Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20383334.roa
File: 3138352e3137322e3137322e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: dfvnrd1l9ZJkJm8tWxawSRIxX9JlR4TOafQ+3f7684c=
Subject key identifier: C3:04:42:B0:5E:42:74:DC:F3:4A:03:10:E9:F0:84:EA:82:DB:8C:36
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 1EF28240B805B8396D36E89163CBC11573F916AC
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20383334.roa
Signing time: Fri 10 Nov 2023 08:00:07 +0000
ROA not before: Fri 10 Nov 2023 07:55:07 +0000
ROA not after: Fri 08 Nov 2024 08:00:07 +0000
asID: 834
IP address blocks: 185.172.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:f2:82:40:b8:05:b8:39:6d:36:e8:91:63:cb:c1:15:73:f9:16:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Nov 10 07:55:07 2023 GMT
Not After : Nov 8 08:00:07 2024 GMT
Subject: CN=C30442B05E4274DCF34A0310E9F084EA82DB8C36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:95:20:48:75:24:22:0d:b4:56:b4:18:31:7a:
b2:8f:23:a0:b2:ef:65:b7:0b:66:fc:e8:85:0c:9b:
00:64:8e:2c:dc:fe:fa:77:9f:32:f7:29:d1:77:01:
61:24:d2:99:03:6f:3e:c1:ce:43:ea:c7:e3:a5:21:
d4:0a:c1:20:ee:31:b1:a8:ab:a0:d2:7c:c4:f1:2b:
9d:74:ac:a4:84:7a:8c:8b:c4:0e:97:54:4c:3e:0f:
56:b1:11:6a:8e:9d:15:33:51:95:46:56:58:9d:bd:
d9:43:7f:96:c8:25:23:15:da:3a:3b:cd:bc:f2:b7:
5c:63:b3:12:4b:00:3f:0e:14:53:6b:e9:56:01:80:
e4:62:74:7c:ff:ed:19:49:73:92:cc:45:8d:83:39:
9a:73:76:05:0b:89:95:d8:51:fc:a0:af:f2:05:43:
e8:ae:34:a7:1b:30:72:cd:c4:db:bd:0f:21:43:76:
a4:4d:e2:11:f2:aa:e6:ea:5f:24:72:2a:e1:b1:c9:
6e:ed:cc:e5:bc:42:4a:75:6b:58:7e:6b:f3:cd:1c:
97:22:a8:29:15:21:63:15:95:2f:65:42:1c:67:fb:
6f:b2:f1:ae:9a:6f:59:26:2a:76:fe:9a:d8:f6:bc:
51:db:58:ed:f5:67:68:d1:b9:b3:05:99:a0:64:4f:
e2:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:04:42:B0:5E:42:74:DC:F3:4A:03:10:E9:F0:84:EA:82:DB:8C:36
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137322e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.172.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:61:4d:4f:d6:91:1d:ca:01:29:ed:b0:90:33:39:a3:d5:c5:
35:9c:1a:f0:49:14:52:71:bd:c8:3e:6a:5c:97:6f:04:b7:55:
ce:5a:1c:06:47:d4:11:71:b6:ad:cf:2a:63:a7:43:d2:ef:3c:
bb:7d:5b:ba:7a:1e:08:15:f5:33:0e:99:ed:e3:95:80:07:23:
77:d1:97:a1:6c:2b:72:05:53:d9:e4:35:30:6d:49:b2:bf:5a:
29:bb:88:97:a1:b7:3f:ac:81:76:95:96:46:4a:ae:41:d3:4f:
c6:51:c6:e9:61:fc:80:a4:9b:ed:1e:fd:61:3c:50:ae:d5:a3:
83:60:59:aa:69:8a:6f:48:56:62:d8:59:1f:d7:84:da:7b:b4:
b1:e6:65:c7:92:2c:78:67:7d:27:95:ca:6f:24:ed:a6:48:f2:
22:42:3d:38:60:03:84:1c:4b:fd:a0:80:5a:c1:25:38:95:40:
cf:70:38:ac:10:be:df:0c:e6:0f:98:45:5b:f9:dc:cc:ea:ea:
9e:53:7e:f8:3a:db:c2:8c:dd:3d:5a:ce:ff:91:07:06:d1:cb:
7e:01:ad:74:eb:f0:c6:15:17:f3:b2:d3:8c:a0:8a:18:cc:77:
3b:04:9a:c7:93:ae:89:3a:18:b4:d2:6b:2a:86:82:ab:cb:9b:
88:1a:d1:56
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUHvKCQLgFuDltNuiRY8vBFXP5FqwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzExMTAwNzU1MDdaFw0yNDExMDgwODAwMDdaMDMxMTAvBgNV
BAMTKEMzMDQ0MkIwNUU0Mjc0RENGMzRBMDMxMEU5RjA4NEVBODJEQjhDMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9lSBIdSQiDbRWtBgxerKPI6Cy
72W3C2b86IUMmwBkjizc/vp3nzL3KdF3AWEk0pkDbz7BzkPqx+OlIdQKwSDuMbGo
q6DSfMTxK510rKSEeoyLxA6XVEw+D1axEWqOnRUzUZVGVlidvdlDf5bIJSMV2jo7
zbzyt1xjsxJLAD8OFFNr6VYBgORidHz/7RlJc5LMRY2DOZpzdgULiZXYUfygr/IF
Q+iuNKcbMHLNxNu9DyFDdqRN4hHyqubqXyRyKuGxyW7tzOW8Qkp1a1h+a/PNHJci
qCkVIWMVlS9lQhxn+2+y8a6ab1kmKnb+mtj2vFHbWO31Z2jRubMFmaBkT+KtAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUwwRCsF5CdNzzSgMQ6fCE6oLbjDYwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALms
rDANBgkqhkiG9w0BAQsFAAOCAQEAbWFNT9aRHcoBKe2wkDM5o9XFNZwa8EkUUnG9
yD5qXJdvBLdVzlocBkfUEXG2rc8qY6dD0u88u31bunoeCBX1Mw6Z7eOVgAcjd9GX
oWwrcgVT2eQ1MG1Jsr9aKbuIl6G3P6yBdpWWRkquQdNPxlHG6WH8gKSb7R79YTxQ
rtWjg2BZqmmKb0hWYthZH9eE2nu0seZlx5IseGd9J5XKbyTtpkjyIkI9OGADhBxL
/aCAWsElOJVAz3A4rBC+3wzmD5hFW/nczOrqnlN++DrbwozdPVrO/5EHBtHLfgGt
dOvwxhUX87LTjKCKGMx3OwSax5OuiToYtNJrKoaCq8ubiBrRVg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:33:29 2025 by rpki-client