Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/39312e3139362e3232312e302f32342d3234203d3e2030.roa
File: 39312e3139362e3232312e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: oIfEWrbgcueqe/IRLvqqMNatE1AZuYMG2rOSUSAEUr0=
Subject key identifier: C5:60:1B:1D:3C:02:DB:84:8A:97:F7:89:83:61:48:AC:62:90:8E:BA
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 74C0343CB90E74DC48C0D777A370E6A54CE4BD16
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/39312e3139362e3232312e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:26 +0000
ROA not before: Mon 27 Mar 2023 08:22:26 +0000
ROA not after: Mon 25 Mar 2024 08:27:26 +0000
asID: 0
IP address blocks: 91.196.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:c0:34:3c:b9:0e:74:dc:48:c0:d7:77:a3:70:e6:a5:4c:e4:bd:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Mar 27 08:22:26 2023 GMT
Not After : Mar 25 08:27:26 2024 GMT
Subject: CN=C5601B1D3C02DB848A97F789836148AC62908EBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:07:ab:00:87:79:bc:eb:37:9c:23:e4:48:1c:
df:94:f5:ba:a1:62:6c:13:24:19:e1:2e:90:6c:1e:
7e:c3:77:d3:c0:69:79:94:87:51:41:4e:59:ac:35:
5e:92:45:96:05:22:90:31:49:18:d6:e3:47:7c:76:
2e:2f:07:33:08:9c:12:f1:92:1d:90:4e:7d:5f:aa:
bc:3c:dc:97:96:b8:bb:53:4c:03:57:44:40:a1:fd:
9a:9e:41:28:91:23:be:60:56:fb:64:09:c3:52:70:
c4:f2:7f:b3:c8:1a:9a:fb:bc:e1:5f:1a:8a:0c:65:
4d:01:cc:90:cf:66:06:14:d2:8a:cd:ce:28:a5:35:
32:f2:4c:5c:52:4c:7d:45:d6:0c:dd:ba:38:e2:be:
c7:e8:38:6f:e1:ab:5a:8c:f9:f2:9f:16:f0:8b:fe:
19:f5:60:9f:a9:7e:53:98:8f:11:5c:08:d7:e3:7b:
e2:6f:e7:63:cf:be:fe:95:55:7f:98:f0:00:78:d3:
1a:b5:7c:73:d2:3a:66:e9:f1:4e:c1:b8:3a:80:83:
45:0c:c9:44:33:36:50:99:17:c7:ee:00:01:75:ec:
77:52:a6:91:0b:20:d0:ad:5f:ca:11:c7:e9:7b:10:
ec:ca:6b:98:4e:85:a6:e4:ad:07:e4:f3:43:65:f9:
55:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:60:1B:1D:3C:02:DB:84:8A:97:F7:89:83:61:48:AC:62:90:8E:BA
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/39312e3139362e3232312e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.221.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:2f:de:73:bb:5a:e3:2b:f8:b8:15:47:fb:be:40:d5:eb:2f:
69:ba:a5:96:b7:82:27:d7:1f:c2:2e:67:fd:27:33:7c:9c:ef:
76:c8:0e:88:3d:91:48:e9:96:65:a9:ca:4e:d3:c0:f1:ac:98:
7a:2f:34:2c:bb:bf:37:21:18:16:d6:5b:e3:76:b5:68:c8:6d:
3a:81:06:6e:da:22:b2:70:0c:fb:90:f0:94:2f:b5:5f:42:ce:
44:31:09:b6:f5:9f:70:60:1d:1a:ea:e1:4d:4f:55:17:3f:9e:
c5:61:58:30:09:5b:36:e4:fb:49:6c:a4:73:63:12:32:fa:9e:
23:52:ae:77:ac:ee:b6:56:56:a1:f5:4e:3e:b3:19:62:d2:f7:
6c:aa:cd:82:cf:e2:64:9d:f4:c9:59:90:c4:13:44:ec:e2:e2:
31:5b:77:ee:30:4c:ee:b4:0a:f4:75:8d:f4:58:aa:96:aa:ef:
4a:11:da:db:c1:5b:06:ad:ed:13:4d:c0:9a:df:aa:7e:4f:58:
af:1c:3a:3f:33:d0:11:8d:58:1d:b5:fd:1d:0a:c3:ec:8a:82:
0b:16:f2:3a:81:5b:ab:4e:b7:bb:62:d4:81:27:e0:53:8a:7a:
1e:fc:1a:36:f8:df:e6:85:24:62:cb:3f:17:4c:30:7e:66:db:
33:8a:57:ca
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUdMA0PLkOdNxIwNd3o3DmpUzkvRYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yMzAzMjcwODIyMjZaFw0yNDAzMjUwODI3MjZaMDMxMTAvBgNV
BAMTKEM1NjAxQjFEM0MwMkRCODQ4QTk3Rjc4OTgzNjE0OEFDNjI5MDhFQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUB6sAh3m86zecI+RIHN+U9bqh
YmwTJBnhLpBsHn7Dd9PAaXmUh1FBTlmsNV6SRZYFIpAxSRjW40d8di4vBzMInBLx
kh2QTn1fqrw83JeWuLtTTANXRECh/ZqeQSiRI75gVvtkCcNScMTyf7PIGpr7vOFf
GooMZU0BzJDPZgYU0orNziilNTLyTFxSTH1F1gzdujjivsfoOG/hq1qM+fKfFvCL
/hn1YJ+pflOYjxFcCNfje+Jv52PPvv6VVX+Y8AB40xq1fHPSOmbp8U7BuDqAg0UM
yUQzNlCZF8fuAAF17HdSppELINCtX8oRx+l7EOzKa5hOhabkrQfk80Nl+VXXAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUxWAbHTwC24SKl/eJg2FIrGKQjrowHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzkzMTJlMzEzOTM2MmUzMjMy
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvE3TANBgkq
hkiG9w0BAQsFAAOCAQEASi/ec7ta4yv4uBVH+75A1esvabqllreCJ9cfwi5n/Scz
fJzvdsgOiD2RSOmWZanKTtPA8ayYei80LLu/NyEYFtZb43a1aMhtOoEGbtoisnAM
+5DwlC+1X0LORDEJtvWfcGAdGurhTU9VFz+exWFYMAlbNuT7SWykc2MSMvqeI1Ku
d6zutlZWofVOPrMZYtL3bKrNgs/iZJ30yVmQxBNE7OLiMVt37jBM7rQK9HWN9Fiq
lqrvShHa28FbBq3tE03Amt+qfk9Yrxw6PzPQEY1YHbX9HQrD7IqCCxbyOoFbq063
u2LUgSfgU4p6HvwaNvjf5oUkYss/F0wwfmbbM4pXyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:13 2024 by rpki-client on console-ams.rpki-client.org