Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36302e302f32342d3234203d3e2030.roa
File: 3130392e3233362e36302e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: HIvMoHxRZcPFtwJWSKNXBZ02PWU87smdoNyIFrkFhm4=
Subject key identifier: AA:33:68:F5:FD:8B:27:2D:83:3E:49:AE:FB:AC:92:55:61:E0:BB:AA
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 4E9D7F2F94BA9685ED5EE4855C28F3BB9C0A3952
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36302e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:53 +0000
ROA not before: Mon 27 Mar 2023 08:22:53 +0000
ROA not after: Mon 25 Mar 2024 08:27:53 +0000
asID: 0
IP address blocks: 109.236.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:9d:7f:2f:94:ba:96:85:ed:5e:e4:85:5c:28:f3:bb:9c:0a:39:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 27 08:22:53 2023 GMT
Not After : Mar 25 08:27:53 2024 GMT
Subject: CN=AA3368F5FD8B272D833E49AEFBAC925561E0BBAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d4:f7:f9:aa:59:3e:0b:04:f3:ff:77:b8:89:
99:4f:2c:a9:a3:48:d5:35:2a:0d:13:be:6a:eb:44:
38:ec:3c:aa:f5:44:db:63:5b:d6:9a:0a:11:c8:96:
f5:6e:ce:c0:42:06:1f:72:f4:7b:20:7c:d9:ba:43:
1b:88:e6:1e:fc:61:c3:1d:61:1a:c7:ff:a1:ae:a0:
3e:63:c6:07:62:bf:42:f2:ae:d7:65:f3:37:29:2a:
87:2a:8c:d6:cf:9a:b5:3c:4a:3f:1e:6f:6c:35:81:
c7:b7:f8:ce:5c:94:17:df:46:e3:06:95:8c:36:58:
bf:e1:d1:07:6d:9b:be:2b:54:57:71:d3:ff:c9:62:
20:50:1b:3a:03:06:8a:dd:68:37:86:6e:db:b8:aa:
ad:6f:ce:92:18:75:a5:55:8f:92:a3:2e:79:46:11:
7b:22:b8:c7:93:e2:e0:d4:6d:bb:b6:2e:8f:94:9e:
c5:87:fb:d0:5e:2b:d9:d2:a9:0d:33:07:7c:5d:1a:
5a:0e:83:80:f5:ba:f4:43:a7:f1:0f:41:18:7a:10:
6a:e6:c3:a0:2a:da:c3:b9:e9:2f:09:3e:1c:b7:b0:
9c:f9:7e:d0:f5:94:a8:3e:6a:4e:33:6d:aa:dc:05:
e7:27:1b:e1:90:49:6a:3f:eb:38:95:a3:fc:e5:fd:
7e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:33:68:F5:FD:8B:27:2D:83:3E:49:AE:FB:AC:92:55:61:E0:BB:AA
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36302e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.60.0/24
Signature Algorithm: sha256WithRSAEncryption
11:ad:af:77:2a:66:37:af:e7:72:85:79:24:a8:53:e6:ee:49:
e5:8d:54:90:10:a6:5b:53:15:5e:10:c9:7b:56:72:fb:97:a3:
be:6e:6f:16:93:18:c8:50:72:63:c8:6c:f0:76:3e:59:6a:80:
52:7e:6d:8e:75:e4:39:87:81:ee:1d:55:59:0a:29:d3:45:56:
c6:82:cd:33:e1:2b:1b:0a:df:dd:df:a4:dd:94:73:0e:56:3b:
bb:ce:56:3f:b7:58:e3:41:99:43:90:91:f6:e4:db:6f:e6:a8:
f5:5d:bf:0f:d6:87:1f:55:d7:06:47:17:b6:fc:61:d7:a6:57:
b6:52:b2:fc:04:73:f7:53:95:16:d9:99:b5:45:86:02:14:b8:
02:d7:6b:52:7f:a1:ee:ad:37:8a:87:cf:02:ed:c3:4b:37:27:
cd:22:68:10:7f:20:33:7e:7f:74:db:2a:d8:83:61:c5:c2:18:
86:b4:56:aa:ae:d8:e6:9d:d3:0b:ed:d8:68:5a:a0:9c:bc:bd:
28:67:61:29:9f:d0:e5:c5:20:c8:0c:46:1c:2e:f5:87:9d:ac:
30:1c:74:87:82:d0:c9:18:23:7e:a4:fd:2b:17:3f:49:8d:dc:
43:21:d4:44:d1:74:bc:fd:c3:73:aa:e7:93:3a:e2:84:dd:34:
43:65:40:6b
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUTp1/L5S6loXtXuSFXCjzu5wKOVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTNaFw0yNDAzMjUwODI3NTNaMDMxMTAvBgNV
BAMTKEFBMzM2OEY1RkQ4QjI3MkQ4MzNFNDlBRUZCQUM5MjU1NjFFMEJCQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD1Pf5qlk+CwTz/3e4iZlPLKmj
SNU1Kg0TvmrrRDjsPKr1RNtjW9aaChHIlvVuzsBCBh9y9HsgfNm6QxuI5h78YcMd
YRrH/6GuoD5jxgdiv0Lyrtdl8zcpKocqjNbPmrU8Sj8eb2w1gce3+M5clBffRuMG
lYw2WL/h0Qdtm74rVFdx0//JYiBQGzoDBordaDeGbtu4qq1vzpIYdaVVj5KjLnlG
EXsiuMeT4uDUbbu2Lo+UnsWH+9BeK9nSqQ0zB3xdGloOg4D1uvRDp/EPQRh6EGrm
w6Aq2sO56S8JPhy3sJz5ftD1lKg+ak4zbarcBecnG+GQSWo/6ziVo/zl/X41AgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUqjNo9f2LJy2DPkmu+6ySVWHgu6owHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzMDM5MmUzMjMzMzYyZTM2
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG3sPDANBgkq
hkiG9w0BAQsFAAOCAQEAEa2vdypmN6/ncoV5JKhT5u5J5Y1UkBCmW1MVXhDJe1Zy
+5ejvm5vFpMYyFByY8hs8HY+WWqAUn5tjnXkOYeB7h1VWQop00VWxoLNM+ErGwrf
3d+k3ZRzDlY7u85WP7dY40GZQ5CR9uTbb+ao9V2/D9aHH1XXBkcXtvxh16ZXtlKy
/ARz91OVFtmZtUWGAhS4AtdrUn+h7q03iofPAu3DSzcnzSJoEH8gM35/dNsq2INh
xcIYhrRWqq7Y5p3TC+3YaFqgnLy9KGdhKZ/Q5cUgyAxGHC71h52sMBx0h4LQyRgj
fqT9Kxc/SY3cQyHURNF0vP3Dc6rnkzrihN00Q2VAaw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:13 2024 by rpki-client on console-ams.rpki-client.org