Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233392e302f32342d3234203d3e203432333636.roa
File: 38352e3139302e3233392e302f32342d3234203d3e203432333636.roa (raw, json)
Hash identifier: ZsPOcmPyWNuvJIM0zcDoYiRqvCzmME/jA6rrLVa/sYE=
Subject key identifier: C5:4D:70:E7:77:56:09:AA:10:E1:1E:AA:5C:24:16:2C:03:78:C8:BC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5452BF2E9F54D665252EE3BA3B2327F1C620E7E7
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233392e302f32342d3234203d3e203432333636.roa
Signing time: Tue 25 Apr 2023 17:57:33 +0000
ROA not before: Tue 25 Apr 2023 17:52:33 +0000
ROA not after: Tue 23 Apr 2024 17:57:33 +0000
asID: 42366
IP address blocks: 85.190.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:52:bf:2e:9f:54:d6:65:25:2e:e3:ba:3b:23:27:f1:c6:20:e7:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 25 17:52:33 2023 GMT
Not After : Apr 23 17:57:33 2024 GMT
Subject: CN=C54D70E7775609AA10E11EAA5C24162C0378C8BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:c3:78:b3:18:bf:8a:d9:6d:c7:26:27:28:b8:
46:71:66:32:04:fe:80:ab:9a:40:1d:3c:97:7d:ea:
dc:1a:81:77:f8:1d:0a:27:34:c5:f3:da:6b:34:f6:
d7:b4:87:02:8e:e4:89:ff:41:3a:c9:23:e3:9f:2a:
f8:79:c4:81:e9:9a:36:df:89:74:61:03:af:fa:0a:
ea:25:1e:b3:94:a4:d9:bc:9c:87:35:b9:06:60:61:
54:60:60:61:61:3e:d2:a7:14:58:25:56:36:aa:f6:
1a:0e:a8:09:1a:63:73:34:2d:21:a9:bd:ee:20:91:
35:a4:6f:c6:48:59:77:8c:93:01:22:2a:01:23:c2:
81:a1:f6:dd:d4:c6:67:09:5f:0a:dc:1a:72:b9:ca:
05:57:29:ef:ae:5e:db:99:0b:00:26:ad:e3:53:cd:
d8:10:d5:fe:c2:79:12:8f:4b:5a:94:4a:db:22:13:
b2:9c:0e:af:96:a5:da:c4:3d:a6:65:b7:2a:9c:74:
80:6c:a9:be:67:fa:d2:03:f0:f7:0c:7e:0d:16:dd:
28:50:27:7d:27:77:40:fc:a2:f7:50:16:f8:57:f2:
b9:0a:2c:03:ff:c1:4c:7d:37:91:e0:a3:32:8d:f7:
4f:26:3d:c4:43:c4:a7:18:e7:79:2b:24:81:e0:3d:
1f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:4D:70:E7:77:56:09:AA:10:E1:1E:AA:5C:24:16:2C:03:78:C8:BC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233392e302f32342d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.239.0/24
Signature Algorithm: sha256WithRSAEncryption
53:be:04:fa:3f:5e:7c:86:2b:8f:ca:09:38:4a:8b:7e:8a:49:
3c:09:29:23:2a:f4:2f:4c:11:76:61:dc:b1:6d:ed:0e:e4:5e:
67:dd:5d:39:92:da:90:6f:6b:f3:03:c1:ff:7b:55:e7:d2:ca:
d8:a2:48:a0:ef:f6:c8:f1:ac:70:3f:ee:32:c8:71:99:57:ae:
2f:dd:4f:44:af:dc:7f:e5:b7:b9:58:23:77:3e:de:62:74:34:
08:13:d7:b1:8c:a7:de:f6:74:fb:ef:37:b3:54:c6:ea:48:82:
b8:b2:db:b1:46:d0:64:4c:8d:e7:29:b7:47:14:37:8e:b2:2c:
3b:0b:4b:08:99:4c:da:15:68:d8:e8:ef:d7:ac:70:69:90:81:
e3:7b:8f:c2:c5:c1:0f:b2:0d:16:46:77:79:d7:a4:5b:3d:c1:
de:e1:73:ad:25:f1:a5:f5:26:4d:4b:d1:7d:40:47:40:c8:0d:
60:6a:09:1d:4d:e2:d0:12:23:f5:0d:1f:e4:b4:50:d2:11:d0:
6c:84:df:ac:3f:bb:7a:e9:94:d2:e3:41:fb:96:f7:16:6f:10:
f9:cb:c3:4f:ba:5f:4e:e8:fb:b1:1b:4d:c5:8e:85:ab:3c:f9:
ea:91:b5:58:b0:f9:02:84:5f:b2:ae:3b:aa:ba:17:6d:fe:41:
2c:64:4b:09
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUVFK/Lp9U1mUlLuO6OyMn8cYg5+cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA0MjUxNzUyMzNaFw0yNDA0MjMxNzU3MzNaMDMxMTAvBgNV
BAMTKEM1NEQ3MEU3Nzc1NjA5QUExMEUxMUVBQTVDMjQxNjJDMDM3OEM4QkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPw3izGL+K2W3HJicouEZxZjIE
/oCrmkAdPJd96twagXf4HQonNMXz2ms09te0hwKO5In/QTrJI+OfKvh5xIHpmjbf
iXRhA6/6CuolHrOUpNm8nIc1uQZgYVRgYGFhPtKnFFglVjaq9hoOqAkaY3M0LSGp
ve4gkTWkb8ZIWXeMkwEiKgEjwoGh9t3UxmcJXwrcGnK5ygVXKe+uXtuZCwAmreNT
zdgQ1f7CeRKPS1qUStsiE7KcDq+WpdrEPaZltyqcdIBsqb5n+tID8PcMfg0W3ShQ
J30nd0D8ovdQFvhX8rkKLAP/wUx9N5HgozKN908mPcRDxKcY53krJIHgPR/9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUxU1w53dWCaoQ4R6qXCQWLAN4yLwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMz
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Vb7vMA0GCSqGSIb3DQEBCwUAA4IBAQBTvgT6P158hiuPygk4Sot+ikk8CSkjKvQv
TBF2Ydyxbe0O5F5n3V05ktqQb2vzA8H/e1Xn0srYokig7/bI8axwP+4yyHGZV64v
3U9Er9x/5be5WCN3Pt5idDQIE9exjKfe9nT77zezVMbqSIK4stuxRtBkTI3nKbdH
FDeOsiw7C0sImUzaFWjY6O/XrHBpkIHje4/CxcEPsg0WRnd516RbPcHe4XOtJfGl
9SZNS9F9QEdAyA1gagkdTeLQEiP1DR/ktFDSEdBshN+sP7t66ZTS40H7lvcWbxD5
y8NPul9O6PuxG03FjoWrPPnqkbVYsPkChF+yrjuquhdt/kEsZEsJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org