Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232382e31392e302f32342d3234203d3e2030.roa
File: 3138352e3232382e31392e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: hr5BnQYHVi95P239NRsCvw0ECosWRC15pBYUAWby5cU=
Subject key identifier: 57:85:3E:CA:0C:AC:14:FD:D1:34:F1:27:21:72:A6:C5:B1:8F:60:46
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 44285A6C5E402308712C0CD45ADBF870A589FAE4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232382e31392e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:47 +0000
ROA not before: Mon 27 Mar 2023 08:23:47 +0000
ROA not after: Mon 25 Mar 2024 08:28:47 +0000
asID: 0
IP address blocks: 185.228.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:28:5a:6c:5e:40:23:08:71:2c:0c:d4:5a:db:f8:70:a5:89:fa:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 27 08:23:47 2023 GMT
Not After : Mar 25 08:28:47 2024 GMT
Subject: CN=57853ECA0CAC14FDD134F1272172A6C5B18F6046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:82:b4:49:78:2c:99:fe:3b:df:c2:7a:4c:07:
82:1a:81:4f:a6:d2:62:9b:7e:ae:e9:ad:81:7d:0e:
91:71:b2:13:90:17:72:a8:2a:2d:05:2c:c0:4e:c7:
15:7c:13:e9:ea:f7:08:da:d0:d7:e7:d7:30:f6:6f:
28:70:56:5a:b5:03:84:1c:1d:ed:62:db:44:00:0a:
55:d5:dd:41:d6:46:bc:c4:00:d9:83:7d:52:cf:db:
7a:28:9c:eb:85:c0:e3:31:49:90:ec:44:3f:ac:3e:
d0:00:6c:d7:37:fd:87:48:f7:03:f8:a9:54:14:9a:
50:ae:9e:67:00:da:b4:a6:03:ad:1d:b1:ad:4c:5d:
b1:a2:7b:28:88:4d:55:eb:a1:7b:ea:8d:b7:b0:bc:
ea:28:d5:3e:92:80:0a:e2:dc:b1:c3:06:a5:2b:b2:
db:67:a2:3f:74:45:f1:7c:5c:d8:e1:e2:6f:cb:77:
8c:3d:ef:79:c3:64:a3:d0:45:68:d1:e8:d0:a6:98:
95:e1:74:ff:56:e9:eb:6a:89:df:38:b3:10:9c:11:
4a:75:40:aa:21:c3:a1:37:e9:35:cb:df:fe:d3:2a:
33:29:92:f6:03:e9:94:67:b2:3d:ba:e8:f3:7f:eb:
d1:66:d4:39:dc:b5:9c:a3:90:de:78:39:fe:8b:81:
5e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:85:3E:CA:0C:AC:14:FD:D1:34:F1:27:21:72:A6:C5:B1:8F:60:46
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232382e31392e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.19.0/24
Signature Algorithm: sha256WithRSAEncryption
71:5f:57:af:ea:fa:78:f7:bf:98:75:50:32:0a:0a:e0:05:3a:
7b:74:2e:77:fa:ad:c3:49:13:d8:56:f5:e7:c0:23:43:7c:66:
ab:79:25:5e:50:e2:e3:c1:d0:fd:ae:7c:d2:cc:7d:07:2d:06:
ed:d5:5d:2b:b0:55:f2:50:d8:74:01:0d:bc:87:13:dd:d2:a1:
91:0f:ee:60:f9:87:eb:f4:52:04:a7:ff:f5:b8:e9:0a:fb:31:
eb:0f:36:ba:57:4a:9d:c6:bb:29:0f:64:8c:df:8d:1b:e9:41:
73:f5:f9:80:b4:48:21:ab:71:b1:4e:d3:da:aa:4c:e4:a3:61:
1a:1d:3c:12:5d:5a:91:a9:75:e9:ec:60:b2:bd:54:33:74:04:
2b:99:61:ba:b3:f6:ae:cf:3b:88:24:66:7b:b1:28:c0:ca:cf:
d3:54:70:fd:d0:47:1d:76:2f:48:3d:49:57:69:d9:1e:18:51:
03:90:d1:1f:c5:47:2a:e2:05:32:24:76:6f:55:ff:fd:d3:38:
f4:2f:d8:4d:98:7e:e8:1e:90:3d:25:38:f0:24:4f:a8:7b:a9:
b1:8b:43:ab:8e:c5:f3:f5:3e:13:78:68:e4:d3:07:19:85:99:
36:98:01:eb:7f:8d:45:0c:00:7b:7a:70:5a:81:99:f5:d2:0e:
21:ff:47:3f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIURChabF5AIwhxLAzUWtv4cKWJ+uQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzAzMjcwODIzNDdaFw0yNDAzMjUwODI4NDdaMDMxMTAvBgNV
BAMTKDU3ODUzRUNBMENBQzE0RkREMTM0RjEyNzIxNzJBNkM1QjE4RjYwNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwgrRJeCyZ/jvfwnpMB4IagU+m
0mKbfq7prYF9DpFxshOQF3KoKi0FLMBOxxV8E+nq9wja0Nfn1zD2byhwVlq1A4Qc
He1i20QAClXV3UHWRrzEANmDfVLP23oonOuFwOMxSZDsRD+sPtAAbNc3/YdI9wP4
qVQUmlCunmcA2rSmA60dsa1MXbGieyiITVXroXvqjbewvOoo1T6SgAri3LHDBqUr
sttnoj90RfF8XNjh4m/Ld4w973nDZKPQRWjR6NCmmJXhdP9W6etqid84sxCcEUp1
QKohw6E36TXL3/7TKjMpkvYD6ZRnsj266PN/69Fm1DnctZyjkN54Of6LgV7hAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUV4U+ygysFP3RNPEnIXKmxbGPYEYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzgyZTMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnkEzANBgkq
hkiG9w0BAQsFAAOCAQEAcV9Xr+r6ePe/mHVQMgoK4AU6e3Qud/qtw0kT2Fb158Aj
Q3xmq3klXlDi48HQ/a580sx9By0G7dVdK7BV8lDYdAENvIcT3dKhkQ/uYPmH6/RS
BKf/9bjpCvsx6w82uldKnca7KQ9kjN+NG+lBc/X5gLRIIatxsU7T2qpM5KNhGh08
El1akal16exgsr1UM3QEK5lhurP2rs87iCRme7EowMrP01Rw/dBHHXYvSD1JV2nZ
HhhRA5DRH8VHKuIFMiR2b1X//dM49C/YTZh+6B6QPSU48CRPqHupsYtDq47F8/U+
E3ho5NMHGYWZNpgB63+NRQwAe3pwWoGZ9dIOIf9HPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:12 2024 by rpki-client on console-ams.rpki-client.org