Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233352e302f32342d3234203d3e2030.roa
File: 3139342e33342e3233352e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: z/rFRvBBtMHbWuY8D0I2O2wKooIYF5dRbQzAvARchyA=
Subject key identifier: FF:76:AE:4D:26:62:2D:80:E3:A9:6D:2B:CC:CE:86:FD:F3:8C:50:85
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 70F3034996FB21822E76F92219509570ED553BD1
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233352e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:05 +0000
ROA not before: Mon 27 Mar 2023 08:23:05 +0000
ROA not after: Mon 25 Mar 2024 08:28:05 +0000
asID: 0
IP address blocks: 194.34.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:f3:03:49:96:fb:21:82:2e:76:f9:22:19:50:95:70:ed:55:3b:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Mar 27 08:23:05 2023 GMT
Not After : Mar 25 08:28:05 2024 GMT
Subject: CN=FF76AE4D26622D80E3A96D2BCCCE86FDF38C5085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:75:5a:3e:a6:fa:1b:a1:f3:50:81:5a:5b:d6:
39:e0:48:04:f6:3b:c1:9c:61:07:ea:a1:14:bb:d2:
42:51:ae:8f:5f:03:8c:91:05:75:50:f1:18:51:c0:
d1:b3:a7:5b:5c:2e:ff:2d:1e:54:c0:ce:e5:a7:fa:
4a:37:59:17:10:92:de:31:11:d4:7f:6e:10:51:20:
6c:6c:c6:4b:f2:a6:13:83:af:6a:3b:0f:1f:cc:e0:
c3:58:f3:13:83:a4:07:ac:6f:f9:f0:75:7e:6d:d9:
01:46:10:c7:b8:69:f0:87:6f:c6:ca:69:32:a5:9f:
8e:5d:f3:9d:c7:63:48:a9:37:81:ea:d3:b5:71:8a:
dd:84:d1:b8:06:c5:e6:ba:55:96:67:4c:28:87:bb:
20:22:3e:63:24:aa:dd:02:2c:0b:64:55:89:05:e3:
59:a9:03:bb:3c:92:8f:78:a5:a3:20:aa:63:6e:d8:
fd:67:33:7a:85:94:1b:8c:07:67:2c:ca:64:47:f6:
99:39:78:9e:f4:66:fa:b5:6c:39:dd:a6:5c:4f:b5:
aa:ed:68:74:97:d1:55:07:30:6a:d3:d9:f7:d9:7c:
d4:91:9f:b6:c9:9a:d4:48:53:29:01:b2:49:c0:97:
cf:b0:79:d9:43:58:60:d9:ff:6f:ce:37:3f:b4:54:
28:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:76:AE:4D:26:62:2D:80:E3:A9:6D:2B:CC:CE:86:FD:F3:8C:50:85
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/3139342e33342e3233352e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.235.0/24
Signature Algorithm: sha256WithRSAEncryption
12:3f:0b:5c:b3:a4:97:d1:1a:8f:0d:70:4a:61:bf:cb:0c:59:
5c:f2:d9:77:fd:e2:bb:ee:51:19:ce:fb:c5:01:bf:b0:ad:91:
e6:3e:fe:f8:34:28:55:d9:94:be:4c:0f:11:ce:eb:0f:04:0b:
98:7a:02:7e:fe:f0:fd:b3:ff:88:1d:f0:24:c1:f3:88:e4:a4:
84:c1:c0:f1:e7:90:79:5d:1f:79:39:ad:2e:91:74:ab:49:5f:
f3:24:84:90:59:59:a3:11:cd:66:b6:32:7f:2e:aa:f5:5f:51:
30:bf:e6:06:8b:ee:1c:f6:67:06:62:4d:aa:e1:82:7d:55:82:
4d:3c:11:0b:48:e3:3b:49:d2:db:b2:3f:1a:9f:74:af:51:10:
69:3f:4c:cc:ec:be:3b:61:d7:1e:ef:a5:79:fd:18:18:4d:43:
17:44:bb:bb:01:34:d3:34:05:27:23:b7:1a:1f:d2:43:4e:bd:
34:4f:13:49:eb:60:45:7a:fa:25:af:31:30:1e:94:fa:02:6e:
1f:b1:1a:f1:d3:f7:3d:8b:d9:5a:f0:76:e9:7f:23:6f:ff:2d:
89:b9:83:10:19:a6:a1:c5:c0:13:89:ca:d0:20:69:76:2c:8d:
ad:86:3d:90:ee:87:3c:92:a7:ed:05:6b:d8:2a:50:58:da:92:
45:84:0d:d2
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUcPMDSZb7IYIudvkiGVCVcO1VO9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzAzMjcwODIzMDVaFw0yNDAzMjUwODI4MDVaMDMxMTAvBgNV
BAMTKEZGNzZBRTREMjY2MjJEODBFM0E5NkQyQkNDQ0U4NkZERjM4QzUwODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRdVo+pvobofNQgVpb1jngSAT2
O8GcYQfqoRS70kJRro9fA4yRBXVQ8RhRwNGzp1tcLv8tHlTAzuWn+ko3WRcQkt4x
EdR/bhBRIGxsxkvyphODr2o7Dx/M4MNY8xODpAesb/nwdX5t2QFGEMe4afCHb8bK
aTKln45d853HY0ipN4Hq07Vxit2E0bgGxea6VZZnTCiHuyAiPmMkqt0CLAtkVYkF
41mpA7s8ko94paMgqmNu2P1nM3qFlBuMB2csymRH9pk5eJ70Zvq1bDndplxPtart
aHSX0VUHMGrT2ffZfNSRn7bJmtRIUykBsknAl8+wedlDWGDZ/2/ONz+0VCgfAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQU/3auTSZiLYDjqW0rzM6G/fOMUIUwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzEzOTM0MmUzMzM0MmUzMjMz
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIi6zANBgkq
hkiG9w0BAQsFAAOCAQEAEj8LXLOkl9Eajw1wSmG/ywxZXPLZd/3iu+5RGc77xQG/
sK2R5j7++DQoVdmUvkwPEc7rDwQLmHoCfv7w/bP/iB3wJMHziOSkhMHA8eeQeV0f
eTmtLpF0q0lf8ySEkFlZoxHNZrYyfy6q9V9RML/mBovuHPZnBmJNquGCfVWCTTwR
C0jjO0nS27I/Gp90r1EQaT9MzOy+O2HXHu+lef0YGE1DF0S7uwE00zQFJyO3Gh/S
Q069NE8TSetgRXr6Ja8xMB6U+gJuH7Ea8dP3PYvZWvB26X8jb/8tibmDEBmmocXA
E4nK0CBpdiyNrYY9kO6HPJKn7QVr2CpQWNqSRYQN0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org