Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3230332e31322e302f32332d3234203d3e2030.roa
File: 3139332e3230332e31322e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier: MAkPPQEveJfOTQQjifq2EuBW5u1L5uZqsKRZlwiOmBk=
Subject key identifier: 16:3A:28:30:70:58:77:D2:6B:1D:9C:BF:3E:36:4E:F2:73:0E:18:2F
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 4ADC20FCC08B4931A6AD3505E3AAEF7D1814A7E4
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3230332e31322e302f32332d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:00 +0000
ROA not before: Mon 27 Mar 2023 08:23:00 +0000
ROA not after: Mon 25 Mar 2024 08:28:00 +0000
asID: 0
IP address blocks: 193.203.12.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:dc:20:fc:c0:8b:49:31:a6:ad:35:05:e3:aa:ef:7d:18:14:a7:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Mar 27 08:23:00 2023 GMT
Not After : Mar 25 08:28:00 2024 GMT
Subject: CN=163A2830705877D26B1D9CBF3E364EF2730E182F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:e2:47:80:06:7c:47:18:b3:98:ea:da:09:f9:
4c:3f:ee:5f:a7:4a:9a:b3:e5:73:35:b7:b3:b6:8f:
3c:d6:15:f0:ec:6c:21:3d:ff:e7:b1:25:47:29:27:
70:e9:e6:7a:a1:80:d4:48:14:45:7c:0c:06:92:88:
3e:b5:67:2c:34:d7:6e:44:d1:aa:d0:45:32:e9:e3:
d1:cd:b9:c0:bf:13:be:11:62:95:64:87:f7:bd:89:
00:35:77:70:69:af:12:9b:ff:9b:56:79:8a:d3:7a:
f8:78:be:1f:49:fc:71:31:dc:55:47:cf:56:53:56:
27:e1:7e:60:55:04:18:57:d4:58:6e:ce:8f:8d:45:
a7:b8:fe:9f:70:00:f4:09:ac:2d:94:65:fe:5c:8c:
b3:25:a9:62:bf:fc:64:42:b6:20:d3:93:88:fa:89:
85:52:fc:96:c3:f8:1c:fc:9a:25:46:ec:6b:56:f3:
7e:68:0e:1d:f2:e3:58:f3:00:40:30:be:10:b2:ae:
6f:a6:ff:89:79:e7:b8:5f:7f:33:2c:32:d6:f5:e3:
18:e3:47:da:9b:1b:52:30:21:13:ef:b1:fd:1e:49:
50:fc:27:bb:79:13:bc:94:ab:71:13:87:79:32:b7:
20:06:92:47:0a:23:b4:da:25:54:6c:6d:8f:7f:ee:
82:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:3A:28:30:70:58:77:D2:6B:1D:9C:BF:3E:36:4E:F2:73:0E:18:2F
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3230332e31322e302f32332d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.12.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:7f:ed:89:e2:61:f7:53:80:03:1c:3e:40:47:4b:22:41:04:
11:ac:41:2c:75:d9:84:50:05:ef:92:1c:b1:3a:d6:0b:f8:d7:
c2:33:08:29:00:1b:75:22:4e:ee:ea:31:fc:cb:75:b8:63:28:
a0:d5:c7:64:a3:8c:c3:b5:e6:9c:c4:32:15:ec:bc:99:63:6d:
b2:0f:b5:87:6f:59:c8:43:ad:f3:5d:e3:af:71:f7:7e:cd:8a:
b6:c7:cf:fa:54:30:cd:60:f0:34:16:ee:60:41:bf:dc:b1:28:
9e:50:5b:1e:48:a8:6f:e7:7d:85:69:4b:5b:4e:05:66:53:12:
bb:42:e6:24:b7:4b:ab:47:63:51:2d:01:00:61:c3:c9:50:04:
f2:07:93:27:78:7f:98:19:6a:72:8e:24:be:e0:17:85:81:f4:
89:19:47:4e:83:18:15:02:0d:09:52:5f:98:78:f1:c0:e7:9a:
1d:8e:52:d7:d9:9a:3a:d8:da:b5:40:28:85:07:b2:ee:84:38:
04:54:91:eb:70:23:69:5c:30:69:9c:8c:bf:e4:ba:3c:77:c2:
94:54:e9:eb:b3:0e:4c:68:09:c4:2b:2a:2e:fb:cc:04:24:2c:
a6:a3:12:cd:f5:50:7c:6d:ed:08:a2:a7:3c:64:76:e5:a2:be:
ca:e4:66:f6
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUStwg/MCLSTGmrTUF46rvfRgUp+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzAzMjcwODIzMDBaFw0yNDAzMjUwODI4MDBaMDMxMTAvBgNV
BAMTKDE2M0EyODMwNzA1ODc3RDI2QjFEOUNCRjNFMzY0RUYyNzMwRTE4MkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU4keABnxHGLOY6toJ+Uw/7l+n
Spqz5XM1t7O2jzzWFfDsbCE9/+exJUcpJ3Dp5nqhgNRIFEV8DAaSiD61Zyw0125E
0arQRTLp49HNucC/E74RYpVkh/e9iQA1d3BprxKb/5tWeYrTevh4vh9J/HEx3FVH
z1ZTVifhfmBVBBhX1Fhuzo+NRae4/p9wAPQJrC2UZf5cjLMlqWK//GRCtiDTk4j6
iYVS/JbD+Bz8miVG7GtW835oDh3y41jzAEAwvhCyrm+m/4l557hffzMsMtb14xjj
R9qbG1IwIRPvsf0eSVD8J7t5E7yUq3ETh3kytyAGkkcKI7TaJVRsbY9/7oLJAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUFjooMHBYd9JrHZy/PjZO8nMOGC8wHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMzMmUzMjMwMzMyZTMx
MzIyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcHLDDANBgkq
hkiG9w0BAQsFAAOCAQEAH3/tieJh91OAAxw+QEdLIkEEEaxBLHXZhFAF75IcsTrW
C/jXwjMIKQAbdSJO7uox/Mt1uGMooNXHZKOMw7XmnMQyFey8mWNtsg+1h29ZyEOt
813jr3H3fs2KtsfP+lQwzWDwNBbuYEG/3LEonlBbHkiob+d9hWlLW04FZlMSu0Lm
JLdLq0djUS0BAGHDyVAE8geTJ3h/mBlqco4kvuAXhYH0iRlHToMYFQINCVJfmHjx
wOeaHY5S19maOtjatUAohQey7oQ4BFSR63AjaVwwaZyMv+S6PHfClFTp67MOTGgJ
xCsqLvvMBCQspqMSzfVQfG3tCKKnPGR25aK+yuRm9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:11 2024 by rpki-client on console-ams.rpki-client.org