Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3138352e3139362e302e302f32322d3234203d3e2030.roa
File: 3138352e3139362e302e302f32322d3234203d3e2030.roa (raw, json)
Hash identifier: x2RShiXg1Ee88AZOO8yQrNmhBGljEibgt8AvnMqLhGw=
Subject key identifier: 48:9D:2F:50:DF:F8:26:AA:56:B0:84:0E:A8:A9:DD:99:19:0F:30:DB
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 40D006F546E7B280AEF9F5DB5ED06D54D13F1C25
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3138352e3139362e302e302f32322d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:31 +0000
ROA not before: Mon 27 Mar 2023 08:22:31 +0000
ROA not after: Mon 25 Mar 2024 08:27:31 +0000
asID: 0
IP address blocks: 185.196.0.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:d0:06:f5:46:e7:b2:80:ae:f9:f5:db:5e:d0:6d:54:d1:3f:1c:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Mar 27 08:22:31 2023 GMT
Not After : Mar 25 08:27:31 2024 GMT
Subject: CN=489D2F50DFF826AA56B0840EA8A9DD99190F30DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:77:60:43:cc:08:05:b4:d2:37:e3:1d:79:4d:
65:8c:d5:5f:89:a0:2b:b3:77:0e:c3:fe:bf:68:db:
6e:65:e0:97:17:e3:fd:fd:b5:c4:c1:fc:80:c7:ee:
d7:4f:45:1f:18:eb:84:17:8b:fa:98:64:cc:56:5f:
e2:6d:32:f8:3b:d4:11:df:5d:b2:62:a3:39:57:6c:
98:f1:ff:9f:67:59:ca:44:6a:d6:09:77:b2:aa:c4:
dc:7a:0f:08:60:60:cf:ee:7b:d1:54:04:58:4e:92:
ff:0f:bf:86:6d:c2:c2:f5:06:93:ac:e1:2e:cb:05:
cc:64:3b:85:2c:8b:24:c4:e1:fc:04:ce:af:83:cf:
fe:9e:06:dd:82:de:e0:c6:07:a8:03:9f:d3:55:0b:
b6:4c:cb:be:10:c6:39:1f:4f:06:da:38:b3:ce:7f:
b7:dd:66:ea:90:94:86:e5:86:2b:1d:d8:47:8d:bb:
ad:82:5c:88:4c:9f:04:e3:2a:fa:73:d1:83:89:7b:
86:79:22:74:1f:6c:1a:f9:82:22:eb:fb:1f:07:e8:
07:f6:45:17:79:cd:53:14:59:09:39:ac:fd:ea:0a:
2d:88:fd:da:c8:6b:1f:33:70:44:1c:1c:5e:de:a9:
d6:24:79:06:95:2a:d6:57:24:96:69:f0:c7:8f:bc:
d7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:9D:2F:50:DF:F8:26:AA:56:B0:84:0E:A8:A9:DD:99:19:0F:30:DB
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3138352e3139362e302e302f32322d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.0.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:76:c5:e7:1a:a4:00:20:a8:48:3a:9a:2d:51:53:0f:12:e8:
e3:86:41:22:d4:0e:17:0f:1d:46:f3:86:9b:9b:95:4e:d6:e7:
4d:6b:ee:e2:9e:a3:0d:d9:14:7e:a6:8a:06:65:8d:10:bd:a5:
c7:12:a4:a1:f7:56:af:2b:23:81:b7:ad:b9:64:0f:b5:ef:5c:
2f:50:ac:82:0e:81:e7:3c:84:f8:74:97:09:54:45:06:05:a5:
c8:95:b0:07:c6:37:22:2c:8c:d8:e1:b0:06:2d:cf:8a:9b:3c:
00:a4:c2:81:88:b5:a4:21:4e:2a:c9:8e:c1:0a:a9:86:9a:d2:
c2:1c:52:00:24:b2:0c:00:fd:6e:ae:38:e5:ce:51:b8:5e:71:
87:e9:30:16:71:f7:72:b5:50:f7:dd:c9:5f:11:c2:c4:76:5c:
6e:82:92:f7:65:81:2d:8b:1a:93:5f:37:6c:97:bf:c7:1d:ad:
3d:79:14:9e:69:ff:d3:66:5f:8b:f0:15:97:45:59:ad:c4:84:
e2:3f:5a:c8:1e:ad:39:0e:30:0c:27:60:ba:ae:32:49:0b:00:
a8:b8:eb:70:ad:48:bc:cf:72:be:54:fb:30:fb:40:96:83:0f:
8c:c7:8a:47:66:cc:7e:3b:61:0d:2b:d7:6b:8e:df:91:87:45:
12:4c:d9:5d
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUQNAG9UbnsoCu+fXbXtBtVNE/HCUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yMzAzMjcwODIyMzFaFw0yNDAzMjUwODI3MzFaMDMxMTAvBgNV
BAMTKDQ4OUQyRjUwREZGODI2QUE1NkIwODQwRUE4QTlERDk5MTkwRjMwREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFd2BDzAgFtNI34x15TWWM1V+J
oCuzdw7D/r9o225l4JcX4/39tcTB/IDH7tdPRR8Y64QXi/qYZMxWX+JtMvg71BHf
XbJiozlXbJjx/59nWcpEatYJd7KqxNx6DwhgYM/ue9FUBFhOkv8Pv4ZtwsL1BpOs
4S7LBcxkO4UsiyTE4fwEzq+Dz/6eBt2C3uDGB6gDn9NVC7ZMy74QxjkfTwbaOLPO
f7fdZuqQlIblhisd2EeNu62CXIhMnwTjKvpz0YOJe4Z5InQfbBr5giLr+x8H6Af2
RRd5zVMUWQk5rP3qCi2I/drIax8zcEQcHF7eqdYkeQaVKtZXJJZp8MePvNebAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUSJ0vUN/4JqpWsIQOqKndmRkPMNswHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzODM1MmUzMTM5MzYyZTMw
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5xAAwDQYJKoZI
hvcNAQELBQADggEBAKh2xecapAAgqEg6mi1RUw8S6OOGQSLUDhcPHUbzhpublU7W
501r7uKeow3ZFH6migZljRC9pccSpKH3Vq8rI4G3rblkD7XvXC9QrIIOgec8hPh0
lwlURQYFpciVsAfGNyIsjNjhsAYtz4qbPACkwoGItaQhTirJjsEKqYaa0sIcUgAk
sgwA/W6uOOXOUbhecYfpMBZx93K1UPfdyV8RwsR2XG6CkvdlgS2LGpNfN2yXv8cd
rT15FJ5p/9NmX4vwFZdFWa3EhOI/WsgerTkOMAwnYLquMkkLAKi463CtSLzPcr5U
+zD7QJaDD4zHikdmzH47YQ0r12uO35GHRRJM2V0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org