Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233342e302f32342d3234203d3e203630303638.roa
File: 38352e3139302e3233342e302f32342d3234203d3e203630303638.roa (raw, json)
Hash identifier: Y46uV6TJCarim+4Q0gEiM/ZBZltYs50vYoLBCC9OcnA=
Subject key identifier: 80:D0:39:0B:8D:FD:92:F0:B1:DF:60:F3:20:11:AB:D7:2B:29:2B:63
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7900EA81C98C315ACFBC967F2EC47E1CE200F36F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233342e302f32342d3234203d3e203630303638.roa
Signing time: Mon 01 May 2023 13:17:59 +0000
ROA not before: Mon 01 May 2023 13:12:59 +0000
ROA not after: Mon 29 Apr 2024 13:17:59 +0000
asID: 60068
IP address blocks: 85.190.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:00:ea:81:c9:8c:31:5a:cf:bc:96:7f:2e:c4:7e:1c:e2:00:f3:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 1 13:12:59 2023 GMT
Not After : Apr 29 13:17:59 2024 GMT
Subject: CN=80D0390B8DFD92F0B1DF60F32011ABD72B292B63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c2:83:4a:6f:90:b2:11:78:9d:df:78:e5:67:
79:69:89:22:7a:eb:e7:ae:60:c1:2b:bd:66:c0:2d:
49:c8:78:8b:fb:c0:c4:67:78:70:1b:dd:94:90:85:
38:3b:59:ba:d4:18:bb:ec:c8:96:df:8d:f1:54:b4:
26:c7:04:b9:97:bb:c0:7f:ca:2b:04:d7:d1:78:76:
ec:e4:ef:2b:86:a5:ec:dc:3f:8e:92:d2:6e:63:79:
41:63:04:d4:a1:09:8c:be:cd:ef:70:8d:42:c6:0b:
64:f7:9d:4b:f2:76:cc:93:c4:ca:46:f0:0e:65:f5:
1a:fb:0c:d4:7a:ba:29:eb:8c:7d:3d:20:c0:00:3d:
42:ab:64:d4:ad:67:31:d0:74:31:28:f4:9b:58:9c:
ad:d1:b1:88:3a:9e:4e:3a:82:86:53:ea:0f:1f:2b:
82:9d:23:ef:0a:90:7c:a4:58:94:01:b3:8c:70:44:
e6:6f:f9:11:b2:66:d1:4c:04:ce:ee:78:a7:74:54:
36:e3:11:b7:38:74:81:e6:77:35:d7:e6:23:29:5e:
a5:50:b8:eb:66:3c:86:07:0a:20:2d:d1:73:70:0e:
49:e6:37:58:f4:5e:d1:90:d0:a1:d9:74:bd:9e:d5:
fc:1a:73:a7:a4:12:b2:85:9a:69:20:ee:b8:58:4d:
99:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D0:39:0B:8D:FD:92:F0:B1:DF:60:F3:20:11:AB:D7:2B:29:2B:63
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233342e302f32342d3234203d3e203630303638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.234.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:a7:19:e4:8b:9c:08:35:af:d9:8f:44:d4:80:c0:4e:7b:41:
48:53:0d:20:53:c8:6b:3a:f4:4e:7b:f0:02:26:a0:36:6a:c2:
8b:d4:cb:a9:85:37:0a:3c:be:0d:37:dd:bd:fe:6a:c9:75:a6:
58:44:7a:b2:22:51:f9:18:0b:31:e3:df:9b:eb:be:82:3f:ef:
12:2a:54:c5:8a:5e:7a:ef:d4:e0:ed:4a:51:e0:15:e9:09:83:
66:7e:31:91:7a:68:62:aa:80:3d:59:e5:ae:72:33:08:ef:a2:
db:17:9d:c0:23:7f:66:ff:78:ba:60:78:c0:b6:26:08:9d:df:
a3:45:c5:8d:4f:d3:a7:d5:c1:fe:cf:fd:83:11:a3:6f:2b:d3:
37:b3:1b:c7:f7:b6:d3:60:47:7c:6e:51:46:00:18:35:0d:bb:
ac:80:a4:9b:d3:dd:25:4a:01:d0:4f:56:a5:5e:6a:00:43:d7:
57:98:b9:53:41:14:0b:49:39:d8:a0:bd:04:46:d6:11:8f:c5:
92:9e:7c:ad:2b:81:65:52:7c:4b:85:16:ec:3f:b6:05:d3:2c:
72:95:ce:c0:ba:04:1b:a5:7a:84:a1:e7:1e:3c:2b:cf:8a:c4:
6a:c5:45:36:f5:a9:ab:17:cf:71:17:b1:9f:ea:a9:e6:1d:50:
21:45:dd:41
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUeQDqgcmMMVrPvJZ/LsR+HOIA828wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA1MDExMzEyNTlaFw0yNDA0MjkxMzE3NTlaMDMxMTAvBgNV
BAMTKDgwRDAzOTBCOERGRDkyRjBCMURGNjBGMzIwMTFBQkQ3MkIyOTJCNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQwoNKb5CyEXid33jlZ3lpiSJ6
6+euYMErvWbALUnIeIv7wMRneHAb3ZSQhTg7WbrUGLvsyJbfjfFUtCbHBLmXu8B/
yisE19F4duzk7yuGpezcP46S0m5jeUFjBNShCYy+ze9wjULGC2T3nUvydsyTxMpG
8A5l9Rr7DNR6uinrjH09IMAAPUKrZNStZzHQdDEo9JtYnK3RsYg6nk46goZT6g8f
K4KdI+8KkHykWJQBs4xwROZv+RGyZtFMBM7ueKd0VDbjEbc4dIHmdzXX5iMpXqVQ
uOtmPIYHCiAt0XNwDknmN1j0XtGQ0KHZdL2e1fwac6ekErKFmmkg7rhYTZm5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUgNA5C439kvCx32DzIBGr1yspK2MwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMz
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMwMzAzNjM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Vb7qMA0GCSqGSIb3DQEBCwUAA4IBAQAdpxnki5wINa/Zj0TUgMBOe0FIUw0gU8hr
OvROe/ACJqA2asKL1MuphTcKPL4NN929/mrJdaZYRHqyIlH5GAsx49+b676CP+8S
KlTFil5679Tg7UpR4BXpCYNmfjGRemhiqoA9WeWucjMI76LbF53AI39m/3i6YHjA
tiYInd+jRcWNT9On1cH+z/2DEaNvK9M3sxvH97bTYEd8blFGABg1DbusgKSb090l
SgHQT1alXmoAQ9dXmLlTQRQLSTnYoL0ERtYRj8WSnnytK4FlUnxLhRbsP7YF0yxy
lc7AugQbpXqEoecePCvPisRqxUU29amrF89xF7Gf6qnmHVAhRd1B
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:12 2024 by rpki-client on console-ams.rpki-client.org