Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32372e302f32342d3234203d3e20323135363439.roa
File: 38322e3131382e32372e302f32342d3234203d3e20323135363439.roa (raw, json)
Hash identifier: WD645Ew0s4IpG6uUPGglWKQEZkvnj+LJVHT74wtE83U=
Subject key identifier: 39:BD:B4:BF:9C:16:94:35:5A:03:2E:6B:49:9D:59:DD:00:AA:AD:B8
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 12324BEB29E28395F38C64C94566D9362634A159
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32372e302f32342d3234203d3e20323135363439.roa
Signing time: Fri 02 Feb 2024 14:42:30 +0000
ROA not before: Fri 02 Feb 2024 14:37:30 +0000
ROA not after: Fri 31 Jan 2025 14:42:30 +0000
asID: 215649
IP address blocks: 82.118.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:32:4b:eb:29:e2:83:95:f3:8c:64:c9:45:66:d9:36:26:34:a1:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Feb 2 14:37:30 2024 GMT
Not After : Jan 31 14:42:30 2025 GMT
Subject: CN=39BDB4BF9C1694355A032E6B499D59DD00AAADB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c2:19:34:bc:e8:d8:ba:ec:87:cb:d6:f6:b9:
22:8c:70:00:37:94:fd:a5:20:f0:8c:c3:7b:97:36:
6c:d8:a1:d9:0e:d7:8a:01:e4:0e:0e:b7:45:69:01:
8b:21:dd:cc:5f:85:18:fd:0e:d7:03:ad:14:7a:30:
a6:d8:26:b8:23:03:3c:30:7d:4d:67:53:06:58:5c:
01:12:f2:c9:89:df:e4:7d:99:35:5c:2f:b4:82:2d:
f0:31:12:8b:8b:a1:2b:bb:cd:6d:e7:dc:5d:dc:7b:
a3:26:22:19:b0:a8:08:ca:cf:d0:f3:2c:fd:33:2e:
1d:2a:3f:2f:9a:aa:a7:c4:51:bb:87:cf:b0:05:69:
7e:10:13:d8:98:60:b8:1a:57:0d:59:70:5d:be:ad:
a2:39:c5:de:d3:5a:46:95:02:90:fb:54:5a:fa:01:
d6:b9:b9:d8:12:17:37:f6:bf:f2:07:7f:ad:63:8b:
56:17:39:a7:af:d0:23:b0:32:5d:58:88:17:34:4d:
a1:97:63:ad:26:dc:fc:98:01:bf:78:9d:ef:66:60:
30:da:0c:b1:83:ac:62:66:09:65:bb:b5:a4:fc:08:
49:6d:34:c0:5c:80:bf:a0:bd:37:b0:1c:6b:2f:c2:
54:2e:21:80:e9:19:c4:c6:fc:8c:51:2e:ae:5a:ef:
15:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:BD:B4:BF:9C:16:94:35:5A:03:2E:6B:49:9D:59:DD:00:AA:AD:B8
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/38322e3131382e32372e302f32342d3234203d3e20323135363439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.27.0/24
Signature Algorithm: sha256WithRSAEncryption
00:8c:ab:fd:3b:5f:88:03:94:33:a5:5f:79:9c:b4:1d:98:b4:
59:d1:74:ff:51:d3:b9:11:af:ca:66:42:e5:3a:57:ed:40:eb:
08:77:86:ff:74:5c:a9:0e:44:2b:48:84:79:ad:23:cf:2e:38:
3c:59:ca:53:cb:9f:25:be:2f:97:8e:20:e1:0e:7c:5d:f4:e0:
81:73:a9:15:eb:9b:03:9b:44:9f:d4:32:55:8c:34:08:22:50:
9d:2c:25:5d:4d:85:26:48:f6:86:8f:68:84:95:ae:6b:78:9b:
55:bf:a3:12:77:22:a2:7d:ab:8d:66:26:0a:c0:ff:dc:ee:d7:
86:f3:d8:78:5c:e4:6c:44:b7:ad:81:ad:7f:7a:f9:c5:dd:3d:
a9:b7:80:42:38:9a:90:dd:5c:ab:60:f2:2e:c5:ae:cf:77:6f:
b3:9d:10:49:02:c0:4e:50:e2:8b:fd:6c:0b:48:29:bf:11:6c:
8d:93:dc:da:9a:5e:4b:aa:f6:f7:50:e4:de:10:0d:7d:e9:d4:
74:3b:50:35:8a:f3:be:81:de:7f:e0:36:e6:05:5f:84:a1:51:
1a:ae:b7:39:95:39:fa:12:eb:59:2b:28:91:1e:74:c6:c4:de:
eb:8d:e9:14:9d:51:64:c1:02:7e:4a:c6:51:d3:e3:6e:3b:12:
36:d8:e3:9e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEjJL6ynig5XzjGTJRWbZNiY0oVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNDAyMDIxNDM3MzBaFw0yNTAxMzExNDQyMzBaMDMxMTAvBgNV
BAMTKDM5QkRCNEJGOUMxNjk0MzU1QTAzMkU2QjQ5OUQ1OUREMDBBQUFEQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1whk0vOjYuuyHy9b2uSKMcAA3
lP2lIPCMw3uXNmzYodkO14oB5A4Ot0VpAYsh3cxfhRj9DtcDrRR6MKbYJrgjAzww
fU1nUwZYXAES8smJ3+R9mTVcL7SCLfAxEouLoSu7zW3n3F3ce6MmIhmwqAjKz9Dz
LP0zLh0qPy+aqqfEUbuHz7AFaX4QE9iYYLgaVw1ZcF2+raI5xd7TWkaVApD7VFr6
Ada5udgSFzf2v/IHf61ji1YXOaev0COwMl1YiBc0TaGXY60m3PyYAb94ne9mYDDa
DLGDrGJmCWW7taT8CEltNMBcgL+gvTewHGsvwlQuIYDpGcTG/IxRLq5a7xW3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOb20v5wWlDVaAy5rSZ1Z3QCqrbgwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzgzMjJlMzEzMTM4MmUzMjM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzYzNDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
UnYbMA0GCSqGSIb3DQEBCwUAA4IBAQAAjKv9O1+IA5QzpV95nLQdmLRZ0XT/UdO5
Ea/KZkLlOlftQOsId4b/dFypDkQrSIR5rSPPLjg8WcpTy58lvi+XjiDhDnxd9OCB
c6kV65sDm0Sf1DJVjDQIIlCdLCVdTYUmSPaGj2iEla5reJtVv6MSdyKifauNZiYK
wP/c7teG89h4XORsRLetga1/evnF3T2pt4BCOJqQ3VyrYPIuxa7Pd2+znRBJAsBO
UOKL/WwLSCm/EWyNk9zaml5Lqvb3UOTeEA196dR0O1A1ivO+gd5/4DbmBV+EoVEa
rrc5lTn6EutZKyiRHnTGxN7rjekUnVFkwQJ+SsZR0+NuOxI22OOe
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:50:49 2025 by rpki-client