Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232392e35362e302f32332d3234203d3e2030.roa
File: 3138352e3232392e35362e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier: dcfSEwNp9cVvVEbL5KIS5vTT2Vws5iFaEKeiF3ZDklg=
Subject key identifier: DB:1B:1C:F0:F5:70:AA:4D:DE:DF:F0:B2:3D:44:DD:37:40:65:36:22
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 465654577618EE35DEE2B3424487717EEC64E4E2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232392e35362e302f32332d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:45 +0000
ROA not before: Mon 27 Mar 2023 08:23:45 +0000
ROA not after: Mon 25 Mar 2024 08:28:45 +0000
asID: 0
IP address blocks: 185.229.56.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:56:54:57:76:18:ee:35:de:e2:b3:42:44:87:71:7e:ec:64:e4:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 27 08:23:45 2023 GMT
Not After : Mar 25 08:28:45 2024 GMT
Subject: CN=DB1B1CF0F570AA4DDEDFF0B23D44DD3740653622
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2c:8e:26:0c:62:26:cf:23:53:42:64:47:6c:
10:55:75:6d:51:83:bb:ff:dd:d0:91:30:96:0c:3f:
c5:d7:a2:05:ec:02:4e:fc:39:36:2a:df:8a:8b:f1:
97:fa:36:ca:1c:98:fc:8f:be:3a:4f:8f:58:bc:b5:
65:89:67:93:ad:c1:97:6f:33:c1:b8:69:2d:cf:f8:
08:59:14:7f:d7:c2:6d:ce:6f:a2:a4:30:62:11:61:
80:14:04:3a:0b:3c:6c:bb:a1:cf:dc:79:04:d1:60:
96:d7:89:98:24:47:05:c5:df:b7:aa:fd:91:d2:a9:
44:c9:74:05:01:09:06:10:eb:f6:b2:4a:12:b4:5d:
19:c1:b3:f0:88:55:f8:b7:19:64:9e:e8:ff:b6:19:
fe:76:62:08:6a:99:1b:a0:d2:f0:31:e2:0e:fc:8f:
55:13:6f:70:14:4a:fc:9d:cb:33:f5:3b:cc:3e:d1:
c3:7f:a2:80:40:c4:5d:88:28:9a:7c:c4:55:56:d2:
71:23:37:70:67:9a:1c:99:08:fc:2b:96:f0:99:4b:
a0:fe:90:65:07:36:92:ad:00:07:d5:09:5a:0a:03:
fd:e2:30:91:2e:7f:6a:68:6f:c4:15:cc:71:d2:08:
08:8c:a5:df:de:81:5c:46:6d:75:dd:1a:36:3e:f9:
6a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1B:1C:F0:F5:70:AA:4D:DE:DF:F0:B2:3D:44:DD:37:40:65:36:22
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232392e35362e302f32332d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.56.0/23
Signature Algorithm: sha256WithRSAEncryption
42:8a:89:50:34:f1:92:dc:26:1b:9c:7b:c3:a8:d5:7a:f6:ce:
5a:27:3f:6b:ec:11:0c:02:f0:fb:86:03:78:17:6f:84:34:d6:
a0:61:ea:f9:e8:be:d1:f6:50:a1:79:82:0c:b8:3a:d8:e0:66:
3a:43:f7:49:4d:25:19:94:71:fd:f6:54:15:c2:a0:41:6c:eb:
93:8d:04:e9:67:81:b2:9f:f8:d3:48:3e:c5:8b:60:4c:cd:31:
bd:67:8a:4a:34:ee:69:69:2b:5d:6e:05:49:37:03:be:f9:f0:
18:a1:b8:da:92:98:ea:85:8d:96:d4:41:27:8e:0f:de:1c:59:
4b:6b:2a:65:05:94:f3:d1:9f:b7:49:26:66:62:cc:d6:ea:52:
14:bd:ee:f1:1a:53:4f:ab:14:5b:c2:1c:33:11:69:e7:58:b7:
f9:9a:2c:a4:6a:82:de:a4:2d:21:10:26:d4:73:a6:44:66:ce:
2b:44:7e:fa:69:a1:7b:11:ea:7d:53:46:a4:d2:bf:85:8c:b3:
c1:43:d1:ee:85:05:6d:ed:99:0f:60:5b:e3:9f:5e:d2:15:23:
28:92:2f:23:6b:a3:3a:c2:db:71:f9:58:ed:fa:73:97:59:71:
c3:69:8a:bb:11:71:0f:7d:f1:63:cf:70:5a:30:69:d5:87:2d:
ec:b5:dd:fc
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIURlZUV3YY7jXe4rNCRIdxfuxk5OIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzAzMjcwODIzNDVaFw0yNDAzMjUwODI4NDVaMDMxMTAvBgNV
BAMTKERCMUIxQ0YwRjU3MEFBNERERURGRjBCMjNENDRERDM3NDA2NTM2MjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwLI4mDGImzyNTQmRHbBBVdW1R
g7v/3dCRMJYMP8XXogXsAk78OTYq34qL8Zf6NsocmPyPvjpPj1i8tWWJZ5OtwZdv
M8G4aS3P+AhZFH/Xwm3Ob6KkMGIRYYAUBDoLPGy7oc/ceQTRYJbXiZgkRwXF37eq
/ZHSqUTJdAUBCQYQ6/ayShK0XRnBs/CIVfi3GWSe6P+2Gf52YghqmRug0vAx4g78
j1UTb3AUSvydyzP1O8w+0cN/ooBAxF2IKJp8xFVW0nEjN3BnmhyZCPwrlvCZS6D+
kGUHNpKtAAfVCVoKA/3iMJEuf2pob8QVzHHSCAiMpd/egVxGbXXdGjY++WpnAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQU2xsc8PVwqk3e3/CyPUTdN0BlNiIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzkyZTM1
MzYyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnlODANBgkq
hkiG9w0BAQsFAAOCAQEAQoqJUDTxktwmG5x7w6jVevbOWic/a+wRDALw+4YDeBdv
hDTWoGHq+ei+0fZQoXmCDLg62OBmOkP3SU0lGZRx/fZUFcKgQWzrk40E6WeBsp/4
00g+xYtgTM0xvWeKSjTuaWkrXW4FSTcDvvnwGKG42pKY6oWNltRBJ44P3hxZS2sq
ZQWU89Gft0kmZmLM1upSFL3u8RpTT6sUW8IcMxFp51i3+ZospGqC3qQtIRAm1HOm
RGbOK0R++mmhexHqfVNGpNK/hYyzwUPR7oUFbe2ZD2Bb459e0hUjKJIvI2ujOsLb
cflY7fpzl1lxw2mKuxFxD33xY89wWjBp1Yct7LXd/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:12 2024 by rpki-client on console-ams.rpki-client.org