Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e39372e3134342e302f32332d3234203d3e2030.roa
File: 3138352e39372e3134342e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier: rdJwNrk1Qi4+7d40E/X6OzhwB7YveqqAp2WxWOotzBU=
Subject key identifier: 03:B8:BE:94:BC:65:DC:86:C2:57:C5:97:92:45:14:73:59:02:07:FB
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 4BEFF7605FD269FD02C443A50C76A9BCA9290B6F
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e39372e3134342e302f32332d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:11 +0000
ROA not before: Mon 27 Mar 2023 08:23:11 +0000
ROA not after: Mon 25 Mar 2024 08:28:11 +0000
asID: 0
IP address blocks: 185.97.144.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:ef:f7:60:5f:d2:69:fd:02:c4:43:a5:0c:76:a9:bc:a9:29:0b:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Mar 27 08:23:11 2023 GMT
Not After : Mar 25 08:28:11 2024 GMT
Subject: CN=03B8BE94BC65DC86C257C59792451473590207FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:49:68:28:21:b7:50:6b:cc:b2:f1:69:11:a8:
5f:78:99:73:2d:b4:2d:66:d8:91:ba:59:13:29:d2:
d0:ea:ec:aa:a5:60:6a:7c:11:fc:52:c8:70:24:12:
c7:12:5d:e5:38:ed:d9:86:8e:15:64:34:07:8d:bd:
dc:b7:24:e9:91:5a:79:e0:79:6f:b4:57:65:16:9a:
46:ec:60:70:3b:9d:bd:c4:91:31:be:20:f3:19:73:
d3:74:3a:a4:51:4f:ad:0e:cc:32:d1:37:32:0b:25:
4a:b1:00:08:fa:0a:7b:b5:d2:d0:20:b3:37:ae:01:
78:fd:80:01:10:68:5b:2b:c7:17:e1:18:8e:88:e0:
0d:5f:61:ea:f4:9b:3d:ce:b1:f2:6f:f2:14:e1:4c:
34:92:97:76:d4:ad:2a:ea:78:36:d2:a5:bf:cf:ef:
a3:e7:c7:18:74:c4:23:f8:59:48:9b:47:bb:d8:59:
d5:4a:6e:1d:c6:ad:1f:f9:8d:7d:a6:9b:cc:07:c7:
87:9b:72:31:13:d7:33:d1:6a:24:19:7d:0b:47:23:
00:9b:65:49:37:54:38:58:15:87:6c:b5:dc:09:51:
38:30:76:61:bc:10:82:d2:7b:68:59:76:02:52:cb:
68:80:c5:5e:05:cd:f3:2f:ba:4a:21:8e:ed:de:af:
52:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B8:BE:94:BC:65:DC:86:C2:57:C5:97:92:45:14:73:59:02:07:FB
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e39372e3134342e302f32332d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.144.0/23
Signature Algorithm: sha256WithRSAEncryption
41:b0:41:c2:68:03:7f:cb:84:e1:c5:bd:80:c2:d1:78:dc:46:
ba:b3:14:8b:33:ee:63:2c:cb:93:df:04:03:91:55:25:92:b5:
bc:e6:28:74:4b:75:0f:d9:aa:68:95:bd:2d:5b:15:e1:ad:32:
5f:9d:5f:7f:16:75:13:d4:9c:72:78:22:f8:22:eb:12:28:5f:
2d:ec:bc:28:1f:dd:2f:0c:22:08:d4:a4:a5:c6:07:8c:4b:14:
af:42:df:17:a9:32:a7:a2:ea:3a:7d:fd:a9:44:38:9a:25:a0:
2d:20:4e:04:b1:e7:0d:35:13:26:30:e1:b4:e2:c2:ad:4e:25:
52:3d:bc:6c:9f:a3:88:a8:95:8b:b5:8e:8b:49:13:0a:59:c2:
0f:ca:c5:79:ed:5c:5d:5a:a5:0a:b8:77:3b:3b:09:8e:32:ad:
4f:22:67:72:19:5c:ef:36:4e:39:fb:64:4a:00:9a:9d:c0:15:
80:a7:89:ac:cc:17:32:3c:00:e9:71:98:7c:77:a5:1b:08:66:
f2:7b:94:4d:e4:df:d6:16:47:09:ef:5a:5c:8d:65:10:6a:f7:
38:6b:c2:15:e6:51:08:d2:12:da:0d:8e:35:27:20:3a:86:51:
e2:6c:4e:2c:7c:a0:5e:46:00:73:da:06:2a:2e:d3:f9:e4:67:
58:10:75:13
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUS+/3YF/Saf0CxEOlDHapvKkpC28wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzAzMjcwODIzMTFaFw0yNDAzMjUwODI4MTFaMDMxMTAvBgNV
BAMTKDAzQjhCRTk0QkM2NURDODZDMjU3QzU5NzkyNDUxNDczNTkwMjA3RkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwSWgoIbdQa8yy8WkRqF94mXMt
tC1m2JG6WRMp0tDq7KqlYGp8EfxSyHAkEscSXeU47dmGjhVkNAeNvdy3JOmRWnng
eW+0V2UWmkbsYHA7nb3EkTG+IPMZc9N0OqRRT60OzDLRNzILJUqxAAj6Cnu10tAg
szeuAXj9gAEQaFsrxxfhGI6I4A1fYer0mz3OsfJv8hThTDSSl3bUrSrqeDbSpb/P
76Pnxxh0xCP4WUibR7vYWdVKbh3GrR/5jX2mm8wHx4ebcjET1zPRaiQZfQtHIwCb
ZUk3VDhYFYdstdwJUTgwdmG8EILSe2hZdgJSy2iAxV4FzfMvukohju3er1KHAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUA7i+lLxl3IbCV8WXkkUUc1kCB/swHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzOTM3MmUzMTM0
MzQyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAblhkDANBgkq
hkiG9w0BAQsFAAOCAQEAQbBBwmgDf8uE4cW9gMLReNxGurMUizPuYyzLk98EA5FV
JZK1vOYodEt1D9mqaJW9LVsV4a0yX51ffxZ1E9Sccngi+CLrEihfLey8KB/dLwwi
CNSkpcYHjEsUr0LfF6kyp6LqOn39qUQ4miWgLSBOBLHnDTUTJjDhtOLCrU4lUj28
bJ+jiKiVi7WOi0kTClnCD8rFee1cXVqlCrh3OzsJjjKtTyJnchlc7zZOOftkSgCa
ncAVgKeJrMwXMjwA6XGYfHelGwhm8nuUTeTf1hZHCe9aXI1lEGr3OGvCFeZRCNIS
2g2ONScgOoZR4mxOLHygXkYAc9oGKi7T+eRnWBB1Ew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org