Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134372e302f32342d3234203d3e2030.roa
File: 3138352e3232362e3134372e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: Jmv09vAN4R3QW/A2MJG5KzjB0cYn9F3mC4AG+elmvWc=
Subject key identifier: 85:40:02:04:F5:82:44:03:61:6E:AA:22:25:3D:1C:1A:3A:4E:F9:7C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1B728875FE5F27ABC84DC3DD5DAE948C3B595C70
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134372e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:57 +0000
ROA not before: Mon 27 Mar 2023 08:23:57 +0000
ROA not after: Mon 25 Mar 2024 08:28:57 +0000
asID: 0
IP address blocks: 185.226.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:72:88:75:fe:5f:27:ab:c8:4d:c3:dd:5d:ae:94:8c:3b:59:5c:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 27 08:23:57 2023 GMT
Not After : Mar 25 08:28:57 2024 GMT
Subject: CN=85400204F5824403616EAA22253D1C1A3A4EF97C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3f:1e:23:d4:3d:9b:53:4e:d9:4a:a2:98:de:
b4:40:db:ed:0a:bb:b5:41:f2:5c:98:2c:80:00:9a:
03:03:7d:50:d4:9e:c3:fa:4e:a0:c6:5d:6d:54:de:
a6:a1:10:e1:d4:e1:4a:66:25:f3:1f:e7:59:86:a9:
8f:8c:08:b0:4a:fd:91:f1:26:b5:4d:5a:da:c5:0f:
89:51:27:07:d2:44:fb:1c:3d:93:2f:69:73:e9:23:
45:84:0a:64:5d:55:9a:b9:c4:00:18:cd:ce:17:4b:
ec:9c:02:88:8c:62:49:2e:7b:18:44:3c:c1:ae:63:
3b:51:6d:e0:ab:c3:5b:26:5c:c5:c3:5d:ed:a1:97:
c4:62:68:41:c1:60:ed:9e:2d:17:49:a8:7d:38:ae:
05:7e:fa:45:8e:e9:bf:96:4a:48:8f:8e:91:ed:73:
94:c6:3b:9b:0f:79:a0:c3:0e:0c:7e:49:4f:7e:d9:
aa:18:05:22:8e:16:82:50:80:ef:3b:ce:ae:51:f0:
d9:2a:23:a5:16:ed:f9:d0:41:3e:d9:b6:ef:50:cb:
df:3a:83:e8:8b:26:ff:d6:7a:ec:76:75:2c:b5:84:
1a:46:f1:28:0a:9d:62:4b:99:59:7b:1b:f5:fc:77:
01:ba:c4:3c:df:37:0c:3b:1d:4d:9b:e7:7a:3e:3a:
b4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:40:02:04:F5:82:44:03:61:6E:AA:22:25:3D:1C:1A:3A:4E:F9:7C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134372e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.147.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:94:6b:cf:c4:8e:de:c7:4d:3c:64:0b:5a:3b:34:6c:45:f4:
f8:63:85:1a:e0:3b:79:52:bb:14:f9:b7:6f:c6:5f:e0:e3:25:
3e:b9:06:88:16:80:c0:45:2e:d0:56:0b:df:b4:49:0b:0f:00:
3e:76:61:40:2c:20:7c:33:be:89:23:fe:74:13:96:67:df:d9:
1f:c0:cc:34:a1:d3:9e:7b:10:76:51:99:db:da:0b:9c:e7:57:
d9:a3:a6:0a:0f:30:36:d5:9e:81:ec:3c:05:7f:f0:41:f3:02:
16:9f:86:b7:d2:d5:3b:05:25:ac:f3:e7:94:7b:9a:08:5d:19:
6c:79:76:1b:8f:93:0c:00:1e:41:f9:4b:e6:ed:43:0f:93:4d:
3d:30:da:12:3b:c9:27:54:18:05:a0:bf:6b:c7:ae:1f:5f:ae:
61:fc:ea:34:22:8d:81:c3:ec:fa:a6:57:2b:78:00:e8:81:95:
47:d9:08:5f:6c:87:ef:97:68:24:e2:2c:c1:84:dc:81:3f:aa:
85:f1:f2:cf:74:cf:20:60:ef:81:65:1a:24:a1:91:a1:10:18:
b0:45:1a:ab:fa:9e:99:ef:f6:bd:e4:e7:a5:bc:53:ee:2d:ad:
80:43:56:b0:8d:a7:21:00:8a:78:e1:da:ee:d0:3f:d1:45:e0:
ed:6d:bf:12
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUG3KIdf5fJ6vITcPdXa6UjDtZXHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzAzMjcwODIzNTdaFw0yNDAzMjUwODI4NTdaMDMxMTAvBgNV
BAMTKDg1NDAwMjA0RjU4MjQ0MDM2MTZFQUEyMjI1M0QxQzFBM0E0RUY5N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKPx4j1D2bU07ZSqKY3rRA2+0K
u7VB8lyYLIAAmgMDfVDUnsP6TqDGXW1U3qahEOHU4UpmJfMf51mGqY+MCLBK/ZHx
JrVNWtrFD4lRJwfSRPscPZMvaXPpI0WECmRdVZq5xAAYzc4XS+ycAoiMYkkuexhE
PMGuYztRbeCrw1smXMXDXe2hl8RiaEHBYO2eLRdJqH04rgV++kWO6b+WSkiPjpHt
c5TGO5sPeaDDDgx+SU9+2aoYBSKOFoJQgO87zq5R8NkqI6UW7fnQQT7Ztu9Qy986
g+iLJv/Weux2dSy1hBpG8SgKnWJLmVl7G/X8dwG6xDzfNww7HU2b53o+OrQ/AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUhUACBPWCRANhbqoiJT0cGjpO+XwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzYyZTMx
MzQzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueKTMA0G
CSqGSIb3DQEBCwUAA4IBAQBqlGvPxI7ex008ZAtaOzRsRfT4Y4Ua4Dt5UrsU+bdv
xl/g4yU+uQaIFoDARS7QVgvftEkLDwA+dmFALCB8M76JI/50E5Zn39kfwMw0odOe
exB2UZnb2guc51fZo6YKDzA21Z6B7DwFf/BB8wIWn4a30tU7BSWs8+eUe5oIXRls
eXYbj5MMAB5B+Uvm7UMPk009MNoSO8knVBgFoL9rx64fX65h/Oo0Io2Bw+z6plcr
eADogZVH2QhfbIfvl2gk4izBhNyBP6qF8fLPdM8gYO+BZRokoZGhEBiwRRqr+p6Z
7/a95OelvFPuLa2AQ1awjachAIp44dru0D/RReDtbb8S
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:12 2024 by rpki-client on console-ams.rpki-client.org