Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133362e302f32332d3234203d3e2030.roa
File: 3138352e3232322e3133362e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier: OswOfnDL+XHv0orX8fv/0wO5g8mIwdJRyN19pRUQdrY=
Subject key identifier: D3:B4:FA:2D:AB:20:58:9D:20:B2:BB:8F:51:23:D3:48:12:D2:9D:68
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0EE1147266C493287B3E9161D4489FB9418ACEE6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133362e302f32332d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:23 +0000
ROA not before: Mon 27 Mar 2023 08:23:23 +0000
ROA not after: Mon 25 Mar 2024 08:28:23 +0000
asID: 0
IP address blocks: 185.222.136.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:e1:14:72:66:c4:93:28:7b:3e:91:61:d4:48:9f:b9:41:8a:ce:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 27 08:23:23 2023 GMT
Not After : Mar 25 08:28:23 2024 GMT
Subject: CN=D3B4FA2DAB20589D20B2BB8F5123D34812D29D68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a2:30:21:df:b0:22:c3:34:5d:5f:40:1f:3d:
66:5b:e6:ef:23:bf:f0:d0:21:84:47:1b:e0:05:41:
c7:a9:ce:72:73:bb:6d:98:21:81:c7:ba:78:6c:09:
bf:3b:98:e4:91:12:38:73:18:ed:0a:62:85:05:e1:
89:84:74:f6:33:f7:2a:c2:62:06:14:4d:31:8e:95:
b9:f5:46:aa:9f:21:a1:f5:68:f5:97:86:f8:19:39:
ec:bc:8d:cb:b8:3e:ee:49:d6:c9:b3:d3:0d:91:21:
3d:9b:5e:28:c5:b0:10:2c:98:a4:9c:91:9e:ff:ec:
26:0c:70:f1:13:0a:4a:9a:69:88:93:cc:d6:b0:76:
7d:c6:8c:58:84:42:38:4e:d6:a5:d8:d3:ac:e4:a3:
8a:b8:3c:4a:09:66:60:53:2e:88:5c:b5:36:b5:1c:
b4:68:6a:c1:a4:4a:ae:01:26:bb:31:a5:bd:bc:d9:
37:d9:ea:89:d7:c8:9d:bb:ca:d8:71:e2:58:72:90:
10:b0:58:cc:40:71:fd:05:b2:66:57:8a:9b:10:a9:
9e:91:67:f2:98:4a:1e:ef:56:5a:36:cf:3b:91:8d:
60:4a:ae:8e:50:69:30:41:b5:11:17:82:8a:e5:3f:
05:c0:ee:e3:94:06:c1:8d:5b:b4:2f:c3:96:df:52:
b6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:B4:FA:2D:AB:20:58:9D:20:B2:BB:8F:51:23:D3:48:12:D2:9D:68
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3133362e302f32332d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.136.0/23
Signature Algorithm: sha256WithRSAEncryption
46:66:9a:63:d0:a9:a3:c2:00:d0:d8:51:5b:9f:af:b0:c0:46:
b2:01:52:66:29:5a:6b:7e:48:6c:a9:ea:3d:21:3e:bf:42:80:
bd:b6:64:7a:3f:b2:c7:42:19:65:aa:e2:84:5d:f8:8d:02:66:
75:b7:fc:f9:9b:45:f4:a8:ae:be:b8:cc:cb:ea:2b:b4:4d:3f:
61:2a:b7:49:e3:81:50:01:cb:16:76:da:e4:a4:1d:fe:c9:d1:
26:c3:a8:e5:6f:d4:2f:d9:62:4e:52:52:ee:1c:27:21:c3:f1:
b2:96:a0:5c:0e:49:ba:2c:df:0c:0e:74:04:34:73:86:a2:40:
8a:1f:e0:3c:1d:58:66:27:f4:d5:c5:47:87:f5:3a:87:4b:bc:
6d:ca:3f:57:23:0f:ac:1f:58:6b:be:8c:78:18:02:a2:ff:14:
63:0d:ca:ad:e2:ee:15:99:8b:5f:46:56:32:77:9a:a7:30:2e:
4c:4b:99:33:78:fb:92:34:61:41:13:cc:d0:db:d8:97:f2:5d:
a6:a8:dc:59:97:a3:96:ab:ba:46:46:1c:3f:ba:cb:95:89:5a:
6a:2e:1b:ce:53:f2:e9:d4:83:de:c6:ff:88:de:84:d1:bd:cd:
2d:2c:af:79:7a:ba:2a:18:0d:2f:70:9f:b6:0c:6b:86:f7:33:
07:d4:cc:d0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUDuEUcmbEkyh7PpFh1EifuUGKzuYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzAzMjcwODIzMjNaFw0yNDAzMjUwODI4MjNaMDMxMTAvBgNV
BAMTKEQzQjRGQTJEQUIyMDU4OUQyMEIyQkI4RjUxMjNEMzQ4MTJEMjlENjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6ojAh37AiwzRdX0AfPWZb5u8j
v/DQIYRHG+AFQcepznJzu22YIYHHunhsCb87mOSREjhzGO0KYoUF4YmEdPYz9yrC
YgYUTTGOlbn1RqqfIaH1aPWXhvgZOey8jcu4Pu5J1smz0w2RIT2bXijFsBAsmKSc
kZ7/7CYMcPETCkqaaYiTzNawdn3GjFiEQjhO1qXY06zko4q4PEoJZmBTLohctTa1
HLRoasGkSq4BJrsxpb282TfZ6onXyJ27ythx4lhykBCwWMxAcf0FsmZXipsQqZ6R
Z/KYSh7vVlo2zzuRjWBKro5QaTBBtREXgorlPwXA7uOUBsGNW7Qvw5bfUrZrAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU07T6LasgWJ0gsruPUSPTSBLSnWgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzIyZTMx
MzMzNjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBud6IMA0G
CSqGSIb3DQEBCwUAA4IBAQBGZppj0KmjwgDQ2FFbn6+wwEayAVJmKVprfkhsqeo9
IT6/QoC9tmR6P7LHQhllquKEXfiNAmZ1t/z5m0X0qK6+uMzL6iu0TT9hKrdJ44FQ
AcsWdtrkpB3+ydEmw6jlb9Qv2WJOUlLuHCchw/GylqBcDkm6LN8MDnQENHOGokCK
H+A8HVhmJ/TVxUeH9TqHS7xtyj9XIw+sH1hrvox4GAKi/xRjDcqt4u4VmYtfRlYy
d5qnMC5MS5kzePuSNGFBE8zQ29iX8l2mqNxZl6OWq7pGRhw/usuViVpqLhvOU/Lp
1IPexv+I3oTRvc0tLK95eroqGA0vcJ+2DGuG9zMH1MzQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:12 2024 by rpki-client on console-ams.rpki-client.org