Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e39372e3134372e302f32342d3234203d3e2030.roa
File: 3138352e39372e3134372e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: 6c/GU40AdBfopr7+pKJBwEqh0yWNCQuqh9QK1mg9SOA=
Subject key identifier: 55:BD:90:B7:D4:88:85:92:F6:13:E8:F2:C4:7D:EB:F9:49:1D:DC:3B
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 4F8DBDCD1527767D2A46BE19B9F5D47895756784
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e39372e3134372e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:02 +0000
ROA not before: Mon 27 Mar 2023 08:23:02 +0000
ROA not after: Mon 25 Mar 2024 08:28:02 +0000
asID: 0
IP address blocks: 185.97.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:8d:bd:cd:15:27:76:7d:2a:46:be:19:b9:f5:d4:78:95:75:67:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Mar 27 08:23:02 2023 GMT
Not After : Mar 25 08:28:02 2024 GMT
Subject: CN=55BD90B7D4888592F613E8F2C47DEBF9491DDC3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a3:a2:88:eb:85:6e:01:41:c7:84:2a:be:85:
03:90:46:85:77:a5:59:a7:5b:c1:0f:4e:bc:7c:0a:
42:69:d6:89:68:81:e9:9a:11:57:b3:54:56:cc:e4:
b7:47:da:85:97:af:3f:e4:75:45:71:fd:f5:73:9f:
f7:bb:49:aa:0d:63:3c:13:d8:4a:7a:fa:23:1b:da:
4b:55:0c:ac:71:5f:0b:04:b8:5a:12:b5:35:c7:d3:
be:d0:8d:9b:d2:7b:0a:4a:0c:54:6a:4e:ee:3c:0e:
e4:76:f7:93:ce:18:b6:1b:9d:33:ff:ce:8e:8a:ee:
db:82:21:cd:97:90:80:77:88:0d:9b:6a:c1:80:e5:
9c:6c:88:3c:bd:cb:b8:57:bb:db:af:22:2d:a4:7a:
ed:a2:ea:f8:84:71:08:d9:fe:2c:a5:ff:43:96:3a:
8f:33:c9:6e:b8:e6:2a:07:fe:e2:74:d0:a4:eb:17:
ef:10:3d:74:37:ea:c9:b6:db:6b:3c:2c:8e:00:0f:
32:25:f4:b4:35:64:b1:1c:bc:66:82:0e:6f:ec:bd:
50:26:f4:d4:6d:ac:b5:79:b4:64:f5:6c:d7:eb:ff:
5c:49:26:29:74:85:30:cb:ee:b4:bc:d3:e7:0d:d2:
b4:7a:f2:1b:0e:be:41:68:ef:5e:d1:c4:ce:11:0a:
85:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:BD:90:B7:D4:88:85:92:F6:13:E8:F2:C4:7D:EB:F9:49:1D:DC:3B
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3138352e39372e3134372e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.147.0/24
Signature Algorithm: sha256WithRSAEncryption
32:a4:71:e5:21:97:75:06:31:f2:63:ab:7f:76:e4:46:11:a4:
9a:45:9a:46:21:30:2c:66:a9:77:ed:82:cf:9c:b5:c2:a7:d5:
04:25:8b:bb:f7:fb:30:70:81:21:b4:74:17:a0:79:a4:71:60:
76:9f:c2:b5:2f:05:20:34:d9:1e:cf:14:6e:51:26:3d:52:bc:
9c:98:92:1a:1f:7e:20:b6:20:3f:3b:62:8a:28:91:b4:e7:ce:
f6:2f:8c:cf:f8:2b:c2:79:78:e5:9d:76:4b:ef:a9:e2:ff:45:
cf:20:01:4d:5d:49:ab:f8:c1:ca:fd:b6:8d:81:5b:61:69:44:
de:4b:38:a5:3f:87:a5:67:22:66:98:04:81:39:91:c1:82:cb:
43:79:2f:1d:52:ea:93:00:26:be:4f:86:53:a6:dc:d6:73:46:
1b:b0:79:0a:a1:8f:79:6c:2b:c7:1c:16:36:6b:04:0a:02:7b:
2f:d6:86:99:a1:26:65:cd:5f:ef:17:93:87:dd:6f:89:db:05:
85:9f:21:db:4c:da:ed:1d:f1:54:30:cd:29:9c:21:be:cd:6d:
1a:6c:3d:c7:84:c0:c8:12:b6:59:04:33:f3:2d:cf:ec:ad:c6:
75:9a:64:68:05:ef:d0:57:07:55:c3:dd:07:35:13:04:5d:d1:
01:56:9c:ac
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUT429zRUndn0qRr4ZufXUeJV1Z4QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzAzMjcwODIzMDJaFw0yNDAzMjUwODI4MDJaMDMxMTAvBgNV
BAMTKDU1QkQ5MEI3RDQ4ODg1OTJGNjEzRThGMkM0N0RFQkY5NDkxRERDM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAo6KI64VuAUHHhCq+hQOQRoV3
pVmnW8EPTrx8CkJp1ologemaEVezVFbM5LdH2oWXrz/kdUVx/fVzn/e7SaoNYzwT
2Ep6+iMb2ktVDKxxXwsEuFoStTXH077QjZvSewpKDFRqTu48DuR295POGLYbnTP/
zo6K7tuCIc2XkIB3iA2basGA5ZxsiDy9y7hXu9uvIi2keu2i6viEcQjZ/iyl/0OW
Oo8zyW645ioH/uJ00KTrF+8QPXQ36sm222s8LI4ADzIl9LQ1ZLEcvGaCDm/svVAm
9NRtrLV5tGT1bNfr/1xJJil0hTDL7rS80+cN0rR68hsOvkFo717RxM4RCoWrAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUVb2Qt9SIhZL2E+jyxH3r+Ukd3DswHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzODM1MmUzOTM3MmUzMTM0
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlhkzANBgkq
hkiG9w0BAQsFAAOCAQEAMqRx5SGXdQYx8mOrf3bkRhGkmkWaRiEwLGapd+2Cz5y1
wqfVBCWLu/f7MHCBIbR0F6B5pHFgdp/CtS8FIDTZHs8UblEmPVK8nJiSGh9+ILYg
PztiiiiRtOfO9i+Mz/grwnl45Z12S++p4v9FzyABTV1Jq/jByv22jYFbYWlE3ks4
pT+HpWciZpgEgTmRwYLLQ3kvHVLqkwAmvk+GU6bc1nNGG7B5CqGPeWwrxxwWNmsE
CgJ7L9aGmaEmZc1f7xeTh91vidsFhZ8h20za7R3xVDDNKZwhvs1tGmw9x4TAyBK2
WQQz8y3P7K3GdZpkaAXv0FcHVcPdBzUTBF3RAVacrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org