Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139332e33362e3233382e302f32332d3234203d3e203432333636.roa
File: 3139332e33362e3233382e302f32332d3234203d3e203432333636.roa (raw, json)
Hash identifier: 485dq/7WS8cYegWxSSqezNMQ+/ONhmopCSzPWSHi9gw=
Subject key identifier: 64:FD:9D:79:B7:E2:73:52:F4:55:7F:DD:1A:A1:AF:5A:26:68:25:13
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 55336E970786C4644D5EE687E2A0042DCFA31A41
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139332e33362e3233382e302f32332d3234203d3e203432333636.roa
Signing time: Mon 10 Apr 2023 08:19:00 +0000
ROA not before: Mon 10 Apr 2023 08:14:00 +0000
ROA not after: Mon 08 Apr 2024 08:19:00 +0000
asID: 42366
IP address blocks: 193.36.238.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:33:6e:97:07:86:c4:64:4d:5e:e6:87:e2:a0:04:2d:cf:a3:1a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 10 08:14:00 2023 GMT
Not After : Apr 8 08:19:00 2024 GMT
Subject: CN=64FD9D79B7E27352F4557FDD1AA1AF5A26682513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ae:0c:8e:f3:9c:fe:a2:7b:01:88:bf:4c:71:
51:c6:93:f4:b6:2f:f0:f0:db:2b:ac:b3:13:20:d1:
6e:46:af:e7:db:7f:0e:aa:96:12:a8:8c:4f:09:a8:
4d:03:ca:a1:94:90:2d:dd:c9:79:01:42:e6:82:c2:
c6:10:63:7b:5c:98:8f:c0:e9:52:66:4f:77:c3:a8:
81:37:1f:63:d8:77:25:49:26:fd:20:85:5d:68:3b:
80:f0:36:f9:cb:87:d6:fe:b8:77:0d:7b:9b:2d:52:
c3:ff:74:24:bf:47:cf:3e:7c:69:1c:54:53:03:af:
61:a9:9d:9e:f7:cf:62:ba:6f:93:5f:f1:2b:7b:c3:
b4:3f:19:66:24:2b:7e:f3:48:3f:d4:70:3f:6d:5c:
23:d7:e4:ae:2e:bc:6e:c4:07:5a:3d:17:3c:6d:ee:
2f:d8:35:8a:c3:fc:4d:b6:4a:b0:a6:5f:ab:03:bf:
f4:dd:39:ac:37:ab:1e:b9:67:ca:2f:b4:6c:31:8e:
81:4e:de:d7:fe:44:e5:08:1e:c4:9d:48:21:5f:ce:
25:72:c8:ef:3f:64:00:26:da:78:73:2c:76:01:10:
1a:fc:ed:8a:93:46:c6:a1:a3:28:97:e1:62:77:c1:
bd:9c:0f:cc:aa:75:20:dc:8a:e6:61:ba:52:77:15:
bd:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:FD:9D:79:B7:E2:73:52:F4:55:7F:DD:1A:A1:AF:5A:26:68:25:13
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139332e33362e3233382e302f32332d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.36.238.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:6c:05:f3:e0:f3:92:c7:cd:e1:be:00:df:d7:65:44:aa:f1:
d1:3b:ba:cd:0b:61:5a:4e:de:3a:7c:17:38:e3:f6:ce:73:24:
ce:82:98:22:50:0e:54:5a:0c:fb:5b:af:4b:99:be:7c:36:5e:
17:13:cd:09:8c:63:60:e9:b1:3f:71:c4:a8:64:85:73:65:bc:
0e:1d:61:a4:8c:43:54:bf:e4:f2:ed:5d:d7:85:1c:42:32:8d:
59:a7:a3:d1:e7:4c:64:e8:55:e7:be:9d:15:ee:01:d9:fd:1b:
04:34:19:f4:c8:0e:59:f3:cd:df:92:7e:e2:36:16:f7:c6:ee:
db:82:3a:16:02:87:0f:1f:9f:1f:54:bb:9b:02:c3:f6:00:d0:
20:e3:e4:de:06:2f:94:a0:d1:25:c6:61:5e:5a:96:28:ac:8d:
6b:32:4c:df:85:0d:15:35:78:66:91:48:8c:8d:8b:96:60:29:
94:93:57:5f:13:16:b0:0b:64:72:c8:76:c3:74:cb:fc:05:b2:
9a:1b:6a:b3:cd:e4:15:61:3a:0c:ec:1b:f2:eb:d9:b5:12:e1:
72:51:d3:11:a0:b2:15:40:7a:69:a8:fe:cc:d0:2e:f4:a5:58:
1c:4e:52:89:f0:fe:ed:c3:e8:b8:3c:8a:62:aa:c3:99:a4:91:
eb:d5:2d:93
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUVTNulweGxGRNXuaH4qAELc+jGkEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yMzA0MTAwODE0MDBaFw0yNDA0MDgwODE5MDBaMDMxMTAvBgNV
BAMTKDY0RkQ5RDc5QjdFMjczNTJGNDU1N0ZERDFBQTFBRjVBMjY2ODI1MTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIrgyO85z+onsBiL9McVHGk/S2
L/Dw2yussxMg0W5Gr+fbfw6qlhKojE8JqE0DyqGUkC3dyXkBQuaCwsYQY3tcmI/A
6VJmT3fDqIE3H2PYdyVJJv0ghV1oO4DwNvnLh9b+uHcNe5stUsP/dCS/R88+fGkc
VFMDr2GpnZ73z2K6b5Nf8St7w7Q/GWYkK37zSD/UcD9tXCPX5K4uvG7EB1o9Fzxt
7i/YNYrD/E22SrCmX6sDv/TdOaw3qx65Z8ovtGwxjoFO3tf+ROUIHsSdSCFfziVy
yO8/ZAAm2nhzLHYBEBr87YqTRsahoyiX4WJ3wb2cD8yqdSDciuZhulJ3Fb31AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZP2debfic1L0VX/dGqGvWiZoJRMwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzOTMzMmUzMzM2MmUzMjMz
MzgyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
wSTuMA0GCSqGSIb3DQEBCwUAA4IBAQCqbAXz4POSx83hvgDf12VEqvHRO7rNC2Fa
Tt46fBc44/bOcyTOgpgiUA5UWgz7W69Lmb58Nl4XE80JjGNg6bE/ccSoZIVzZbwO
HWGkjENUv+Ty7V3XhRxCMo1Zp6PR50xk6FXnvp0V7gHZ/RsENBn0yA5Z883fkn7i
Nhb3xu7bgjoWAocPH58fVLubAsP2ANAg4+TeBi+UoNElxmFeWpYorI1rMkzfhQ0V
NXhmkUiMjYuWYCmUk1dfExawC2RyyHbDdMv8BbKaG2qzzeQVYToM7Bvy69m1EuFy
UdMRoLIVQHppqP7M0C70pVgcTlKJ8P7tw+i4PIpiqsOZpJHr1S2T
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org