Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133382e302f32332d3234203d3e2030.roa
File: 3138352e3232352e3133382e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier: /ICqZCghXCqPgIewhB2q5F4XoRTJ0sr3atc3UvzNsMc=
Subject key identifier: 9C:E0:27:D0:3D:9B:87:B1:FF:A3:5D:B3:F1:A3:D0:BD:91:A8:E2:09
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4881963EE047AE30C49DD22FA77260AD1205A3CD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133382e302f32332d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:30 +0000
ROA not before: Mon 27 Mar 2023 08:23:30 +0000
ROA not after: Mon 25 Mar 2024 08:28:30 +0000
asID: 0
IP address blocks: 185.225.138.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:81:96:3e:e0:47:ae:30:c4:9d:d2:2f:a7:72:60:ad:12:05:a3:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 27 08:23:30 2023 GMT
Not After : Mar 25 08:28:30 2024 GMT
Subject: CN=9CE027D03D9B87B1FFA35DB3F1A3D0BD91A8E209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:e3:7d:77:ea:d7:ac:d5:02:57:8d:50:a9:04:
86:af:f4:5e:71:ca:bb:b0:16:a6:09:ca:1c:ff:57:
84:41:9f:2c:a2:49:ca:88:0d:66:90:23:b9:a3:79:
ce:8c:96:b0:e3:8e:d3:ed:b9:c3:36:91:1c:20:f8:
59:bc:1d:25:13:57:40:e3:26:03:56:7e:51:3d:60:
6e:dd:1b:dc:4b:de:68:07:a3:56:ee:22:d4:46:27:
99:c6:8e:3d:31:80:06:70:34:8c:19:1b:f4:76:c4:
0a:10:58:76:bb:a4:ef:bc:78:c6:40:81:6e:a5:09:
91:39:70:10:45:78:19:e8:8a:98:b1:3a:54:18:a7:
e0:bc:f9:3d:d6:f1:a6:2c:31:e2:8d:57:33:93:4c:
6a:b0:49:5a:6c:42:e4:7a:35:6f:8c:ef:f2:34:1d:
28:79:48:04:8e:24:e8:3e:30:39:f5:41:37:e8:2d:
5a:e7:6b:73:94:3b:4d:e9:10:07:b8:6b:c3:d9:d4:
ca:65:41:31:95:a6:60:74:00:88:1e:df:d6:b0:46:
ae:c2:d5:d1:96:85:30:e6:54:07:b7:28:6e:8d:2c:
a7:32:71:4d:0d:1b:c1:6c:68:89:bb:12:eb:34:9d:
52:dd:14:45:a5:c8:89:59:c5:6f:f2:9a:bf:c2:cd:
0c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:E0:27:D0:3D:9B:87:B1:FF:A3:5D:B3:F1:A3:D0:BD:91:A8:E2:09
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133382e302f32332d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.138.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:b1:0a:18:a7:0a:b3:19:07:cd:4c:d7:7d:35:c6:cf:15:01:
6b:d1:32:c1:1f:d5:ff:df:fb:ad:74:55:5b:62:6d:85:d2:5e:
a7:08:b9:61:bb:34:61:89:53:8f:a4:1f:0f:7d:c6:55:7a:13:
89:34:76:75:2f:58:ad:2b:2c:0a:4e:30:9a:09:36:0f:0e:50:
5c:e1:fb:0f:e1:72:5d:8b:fb:4f:d2:ff:03:3b:b2:c3:8d:83:
3f:9d:e1:44:36:0a:a7:bf:7f:a0:f3:77:53:35:b3:db:f7:c9:
7a:46:88:59:65:87:3d:46:b8:4a:19:76:af:43:4c:9e:69:fc:
d0:cf:5c:24:8d:fa:92:42:b9:b4:f8:51:d4:d8:3d:03:7b:be:
34:f0:4f:0a:02:29:d3:6e:36:fd:c7:7b:22:95:a9:7b:a1:9e:
2f:16:ae:dc:c2:e5:50:08:d7:6b:63:02:29:e8:6c:0e:cf:d4:
fa:41:a8:11:ba:3e:73:ac:b1:69:5a:ad:04:a7:63:a8:27:95:
a4:28:a9:ee:ad:8b:7b:93:00:63:9a:13:95:08:90:8f:eb:64:
0c:96:d2:fe:c1:c3:40:82:9d:56:43:2a:02:48:e3:4f:57:eb:
72:b6:95:5f:02:26:af:81:b4:b3:05:95:0d:6a:6e:24:7f:4d:
35:55:40:97
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUSIGWPuBHrjDEndIvp3JgrRIFo80wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzAzMjcwODIzMzBaFw0yNDAzMjUwODI4MzBaMDMxMTAvBgNV
BAMTKDlDRTAyN0QwM0Q5Qjg3QjFGRkEzNURCM0YxQTNEMEJEOTFBOEUyMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDk43136tes1QJXjVCpBIav9F5x
yruwFqYJyhz/V4RBnyyiScqIDWaQI7mjec6MlrDjjtPtucM2kRwg+Fm8HSUTV0Dj
JgNWflE9YG7dG9xL3mgHo1buItRGJ5nGjj0xgAZwNIwZG/R2xAoQWHa7pO+8eMZA
gW6lCZE5cBBFeBnoipixOlQYp+C8+T3W8aYsMeKNVzOTTGqwSVpsQuR6NW+M7/I0
HSh5SASOJOg+MDn1QTfoLVrna3OUO03pEAe4a8PZ1MplQTGVpmB0AIge39awRq7C
1dGWhTDmVAe3KG6NLKcycU0NG8FsaIm7Eus0nVLdFEWlyIlZxW/ymr/CzQynAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUnOAn0D2bh7H/o12z8aPQvZGo4gkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzUyZTMx
MzMzODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBueGKMA0G
CSqGSIb3DQEBCwUAA4IBAQCcsQoYpwqzGQfNTNd9NcbPFQFr0TLBH9X/3/utdFVb
Ym2F0l6nCLlhuzRhiVOPpB8PfcZVehOJNHZ1L1itKywKTjCaCTYPDlBc4fsP4XJd
i/tP0v8DO7LDjYM/neFENgqnv3+g83dTNbPb98l6RohZZYc9RrhKGXavQ0yeafzQ
z1wkjfqSQrm0+FHU2D0De7408E8KAinTbjb9x3silal7oZ4vFq7cwuVQCNdrYwIp
6GwOz9T6QagRuj5zrLFpWq0Ep2OoJ5WkKKnurYt7kwBjmhOVCJCP62QMltL+wcNA
gp1WQyoCSONPV+tytpVfAiavgbSzBZUNam4kf001VUCX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org