Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133372e302f32342d3234203d3e20323132373038.roa
File: 3138352e3233302e3133372e302f32342d3234203d3e20323132373038.roa (raw, json)
Hash identifier: rrHOCc6805ukiSQutr+Ast/8ckgl62JBUn/+ETUBDSY=
Subject key identifier: 6D:22:74:DE:DB:65:27:F2:8B:4A:75:CB:E6:20:E9:3A:97:C0:A3:59
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 649066D9178E6A2D359467990CF4FE9FFC0AC3A5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133372e302f32342d3234203d3e20323132373038.roa
Signing time: Wed 12 Apr 2023 20:13:43 +0000
ROA not before: Wed 12 Apr 2023 20:08:43 +0000
ROA not after: Wed 10 Apr 2024 20:13:43 +0000
asID: 212708
IP address blocks: 185.230.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:90:66:d9:17:8e:6a:2d:35:94:67:99:0c:f4:fe:9f:fc:0a:c3:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 12 20:08:43 2023 GMT
Not After : Apr 10 20:13:43 2024 GMT
Subject: CN=6D2274DEDB6527F28B4A75CBE620E93A97C0A359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5e:0e:12:44:26:00:69:a4:9f:8e:49:00:cc:
ba:df:f8:2d:0c:10:6e:5f:95:37:13:27:ab:46:d6:
a1:e8:d1:e3:88:fb:84:8a:3a:0e:fb:06:cd:1e:00:
21:57:7a:b9:08:ba:1f:44:f8:ad:92:e1:1f:35:3f:
2d:be:d7:5d:4a:f6:0d:8e:3e:2a:d6:31:1c:08:5d:
3b:66:56:83:e9:3b:df:63:b8:cf:20:5e:90:4f:59:
cb:07:9b:29:b0:ca:5b:4e:b9:99:32:1e:81:ca:be:
00:95:46:dd:30:c5:15:7f:a4:c9:99:bd:f5:ec:bb:
15:a9:aa:43:16:c3:fa:ed:f3:bf:79:62:c4:03:2f:
0c:7a:fc:4c:95:08:bf:62:e7:16:d7:f5:b5:d5:9c:
65:89:61:09:4d:d7:56:43:e5:44:6e:44:6d:5d:2a:
93:22:d1:b3:83:2c:18:25:07:0f:23:79:66:51:a8:
16:5e:d3:37:0c:b7:04:96:e5:19:a4:2d:02:0a:43:
10:0b:ae:ba:d8:2a:48:ba:ba:89:e5:e5:5d:65:94:
91:a0:5d:f9:da:87:2e:66:82:8c:e4:bc:da:3f:8c:
da:32:fa:8b:c9:1c:79:e6:39:4f:5d:26:8e:f4:fd:
f6:1f:e3:44:2f:18:e8:26:a6:e4:d8:be:21:fd:31:
9a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:22:74:DE:DB:65:27:F2:8B:4A:75:CB:E6:20:E9:3A:97:C0:A3:59
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133372e302f32342d3234203d3e20323132373038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.137.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:2b:32:d6:d9:20:5d:8c:07:c0:8d:22:f2:05:60:12:5c:6a:
17:3a:09:b8:dd:eb:ad:7a:71:71:8c:b1:7f:f3:55:39:18:c1:
b4:7a:56:6b:88:c7:ea:4e:64:f4:2b:99:ad:5e:ac:a5:92:2e:
24:9f:70:0c:7c:60:aa:3d:cd:26:4b:04:87:53:99:ff:3b:22:
a0:8e:e7:92:9f:fa:e2:e8:2c:c5:91:53:24:19:8a:4e:18:07:
17:68:d8:e9:ac:7a:9a:eb:c2:ab:57:c6:70:9f:33:26:71:8a:
41:3f:71:c1:4d:fa:0c:51:61:90:41:63:16:72:f2:34:1c:81:
27:6c:ff:1f:c9:03:b9:eb:72:46:01:59:f1:63:98:78:b8:b5:
67:ca:8e:de:6e:68:97:e7:66:de:dc:8d:d9:ec:9e:e9:6e:38:
3a:fa:86:bc:c4:da:e4:de:2d:7b:fe:88:39:a8:14:22:f5:93:
37:42:ac:ce:f8:ff:8b:dc:e0:bc:ea:2d:80:f5:94:81:be:57:
31:23:ae:4d:81:9c:eb:31:ea:51:5a:5b:3e:3f:b8:35:ba:5d:
18:d3:04:8f:b2:bf:66:12:29:96:13:bb:4c:17:20:5c:a9:09:
82:f8:80:7b:f1:12:ed:a3:f4:7c:54:ff:af:18:ec:16:4c:00:
26:db:2a:89
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUZJBm2ReOai01lGeZDPT+n/wKw6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA0MTIyMDA4NDNaFw0yNDA0MTAyMDEzNDNaMDMxMTAvBgNV
BAMTKDZEMjI3NERFREI2NTI3RjI4QjRBNzVDQkU2MjBFOTNBOTdDMEEzNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqXg4SRCYAaaSfjkkAzLrf+C0M
EG5flTcTJ6tG1qHo0eOI+4SKOg77Bs0eACFXerkIuh9E+K2S4R81Py2+111K9g2O
PirWMRwIXTtmVoPpO99juM8gXpBPWcsHmymwyltOuZkyHoHKvgCVRt0wxRV/pMmZ
vfXsuxWpqkMWw/rt8795YsQDLwx6/EyVCL9i5xbX9bXVnGWJYQlN11ZD5URuRG1d
KpMi0bODLBglBw8jeWZRqBZe0zcMtwSW5RmkLQIKQxALrrrYKki6uonl5V1llJGg
Xfnahy5mgozkvNo/jNoy+ovJHHnmOU9dJo70/fYf40QvGOgmpuTYviH9MZq5AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUbSJ03ttlJ/KLSnXL5iDpOpfAo1kwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzAyZTMx
MzMzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjM3MzAzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnmiTANBgkqhkiG9w0BAQsFAAOCAQEAPCsy1tkgXYwHwI0i8gVgElxqFzoJ
uN3rrXpxcYyxf/NVORjBtHpWa4jH6k5k9CuZrV6spZIuJJ9wDHxgqj3NJksEh1OZ
/zsioI7nkp/64ugsxZFTJBmKThgHF2jY6ax6muvCq1fGcJ8zJnGKQT9xwU36DFFh
kEFjFnLyNByBJ2z/H8kDuetyRgFZ8WOYeLi1Z8qO3m5ol+dm3tyN2eye6W44OvqG
vMTa5N4te/6IOagUIvWTN0Kszvj/i9zgvOotgPWUgb5XMSOuTYGc6zHqUVpbPj+4
NbpdGNMEj7K/ZhIplhO7TBcgXKkJgviAe/ES7aP0fFT/rxjsFkwAJtsqiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:12 2024 by rpki-client on console-ams.rpki-client.org