Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39312e3231342e36342e302f32332d3234203d3e2030.roa
File: 39312e3231342e36342e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier: MzhHVxeYqJvYTFF/DrPz40eVX+ug5tpfxbeDYxs0HpI=
Subject key identifier: DF:29:AE:55:A9:5B:8C:8A:72:8C:07:B6:73:03:4B:6E:CD:C2:3B:E1
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 3F4BE894E6A388C2F4FF138AB74C76E890F55726
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39312e3231342e36342e302f32332d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:00 +0000
ROA not before: Mon 27 Mar 2023 08:23:00 +0000
ROA not after: Mon 25 Mar 2024 08:28:00 +0000
asID: 0
IP address blocks: 91.214.64.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:4b:e8:94:e6:a3:88:c2:f4:ff:13:8a:b7:4c:76:e8:90:f5:57:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Mar 27 08:23:00 2023 GMT
Not After : Mar 25 08:28:00 2024 GMT
Subject: CN=DF29AE55A95B8C8A728C07B673034B6ECDC23BE1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b3:f4:09:fe:0d:09:ed:91:36:58:7f:30:3b:
c3:ef:7e:4d:c2:62:18:da:65:9c:4d:4e:d8:bc:6d:
ec:02:7f:f4:5c:9f:60:0d:47:f3:67:b7:b4:6f:ff:
14:ce:24:28:61:9b:9b:2c:cd:ad:30:d4:c3:fa:93:
22:cb:41:e3:39:cc:38:bc:fd:50:1f:13:46:d3:d6:
83:df:2e:80:a7:0e:fe:ae:99:ad:11:66:37:1f:d3:
83:93:f9:b6:9c:d6:32:e3:59:73:60:99:16:3d:4b:
53:84:3a:15:a3:97:c5:f4:1b:89:48:b5:91:92:05:
d4:37:31:01:3b:d2:40:26:ae:1d:15:d6:22:ec:2c:
ca:53:22:7a:33:85:0d:41:1f:21:dc:e6:bd:fd:02:
32:50:6e:91:3e:bc:e3:d2:be:65:0f:10:fe:f3:ed:
a5:2d:6b:8f:ab:96:5b:36:1d:88:0b:85:13:cc:da:
fc:28:78:d2:c8:f5:4d:0f:e0:e8:68:a6:18:46:db:
38:e5:16:32:b8:63:67:50:8d:d2:62:64:75:91:73:
94:17:24:1c:5e:50:b1:55:15:bc:5d:73:93:a0:ff:
62:3c:5f:44:47:f5:aa:48:65:14:f8:e6:ab:7d:d8:
09:7f:c1:d6:c5:4d:2d:7d:ba:24:90:57:35:a0:de:
a7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:29:AE:55:A9:5B:8C:8A:72:8C:07:B6:73:03:4B:6E:CD:C2:3B:E1
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/39312e3231342e36342e302f32332d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.64.0/23
Signature Algorithm: sha256WithRSAEncryption
07:d0:00:ff:a1:2e:84:ab:fd:41:0d:7e:9f:c5:b9:c0:e3:81:
e5:74:bb:02:fb:c9:7c:f8:d3:eb:d1:65:bc:67:56:b3:bc:a4:
75:9f:b8:6e:fd:43:a4:c0:e7:a1:26:12:49:38:3f:4b:bd:87:
d2:dc:dd:f6:bb:29:2f:b4:3b:c4:85:3e:cb:49:69:2a:36:4e:
6d:fe:b9:fa:db:68:e8:c9:41:f2:0a:7b:7b:75:6e:08:2c:9d:
28:5f:49:ab:a7:80:65:d3:81:10:f8:fd:e2:10:6d:b4:da:4e:
bd:c1:87:ff:26:55:8f:f3:7b:ab:7b:1b:b5:b2:78:83:5f:d3:
20:d7:1c:3d:97:23:ed:a9:3a:70:d3:ca:a2:0c:84:90:d9:44:
99:e8:0d:ef:6e:20:61:8f:4a:de:1a:5a:07:47:76:1f:48:b0:
6d:92:1e:9d:4d:74:1f:74:5f:6f:75:80:80:81:f6:27:a3:1d:
10:20:be:96:95:99:e0:64:ec:27:69:38:73:be:5b:1f:b0:48:
e5:78:70:cb:3b:f3:ce:dd:6a:d9:4c:eb:3f:b0:d7:e6:b3:e3:
c5:67:e8:f7:77:65:1a:80:78:5a:1a:85:36:d6:be:63:4e:98:
68:5f:c7:25:41:5e:af:54:97:f9:82:4d:df:c1:5e:c6:cc:c3:
55:f8:9b:9f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUP0volOajiML0/xOKt0x26JD1VyYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzAzMjcwODIzMDBaFw0yNDAzMjUwODI4MDBaMDMxMTAvBgNV
BAMTKERGMjlBRTU1QTk1QjhDOEE3MjhDMDdCNjczMDM0QjZFQ0RDMjNCRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfs/QJ/g0J7ZE2WH8wO8Pvfk3C
YhjaZZxNTti8bewCf/Rcn2ANR/Nnt7Rv/xTOJChhm5ssza0w1MP6kyLLQeM5zDi8
/VAfE0bT1oPfLoCnDv6uma0RZjcf04OT+bac1jLjWXNgmRY9S1OEOhWjl8X0G4lI
tZGSBdQ3MQE70kAmrh0V1iLsLMpTInozhQ1BHyHc5r39AjJQbpE+vOPSvmUPEP7z
7aUta4+rlls2HYgLhRPM2vwoeNLI9U0P4OhophhG2zjlFjK4Y2dQjdJiZHWRc5QX
JBxeULFVFbxdc5Og/2I8X0RH9apIZRT45qt92Al/wdbFTS19uiSQVzWg3qfXAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQU3ymuValbjIpyjAe2cwNLbs3CO+EwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzkzMTJlMzIzMTM0MmUzNjM0
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFb1kAwDQYJKoZI
hvcNAQELBQADggEBAAfQAP+hLoSr/UENfp/FucDjgeV0uwL7yXz40+vRZbxnVrO8
pHWfuG79Q6TA56EmEkk4P0u9h9Lc3fa7KS+0O8SFPstJaSo2Tm3+ufrbaOjJQfIK
e3t1bggsnShfSaungGXTgRD4/eIQbbTaTr3Bh/8mVY/ze6t7G7WyeINf0yDXHD2X
I+2pOnDTyqIMhJDZRJnoDe9uIGGPSt4aWgdHdh9IsG2SHp1NdB90X291gICB9iej
HRAgvpaVmeBk7CdpOHO+Wx+wSOV4cMs7887datlM6z+w1+az48Vn6Pd3ZRqAeFoa
hTbWvmNOmGhfxyVBXq9Ul/mCTd/BXsbMw1X4m58=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:11 2024 by rpki-client on console-ams.rpki-client.org