Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36322e302f32332d3234203d3e2030.roa
File: 3130392e3233362e36322e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier: WYEUIe42kjQRELRez//Xm9aEYg+4iALSqQqrkyWYBH0=
Subject key identifier: 0A:11:B0:4C:59:6B:F2:1F:EA:97:DD:2F:28:00:7E:99:93:0D:2D:E4
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 3398BF30875CE7537670CF40DB46A02AF80C6800
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36322e302f32332d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:52 +0000
ROA not before: Mon 27 Mar 2023 08:22:52 +0000
ROA not after: Mon 25 Mar 2024 08:27:52 +0000
asID: 0
IP address blocks: 109.236.62.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:98:bf:30:87:5c:e7:53:76:70:cf:40:db:46:a0:2a:f8:0c:68:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 27 08:22:52 2023 GMT
Not After : Mar 25 08:27:52 2024 GMT
Subject: CN=0A11B04C596BF21FEA97DD2F28007E99930D2DE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f6:f6:6a:00:e8:eb:ce:f1:6d:cf:83:9a:9b:
8e:49:8b:14:43:82:56:9f:bf:96:ac:7b:c9:b1:18:
b6:1c:6d:f4:8c:1d:2d:d5:11:bc:c8:b7:3b:e1:e7:
50:21:c8:5f:b0:b8:b2:44:64:47:37:1a:5d:0e:f5:
25:01:33:2e:d1:44:4d:c9:2a:c4:61:c1:52:7a:f1:
76:5b:67:de:34:d7:34:8f:f8:f0:52:de:6a:01:53:
30:c8:34:75:89:e1:f9:91:28:c6:2c:8e:bf:97:58:
82:72:87:f0:43:c3:92:3f:19:31:0d:c0:83:8d:7b:
00:00:d8:28:5b:15:1c:09:58:cd:65:8c:4d:80:8a:
93:74:00:c6:bb:1c:cb:5f:0a:85:be:da:61:d0:d6:
46:e8:cd:d7:b4:ea:e5:96:d5:73:a9:f6:22:b1:2a:
ea:1b:55:38:be:73:7b:d3:f9:c1:1e:d9:21:32:62:
a2:45:27:f0:82:1e:58:aa:23:28:a3:22:be:8f:3a:
8f:bb:b0:d3:d6:c2:dd:32:bc:2f:ed:e9:f0:04:c0:
eb:77:04:cd:fe:01:0f:80:3e:71:06:a9:07:13:90:
5c:32:f2:8a:6f:b0:ce:1e:43:d4:f0:86:96:fa:e6:
db:23:80:ce:32:bd:80:34:33:7c:bf:54:22:21:83:
5a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:11:B0:4C:59:6B:F2:1F:EA:97:DD:2F:28:00:7E:99:93:0D:2D:E4
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36322e302f32332d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.62.0/23
Signature Algorithm: sha256WithRSAEncryption
88:a7:ee:96:39:2b:0e:fb:77:a6:39:f4:73:0b:e1:22:82:be:
9b:68:3e:7e:7c:45:fd:84:38:a2:32:57:bd:42:67:0f:53:8e:
a0:15:87:d0:ef:50:22:ce:12:f9:b4:7a:2e:dd:bc:9b:ea:79:
ff:87:92:76:b5:4d:98:12:bc:bc:d1:c5:5f:98:11:c5:24:e4:
c9:7f:cc:d6:3a:30:7f:34:01:c0:8c:02:60:f9:9d:99:c1:f3:
4a:b2:d2:8f:75:88:26:17:71:b1:df:df:78:77:36:74:b9:66:
53:e5:0d:2f:5c:81:d3:f3:24:4c:36:1e:03:a6:d3:55:dd:e0:
f8:f7:8a:8d:85:8d:17:79:c1:f8:45:7c:0d:09:85:c1:7b:db:
8f:da:30:14:84:63:02:df:5f:b2:11:bf:0b:1b:5d:67:bc:60:
1d:f4:0b:1a:bb:45:f7:3a:75:3e:38:67:e6:b3:3f:19:5b:98:
af:87:86:e9:28:7e:0c:54:85:ad:01:c4:8c:36:99:8d:ad:bc:
46:5f:35:20:41:38:fe:91:96:17:0b:4e:04:d4:73:95:43:9e:
e8:f7:0f:14:db:de:dd:1e:de:12:8f:44:08:4d:4d:9f:21:16:
ef:76:83:67:f1:cb:ae:45:5a:e9:89:7b:78:8b:06:15:3f:4e:
77:4a:5e:2e
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUM5i/MIdc51N2cM9A20agKvgMaAAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTJaFw0yNDAzMjUwODI3NTJaMDMxMTAvBgNV
BAMTKDBBMTFCMDRDNTk2QkYyMUZFQTk3REQyRjI4MDA3RTk5OTMwRDJERTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj9vZqAOjrzvFtz4Oam45JixRD
glafv5ase8mxGLYcbfSMHS3VEbzItzvh51AhyF+wuLJEZEc3Gl0O9SUBMy7RRE3J
KsRhwVJ68XZbZ9401zSP+PBS3moBUzDINHWJ4fmRKMYsjr+XWIJyh/BDw5I/GTEN
wIONewAA2ChbFRwJWM1ljE2AipN0AMa7HMtfCoW+2mHQ1kbozde06uWW1XOp9iKx
KuobVTi+c3vT+cEe2SEyYqJFJ/CCHliqIyijIr6POo+7sNPWwt0yvC/t6fAEwOt3
BM3+AQ+APnEGqQcTkFwy8opvsM4eQ9Twhpb65tsjgM4yvYA0M3y/VCIhg1oLAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUChGwTFlr8h/ql90vKAB+mZMNLeQwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzMDM5MmUzMjMzMzYyZTM2
MzIyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAW3sPjANBgkq
hkiG9w0BAQsFAAOCAQEAiKfuljkrDvt3pjn0cwvhIoK+m2g+fnxF/YQ4ojJXvUJn
D1OOoBWH0O9QIs4S+bR6Lt28m+p5/4eSdrVNmBK8vNHFX5gRxSTkyX/M1jowfzQB
wIwCYPmdmcHzSrLSj3WIJhdxsd/feHc2dLlmU+UNL1yB0/MkTDYeA6bTVd3g+PeK
jYWNF3nB+EV8DQmFwXvbj9owFIRjAt9fshG/CxtdZ7xgHfQLGrtF9zp1Pjhn5rM/
GVuYr4eG6Sh+DFSFrQHEjDaZja28Rl81IEE4/pGWFwtOBNRzlUOe6PcPFNve3R7e
Eo9ECE1NnyEW73aDZ/HLrkVa6Yl7eIsGFT9Od0peLg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org