Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138382e302f32342d3234203d3e20313339363630.roa
File: 3138352e3131312e3138382e302f32342d3234203d3e20313339363630.roa (raw, json)
Hash identifier: x1xd7pZ8wAwjU4Zuu4/RSFhiLP6HLo30H+FeF1pfydE=
Subject key identifier: CA:BF:42:AD:62:0E:21:1F:19:8D:A3:D1:61:43:D4:AF:5A:B2:2A:D0
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 54F60294C31C265B040321FABB7F326263E47FBE
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138382e302f32342d3234203d3e20313339363630.roa
Signing time: Fri 10 Mar 2023 08:50:09 +0000
ROA not before: Fri 10 Mar 2023 08:45:09 +0000
ROA not after: Fri 08 Mar 2024 08:50:09 +0000
asID: 139660
IP address blocks: 185.111.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:f6:02:94:c3:1c:26:5b:04:03:21:fa:bb:7f:32:62:63:e4:7f:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Mar 10 08:45:09 2023 GMT
Not After : Mar 8 08:50:09 2024 GMT
Subject: CN=CABF42AD620E211F198DA3D16143D4AF5AB22AD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:54:7a:0b:57:6b:db:4d:48:e9:a7:7b:1e:4a:
0a:39:3f:ea:40:76:5a:7e:ef:47:5c:4a:55:ff:17:
c5:52:54:f2:9e:14:69:29:26:d5:69:de:b7:49:b0:
da:41:3f:7a:63:3e:6d:f7:03:c3:1c:90:a2:03:78:
dc:47:50:ab:2b:5a:38:ea:8f:12:20:31:78:f3:7d:
a6:63:a6:40:68:52:c4:c0:d9:0c:7c:cb:c2:ad:7a:
8c:18:b9:1b:27:08:64:01:e9:82:96:99:9e:c5:82:
23:cc:17:28:0e:36:69:39:fa:6e:29:91:23:56:75:
58:72:20:15:a9:58:52:2a:a9:55:94:b9:be:f1:2d:
29:ac:1c:0b:c1:1a:58:cd:15:71:4c:f7:bf:a9:b5:
5b:46:ec:5b:d7:24:7a:d5:c4:35:d4:a3:c2:95:30:
61:a4:d5:23:0b:69:66:df:92:0b:96:e7:e2:9f:c3:
a9:da:74:7f:4a:ee:20:35:78:21:3a:6b:10:53:95:
0a:0b:56:bc:fe:3c:52:1d:6b:4f:9c:c9:f5:a8:6a:
27:db:6c:f9:fd:57:be:ee:4f:5b:ac:a6:15:6e:ee:
bc:4d:8f:56:9d:5a:34:ce:11:68:10:e7:0b:74:0b:
a4:02:9d:df:5a:81:86:fd:8e:fd:54:4f:51:8c:f5:
50:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:BF:42:AD:62:0E:21:1F:19:8D:A3:D1:61:43:D4:AF:5A:B2:2A:D0
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3131312e3138382e302f32342d3234203d3e20313339363630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.188.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:df:59:4b:8f:86:f6:7f:35:4b:64:d0:ec:dd:d2:c3:80:1c:
d9:5d:dd:9a:2a:11:21:ba:c5:fe:4c:6e:7b:27:b1:55:ff:60:
8d:dc:ad:32:7e:79:0e:72:d5:f6:97:9f:ba:5c:8d:70:cb:4c:
a5:b3:d0:e8:ef:89:dc:49:f0:8a:32:be:57:cc:e9:7a:8c:af:
85:72:08:84:0b:af:79:ff:68:5c:e2:f0:79:88:37:08:cd:45:
b1:c7:b9:e1:f7:63:3b:11:63:da:8a:78:18:bf:8f:9f:37:02:
1f:10:41:b6:5b:7f:ec:29:78:b7:b6:ba:06:3b:22:85:79:54:
77:16:fc:ff:74:1f:ea:44:14:9b:de:03:01:3e:2f:ea:a2:73:
55:a3:9e:03:02:21:f1:fc:b9:bf:86:45:02:ae:49:d3:51:2a:
61:e7:7f:bb:b1:dd:96:f8:54:0c:a2:95:70:fd:12:98:59:1f:
f5:bd:74:a4:1f:c0:b3:f2:c0:65:e4:a7:da:0f:3b:75:34:8b:
7a:95:c7:58:6b:55:05:fd:0f:d0:a6:ab:22:6f:a1:6f:e4:d4:
ee:31:38:46:2f:8a:4d:64:f9:49:2b:80:41:f1:7d:fe:a6:44:
fb:8a:d6:f9:20:03:7a:ec:29:1a:ec:09:5a:ed:2d:64:a7:34:
7f:d5:6d:1b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUVPYClMMcJlsEAyH6u38yYmPkf74wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzAzMTAwODQ1MDlaFw0yNDAzMDgwODUwMDlaMDMxMTAvBgNV
BAMTKENBQkY0MkFENjIwRTIxMUYxOThEQTNEMTYxNDNENEFGNUFCMjJBRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYVHoLV2vbTUjpp3seSgo5P+pA
dlp+70dcSlX/F8VSVPKeFGkpJtVp3rdJsNpBP3pjPm33A8MckKIDeNxHUKsrWjjq
jxIgMXjzfaZjpkBoUsTA2Qx8y8KteowYuRsnCGQB6YKWmZ7FgiPMFygONmk5+m4p
kSNWdVhyIBWpWFIqqVWUub7xLSmsHAvBGljNFXFM97+ptVtG7FvXJHrVxDXUo8KV
MGGk1SMLaWbfkguW5+Kfw6nadH9K7iA1eCE6axBTlQoLVrz+PFIda0+cyfWoaifb
bPn9V77uT1usphVu7rxNj1adWjTOEWgQ5wt0C6QCnd9agYb9jv1UT1GM9VA9AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUyr9CrWIOIR8ZjaPRYUPUr1qyKtAwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMTMxMzEyZTMx
MzgzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzOTM2MzYzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALlvvDANBgkqhkiG9w0BAQsFAAOCAQEAT99ZS4+G9n81S2TQ7N3Sw4Ac2V3d
mioRIbrF/kxueyexVf9gjdytMn55DnLV9pefulyNcMtMpbPQ6O+J3EnwijK+V8zp
eoyvhXIIhAuvef9oXOLweYg3CM1Fsce54fdjOxFj2op4GL+PnzcCHxBBtlt/7Cl4
t7a6BjsihXlUdxb8/3Qf6kQUm94DAT4v6qJzVaOeAwIh8fy5v4ZFAq5J01EqYed/
u7HdlvhUDKKVcP0SmFkf9b10pB/As/LAZeSn2g87dTSLepXHWGtVBf0P0KarIm+h
b+TU7jE4Ri+KTWT5SSuAQfF9/qZE+4rW+SADeuwpGuwJWu0tZKc0f9VtGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:19 2024 by rpki-client on console-fra.rpki-client.org