Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233332e302f32342d3234203d3e203432333636.roa
File: 3139342e33342e3233332e302f32342d3234203d3e203432333636.roa (raw, json)
Hash identifier: rIpqCEUdJ/k4rg+cKTPeq0KNW9f+ai0+zy03bBNGb/Q=
Subject key identifier: 69:78:40:C9:6D:CD:C9:D2:37:A5:62:A9:26:98:53:BB:D7:C8:7A:E0
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 3DDB17386FFDEA7015E7F83FCAD6A4F350D2C3E0
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233332e302f32342d3234203d3e203432333636.roa
Signing time: Mon 17 Apr 2023 11:23:20 +0000
ROA not before: Mon 17 Apr 2023 11:18:20 +0000
ROA not after: Mon 15 Apr 2024 11:23:20 +0000
asID: 42366
IP address blocks: 194.34.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:db:17:38:6f:fd:ea:70:15:e7:f8:3f:ca:d6:a4:f3:50:d2:c3:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 17 11:18:20 2023 GMT
Not After : Apr 15 11:23:20 2024 GMT
Subject: CN=697840C96DCDC9D237A562A9269853BBD7C87AE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:87:4e:c9:3a:10:e7:c3:8f:31:af:7e:c0:85:
ec:7a:b5:b1:a7:b3:df:2f:49:00:c1:12:55:91:d4:
69:72:b6:24:21:0e:e1:01:21:db:2c:86:e7:71:bc:
39:65:d7:2c:60:0c:70:c8:0a:38:92:fa:5b:c8:eb:
dd:30:22:73:b0:63:bb:b6:5f:e8:b1:93:3d:81:e6:
e5:cd:82:9e:94:95:e0:21:13:7e:8f:0c:0b:83:5b:
87:84:f6:f7:f5:b2:37:96:dd:cf:f9:17:19:e3:49:
74:2b:a6:bb:5f:8a:ae:3c:64:5f:8a:a6:c3:7a:41:
f6:07:a6:23:55:c2:00:40:7c:fb:af:87:d0:ed:ab:
ff:a6:34:29:22:33:c2:07:69:ef:62:a1:51:b7:1d:
3f:7a:44:d4:ad:f2:a6:06:95:c5:12:1f:a5:c3:a8:
56:ea:e5:06:a7:94:49:55:32:a7:27:11:49:da:62:
9f:23:3b:02:f2:fb:1e:37:d8:28:08:1c:d2:e2:66:
6a:1a:a3:4a:16:d5:18:87:46:8b:b9:4c:4b:70:84:
30:f6:98:61:e4:ee:8b:1e:a1:b7:d9:0f:46:e9:af:
ec:5d:51:ea:4e:57:17:1b:16:ca:d6:79:1b:60:25:
72:a0:22:62:fd:12:48:eb:5e:bc:61:c5:05:f1:3c:
78:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:78:40:C9:6D:CD:C9:D2:37:A5:62:A9:26:98:53:BB:D7:C8:7A:E0
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233332e302f32342d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.233.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:56:b4:a2:7b:8b:eb:e4:a2:2d:f1:21:9e:c6:82:41:79:2d:
17:bd:15:d5:38:35:ec:69:45:8c:e7:cf:57:ca:80:1d:1f:6c:
0c:cd:7a:71:71:c5:06:f0:8c:65:f0:ad:a7:11:e7:47:04:96:
27:59:2d:4f:e6:d6:9f:3e:a7:ce:4b:4a:ed:06:be:72:c5:08:
63:c2:07:ab:5a:2b:a8:26:31:90:63:54:05:c7:9c:36:c4:f3:
80:fb:f9:e1:70:73:7f:62:d3:36:e2:22:df:4a:9b:be:3f:df:
bf:66:74:dc:e1:8d:d3:5e:6f:19:90:69:53:1e:74:13:98:ec:
9d:88:b6:3f:03:98:a8:11:63:03:9b:9b:d3:ae:55:03:26:98:
75:a5:31:f2:a7:c8:2b:d3:ab:e2:13:f7:f0:01:f1:45:a2:98:
67:c5:70:c3:94:2b:63:9b:10:69:d9:bf:61:a1:11:43:5d:6a:
85:8b:93:f7:c1:6d:2f:96:3d:99:e8:c1:8b:f7:57:12:9a:23:
fd:b9:ac:aa:55:60:b5:b5:3a:e2:33:fe:e0:44:f3:e4:04:1e:
2e:9f:80:60:5d:f0:5d:05:46:45:28:fd:8e:6d:5c:1e:52:96:
37:f9:b1:89:12:d1:03:1c:10:1a:1c:2f:2b:55:5f:83:01:5b:
87:56:9e:c4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPdsXOG/96nAV5/g/ytak81DSw+AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzA0MTcxMTE4MjBaFw0yNDA0MTUxMTIzMjBaMDMxMTAvBgNV
BAMTKDY5Nzg0MEM5NkRDREM5RDIzN0E1NjJBOTI2OTg1M0JCRDdDODdBRTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkh07JOhDnw48xr37Ahex6tbGn
s98vSQDBElWR1GlytiQhDuEBIdsshudxvDll1yxgDHDICjiS+lvI690wInOwY7u2
X+ixkz2B5uXNgp6UleAhE36PDAuDW4eE9vf1sjeW3c/5FxnjSXQrprtfiq48ZF+K
psN6QfYHpiNVwgBAfPuvh9Dtq/+mNCkiM8IHae9ioVG3HT96RNSt8qYGlcUSH6XD
qFbq5QanlElVMqcnEUnaYp8jOwLy+x432CgIHNLiZmoao0oW1RiHRou5TEtwhDD2
mGHk7oseobfZD0bpr+xdUepOVxcbFsrWeRtgJXKgImL9EkjrXrxhxQXxPHjJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUaXhAyW3NydI3pWKpJphTu9fIeuAwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTM0MmUzMzM0MmUzMjMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wiLpMA0GCSqGSIb3DQEBCwUAA4IBAQAcVrSie4vr5KIt8SGexoJBeS0XvRXVODXs
aUWM589XyoAdH2wMzXpxccUG8Ixl8K2nEedHBJYnWS1P5tafPqfOS0rtBr5yxQhj
wgerWiuoJjGQY1QFx5w2xPOA+/nhcHN/YtM24iLfSpu+P9+/ZnTc4Y3TXm8ZkGlT
HnQTmOydiLY/A5ioEWMDm5vTrlUDJph1pTHyp8gr06viE/fwAfFFophnxXDDlCtj
mxBp2b9hoRFDXWqFi5P3wW0vlj2Z6MGL91cSmiP9uayqVWC1tTriM/7gRPPkBB4u
n4BgXfBdBUZFKP2ObVweUpY3+bGJEtEDHBAaHC8rVV+DAVuHVp7E
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org