Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3136382e302f32342d3234203d3e2030.roa
File: 3138352e3231372e3136382e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: VHJ1J6qX1g7crQDxrUKXwLWb2DrkLm0roma9kaRnVdo=
Subject key identifier: FE:E3:CF:50:0B:50:53:49:3B:9E:86:FD:63:9E:BA:69:5F:05:32:37
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2DCFE62A0FEB8A7DCC0E036C7EE39A45760B4B0D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3136382e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:20 +0000
ROA not before: Mon 27 Mar 2023 08:23:20 +0000
ROA not after: Mon 25 Mar 2024 08:28:20 +0000
asID: 0
IP address blocks: 185.217.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:cf:e6:2a:0f:eb:8a:7d:cc:0e:03:6c:7e:e3:9a:45:76:0b:4b:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 27 08:23:20 2023 GMT
Not After : Mar 25 08:28:20 2024 GMT
Subject: CN=FEE3CF500B5053493B9E86FD639EBA695F053237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:69:15:47:3d:35:d6:30:cc:98:e6:67:22:ac:
3b:2f:c9:6d:9d:72:07:9f:69:cf:e5:58:98:6b:80:
e3:d3:c8:89:74:c2:26:86:5b:32:d4:38:28:ca:a0:
bd:0d:d3:01:b4:7b:6c:52:f2:9c:14:9f:a5:5c:d4:
4e:1e:aa:27:eb:12:8c:07:d4:03:32:c9:42:23:37:
b8:3a:21:64:d7:fe:51:d3:4e:7d:0a:7b:2f:ac:e9:
a3:1b:06:c1:f4:c2:dd:93:cc:fd:64:12:71:b1:3b:
13:8d:c7:7e:e5:99:6f:2b:c6:2b:dc:0b:1f:8b:7a:
e2:db:f7:5c:b2:69:f7:05:fc:74:3c:68:67:d3:b6:
06:eb:70:94:7d:6a:57:da:0d:17:db:72:7c:cf:d3:
ee:40:9c:f0:f9:44:9b:b6:84:c2:6f:cf:7c:81:b1:
4e:07:74:4a:cd:cc:48:11:0d:ef:24:fe:23:13:81:
b1:31:e6:99:11:0f:df:90:0d:af:8e:eb:12:66:ba:
8f:bd:3f:e4:8a:8d:71:79:65:b1:fe:b6:80:5b:3d:
d1:25:87:89:4a:dd:b0:8b:f3:e2:59:8a:25:96:08:
44:a8:8e:61:f9:56:5e:53:65:91:95:dc:0e:6a:9c:
bc:e3:5d:b2:bd:4f:a3:07:4a:79:95:c6:ac:86:6f:
c8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E3:CF:50:0B:50:53:49:3B:9E:86:FD:63:9E:BA:69:5F:05:32:37
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3136382e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.168.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:d1:77:86:7d:15:ee:c1:6e:7c:40:a4:d9:bb:7b:34:83:67:
27:81:ce:24:58:62:a9:78:cd:c0:1a:02:d7:05:ff:e9:07:fb:
52:41:ef:52:6b:b8:a2:a4:38:d2:8f:6a:a3:fd:f6:71:34:05:
3c:d1:7e:64:9a:d7:91:b7:09:56:a9:9d:e3:19:9f:91:c1:68:
e4:66:8b:3b:a4:3b:01:74:48:fd:17:21:23:29:36:2a:a8:87:
d1:b7:66:27:04:dc:d3:e6:d7:36:79:fe:18:8d:9c:88:07:8f:
c9:54:fc:05:94:e9:8e:b6:7b:e1:8e:8c:fb:42:1c:4a:4f:6c:
c3:59:94:af:39:19:02:c7:25:f5:a0:8c:8f:9e:a8:2e:51:ba:
1c:58:57:e7:88:45:49:d4:97:f3:bb:f2:94:7c:5c:5b:59:55:
58:a5:27:6c:4a:5f:31:3c:24:91:4d:d3:d5:67:21:02:14:3f:
3b:92:97:e0:0c:d7:db:f4:6a:57:a8:3c:3b:19:15:98:26:70:
e4:ac:b2:f5:06:ad:d5:8e:81:38:c0:a4:45:ad:af:52:83:b8:
06:64:73:6f:1c:35:2c:eb:6c:36:00:89:58:3a:5c:46:69:0c:
46:c4:3d:b8:42:3f:4d:f9:7e:c1:73:9c:f1:a2:58:78:8a:cf:
d8:ee:12:f8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIULc/mKg/rin3MDgNsfuOaRXYLSw0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzAzMjcwODIzMjBaFw0yNDAzMjUwODI4MjBaMDMxMTAvBgNV
BAMTKEZFRTNDRjUwMEI1MDUzNDkzQjlFODZGRDYzOUVCQTY5NUYwNTMyMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOaRVHPTXWMMyY5mcirDsvyW2d
cgefac/lWJhrgOPTyIl0wiaGWzLUOCjKoL0N0wG0e2xS8pwUn6Vc1E4eqifrEowH
1AMyyUIjN7g6IWTX/lHTTn0Key+s6aMbBsH0wt2TzP1kEnGxOxONx37lmW8rxivc
Cx+LeuLb91yyafcF/HQ8aGfTtgbrcJR9alfaDRfbcnzP0+5AnPD5RJu2hMJvz3yB
sU4HdErNzEgRDe8k/iMTgbEx5pkRD9+QDa+O6xJmuo+9P+SKjXF5ZbH+toBbPdEl
h4lK3bCL8+JZiiWWCESojmH5Vl5TZZGV3A5qnLzjXbK9T6MHSnmVxqyGb8gTAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU/uPPUAtQU0k7nob9Y566aV8FMjcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzcyZTMx
MzYzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudmoMA0G
CSqGSIb3DQEBCwUAA4IBAQBN0XeGfRXuwW58QKTZu3s0g2cngc4kWGKpeM3AGgLX
Bf/pB/tSQe9Sa7iipDjSj2qj/fZxNAU80X5kmteRtwlWqZ3jGZ+RwWjkZos7pDsB
dEj9FyEjKTYqqIfRt2YnBNzT5tc2ef4YjZyIB4/JVPwFlOmOtnvhjoz7QhxKT2zD
WZSvORkCxyX1oIyPnqguUbocWFfniEVJ1Jfzu/KUfFxbWVVYpSdsSl8xPCSRTdPV
ZyECFD87kpfgDNfb9GpXqDw7GRWYJnDkrLL1Bq3VjoE4wKRFra9Sg7gGZHNvHDUs
62w2AIlYOlxGaQxGxD24Qj9N+X7Bc5zxolh4is/Y7hL4
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:12 2024 by rpki-client on console-ams.rpki-client.org