Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138382e302f32332d3234203d3e20383334.roa
File: 3130392e3131302e3138382e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: OrRSotO33vI17Vw4loQ0/TGzWedVN0jAGNuTclrLdvk=
Subject key identifier: 47:50:DB:FD:B2:50:62:8E:E9:B5:D3:AF:A6:AC:44:65:C2:C7:D6:75
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 017CD12A6A47C305B48E2B77BFA24465441B49CE
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138382e302f32332d3234203d3e20383334.roa
Signing time: Tue 13 Feb 2024 01:57:53 +0000
ROA not before: Tue 13 Feb 2024 01:52:53 +0000
ROA not after: Tue 11 Feb 2025 01:57:53 +0000
asID: 834
IP address blocks: 109.110.188.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:7c:d1:2a:6a:47:c3:05:b4:8e:2b:77:bf:a2:44:65:44:1b:49:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Feb 13 01:52:53 2024 GMT
Not After : Feb 11 01:57:53 2025 GMT
Subject: CN=4750DBFDB250628EE9B5D3AFA6AC4465C2C7D675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:5c:76:41:4f:dc:ae:34:19:b6:7a:85:4c:95:
03:74:ef:dd:81:fc:68:30:7f:ca:4c:99:10:26:e8:
cc:26:fa:47:38:57:ea:b9:d6:5e:c3:a5:de:3d:88:
6c:c8:ec:1d:fd:01:0a:62:11:c5:7b:fe:2a:f5:52:
14:aa:af:58:82:64:cb:d7:4a:ef:28:03:ca:c7:13:
fe:5c:d1:d4:b3:be:f9:d8:74:71:c7:76:c3:64:dd:
24:8d:0f:85:0b:5f:31:92:5f:e8:b4:49:16:10:1f:
96:fb:82:0b:d4:c7:80:53:93:05:69:84:ff:85:70:
87:c5:84:6e:9d:6e:a2:24:c9:8a:90:65:dc:92:d9:
e3:06:cb:e1:d3:bf:21:e0:c5:53:9f:86:8c:34:bb:
7c:fa:e3:8f:df:42:e5:78:e0:f0:5f:87:fb:f3:66:
d7:5a:d1:06:28:80:f7:0f:64:1d:e9:7b:0a:ae:27:
52:92:dc:91:d0:eb:97:41:12:c6:1a:ce:33:2d:5a:
af:88:68:fc:81:45:e8:f5:4c:e1:db:e6:c1:26:7e:
48:4a:64:a6:ba:84:da:e1:6a:5b:83:00:33:b5:3a:
3b:08:73:50:28:dd:39:dc:33:a9:5e:1d:db:d8:72:
8f:a5:78:ab:f3:04:38:9e:0d:77:6e:b7:c7:14:33:
8e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:50:DB:FD:B2:50:62:8E:E9:B5:D3:AF:A6:AC:44:65:C2:C7:D6:75
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3130392e3131302e3138382e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.110.188.0/23
Signature Algorithm: sha256WithRSAEncryption
02:7c:57:2c:8b:9d:f3:08:9d:4c:b7:d8:db:52:c0:50:59:52:
80:e1:4b:11:c1:91:f5:55:74:a5:b3:81:4c:04:4c:fd:40:71:
f2:69:7e:8c:85:da:5f:06:f0:84:c9:1a:6f:9b:74:c7:b6:ea:
75:b9:9b:e9:74:8d:d0:34:91:45:7d:a1:4a:66:9c:57:33:48:
ba:1c:cb:fb:a1:f6:96:de:51:51:c8:b6:60:50:88:0c:dc:5d:
53:00:75:e9:30:51:51:a7:3e:11:6d:3c:95:fa:1f:f4:62:14:
ad:34:40:41:cd:c8:2f:8d:32:5d:ba:bc:02:49:c6:56:b8:ff:
70:e9:61:94:6c:34:5c:ec:57:f7:d4:40:91:2c:1a:8e:69:b0:
f4:4a:c6:fc:01:c2:9a:36:8e:e8:b8:be:66:b0:81:04:03:61:
59:1e:10:2a:4f:2b:a9:f3:25:1d:0f:c1:f6:37:d2:a4:2d:51:
ac:b9:f9:cc:e3:8c:eb:35:af:a8:0d:ab:ca:bb:a0:36:42:a5:
bd:72:98:3d:3e:88:60:6f:0b:9b:a2:c1:93:d7:32:05:19:61:
77:2d:85:53:3e:ac:ac:70:9e:33:f3:c4:29:46:57:3a:92:49:
02:f2:d0:6c:cb:a5:e8:b3:57:84:41:b2:15:58:6d:54:b3:db:
3f:31:1b:da
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUAXzRKmpHwwW0jit3v6JEZUQbSc4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNDAyMTMwMTUyNTNaFw0yNTAyMTEwMTU3NTNaMDMxMTAvBgNV
BAMTKDQ3NTBEQkZEQjI1MDYyOEVFOUI1RDNBRkE2QUM0NDY1QzJDN0Q2NzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZXHZBT9yuNBm2eoVMlQN0792B
/Ggwf8pMmRAm6Mwm+kc4V+q51l7Dpd49iGzI7B39AQpiEcV7/ir1UhSqr1iCZMvX
Su8oA8rHE/5c0dSzvvnYdHHHdsNk3SSND4ULXzGSX+i0SRYQH5b7ggvUx4BTkwVp
hP+FcIfFhG6dbqIkyYqQZdyS2eMGy+HTvyHgxVOfhow0u3z644/fQuV44PBfh/vz
Ztda0QYogPcPZB3pewquJ1KS3JHQ65dBEsYazjMtWq+IaPyBRej1TOHb5sEmfkhK
ZKa6hNrhaluDADO1OjsIc1Ao3TncM6leHdvYco+leKvzBDieDXdut8cUM443AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUR1Db/bJQYo7ptdOvpqxEZcLH1nUwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzMDM5MmUzMTMxMzAyZTMx
MzgzODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAW1u
vDANBgkqhkiG9w0BAQsFAAOCAQEAAnxXLIud8widTLfY21LAUFlSgOFLEcGR9VV0
pbOBTARM/UBx8ml+jIXaXwbwhMkab5t0x7bqdbmb6XSN0DSRRX2hSmacVzNIuhzL
+6H2lt5RUci2YFCIDNxdUwB16TBRUac+EW08lfof9GIUrTRAQc3IL40yXbq8AknG
Vrj/cOlhlGw0XOxX99RAkSwajmmw9ErG/AHCmjaO6Li+ZrCBBANhWR4QKk8rqfMl
HQ/B9jfSpC1RrLn5zOOM6zWvqA2ryrugNkKlvXKYPT6IYG8Lm6LBk9cyBRlhdy2F
Uz6srHCeM/PEKUZXOpJJAvLQbMul6LNXhEGyFVhtVLPbPzEb2g==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:24:57 2025 by rpki-client