Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137332e302f32342d3234203d3e20383334.roa
File: 3138352e3137322e3137332e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: hY1sXiSEpCoHGdtoyPx4vSVGoVu5vEPJObMW2leFDOc=
Subject key identifier: 68:93:61:B7:53:26:6B:E8:ED:61:5F:32:EA:44:AD:61:E3:9D:E7:FD
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 6735C006D03626E2C9C1F6D78B8B3136AF676823
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137332e302f32342d3234203d3e20383334.roa
Signing time: Tue 16 May 2023 06:00:06 +0000
ROA not before: Tue 16 May 2023 05:55:06 +0000
ROA not after: Tue 14 May 2024 06:00:06 +0000
asID: 834
IP address blocks: 185.172.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:35:c0:06:d0:36:26:e2:c9:c1:f6:d7:8b:8b:31:36:af:67:68:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: May 16 05:55:06 2023 GMT
Not After : May 14 06:00:06 2024 GMT
Subject: CN=689361B753266BE8ED615F32EA44AD61E39DE7FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:dd:31:58:09:f5:16:8f:3a:9b:d3:54:11:75:
4a:61:d0:87:73:d9:3d:82:c7:0f:f5:e9:0d:5e:f6:
fe:ab:27:8f:c8:ac:75:31:2b:bb:da:98:b0:e8:ca:
0f:df:19:be:55:d2:8f:8c:07:78:3a:2c:41:73:cb:
43:bb:b6:40:d4:3a:c2:8e:6a:6e:ee:f7:1d:a7:5b:
60:35:2f:f4:0b:30:66:23:fc:71:b8:25:6a:3f:4f:
b8:27:05:77:1c:32:40:c1:17:2c:9c:63:a3:84:35:
bf:0e:c0:82:f7:09:3d:08:bb:f5:35:51:cc:58:06:
b7:96:c6:86:95:e7:33:21:8d:14:20:26:20:42:2a:
f6:63:dd:a6:0e:7c:1e:ad:42:c3:de:f4:e9:0c:2f:
5d:c3:d7:60:65:dd:f3:38:f4:26:78:99:a0:cc:b7:
93:5c:c6:df:70:44:68:99:44:51:5c:ed:ab:b0:43:
04:c1:b1:12:41:e1:90:eb:35:ab:b1:ca:83:63:5b:
ac:81:53:a6:1f:e8:1b:9d:cf:d8:71:6f:97:1e:da:
86:b9:e1:6f:50:12:68:b6:a2:22:f2:04:33:d6:de:
35:0f:e9:87:83:55:e1:d0:e5:34:3e:dc:12:01:c0:
dc:60:02:ff:a8:39:8b:46:fa:2c:c3:e4:78:d3:f2:
76:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:93:61:B7:53:26:6B:E8:ED:61:5F:32:EA:44:AD:61:E3:9D:E7:FD
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3138352e3137322e3137332e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.173.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:b9:86:80:b5:84:1e:fe:27:45:0a:af:3c:e7:47:16:03:ef:
f3:4d:84:ee:e8:b4:a4:e1:12:d7:4a:dd:25:a4:ca:df:8d:36:
86:22:a4:3c:c2:ed:04:1f:ff:0f:58:0f:8c:e5:1d:16:ef:e2:
f3:54:f1:4b:9f:5a:f1:1f:aa:5f:ac:51:32:b4:59:be:c5:42:
76:e7:73:9a:a7:52:67:4c:05:e5:28:64:4d:56:42:8b:0a:45:
ad:08:2e:62:1c:cb:14:99:c2:c2:d4:eb:94:3f:c7:09:67:03:
7e:86:6e:63:64:7c:93:65:9f:ef:88:7a:2a:db:d9:b3:ab:ea:
2c:88:53:8a:02:7a:80:fd:21:59:3f:42:e3:36:c9:07:2f:33:
9d:c7:18:a1:0b:0c:27:26:0c:51:5b:71:fb:36:fd:58:cf:45:
c2:03:1d:22:a5:0d:69:a3:85:5d:5f:dc:a9:a4:9e:5f:db:11:
79:9f:cb:29:f4:1c:e8:eb:6f:29:7b:d1:b4:95:c2:3c:0e:80:
ea:fb:a8:02:2f:0c:94:41:b1:cc:74:4f:7a:b6:31:a8:95:c5:
1d:22:47:94:40:f1:7c:c6:9b:21:10:c2:e7:20:a9:d8:41:d7:
70:8e:f4:34:65:47:fa:10:1f:ce:08:07:cd:2d:40:a4:4e:f3:
3a:d5:81:74
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUZzXABtA2JuLJwfbXi4sxNq9naCMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA1MTYwNTU1MDZaFw0yNDA1MTQwNjAwMDZaMDMxMTAvBgNV
BAMTKDY4OTM2MUI3NTMyNjZCRThFRDYxNUYzMkVBNDRBRDYxRTM5REU3RkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ3TFYCfUWjzqb01QRdUph0Idz
2T2Cxw/16Q1e9v6rJ4/IrHUxK7vamLDoyg/fGb5V0o+MB3g6LEFzy0O7tkDUOsKO
am7u9x2nW2A1L/QLMGYj/HG4JWo/T7gnBXccMkDBFyycY6OENb8OwIL3CT0Iu/U1
UcxYBreWxoaV5zMhjRQgJiBCKvZj3aYOfB6tQsPe9OkML13D12Bl3fM49CZ4maDM
t5Ncxt9wRGiZRFFc7auwQwTBsRJB4ZDrNauxyoNjW6yBU6Yf6Budz9hxb5ce2oa5
4W9QEmi2oiLyBDPW3jUP6YeDVeHQ5TQ+3BIBwNxgAv+oOYtG+izD5HjT8nZ/AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUaJNht1Mma+jtYV8y6kStYeOd5/0wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzODM1MmUzMTM3MzIyZTMx
MzczMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALms
rTANBgkqhkiG9w0BAQsFAAOCAQEAxrmGgLWEHv4nRQqvPOdHFgPv802E7ui0pOES
10rdJaTK3402hiKkPMLtBB//D1gPjOUdFu/i81TxS59a8R+qX6xRMrRZvsVCdudz
mqdSZ0wF5ShkTVZCiwpFrQguYhzLFJnCwtTrlD/HCWcDfoZuY2R8k2Wf74h6KtvZ
s6vqLIhTigJ6gP0hWT9C4zbJBy8znccYoQsMJyYMUVtx+zb9WM9FwgMdIqUNaaOF
XV/cqaSeX9sReZ/LKfQc6OtvKXvRtJXCPA6A6vuoAi8MlEGxzHRPerYxqJXFHSJH
lEDxfMabIRDC5yCp2EHXcI70NGVH+hAfzggHzS1ApE7zOtWBdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org