Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133372e302f32342d3234203d3e2030.roa
File: 3138352e3232352e3133372e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: N8/laSgph+3aE9/RmvUj8iF8TkEHTkgMr8ZYXXifqL8=
Subject key identifier: B6:E1:AB:DB:9F:E7:BA:71:09:2C:6E:C7:B4:25:F3:6A:51:A8:64:4F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4392D0BA8022AD3BC1940114467B33AE9C93EFDD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133372e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:42 +0000
ROA not before: Mon 27 Mar 2023 08:23:42 +0000
ROA not after: Mon 25 Mar 2024 08:28:42 +0000
asID: 0
IP address blocks: 185.225.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:92:d0:ba:80:22:ad:3b:c1:94:01:14:46:7b:33:ae:9c:93:ef:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 27 08:23:42 2023 GMT
Not After : Mar 25 08:28:42 2024 GMT
Subject: CN=B6E1ABDB9FE7BA71092C6EC7B425F36A51A8644F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:04:c5:d6:9c:1f:cf:a6:64:5a:2c:34:0d:42:
aa:3a:59:e7:93:fe:11:d2:bd:c9:04:2f:1d:01:b1:
84:2f:c5:41:25:d6:74:92:98:fc:ba:e9:93:e4:fc:
ca:fe:3f:50:c8:d2:9e:52:db:0b:b4:61:57:da:12:
04:d6:ea:0d:f5:17:7f:a9:de:bf:06:7d:15:66:e0:
e8:a6:9f:b0:95:ad:f0:66:21:8b:b9:a2:f2:f7:a6:
d2:c5:17:98:3b:f5:6f:1d:0d:48:10:b4:12:0a:a3:
ab:ee:f4:2f:12:ce:9b:a4:86:03:f8:9e:81:88:5c:
eb:03:3f:73:22:f7:94:0e:8b:45:e1:5c:90:8d:73:
ee:2e:45:4b:44:35:40:0c:b2:41:61:e8:8f:21:ab:
2a:c1:f5:b0:0d:be:eb:fc:45:91:6b:be:d1:03:f0:
61:55:9e:7b:15:3f:21:8a:04:2e:64:d1:66:ea:21:
13:66:41:b6:6e:ff:5d:26:0e:78:bc:32:70:48:bc:
d6:2b:0a:3e:3c:5b:ea:c1:b0:4d:cc:e9:9d:1a:ba:
ee:7d:bd:95:27:75:6d:66:ac:8e:7f:0a:57:84:0d:
9e:07:c5:9b:32:55:c2:ca:8a:ea:1c:56:33:cf:42:
4b:93:41:28:56:b6:92:88:cc:75:a6:07:0a:cf:9a:
f5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:E1:AB:DB:9F:E7:BA:71:09:2C:6E:C7:B4:25:F3:6A:51:A8:64:4F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133372e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.137.0/24
Signature Algorithm: sha256WithRSAEncryption
60:1f:7a:0d:b1:4c:28:59:60:3d:c7:f2:20:d1:67:96:48:e4:
e1:84:52:ac:e4:06:1c:d6:40:04:cb:06:45:ae:56:5d:28:5f:
3a:b6:b0:fd:ca:ff:8b:50:ab:a4:41:a1:44:6f:27:19:1d:ac:
a9:23:bf:34:40:af:79:c5:8c:f8:5c:a5:c3:b1:f9:84:00:0c:
36:f9:69:16:99:96:b0:c3:f9:a4:61:24:e8:0c:ee:e7:25:a2:
19:cc:e7:3a:0b:c8:38:09:2f:85:fd:02:0f:f2:82:fc:a0:28:
e3:3f:3a:ba:ee:62:43:95:98:59:12:55:7d:0a:a9:3c:63:20:
ad:a6:f1:bc:58:69:78:96:28:b6:2e:37:77:23:71:0b:97:c2:
8e:78:05:8b:16:39:9d:6e:5e:bb:25:93:be:b6:70:be:f5:9a:
9a:d9:dc:ef:b9:46:7d:a1:33:b4:c0:4c:e4:63:23:8e:16:84:
1b:ca:1e:91:1b:d5:c9:9e:82:69:46:47:88:ed:1a:32:09:4f:
a8:af:1b:3a:90:0b:11:3f:a1:d1:ae:0f:be:d7:ed:18:72:03:
89:49:81:70:78:3f:a8:31:49:f4:8e:c3:8d:48:0a:4d:9a:65:
3e:9a:fa:cf:8e:31:d7:81:1b:f4:b2:b0:0a:28:c5:1b:08:ae:
61:d1:bd:f9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUQ5LQuoAirTvBlAEURnszrpyT790wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzAzMjcwODIzNDJaFw0yNDAzMjUwODI4NDJaMDMxMTAvBgNV
BAMTKEI2RTFBQkRCOUZFN0JBNzEwOTJDNkVDN0I0MjVGMzZBNTFBODY0NEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoBMXWnB/PpmRaLDQNQqo6WeeT
/hHSvckELx0BsYQvxUEl1nSSmPy66ZPk/Mr+P1DI0p5S2wu0YVfaEgTW6g31F3+p
3r8GfRVm4Oimn7CVrfBmIYu5ovL3ptLFF5g79W8dDUgQtBIKo6vu9C8SzpukhgP4
noGIXOsDP3Mi95QOi0XhXJCNc+4uRUtENUAMskFh6I8hqyrB9bANvuv8RZFrvtED
8GFVnnsVPyGKBC5k0WbqIRNmQbZu/10mDni8MnBIvNYrCj48W+rBsE3M6Z0auu59
vZUndW1mrI5/CleEDZ4HxZsyVcLKiuocVjPPQkuTQShWtpKIzHWmBwrPmvXJAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUtuGr25/nunEJLG7HtCXzalGoZE8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzUyZTMx
MzMzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueGJMA0G
CSqGSIb3DQEBCwUAA4IBAQBgH3oNsUwoWWA9x/Ig0WeWSOThhFKs5AYc1kAEywZF
rlZdKF86trD9yv+LUKukQaFEbycZHaypI780QK95xYz4XKXDsfmEAAw2+WkWmZaw
w/mkYSToDO7nJaIZzOc6C8g4CS+F/QIP8oL8oCjjPzq67mJDlZhZElV9Cqk8YyCt
pvG8WGl4lii2Ljd3I3ELl8KOeAWLFjmdbl67JZO+tnC+9Zqa2dzvuUZ9oTO0wEzk
YyOOFoQbyh6RG9XJnoJpRkeI7RoyCU+orxs6kAsRP6HRrg++1+0YcgOJSYFweD+o
MUn0jsONSApNmmU+mvrPjjHXgRv0srAKKMUbCK5h0b35
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org