Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137372e3131372e302f32342d3234203d3e2030.roa
File: 3138352e3137372e3131372e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: wCUQyP3w+gX1v5Z1clp+LWX4hKOZdqKu0BNwpdt4CS4=
Subject key identifier: 0C:52:65:13:06:A3:50:4E:53:32:31:91:8C:60:F9:B7:F0:EF:ED:C5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4D27043C4C278D0105918B23A9F4DDF12353BFA1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137372e3131372e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:30 +0000
ROA not before: Mon 27 Mar 2023 08:23:30 +0000
ROA not after: Mon 25 Mar 2024 08:28:30 +0000
asID: 0
IP address blocks: 185.177.117.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:27:04:3c:4c:27:8d:01:05:91:8b:23:a9:f4:dd:f1:23:53:bf:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 27 08:23:30 2023 GMT
Not After : Mar 25 08:28:30 2024 GMT
Subject: CN=0C52651306A3504E533231918C60F9B7F0EFEDC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e4:0f:08:01:4a:17:9b:ab:60:c0:33:07:c8:
61:c1:9a:a3:f2:0b:2a:be:ea:da:ac:eb:cd:4a:e9:
02:66:f4:bc:a9:6b:3a:7c:82:ba:41:ec:06:12:57:
72:e2:d1:61:ca:21:4f:d5:af:1d:3e:fb:86:29:67:
4d:ab:c7:68:91:1d:9a:63:00:ff:d9:56:01:69:2a:
af:25:d8:ea:d8:61:9a:43:09:00:d5:66:de:96:ac:
64:8a:c8:52:2b:aa:30:a3:49:d7:4a:03:b1:37:3a:
fe:36:82:bf:5f:26:32:53:17:2b:56:44:ec:94:c2:
d9:3a:0e:b6:36:68:7e:1e:d8:b1:9a:d2:d8:26:6a:
9e:c5:e2:14:04:f4:1d:ab:03:08:e3:08:e5:17:ed:
a4:39:85:22:bc:37:06:97:4f:ee:90:b6:4f:66:4e:
cb:cf:58:1c:ae:31:94:c4:48:f0:ff:98:b1:e2:1b:
ac:c0:66:9f:38:55:d7:74:a2:01:c4:f3:e3:0d:3a:
35:9e:9d:2a:aa:59:22:8d:05:61:1f:22:d5:b7:cd:
64:fa:52:5d:df:d4:a2:72:d8:ae:10:59:42:c3:20:
00:dc:db:40:f3:2f:66:d8:53:af:6d:c5:48:07:be:
81:58:44:56:f7:75:bb:ac:b8:35:02:55:a1:c7:33:
b8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:52:65:13:06:A3:50:4E:53:32:31:91:8C:60:F9:B7:F0:EF:ED:C5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137372e3131372e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.117.0/24
Signature Algorithm: sha256WithRSAEncryption
86:bc:b3:22:2f:41:88:d4:8a:d3:e3:82:7e:90:b5:4d:f3:3f:
3b:31:02:8e:8d:b2:50:de:0b:c4:b0:6f:f6:d9:2d:72:11:5a:
e6:23:e5:0f:ab:f6:c5:ba:3e:4a:33:d6:f5:7d:79:28:b0:94:
53:79:d9:88:85:ef:d9:24:c3:77:07:75:67:9f:6f:50:21:22:
e9:d5:f1:b3:5f:51:72:ac:9e:f2:ec:57:73:53:d7:c3:24:75:
20:c0:20:78:b3:63:83:4a:06:d9:0e:a0:b9:eb:4f:02:64:86:
44:54:da:e3:cd:eb:ab:b2:c7:28:25:d9:6a:35:98:c2:98:d2:
dd:c8:25:a7:1a:2e:2b:1f:a1:71:a3:5c:aa:48:5c:a1:db:b7:
f5:c8:26:89:dd:8f:d7:cd:68:f6:8b:07:07:6d:9d:6d:b7:9a:
f1:6b:ca:3d:00:e3:2b:8f:be:a9:50:b1:e6:80:28:1b:ad:7a:
39:c0:9f:43:9a:cb:fd:85:5b:5b:ac:ff:93:7a:87:98:f1:f4:
91:33:bf:3b:56:ba:f8:32:76:f8:d7:df:ca:dc:3a:d4:46:7f:
b2:aa:6c:b6:7b:a1:4c:ac:7b:35:af:7a:98:0e:22:89:ab:6a:
58:f7:12:1c:d7:b3:98:d1:74:ca:bc:e9:d3:54:fa:45:2d:18:
25:42:30:b1
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUTScEPEwnjQEFkYsjqfTd8SNTv6EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzAzMjcwODIzMzBaFw0yNDAzMjUwODI4MzBaMDMxMTAvBgNV
BAMTKDBDNTI2NTEzMDZBMzUwNEU1MzMyMzE5MThDNjBGOUI3RjBFRkVEQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC65A8IAUoXm6tgwDMHyGHBmqPy
Cyq+6tqs681K6QJm9Lypazp8grpB7AYSV3Li0WHKIU/Vrx0++4YpZ02rx2iRHZpj
AP/ZVgFpKq8l2OrYYZpDCQDVZt6WrGSKyFIrqjCjSddKA7E3Ov42gr9fJjJTFytW
ROyUwtk6DrY2aH4e2LGa0tgmap7F4hQE9B2rAwjjCOUX7aQ5hSK8NwaXT+6Qtk9m
TsvPWByuMZTESPD/mLHiG6zAZp84Vdd0ogHE8+MNOjWenSqqWSKNBWEfItW3zWT6
Ul3f1KJy2K4QWULDIADc20DzL2bYU69txUgHvoFYRFb3dbusuDUCVaHHM7itAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUDFJlEwajUE5TMjGRjGD5t/Dv7cUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM3MzcyZTMx
MzEzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubF1MA0G
CSqGSIb3DQEBCwUAA4IBAQCGvLMiL0GI1IrT44J+kLVN8z87MQKOjbJQ3gvEsG/2
2S1yEVrmI+UPq/bFuj5KM9b1fXkosJRTedmIhe/ZJMN3B3Vnn29QISLp1fGzX1Fy
rJ7y7FdzU9fDJHUgwCB4s2ODSgbZDqC5608CZIZEVNrjzeursscoJdlqNZjCmNLd
yCWnGi4rH6Fxo1yqSFyh27f1yCaJ3Y/XzWj2iwcHbZ1tt5rxa8o9AOMrj76pULHm
gCgbrXo5wJ9Dmsv9hVtbrP+TeoeY8fSRM787Vrr4Mnb419/K3DrURn+yqmy2e6FM
rHs1r3qYDiKJq2pY9xIc17OY0XTKvOnTVPpFLRglQjCx
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:12 2024 by rpki-client on console-ams.rpki-client.org