Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36302e302f32342d3234203d3e2033333230.roa
File: 3138352e3133302e36302e302f32342d3234203d3e2033333230.roa (raw, json)
Hash identifier: zR+gLRTZNOCcmmdxPo5IQSaTvchHaTa1ve5Oz8w02ac=
Subject key identifier: 49:3F:43:F5:AC:8D:80:F6:16:B0:2E:2F:E2:F5:E6:7D:CC:00:C3:A4
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 6A90F8769554D3A493D94EF470A7DDF4AC050986
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36302e302f32342d3234203d3e2033333230.roa
Signing time: Fri 20 Jan 2023 23:23:53 +0000
ROA not before: Fri 20 Jan 2023 23:18:53 +0000
ROA not after: Fri 19 Jan 2024 23:23:53 +0000
asID: 3320
IP address blocks: 185.130.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:90:f8:76:95:54:d3:a4:93:d9:4e:f4:70:a7:dd:f4:ac:05:09:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Jan 20 23:18:53 2023 GMT
Not After : Jan 19 23:23:53 2024 GMT
Subject: CN=493F43F5AC8D80F616B02E2FE2F5E67DCC00C3A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f6:2e:49:e5:84:0c:c7:cb:ae:47:cb:aa:4c:
7d:06:45:b0:34:e6:f6:36:27:17:6a:be:fa:09:eb:
6d:3f:b7:f8:96:86:ca:b5:53:53:90:e6:09:98:14:
da:e9:3d:f5:53:ff:44:f7:ed:de:4e:a4:a7:17:22:
5b:74:bb:e5:12:23:f0:3f:c7:ea:d1:fc:e0:46:84:
0b:43:cd:b8:21:5f:5c:0f:6d:42:6e:f9:8c:04:04:
0d:d3:87:13:db:9d:fa:c3:52:9a:96:a3:93:24:cb:
86:af:ec:9b:e5:66:4c:22:fd:cc:19:73:02:50:a5:
6a:11:58:97:cb:57:9f:b7:33:83:7b:72:1b:6d:9b:
4b:29:c6:cc:17:da:73:e1:8c:e9:96:16:59:93:da:
41:4b:36:e8:c3:0c:9d:a6:22:e0:7b:0b:52:af:1a:
0b:9d:ae:72:78:7e:9a:82:73:cf:5a:34:5f:46:d6:
74:65:f4:74:0f:48:fb:79:14:18:a9:63:cf:9f:7d:
06:22:60:3c:76:db:4f:6f:17:59:54:9f:1f:c1:d3:
75:bd:78:52:89:54:0a:c6:a8:b5:e1:6e:67:82:3a:
71:7d:97:e8:ec:a3:c7:d6:dc:72:59:a0:a2:ab:7d:
af:b6:c3:b3:c2:d6:8d:ed:cb:7e:fc:9d:c7:cd:65:
50:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:3F:43:F5:AC:8D:80:F6:16:B0:2E:2F:E2:F5:E6:7D:CC:00:C3:A4
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3133302e36302e302f32342d3234203d3e2033333230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.60.0/24
Signature Algorithm: sha256WithRSAEncryption
92:67:2d:ca:be:89:28:6d:ca:a7:01:28:7d:f6:21:5e:9a:95:
c0:3b:3f:8b:37:b0:fe:d5:b4:b4:93:19:5f:49:73:d5:61:77:
62:5f:6c:bd:b0:20:48:8a:86:f3:90:a4:00:8f:08:49:d8:c8:
d5:41:0a:5b:fc:05:e9:f9:c7:99:d6:7f:0b:aa:a4:13:9a:a9:
8b:3a:6a:e9:1a:45:aa:bd:6e:62:7f:47:32:63:e7:03:ef:ec:
53:5d:df:68:6f:5f:9b:ab:df:60:a4:c9:86:17:4c:fb:19:07:
8e:37:91:fe:e4:ec:97:85:5b:89:7c:68:9e:8f:bb:1f:f2:11:
1f:3d:fd:03:ae:37:5a:a2:68:5d:86:29:91:65:07:b9:70:36:
0f:de:6b:5b:e1:df:d2:2f:78:aa:04:a8:98:ad:20:bd:33:2f:
9d:f3:f8:b4:ca:63:cc:9d:96:f3:49:be:0f:64:24:c3:c5:2e:
b3:0a:c6:f6:b4:92:0c:79:f0:64:d3:c8:bc:7c:f1:d6:0f:43:
0f:ca:48:6c:64:44:8f:b5:79:c6:d0:37:65:74:1e:e4:12:75:
24:56:57:7b:2a:82:2d:21:7c:6b:32:e0:75:e6:35:ee:fb:c5:
1e:d3:62:69:e8:ac:34:b6:3c:3b:01:45:23:c9:00:23:c6:fa:
79:71:b9:01
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUapD4dpVU06ST2U70cKfd9KwFCYYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzAxMjAyMzE4NTNaFw0yNDAxMTkyMzIzNTNaMDMxMTAvBgNV
BAMTKDQ5M0Y0M0Y1QUM4RDgwRjYxNkIwMkUyRkUyRjVFNjdEQ0MwMEMzQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs9i5J5YQMx8uuR8uqTH0GRbA0
5vY2JxdqvvoJ620/t/iWhsq1U1OQ5gmYFNrpPfVT/0T37d5OpKcXIlt0u+USI/A/
x+rR/OBGhAtDzbghX1wPbUJu+YwEBA3ThxPbnfrDUpqWo5Mky4av7JvlZkwi/cwZ
cwJQpWoRWJfLV5+3M4N7chttm0spxswX2nPhjOmWFlmT2kFLNujDDJ2mIuB7C1Kv
GgudrnJ4fpqCc89aNF9G1nRl9HQPSPt5FBipY8+ffQYiYDx2209vF1lUnx/B03W9
eFKJVArGqLXhbmeCOnF9l+jso8fW3HJZoKKrfa+2w7PC1o3ty378ncfNZVBXAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUST9D9ayNgPYWsC4v4vXmfcwAw6QwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMTMzMzAyZTM2
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMzMzIzMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmC
PDANBgkqhkiG9w0BAQsFAAOCAQEAkmctyr6JKG3KpwEoffYhXpqVwDs/izew/tW0
tJMZX0lz1WF3Yl9svbAgSIqG85CkAI8ISdjI1UEKW/wF6fnHmdZ/C6qkE5qpizpq
6RpFqr1uYn9HMmPnA+/sU13faG9fm6vfYKTJhhdM+xkHjjeR/uTsl4VbiXxono+7
H/IRHz39A643WqJoXYYpkWUHuXA2D95rW+Hf0i94qgSomK0gvTMvnfP4tMpjzJ2W
80m+D2Qkw8UuswrG9rSSDHnwZNPIvHzx1g9DD8pIbGREj7V5xtA3ZXQe5BJ1JFZX
eyqCLSF8azLgdeY17vvFHtNiaeisNLY8OwFFI8kAI8b6eXG5AQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:19 2024 by rpki-client on console-fra.rpki-client.org