Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235352e3132382e302f32332d3234203d3e2030.roa
File: 3138352e3235352e3132382e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier: dMqeDVp12UlVaMr/W92OP112P4gCwQiygQJ2Ck6prHc=
Subject key identifier: 8F:6F:E5:3A:DF:29:4B:08:51:FB:BA:C3:85:87:17:2E:7E:5E:FF:C0
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 7064AB9469CBA180AACC4CF4DBF8E761D1530FA9
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235352e3132382e302f32332d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:01 +0000
ROA not before: Mon 27 Mar 2023 08:23:01 +0000
ROA not after: Mon 25 Mar 2024 08:28:01 +0000
asID: 0
IP address blocks: 185.255.128.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:64:ab:94:69:cb:a1:80:aa:cc:4c:f4:db:f8:e7:61:d1:53:0f:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Mar 27 08:23:01 2023 GMT
Not After : Mar 25 08:28:01 2024 GMT
Subject: CN=8F6FE53ADF294B0851FBBAC38587172E7E5EFFC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8d:19:01:a1:59:f1:bb:2b:83:fb:55:3a:d5:
1b:c2:b1:0c:cf:43:e7:cb:20:e8:73:0d:91:51:b2:
6a:03:11:9d:57:3c:24:28:7c:15:4b:94:4b:ab:4a:
12:15:36:40:ee:cf:35:d0:14:c5:66:0c:ac:9d:6a:
88:09:a3:d9:fc:5b:8f:01:32:68:e6:a3:7a:85:77:
37:21:e5:d8:d9:19:7d:3f:54:42:65:a2:87:ef:5d:
24:6f:34:bc:e8:06:66:ec:1f:67:81:db:11:be:36:
fc:e8:7b:b6:fc:05:4d:d1:07:5b:84:6a:2e:d0:13:
7d:59:61:95:d7:bf:73:8d:05:ad:04:41:e9:cc:25:
cb:6a:7c:b8:10:38:8f:5a:e8:06:96:1d:16:9d:44:
1a:5f:3b:5b:a8:fc:d9:fb:3c:02:d6:df:e2:66:6d:
4e:9a:cb:6e:3b:fc:73:53:46:04:cf:0f:42:0d:76:
ef:0e:b2:91:3e:d6:f2:18:9b:bf:6e:4c:01:ce:ef:
40:9a:0a:28:49:31:51:0b:11:45:6b:7c:c1:f4:b5:
2d:27:a5:36:37:1e:ae:56:4a:a7:b4:b8:47:0d:11:
b5:2c:ec:23:1c:b4:a7:72:cf:86:33:87:4e:5d:dd:
82:77:6e:d5:7b:0d:83:c8:13:50:e0:5e:6e:6c:38:
ba:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:6F:E5:3A:DF:29:4B:08:51:FB:BA:C3:85:87:17:2E:7E:5E:FF:C0
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e3235352e3132382e302f32332d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.128.0/23
Signature Algorithm: sha256WithRSAEncryption
95:82:b3:91:58:7e:00:f1:f3:4a:1b:75:17:2f:0e:f8:62:98:
c1:ee:51:42:6b:1f:6a:97:73:de:6a:ec:6f:1c:3e:90:ab:e5:
8f:33:9b:bf:2e:af:ec:c7:5b:bd:69:7f:e1:49:25:1f:dc:7f:
a9:eb:4c:d6:6a:83:b6:d1:de:26:b1:73:b6:2e:c1:a1:dd:d8:
bd:62:d9:ec:ee:20:0a:20:47:b4:a4:ca:e1:e7:55:84:0e:47:
64:7f:f0:e3:ee:1a:5c:62:a1:00:71:62:7a:b9:64:68:60:ac:
ce:ff:48:5a:12:88:d9:58:d6:1d:b9:fe:bd:a2:80:67:2d:e7:
de:98:04:18:13:ff:5b:77:e9:e0:e1:08:5b:6c:28:db:2f:a9:
d7:a9:3e:b2:18:8f:f4:3c:2b:54:6f:c8:b9:56:07:d6:50:4f:
d6:cb:af:68:d6:7c:cc:b4:55:be:19:12:e8:f3:ea:e6:f2:2a:
49:57:6e:87:a3:05:0c:f5:92:f7:2e:20:04:68:e7:f7:77:39:
c4:d8:2c:96:bc:2e:85:ca:c8:16:6d:41:1d:bc:6c:d7:33:f8:
6c:b5:15:5b:da:3a:5d:2b:a5:ea:05:c7:fa:a0:0c:42:7d:41:
8c:0f:54:06:bf:d7:44:00:f0:97:fe:d3:88:22:10:1c:22:0a:
8a:a4:b8:c0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUcGSrlGnLoYCqzEz02/jnYdFTD6kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzAzMjcwODIzMDFaFw0yNDAzMjUwODI4MDFaMDMxMTAvBgNV
BAMTKDhGNkZFNTNBREYyOTRCMDg1MUZCQkFDMzg1ODcxNzJFN0U1RUZGQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0jRkBoVnxuyuD+1U61RvCsQzP
Q+fLIOhzDZFRsmoDEZ1XPCQofBVLlEurShIVNkDuzzXQFMVmDKydaogJo9n8W48B
Mmjmo3qFdzch5djZGX0/VEJloofvXSRvNLzoBmbsH2eB2xG+Nvzoe7b8BU3RB1uE
ai7QE31ZYZXXv3ONBa0EQenMJctqfLgQOI9a6AaWHRadRBpfO1uo/Nn7PALW3+Jm
bU6ay247/HNTRgTPD0INdu8OspE+1vIYm79uTAHO70CaCihJMVELEUVrfMH0tS0n
pTY3Hq5WSqe0uEcNEbUs7CMctKdyz4Yzh05d3YJ3btV7DYPIE1DgXm5sOLo1AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUj2/lOt8pSwhR+7rDhYcXLn5e/8AwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzMjM1MzUyZTMx
MzIzODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuf+AMA0G
CSqGSIb3DQEBCwUAA4IBAQCVgrORWH4A8fNKG3UXLw74YpjB7lFCax9ql3Peauxv
HD6Qq+WPM5u/Lq/sx1u9aX/hSSUf3H+p60zWaoO20d4msXO2LsGh3di9Ytns7iAK
IEe0pMrh51WEDkdkf/Dj7hpcYqEAcWJ6uWRoYKzO/0haEojZWNYduf69ooBnLefe
mAQYE/9bd+ng4QhbbCjbL6nXqT6yGI/0PCtUb8i5VgfWUE/Wy69o1nzMtFW+GRLo
8+rm8ipJV26HowUM9ZL3LiAEaOf3dznE2CyWvC6FysgWbUEdvGzXM/hstRVb2jpd
K6XqBcf6oAxCfUGMD1QGv9dEAPCX/tOIIhAcIgqKpLjA
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:11 2024 by rpki-client on console-ams.rpki-client.org