Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234332e35392e302f32342d3234203d3e2030.roa
File: 3138352e3234332e35392e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: aaiyDKDAoGDk5NI2UM/IoEY9lY/LnYN1toKpAX+jw7A=
Subject key identifier: 9B:F1:67:D2:99:19:9C:AE:0E:4E:70:CE:CF:73:EF:51:08:14:F9:BA
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 4DDC21A17CF2A1E066392C4310D5E2C687FC02AA
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234332e35392e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:44 +0000
ROA not before: Mon 27 Mar 2023 08:22:44 +0000
ROA not after: Mon 25 Mar 2024 08:27:44 +0000
asID: 0
IP address blocks: 185.243.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:dc:21:a1:7c:f2:a1:e0:66:39:2c:43:10:d5:e2:c6:87:fc:02:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Mar 27 08:22:44 2023 GMT
Not After : Mar 25 08:27:44 2024 GMT
Subject: CN=9BF167D299199CAE0E4E70CECF73EF510814F9BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:57:af:ae:8b:c6:26:b6:b1:8f:20:70:c7:0e:
cf:4d:41:d6:c6:28:19:d3:6b:35:44:db:6b:ee:a6:
a2:85:c5:ad:8d:38:12:b1:ad:bd:76:bc:c6:6d:90:
a4:8c:5a:cb:83:51:69:86:97:c8:95:0e:8c:84:fd:
02:09:f8:1a:44:9e:54:42:34:ec:a8:a3:fe:ca:aa:
c3:08:3a:35:f5:c8:58:86:30:0d:50:ed:5b:27:32:
88:c2:a6:79:ae:c3:82:21:b8:5d:5b:8f:99:a1:c9:
00:b8:92:fd:90:72:92:bb:a4:04:cb:82:0b:d4:55:
af:f8:3e:4d:91:f3:32:ca:eb:5e:e5:ff:81:ce:7a:
a6:cb:83:15:85:83:df:fc:ba:43:6e:17:87:56:ef:
97:05:7f:90:c4:e7:3e:78:35:a6:b6:6a:00:bd:ef:
6d:66:c1:5a:23:cf:ec:a9:61:45:74:98:b7:b4:ba:
30:09:16:73:21:1e:66:34:2b:96:1a:b4:45:6e:e1:
92:aa:6c:25:e0:03:93:db:b3:0c:75:94:25:26:19:
ba:d7:fe:9a:86:77:8a:f6:a5:94:42:c4:c3:d5:45:
b8:ea:bc:f5:a6:bb:83:bc:78:01:88:a6:72:dc:6a:
0e:1b:61:f4:d8:da:5b:9f:9f:4f:13:88:26:c9:95:
ba:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:F1:67:D2:99:19:9C:AE:0E:4E:70:CE:CF:73:EF:51:08:14:F9:BA
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3234332e35392e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.59.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:33:ec:c6:6a:53:ef:eb:ed:e3:5f:32:71:d7:04:d4:ee:4e:
d4:49:cc:66:aa:7b:24:71:5a:8a:48:e4:ef:b7:9e:38:e6:00:
5f:f2:54:1c:5e:6a:b3:df:06:5d:89:f0:5d:0a:23:2d:8c:92:
3d:a8:41:ee:21:df:51:0d:88:12:45:d8:ed:30:f0:a2:48:e1:
ba:5f:ad:1b:2f:a6:28:1a:65:2e:ab:21:9b:5c:bb:a3:78:07:
5f:73:0a:94:b8:1d:5d:04:98:ad:c7:2d:24:cf:59:58:ca:fd:
d4:65:3a:33:b6:1c:bd:79:32:f9:04:50:ca:7c:77:ea:42:e1:
45:36:49:87:ac:60:c7:3b:b9:60:e1:ed:0e:a5:11:3f:f3:e8:
50:ca:23:94:49:94:bb:45:04:cf:7a:3f:f0:be:61:83:4a:41:
77:e8:49:64:92:91:c1:2c:ce:11:2f:55:d5:b9:b0:50:9f:0d:
b6:54:17:e7:7b:65:00:f0:cf:bf:d9:38:33:70:3f:67:55:28:
7d:11:2d:53:eb:72:7f:a4:71:de:e6:d2:39:ab:25:be:7c:e9:
14:f3:ee:38:0d:49:81:88:36:03:80:f0:d1:1e:93:6c:b7:dc:
58:c0:5f:c2:85:b4:fc:b6:c5:4c:f4:d7:24:7b:b2:98:32:d7:
93:87:23:74
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUTdwhoXzyoeBmOSxDENXixof8AqowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yMzAzMjcwODIyNDRaFw0yNDAzMjUwODI3NDRaMDMxMTAvBgNV
BAMTKDlCRjE2N0QyOTkxOTlDQUUwRTRFNzBDRUNGNzNFRjUxMDgxNEY5QkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwV6+ui8YmtrGPIHDHDs9NQdbG
KBnTazVE22vupqKFxa2NOBKxrb12vMZtkKSMWsuDUWmGl8iVDoyE/QIJ+BpEnlRC
NOyoo/7KqsMIOjX1yFiGMA1Q7VsnMojCpnmuw4IhuF1bj5mhyQC4kv2QcpK7pATL
ggvUVa/4Pk2R8zLK617l/4HOeqbLgxWFg9/8ukNuF4dW75cFf5DE5z54Naa2agC9
721mwVojz+ypYUV0mLe0ujAJFnMhHmY0K5YatEVu4ZKqbCXgA5Pbswx1lCUmGbrX
/pqGd4r2pZRCxMPVRbjqvPWmu4O8eAGIpnLcag4bYfTY2lufn08TiCbJlbqxAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUm/Fn0pkZnK4OTnDOz3PvUQgU+bowHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjM0MzMyZTM1
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnzOzANBgkq
hkiG9w0BAQsFAAOCAQEAjTPsxmpT7+vt418ycdcE1O5O1EnMZqp7JHFaikjk77ee
OOYAX/JUHF5qs98GXYnwXQojLYySPahB7iHfUQ2IEkXY7TDwokjhul+tGy+mKBpl
Lqshm1y7o3gHX3MKlLgdXQSYrcctJM9ZWMr91GU6M7YcvXky+QRQynx36kLhRTZJ
h6xgxzu5YOHtDqURP/PoUMojlEmUu0UEz3o/8L5hg0pBd+hJZJKRwSzOES9V1bmw
UJ8NtlQX53tlAPDPv9k4M3A/Z1UofREtU+tyf6Rx3ubSOaslvnzpFPPuOA1JgYg2
A4Dw0R6TbLfcWMBfwoW0/LbFTPTXJHuymDLXk4cjdA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:11 2024 by rpki-client on console-ams.rpki-client.org