Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230302e33342e302f32342d3234203d3e2030.roa
File: 3138352e3230302e33342e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: aIH4+1BOtb+rH2WTug5o27fCUqer8Ao2kESJrE/xbYc=
Subject key identifier: 38:F8:5C:F0:53:37:E0:37:21:7E:70:82:5E:15:9C:00:8E:C5:4D:94
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 659E1A77DD88B2B8828A319D164954C12B9113C0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230302e33342e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:50 +0000
ROA not before: Mon 27 Mar 2023 08:23:50 +0000
ROA not after: Mon 25 Mar 2024 08:28:50 +0000
asID: 0
IP address blocks: 185.200.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:9e:1a:77:dd:88:b2:b8:82:8a:31:9d:16:49:54:c1:2b:91:13:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 27 08:23:50 2023 GMT
Not After : Mar 25 08:28:50 2024 GMT
Subject: CN=38F85CF05337E037217E70825E159C008EC54D94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:77:72:1a:4d:01:5c:c5:ed:f0:3d:11:01:4a:
89:24:70:7c:bb:78:99:4c:dd:b9:8a:1e:f6:b7:61:
dd:00:8f:4b:ec:2b:a8:6b:83:09:ea:7e:51:8e:21:
09:73:66:07:b3:52:21:ba:ad:82:a6:fe:cd:2d:f3:
19:9d:4b:8c:61:28:24:61:13:65:63:a9:31:91:90:
3b:d5:b2:f9:59:47:ba:4e:62:33:c0:0c:0e:b8:6e:
74:e3:6d:6d:b8:f8:c2:d9:fc:17:c3:c2:aa:61:17:
96:7e:40:c7:88:9b:5b:ad:3c:86:c9:8a:24:b5:05:
59:12:ec:ca:02:98:e3:18:10:41:73:d8:80:b4:f7:
eb:fb:b3:7a:d8:17:ba:a8:a6:d0:97:e3:4e:ab:57:
27:4c:3f:49:5a:7c:9d:1a:9c:1c:c1:95:d6:ad:b7:
48:ab:dd:e8:c9:81:66:c7:63:6c:32:85:01:e6:1c:
81:8f:81:b2:40:ca:ef:79:86:e0:69:b6:c1:ec:80:
a9:4f:6d:e2:2a:32:c3:79:35:c6:0e:e7:4f:5c:7a:
13:c6:dd:28:04:52:06:e9:8e:d9:fd:3a:63:aa:f6:
5d:fc:c4:8d:ca:33:28:71:68:06:17:6c:37:b7:88:
5b:77:7c:5a:ec:5b:6b:af:95:27:90:70:8b:93:d3:
29:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F8:5C:F0:53:37:E0:37:21:7E:70:82:5E:15:9C:00:8E:C5:4D:94
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230302e33342e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.34.0/24
Signature Algorithm: sha256WithRSAEncryption
19:59:a3:7e:0d:dd:c2:08:4e:a6:7c:9a:a9:f9:40:83:19:38:
8e:b0:99:21:38:34:9b:ce:b4:65:58:36:85:7d:12:71:74:19:
6d:7b:3b:e4:81:8c:ff:b4:26:c1:0d:37:c7:2b:5a:76:09:62:
38:91:3b:73:e0:c7:0f:8a:b5:88:d9:a5:57:2d:9d:c6:6d:be:
af:e9:8a:cc:e9:bd:7d:87:de:91:eb:10:1e:da:39:fe:07:bc:
bd:74:41:e6:a3:91:d2:64:19:04:d5:77:93:f0:af:52:c8:fa:
1c:56:66:47:ca:41:29:63:19:a2:61:95:36:03:8f:c0:21:a5:
5c:9c:76:9b:18:67:8a:a5:aa:19:87:07:b9:36:76:24:ea:a7:
b4:31:ea:7d:5b:4b:32:ce:99:06:8f:b0:88:a1:dd:48:d4:b8:
99:42:20:37:22:22:29:72:a5:9f:cc:c1:9a:55:06:09:a4:52:
ab:a7:9a:f0:be:46:67:cb:ab:7e:98:10:5f:77:18:cf:b0:a4:
0f:1a:6b:13:af:ec:01:f8:6f:9d:e5:6d:c9:24:80:34:28:d3:
9c:08:67:30:1f:0c:73:7a:da:7b:86:d1:de:bd:a5:48:e6:de:
e2:b7:df:cb:59:58:4e:2f:b3:bd:50:55:be:7a:8e:8f:7a:f6:
a0:25:c5:cb
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUZZ4ad92IsriCijGdFklUwSuRE8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzAzMjcwODIzNTBaFw0yNDAzMjUwODI4NTBaMDMxMTAvBgNV
BAMTKDM4Rjg1Q0YwNTMzN0UwMzcyMTdFNzA4MjVFMTU5QzAwOEVDNTREOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJd3IaTQFcxe3wPREBSokkcHy7
eJlM3bmKHva3Yd0Aj0vsK6hrgwnqflGOIQlzZgezUiG6rYKm/s0t8xmdS4xhKCRh
E2VjqTGRkDvVsvlZR7pOYjPADA64bnTjbW24+MLZ/BfDwqphF5Z+QMeIm1utPIbJ
iiS1BVkS7MoCmOMYEEFz2IC09+v7s3rYF7qoptCX406rVydMP0lafJ0anBzBldat
t0ir3ejJgWbHY2wyhQHmHIGPgbJAyu95huBptsHsgKlPbeIqMsN5NcYO509cehPG
3SgEUgbpjtn9OmOq9l38xI3KMyhxaAYXbDe3iFt3fFrsW2uvlSeQcIuT0ympAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUOPhc8FM34DchfnCCXhWcAI7FTZQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzAyZTMz
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnIIjANBgkq
hkiG9w0BAQsFAAOCAQEAGVmjfg3dwghOpnyaqflAgxk4jrCZITg0m860ZVg2hX0S
cXQZbXs75IGM/7QmwQ03xytadgliOJE7c+DHD4q1iNmlVy2dxm2+r+mKzOm9fYfe
kesQHto5/ge8vXRB5qOR0mQZBNV3k/CvUsj6HFZmR8pBKWMZomGVNgOPwCGlXJx2
mxhniqWqGYcHuTZ2JOqntDHqfVtLMs6ZBo+wiKHdSNS4mUIgNyIiKXKln8zBmlUG
CaRSq6ea8L5GZ8urfpgQX3cYz7CkDxprE6/sAfhvneVtySSANCjTnAhnMB8Mc3ra
e4bR3r2lSObe4rffy1lYTi+zvVBVvnqOj3r2oCXFyw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:12 2024 by rpki-client on console-ams.rpki-client.org