Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e382e302f32322d3232203d3e2030.roa
File: 33312e3232302e382e302f32322d3232203d3e2030.roa (raw, json)
Hash identifier: xbfTiUam73ETf4RCLA/sY4f8m08qFZFtByYWPQ+Ytmc=
Subject key identifier: 7A:C2:0A:C6:05:9F:F8:87:38:0D:A3:8E:24:8A:8D:E0:5E:4E:BB:7B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 476044C3785BEFA6953C0AB9F5E1E2A6AC862DFA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e382e302f32322d3232203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:47 +0000
ROA not before: Mon 27 Mar 2023 08:23:47 +0000
ROA not after: Mon 25 Mar 2024 08:28:47 +0000
asID: 0
IP address blocks: 31.220.8.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:60:44:c3:78:5b:ef:a6:95:3c:0a:b9:f5:e1:e2:a6:ac:86:2d:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 27 08:23:47 2023 GMT
Not After : Mar 25 08:28:47 2024 GMT
Subject: CN=7AC20AC6059FF887380DA38E248A8DE05E4EBB7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f7:c5:b8:cb:3d:ad:66:ae:c0:3d:e0:c3:44:
33:74:4c:06:71:f6:50:75:f5:df:04:a4:a2:a8:aa:
fc:1b:32:37:2d:40:75:ce:f0:84:27:ef:2d:51:c8:
66:d8:ab:58:5e:0e:cb:d4:1a:ce:42:66:f6:24:45:
14:94:73:0c:54:8b:79:66:a5:76:97:d8:9d:b9:65:
35:d9:2f:41:32:59:1a:ec:79:f2:e4:e8:da:e4:6c:
ec:04:ca:eb:fc:ae:54:01:36:22:33:ac:0c:02:b7:
a9:97:76:e0:95:36:3a:df:0b:bc:76:32:a2:7f:73:
82:0b:61:f0:d0:98:62:d1:a8:3c:ee:5c:2f:43:e9:
0b:0b:54:70:50:a5:b8:19:e0:f5:22:7c:a6:79:06:
47:53:b2:6b:72:82:b9:ac:68:54:c8:6d:dd:4a:bc:
f8:99:ba:2e:da:61:3e:81:9f:42:ba:4b:13:7e:6e:
ce:8b:b6:65:ac:fc:2b:d4:19:30:64:4e:9f:4b:99:
f8:0c:b3:80:52:af:ec:0c:e0:99:2c:97:0e:9f:ba:
2b:75:17:8b:2b:2c:68:b2:f4:27:d8:df:d3:58:13:
11:6e:58:73:4e:a1:f4:7f:de:d8:bb:6a:85:59:02:
fb:bb:7d:f3:33:e1:85:bb:d8:ef:c7:2b:71:90:e2:
50:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C2:0A:C6:05:9F:F8:87:38:0D:A3:8E:24:8A:8D:E0:5E:4E:BB:7B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e382e302f32322d3232203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.8.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:47:f6:af:33:68:79:22:f3:5d:3b:d8:29:77:6b:96:6a:c4:
9a:9d:fb:7b:9c:93:6e:e0:07:75:99:57:6e:b1:3a:e6:9d:26:
bd:14:95:18:fa:14:e6:01:ef:f9:a6:0e:da:b9:52:d5:1f:7b:
83:cb:e8:13:30:cb:9a:56:05:6a:87:7e:36:bf:e8:f8:98:c4:
f8:f3:50:9b:a2:d0:7c:58:05:c4:73:0d:65:f4:f0:ca:65:f5:
b9:21:69:fa:0c:77:73:12:94:9f:2f:2e:3b:53:38:e7:3d:00:
96:23:ef:db:f1:fa:a7:fa:4d:9b:ab:4b:66:90:8b:fe:13:dc:
8d:f7:df:82:06:bb:ba:cf:fe:84:b5:e1:fa:29:00:0b:98:0d:
5b:fa:63:f2:0d:b6:89:49:c0:e0:4f:2d:2a:ab:bb:83:c4:ba:
18:7a:4d:b8:78:77:5f:93:e8:fe:b2:f7:dd:70:50:49:ad:ce:
90:f6:e0:c9:91:4c:fa:9c:c4:d2:a9:0b:19:16:92:94:18:b4:
70:75:8b:20:aa:46:34:da:dd:24:9f:40:b0:98:d6:4d:da:da:
d4:e2:28:7a:21:8a:0b:af:f5:1d:b8:ad:17:17:b0:1a:1c:db:
60:8d:82:31:89:a4:f2:8e:00:98:bb:2f:1e:77:c7:8b:dd:23:
b8:f8:e5:c5
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIUR2BEw3hb76aVPAq59eHipqyGLfowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzAzMjcwODIzNDdaFw0yNDAzMjUwODI4NDdaMDMxMTAvBgNV
BAMTKDdBQzIwQUM2MDU5RkY4ODczODBEQTM4RTI0OEE4REUwNUU0RUJCN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC798W4yz2tZq7APeDDRDN0TAZx
9lB19d8EpKKoqvwbMjctQHXO8IQn7y1RyGbYq1heDsvUGs5CZvYkRRSUcwxUi3lm
pXaX2J25ZTXZL0EyWRrsefLk6NrkbOwEyuv8rlQBNiIzrAwCt6mXduCVNjrfC7x2
MqJ/c4ILYfDQmGLRqDzuXC9D6QsLVHBQpbgZ4PUifKZ5BkdTsmtygrmsaFTIbd1K
vPiZui7aYT6Bn0K6SxN+bs6LtmWs/CvUGTBkTp9LmfgMs4BSr+wM4Jkslw6fuit1
F4srLGiy9CfY39NYExFuWHNOofR/3ti7aoVZAvu7ffMz4YW72O/HK3GQ4lA3AgMB
AAGjggIxMIICLTAdBgNVHQ4EFgQUesIKxgWf+Ic4DaOOJIqN4F5Ou3swHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgaEGCCsGAQUFBwELBIGUMIGRMIGOBggrBgEFBQcwC4aBgXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzODJl
MzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCH9wIMA0GCSqGSIb3
DQEBCwUAA4IBAQA+R/avM2h5IvNdO9gpd2uWasSanft7nJNu4Ad1mVdusTrmnSa9
FJUY+hTmAe/5pg7auVLVH3uDy+gTMMuaVgVqh342v+j4mMT481CbotB8WAXEcw1l
9PDKZfW5IWn6DHdzEpSfLy47UzjnPQCWI+/b8fqn+k2bq0tmkIv+E9yN99+CBru6
z/6EteH6KQALmA1b+mPyDbaJScDgTy0qq7uDxLoYek24eHdfk+j+svfdcFBJrc6Q
9uDJkUz6nMTSqQsZFpKUGLRwdYsgqkY02t0kn0CwmNZN2trU4ih6IYoLr/UduK0X
F7AaHNtgjYIxiaTyjgCYuy8ed8eL3SO4+OXF
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org