Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3137382e3231322e33332e302f32342d3234203d3e203432333636.roa
File: 3137382e3231322e33332e302f32342d3234203d3e203432333636.roa (raw, json)
Hash identifier: tNURSHD7u4RVv870Yf7Xq4CrDQOsNeZrT3VLHAbIOfQ=
Subject key identifier: 53:81:7E:27:E4:22:09:BE:EF:AB:4E:F5:40:B1:2C:3E:D8:63:44:17
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 3BFBA7331721896D51565B805656633CE3B5B5A0
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3137382e3231322e33332e302f32342d3234203d3e203432333636.roa
Signing time: Fri 31 Mar 2023 12:16:25 +0000
ROA not before: Fri 31 Mar 2023 12:11:25 +0000
ROA not after: Fri 29 Mar 2024 12:16:25 +0000
asID: 42366
IP address blocks: 178.212.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:fb:a7:33:17:21:89:6d:51:56:5b:80:56:56:63:3c:e3:b5:b5:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 31 12:11:25 2023 GMT
Not After : Mar 29 12:16:25 2024 GMT
Subject: CN=53817E27E42209BEEFAB4EF540B12C3ED8634417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d0:c3:1b:66:82:0c:ff:46:d1:d7:5f:53:b7:
b1:b0:6e:07:86:7d:81:75:53:1b:71:e8:a6:6d:fe:
52:6d:d2:28:d3:e8:ca:98:5a:cd:35:0e:cb:f4:50:
e0:c0:54:01:8e:51:44:38:3a:f8:49:da:7e:1f:1d:
64:ec:35:01:83:e4:9a:62:21:f6:24:e4:7f:5d:d2:
5f:48:ac:c5:84:af:97:49:62:a1:55:8a:04:04:a6:
5c:b3:77:9e:74:cc:e8:ee:9f:cf:77:42:1b:f1:fb:
76:05:f6:5b:3a:1e:45:f0:5e:85:b7:7e:55:ee:6f:
59:e0:00:bd:0f:3f:b6:46:61:0c:2c:ea:e6:aa:12:
f7:95:ca:1e:d8:51:87:fc:46:45:8e:43:a1:fe:9f:
00:ba:2f:e7:6b:e0:3c:a3:65:57:3a:7e:01:2b:f3:
c5:89:02:20:30:8a:39:75:b7:58:c9:da:dc:e2:c1:
36:db:af:3b:cf:dc:58:07:78:b3:d8:64:e9:bb:c6:
c8:75:3e:ba:ef:28:a1:d3:4d:cc:b4:b1:69:51:dd:
9d:31:eb:60:e6:53:63:21:56:28:e1:58:21:16:b3:
93:e6:cb:c7:69:6a:fd:58:9d:ba:bc:a3:fe:c2:8f:
d6:2f:6f:5f:e6:75:7f:ce:29:cf:53:bf:4c:be:7e:
36:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:81:7E:27:E4:22:09:BE:EF:AB:4E:F5:40:B1:2C:3E:D8:63:44:17
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3137382e3231322e33332e302f32342d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.212.33.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:17:11:61:98:8c:cd:6c:f1:d3:2e:e6:a2:e8:95:22:69:23:
a0:5d:f2:72:5b:d5:ec:5b:b6:54:1f:7f:b6:1d:21:8b:eb:f0:
9c:38:30:61:0c:66:30:5d:dc:04:d0:b0:43:4b:90:5d:92:8a:
43:3a:61:d7:fc:ae:fd:70:de:7d:ab:74:53:bb:a6:65:5e:a8:
be:b3:17:56:99:35:ad:82:06:cb:a6:bd:1d:61:af:f5:89:37:
dc:13:e9:ca:30:26:e0:a5:1f:cb:b6:3a:4f:ef:6c:64:50:38:
0f:fd:bd:cc:9b:9d:80:60:9e:b7:bf:50:00:cf:a0:df:4e:b2:
68:57:7a:26:79:78:ba:4c:1c:e7:5c:5c:57:c9:66:9e:52:8e:
4a:c8:fd:ed:a6:a4:d8:dc:bd:69:88:ce:12:20:c9:82:77:a8:
06:e1:fc:e2:84:22:52:56:2d:dd:d4:de:02:3d:ba:65:95:09:
5a:53:86:d4:ea:62:f2:64:b9:e6:6b:97:a6:fd:40:7a:85:8f:
03:13:f4:eb:61:00:c8:72:13:9e:78:50:6c:9f:51:c6:9a:d0:
86:ac:67:d1:8a:a8:06:99:fb:89:94:e7:e3:8f:76:7a:03:50:
8c:74:cf:dd:5a:c8:2d:03:14:ea:a3:e6:57:e3:2b:29:7e:e1:
41:00:cb:12
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUO/unMxchiW1RVluAVlZjPOO1taAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMzExMjExMjVaFw0yNDAzMjkxMjE2MjVaMDMxMTAvBgNV
BAMTKDUzODE3RTI3RTQyMjA5QkVFRkFCNEVGNTQwQjEyQzNFRDg2MzQ0MTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC70MMbZoIM/0bR119Tt7GwbgeG
fYF1Uxtx6KZt/lJt0ijT6MqYWs01Dsv0UODAVAGOUUQ4OvhJ2n4fHWTsNQGD5Jpi
IfYk5H9d0l9IrMWEr5dJYqFVigQEplyzd550zOjun893Qhvx+3YF9ls6HkXwXoW3
flXub1ngAL0PP7ZGYQws6uaqEveVyh7YUYf8RkWOQ6H+nwC6L+dr4DyjZVc6fgEr
88WJAiAwijl1t1jJ2tziwTbbrzvP3FgHeLPYZOm7xsh1PrrvKKHTTcy0sWlR3Z0x
62DmU2MhVijhWCEWs5Pmy8dpav1Ynbq8o/7Cj9Yvb1/mdX/OKc9Tv0y+fjYHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUU4F+J+QiCb7vq071QLEsPthjRBcwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzNzM4MmUzMjMxMzIyZTMz
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
stQhMA0GCSqGSIb3DQEBCwUAA4IBAQC0FxFhmIzNbPHTLuai6JUiaSOgXfJyW9Xs
W7ZUH3+2HSGL6/CcODBhDGYwXdwE0LBDS5BdkopDOmHX/K79cN59q3RTu6ZlXqi+
sxdWmTWtggbLpr0dYa/1iTfcE+nKMCbgpR/LtjpP72xkUDgP/b3Mm52AYJ63v1AA
z6DfTrJoV3omeXi6TBznXFxXyWaeUo5KyP3tpqTY3L1piM4SIMmCd6gG4fzihCJS
Vi3d1N4CPbpllQlaU4bU6mLyZLnma5em/UB6hY8DE/TrYQDIchOeeFBsn1HGmtCG
rGfRiqgGmfuJlOfjj3Z6A1CMdM/dWsgtAxTqo+ZX4yspfuFBAMsS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org