Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133382e302f32332d3234203d3e203432333636.roa
File: 3138352e3232352e3133382e302f32332d3234203d3e203432333636.roa (raw, json)
Hash identifier: f6nu/Bt19Eei+UCxE58GjTU1LNTEBwEoHlPAPR62rN4=
Subject key identifier: 70:BE:1D:47:4E:53:17:F9:73:69:04:E3:AD:6E:8A:1B:D7:02:1A:C5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 49174402052064D95DBF00F5F928356A74E1B33E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133382e302f32332d3234203d3e203432333636.roa
Signing time: Sun 07 May 2023 15:44:02 +0000
ROA not before: Sun 07 May 2023 15:39:02 +0000
ROA not after: Sun 05 May 2024 15:44:02 +0000
asID: 42366
IP address blocks: 185.225.138.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:17:44:02:05:20:64:d9:5d:bf:00:f5:f9:28:35:6a:74:e1:b3:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 7 15:39:02 2023 GMT
Not After : May 5 15:44:02 2024 GMT
Subject: CN=70BE1D474E5317F9736904E3AD6E8A1BD7021AC5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:bc:a3:01:ff:15:df:e0:44:24:cf:19:20:c7:
0b:e7:0f:17:b6:f8:37:e9:01:8d:d8:e3:d9:86:25:
92:bc:09:9e:63:18:b6:9d:28:1a:fe:f0:bb:07:09:
fc:ec:87:66:b4:66:c9:9c:e8:4d:09:99:34:06:a4:
e5:46:5e:db:70:71:92:b0:2a:ac:56:0b:aa:40:75:
06:40:ac:73:b2:f8:73:ed:96:3b:4f:9d:b7:3d:02:
04:0d:9c:f7:4a:45:c7:a3:a7:b5:62:d8:a4:9b:f7:
82:4a:cc:a5:14:cd:44:97:17:89:3d:09:0f:a1:55:
b1:e3:e6:4c:ea:64:6b:50:41:12:76:b7:1d:5e:af:
9e:e4:2a:8e:d4:aa:86:e6:45:43:4d:94:de:48:e6:
22:97:03:6c:76:90:6e:0d:e3:6f:9b:29:1a:15:8b:
ff:4c:1b:33:bb:a1:40:98:67:8f:b3:12:77:f1:d4:
55:1d:32:c9:ca:91:56:e4:24:6a:79:4b:82:d5:22:
66:a1:70:52:8a:e8:5a:72:43:3f:f4:01:1e:e5:93:
cd:a8:70:42:96:49:ca:6f:3c:a8:e1:11:f1:8b:e8:
99:bf:d1:2f:ca:91:8f:5f:d7:73:4b:59:bc:91:48:
f8:b8:e5:c8:70:e5:ca:1d:a7:2b:dc:9b:64:11:d4:
e4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:BE:1D:47:4E:53:17:F9:73:69:04:E3:AD:6E:8A:1B:D7:02:1A:C5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133382e302f32332d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.138.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:a2:2a:a6:1e:a0:17:35:0d:17:85:99:25:e6:aa:8a:b9:be:
a0:e3:ee:34:a7:37:e8:2b:c2:3e:ce:6c:75:92:4b:81:c6:94:
ea:4d:6c:94:b0:d9:21:9f:02:43:89:90:f8:c9:47:bb:8d:14:
84:1a:b2:af:a9:88:b6:5f:54:18:d7:3d:38:8c:80:fa:ad:f7:
fa:a6:ae:dc:84:6c:86:00:03:91:81:fd:7b:c1:ac:72:db:a3:
0e:52:0a:bc:44:f4:8b:a7:41:bd:da:2a:87:e8:00:9c:80:d4:
66:53:44:ce:03:68:b0:e1:ed:fc:d7:44:ee:09:3a:51:9c:5f:
7a:7f:4a:c3:a2:8d:03:26:c8:39:23:0c:04:25:37:e1:eb:1a:
c6:91:be:91:e6:bd:fb:c4:d3:ac:83:67:72:d3:8d:47:74:ea:
c4:66:64:15:ff:44:9e:a7:f6:b6:f5:7d:1f:50:c5:55:ba:77:
c0:69:0d:26:8a:72:22:9f:ca:f3:42:c9:52:41:47:99:c2:03:
44:64:97:5c:8e:94:aa:c5:b5:73:85:08:e0:3c:9a:75:b5:6b:
1a:9c:25:6c:ac:1e:09:79:09:d0:d5:36:e9:13:5f:15:61:ff:
a3:00:cb:74:ea:41:51:16:18:8b:09:a2:e7:d6:f4:b9:38:8f:
a8:42:54:f1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSRdEAgUgZNldvwD1+Sg1anThsz4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA1MDcxNTM5MDJaFw0yNDA1MDUxNTQ0MDJaMDMxMTAvBgNV
BAMTKDcwQkUxRDQ3NEU1MzE3Rjk3MzY5MDRFM0FENkU4QTFCRDcwMjFBQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMvKMB/xXf4EQkzxkgxwvnDxe2
+DfpAY3Y49mGJZK8CZ5jGLadKBr+8LsHCfzsh2a0Zsmc6E0JmTQGpOVGXttwcZKw
KqxWC6pAdQZArHOy+HPtljtPnbc9AgQNnPdKRcejp7Vi2KSb94JKzKUUzUSXF4k9
CQ+hVbHj5kzqZGtQQRJ2tx1er57kKo7UqobmRUNNlN5I5iKXA2x2kG4N42+bKRoV
i/9MGzO7oUCYZ4+zEnfx1FUdMsnKkVbkJGp5S4LVImahcFKK6FpyQz/0AR7lk82o
cEKWScpvPKjhEfGL6Jm/0S/KkY9f13NLWbyRSPi45chw5codpyvcm2QR1OShAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUcL4dR05TF/lzaQTjrW6KG9cCGsUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzUyZTMx
MzMzODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM0MzIzMzM2MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG54YowDQYJKoZIhvcNAQELBQADggEBAH+iKqYeoBc1DReFmSXmqoq5vqDj7jSn
N+grwj7ObHWSS4HGlOpNbJSw2SGfAkOJkPjJR7uNFIQasq+piLZfVBjXPTiMgPqt
9/qmrtyEbIYAA5GB/XvBrHLbow5SCrxE9IunQb3aKofoAJyA1GZTRM4DaLDh7fzX
RO4JOlGcX3p/SsOijQMmyDkjDAQlN+HrGsaRvpHmvfvE06yDZ3LTjUd06sRmZBX/
RJ6n9rb1fR9QxVW6d8BpDSaKciKfyvNCyVJBR5nCA0Rkl1yOlKrFtXOFCOA8mnW1
axqcJWysHgl5CdDVNukTXxVh/6MAy3TqQVEWGIsJoufW9Lk4j6hCVPE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org