:11:04:1C:2E:0B:E1:1C:6F:F1:4F:E4:6B:CB
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 3F39F419704CA1C3223A8B6ACE4AF50E933532E0
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35382e302f32342d3234203d3e203231383539.roa
Signing time: Wed 31 Jan 2024 10:45:44 +0000
ROA not before: Wed 31 Jan 2024 10:40:44 +0000
ROA not after: Wed 29 Jan 2025 10:45:44 +0000
asID: 21859
IP address blocks: 85.158.58.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:39:f4:19:70:4c:a1:c3:22:3a:8b:6a:ce:4a:f5:0e:93:35:32:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Jan 31 10:40:44 2024 GMT
Not After : Jan 29 10:45:44 2025 GMT
Subject: CN=F8F85997AB668111041C2E0BE11C6FF14FE46BCB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:35:e5:76:30:f9:e7:bb:83:9f:24:e1:53:5f:
42:e0:4d:8f:ba:f1:8a:3f:3f:2e:9e:7c:5f:cd:9d:
fe:67:46:20:d9:da:6d:55:1c:c9:8b:d2:2f:8f:64:
e2:48:e1:0b:85:f7:c9:97:d8:4c:bc:7f:86:5c:be:
a2:19:71:2a:62:3a:67:0c:0d:55:c6:af:7c:63:e8:
30:b9:23:73:82:a2:2f:d6:cd:b0:29:e4:d3:23:58:
fc:5f:53:f8:71:cb:53:bd:51:69:61:ee:f5:01:fc:
1e:a0:49:62:71:58:f6:42:1a:c4:12:88:9c:5e:a1:
a4:df:38:99:c2:65:c6:00:59:99:14:11:a3:e3:f2:
21:c0:18:69:70:8f:ee:1d:0a:50:56:fa:4a:92:42:
e5:0a:7d:38:bc:b3:e1:a3:9a:f8:16:c4:60:f2:d4:
7b:1a:47:e5:01:9b:11:f0:8a:78:05:6d:a2:ad:65:
d7:19:c5:c7:6f:42:ca:51:9a:9a:64:30:4b:d4:8b:
5b:a3:20:92:14:61:b8:39:a7:04:61:60:34:88:3a:
54:52:36:e8:a7:2c:f7:70:7b:88:4f:d0:b7:e7:48:
1a:3e:4b:64:fc:ed:b5:ff:a9:73:02:c2:9e:44:7d:
a5:1f:5a:7d:6d:ea:62:1f:13:95:d7:8c:d2:81:00:
24:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:F8:59:97:AB:66:81:11:04:1C:2E:0B:E1:1C:6F:F1:4F:E4:6B:CB
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35382e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.58.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:bd:da:50:b4:53:39:36:fc:c1:8a:54:44:3b:b2:fe:57:d2:
32:8b:c2:b8:ff:db:5c:07:31:31:00:05:b2:bf:4c:85:93:f6:
41:4b:d6:13:51:57:67:13:a2:87:8a:26:50:8b:32:97:71:73:
48:0f:d7:22:79:53:b1:74:7d:7e:38:31:07:14:80:f6:d2:d7:
60:c5:a2:5b:82:36:7f:34:53:29:68:b3:ac:6c:a7:69:56:3c:
33:54:c1:a2:15:47:50:74:94:14:07:72:89:a0:f6:de:84:d4:
0c:99:97:21:9e:c3:3b:39:ca:72:b2:47:d3:2b:b4:95:8a:69:
65:44:6f:ef:ea:aa:c1:13:0e:b5:ad:82:39:2a:35:53:15:fd:
b0:af:92:fe:ea:1c:0e:a6:5e:0f:09:8d:9f:01:7d:37:21:1e:
99:aa:cf:4e:10:c8:ae:e7:9b:25:ab:2c:92:e7:c0:f6:58:45:
7d:3c:59:23:0f:14:7c:d4:10:c3:8d:55:97:54:b9:b0:67:8b:
a7:97:6f:47:29:e2:87:4d:26:c6:8b:6a:93:9f:3a:f2:fd:92:
97:23:9b:2f:3e:e7:34:76:57:dd:e2:41:1a:c5:39:c0:32:28:
4f:4e:b0:99:56:7f:bb:17:30:f4:9d:bf:b7:b2:5d:df:bf:00:
53:bc:d4:3d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUPzn0GXBMocMiOotqzkr1DpM1MuAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDAxMzExMDQwNDRaFw0yNTAxMjkxMDQ1NDRaMDMxMTAvBgNV
BAMTKEY4Rjg1OTk3QUI2NjgxMTEwNDFDMkUwQkUxMUM2RkYxNEZFNDZCQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/NeV2MPnnu4OfJOFTX0LgTY+6
8Yo/Py6efF/Nnf5nRiDZ2m1VHMmL0i+PZOJI4QuF98mX2Ey8f4ZcvqIZcSpiOmcM
DVXGr3xj6DC5I3OCoi/WzbAp5NMjWPxfU/hxy1O9UWlh7vUB/B6gSWJxWPZCGsQS
iJxeoaTfOJnCZcYAWZkUEaPj8iHAGGlwj+4dClBW+kqSQuUKfTi8s+GjmvgWxGDy
1HsaR+UBmxHwingFbaKtZdcZxcdvQspRmppkMEvUi1ujIJIUYbg5pwRhYDSIOlRS
NuinLPdwe4hP0LfnSBo+S2T87bX/qXMCwp5EfaUfWn1t6mIfE5XXjNKBACTDAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU+PhZl6tmgREEHC4L4Rxv8U/ka8swHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzEzNTM4MmUzNTM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM4MzUzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFWe
OjANBgkqhkiG9w0BAQsFAAOCAQEAjL3aULRTOTb8wYpURDuy/lfSMovCuP/bXAcx
MQAFsr9MhZP2QUvWE1FXZxOih4omUIsyl3FzSA/XInlTsXR9fjgxBxSA9tLXYMWi
W4I2fzRTKWizrGynaVY8M1TBohVHUHSUFAdyiaD23oTUDJmXIZ7DOznKcrJH0yu0
lYppZURv7+qqwRMOta2COSo1UxX9sK+S/uocDqZeDwmNnwF9NyEemarPThDIrueb
JasskufA9lhFfTxZIw8UfNQQw41Vl1S5sGeLp5dvRynih00mxotqk5868v2SlyOb
Lz7nNHZX3eJBGsU5wDIoT06wmVZ/uxcw9J2/t7Jd378AU7zUPQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:04:26 2025 by rpki-client