Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3230332e31342e302f32342d3234203d3e2030.roa
File: 3139332e3230332e31342e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: /myL4Q584KOU3sUqww7GPQ9aZ5ULju9o3XoTk6a2qLI=
Subject key identifier: 68:D7:E8:A0:A0:8A:20:45:A2:4A:BA:F2:4A:CE:66:34:67:F7:BC:2A
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 5598FC14D53E1F9562C39F83D3347217A8CB5FB7
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3230332e31342e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:16 +0000
ROA not before: Mon 27 Mar 2023 08:23:16 +0000
ROA not after: Mon 25 Mar 2024 08:28:16 +0000
asID: 0
IP address blocks: 193.203.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:98:fc:14:d5:3e:1f:95:62:c3:9f:83:d3:34:72:17:a8:cb:5f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Mar 27 08:23:16 2023 GMT
Not After : Mar 25 08:28:16 2024 GMT
Subject: CN=68D7E8A0A08A2045A24ABAF24ACE663467F7BC2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e1:dc:e7:e1:75:0b:3b:f0:ae:b3:3f:92:dd:
ad:e0:1c:77:82:31:10:7c:01:a5:80:2a:db:f3:85:
06:83:43:db:59:3a:ff:e2:ef:e5:ad:11:59:8d:56:
62:a3:14:82:18:d3:94:c7:8f:a1:58:bb:c2:31:ec:
e2:79:35:8c:c9:d0:a1:e6:7d:22:68:d8:0d:57:eb:
6b:95:c2:d4:f5:0e:73:9f:a1:76:1b:ab:f3:18:c9:
57:22:c5:17:6c:a1:01:9f:4d:ea:74:fa:49:48:cc:
5f:23:3d:1d:49:25:d6:74:66:30:70:cc:14:57:9a:
85:cb:0e:ae:74:ba:28:c3:92:53:09:d4:d2:d6:03:
75:48:a8:ff:a1:0a:a5:ed:c5:d4:12:dd:81:83:0e:
dc:df:5d:0a:3a:5d:1c:af:f2:08:b6:4b:7b:54:be:
5e:93:ca:0c:89:dd:a1:44:2a:af:46:d7:b0:f2:48:
0b:c2:96:54:44:29:d8:05:71:96:5c:c0:14:3f:08:
aa:3d:e6:06:91:d0:4a:cc:5f:e7:a8:fc:27:d6:ba:
86:3b:cc:b7:29:8c:f3:9c:fb:1b:43:3b:fa:ee:69:
0f:1d:90:7c:4f:ef:08:f5:1e:be:a8:cb:3b:43:82:
c5:09:2c:1e:b9:b9:2d:a5:e9:0a:65:c5:db:75:6c:
12:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D7:E8:A0:A0:8A:20:45:A2:4A:BA:F2:4A:CE:66:34:67:F7:BC:2A
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139332e3230332e31342e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.203.14.0/24
Signature Algorithm: sha256WithRSAEncryption
34:86:c8:3a:2e:8b:b8:55:c9:85:6f:f5:b1:8d:43:c9:9b:36:
14:82:8d:0c:f8:39:61:6e:12:78:b3:ef:29:9b:ea:08:6c:1b:
2c:ac:61:8f:4d:f5:da:e9:50:08:07:cc:b7:da:f9:66:af:59:
9e:b9:87:fc:04:ac:50:0b:c4:ae:1e:28:35:49:cc:c6:cd:de:
39:38:e7:54:5d:8e:6a:09:5a:ce:bc:28:0b:2a:68:34:b9:6f:
11:eb:d5:c7:f5:99:bf:e1:4f:d6:92:d2:18:eb:1b:b9:e2:58:
f5:45:c6:7d:8d:4c:09:88:2e:b2:a2:55:d1:97:7e:43:56:26:
a7:88:52:2b:88:86:0b:d5:ed:56:da:52:8c:04:1d:f4:b3:ec:
5d:7f:c7:64:12:e8:c2:a8:1e:c7:15:c2:f6:a3:3f:c6:00:18:
69:49:ae:77:8b:66:e4:0b:dc:0f:fe:87:c9:03:e9:0b:f6:d4:
3f:f2:e7:d9:a6:71:99:7c:e9:db:0c:47:4b:6c:10:7e:80:fb:
d7:9e:37:16:21:11:d6:54:76:87:6a:e6:14:07:f0:25:66:61:
53:32:91:ef:cc:dc:4e:88:f8:aa:e0:05:02:a2:21:df:4a:a4:
35:44:08:69:e9:de:18:42:46:ef:c8:34:af:86:25:64:4d:05:
0f:1a:d1:2f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUVZj8FNU+H5Viw5+D0zRyF6jLX7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzAzMjcwODIzMTZaFw0yNDAzMjUwODI4MTZaMDMxMTAvBgNV
BAMTKDY4RDdFOEEwQTA4QTIwNDVBMjRBQkFGMjRBQ0U2NjM0NjdGN0JDMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD4dzn4XULO/Cusz+S3a3gHHeC
MRB8AaWAKtvzhQaDQ9tZOv/i7+WtEVmNVmKjFIIY05THj6FYu8Ix7OJ5NYzJ0KHm
fSJo2A1X62uVwtT1DnOfoXYbq/MYyVcixRdsoQGfTep0+klIzF8jPR1JJdZ0ZjBw
zBRXmoXLDq50uijDklMJ1NLWA3VIqP+hCqXtxdQS3YGDDtzfXQo6XRyv8gi2S3tU
vl6TygyJ3aFEKq9G17DySAvCllREKdgFcZZcwBQ/CKo95gaR0ErMX+eo/CfWuoY7
zLcpjPOc+xtDO/ruaQ8dkHxP7wj1Hr6oyztDgsUJLB65uS2l6Qplxdt1bBJTAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUaNfooKCKIEWiSrrySs5mNGf3vCowHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTMzMmUzMjMwMzMyZTMx
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHLDjANBgkq
hkiG9w0BAQsFAAOCAQEANIbIOi6LuFXJhW/1sY1DyZs2FIKNDPg5YW4SeLPvKZvq
CGwbLKxhj0312ulQCAfMt9r5Zq9ZnrmH/ASsUAvErh4oNUnMxs3eOTjnVF2Oagla
zrwoCypoNLlvEevVx/WZv+FP1pLSGOsbueJY9UXGfY1MCYgusqJV0Zd+Q1Ymp4hS
K4iGC9XtVtpSjAQd9LPsXX/HZBLowqgexxXC9qM/xgAYaUmud4tm5AvcD/6HyQPp
C/bUP/Ln2aZxmXzp2wxHS2wQfoD71543FiER1lR2h2rmFAfwJWZhUzKR78zcToj4
quAFAqIh30qkNUQIaeneGEJG78g0r4YlZE0FDxrRLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org