Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230332e302f32342d3234203d3e203632323430.roa
File: 3138352e3232392e3230332e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: iLaMBG4yQPeCBWz3iAhu3E7naqKuz6YIA+vtE4ZMk8s=
Subject key identifier: 20:BB:3F:84:3A:FC:FA:D7:B0:6D:3E:58:52:37:59:38:6D:D7:D7:13
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 3C6841721EB87DAAC4E266C05BC60DE1AA8D1810
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230332e302f32342d3234203d3e203632323430.roa
Signing time: Tue 03 Jan 2023 16:08:56 +0000
ROA not before: Tue 03 Jan 2023 16:03:56 +0000
ROA not after: Tue 02 Jan 2024 16:08:56 +0000
asID: 62240
IP address blocks: 185.229.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:68:41:72:1e:b8:7d:aa:c4:e2:66:c0:5b:c6:0d:e1:aa:8d:18:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Jan 3 16:03:56 2023 GMT
Not After : Jan 2 16:08:56 2024 GMT
Subject: CN=20BB3F843AFCFAD7B06D3E58523759386DD7D713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:4c:65:fd:bf:a8:61:b0:ff:b2:2a:db:da:84:
f8:93:30:10:9c:ce:1c:a8:b1:17:c9:cf:97:f3:00:
0d:01:6c:30:8b:5a:4d:1b:38:42:0d:ed:f7:41:05:
90:18:30:ec:7b:49:d4:c6:a3:8f:10:da:79:2b:28:
0c:a4:fe:5d:41:f0:23:33:26:2c:d3:37:67:58:25:
a2:ee:87:23:8d:69:50:cc:0d:4b:7e:f0:d3:57:07:
3d:16:63:ed:98:bb:c3:96:ce:59:93:4e:12:3a:15:
a4:c3:76:ec:a3:fe:44:39:50:9c:d3:0d:cc:75:8c:
cc:e1:f3:3d:e1:3b:c3:a6:72:90:a6:c4:d7:06:84:
9c:1f:7d:d0:f5:fd:23:59:37:4e:99:9a:58:02:c9:
14:ca:ac:bf:05:fd:73:af:b6:50:db:5f:e7:b8:77:
57:ef:d7:b9:9b:03:e5:c2:90:b9:48:65:46:c2:03:
55:81:5a:a4:a0:49:9c:eb:66:51:ca:02:48:88:76:
a7:44:49:97:ed:12:92:62:40:7a:81:4b:a3:47:4e:
9e:dc:30:ea:16:43:9d:d8:8a:81:5b:d1:59:e1:d6:
d2:d5:de:d6:19:1c:ae:f7:e0:48:63:72:92:5f:18:
80:97:38:20:c5:ef:61:b8:8c:12:0e:29:a5:f9:85:
76:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:BB:3F:84:3A:FC:FA:D7:B0:6D:3E:58:52:37:59:38:6D:D7:D7:13
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230332e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.203.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:5e:87:ba:38:db:cb:d9:40:7a:4e:47:90:0c:61:0c:0a:d9:
ab:a4:13:5c:b7:b8:f2:68:a8:29:29:4e:5c:24:0e:e5:39:10:
46:40:ce:e5:33:cf:de:31:bd:f2:00:eb:c1:e8:e6:b4:f6:49:
d3:e5:22:26:22:6a:cc:e7:5e:16:99:b4:0c:26:03:cd:c7:d7:
dd:18:80:52:af:1d:ea:d3:06:f2:b9:fa:1a:c1:8a:42:93:54:
58:ce:5b:b0:d2:71:70:18:70:8a:38:ae:64:95:8c:ce:66:a1:
4e:85:43:54:03:6f:52:37:8a:86:01:f4:fb:b4:bb:00:a6:9a:
0c:0a:b4:66:c6:5a:05:ac:1c:73:92:b2:32:73:9d:38:3e:e9:
57:07:71:f8:4b:6b:0e:63:af:03:46:d9:6a:e0:5d:02:54:00:
fe:f6:83:df:84:2e:29:05:15:62:6a:0f:37:8c:c3:28:67:7a:
aa:f5:ae:38:c1:d3:09:19:d3:ae:8e:cb:02:50:da:ad:86:81:
a7:d8:69:30:b8:38:b1:65:8e:be:1a:cd:d1:c4:c2:f7:fa:86:
5c:bb:9b:bb:c1:b0:28:26:24:72:6a:9d:ed:42:08:ba:55:01:
7f:6e:5d:e8:92:49:00:c2:83:53:07:3d:30:07:28:69:60:fb:
a5:4a:a9:da
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPGhBch64farE4mbAW8YN4aqNGBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yMzAxMDMxNjAzNTZaFw0yNDAxMDIxNjA4NTZaMDMxMTAvBgNV
BAMTKDIwQkIzRjg0M0FGQ0ZBRDdCMDZEM0U1ODUyMzc1OTM4NkREN0Q3MTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLTGX9v6hhsP+yKtvahPiTMBCc
zhyosRfJz5fzAA0BbDCLWk0bOEIN7fdBBZAYMOx7SdTGo48Q2nkrKAyk/l1B8CMz
JizTN2dYJaLuhyONaVDMDUt+8NNXBz0WY+2Yu8OWzlmTThI6FaTDduyj/kQ5UJzT
Dcx1jMzh8z3hO8OmcpCmxNcGhJwffdD1/SNZN06ZmlgCyRTKrL8F/XOvtlDbX+e4
d1fv17mbA+XCkLlIZUbCA1WBWqSgSZzrZlHKAkiIdqdESZftEpJiQHqBS6NHTp7c
MOoWQ53YioFb0Vnh1tLV3tYZHK734EhjcpJfGICXOCDF72G4jBIOKaX5hXZRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUILs/hDr8+tewbT5YUjdZOG3X1xMwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMyMzkyZTMy
MzAzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzIzMjM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC55cswDQYJKoZIhvcNAQELBQADggEBAEteh7o428vZQHpOR5AMYQwK2aukE1y3
uPJoqCkpTlwkDuU5EEZAzuUzz94xvfIA68Ho5rT2SdPlIiYiasznXhaZtAwmA83H
190YgFKvHerTBvK5+hrBikKTVFjOW7DScXAYcIo4rmSVjM5moU6FQ1QDb1I3ioYB
9Pu0uwCmmgwKtGbGWgWsHHOSsjJznTg+6VcHcfhLaw5jrwNG2WrgXQJUAP72g9+E
LikFFWJqDzeMwyhneqr1rjjB0wkZ066OywJQ2q2GgafYaTC4OLFljr4azdHEwvf6
hly7m7vBsCgmJHJqne1CCLpVAX9uXeiSSQDCg1MHPTAHKGlg+6VKqdo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:19 2024 by rpki-client on console-fra.rpki-client.org