Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3138352e3139332e31382e302f32342d3234203d3e2030.roa
File: 3138352e3139332e31382e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: dq+TZ5Pp5/HMW/k1rStzSwZ5D+W0C/zsVwqxJWqjfWU=
Subject key identifier: 09:2C:91:B2:FA:42:1A:D9:B1:94:32:52:AC:F5:3D:5B:6A:92:18:38
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 2EFCEE000D78999C04E1BFB33BAC4F27F39C0736
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3138352e3139332e31382e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:51 +0000
ROA not before: Mon 27 Mar 2023 08:22:51 +0000
ROA not after: Mon 25 Mar 2024 08:27:51 +0000
asID: 0
IP address blocks: 185.193.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:fc:ee:00:0d:78:99:9c:04:e1:bf:b3:3b:ac:4f:27:f3:9c:07:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 27 08:22:51 2023 GMT
Not After : Mar 25 08:27:51 2024 GMT
Subject: CN=092C91B2FA421AD9B1943252ACF53D5B6A921838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ac:80:8b:4d:2c:6d:2d:cf:63:c6:e2:6b:ed:
28:54:d9:76:7e:0e:f8:29:4f:68:5f:39:36:df:af:
e9:78:6d:f4:19:da:a9:2b:61:24:dd:95:f1:a4:2d:
56:8a:5b:63:86:2b:4c:28:c8:a8:4d:c1:87:c2:d2:
8a:85:57:43:a2:6a:47:67:d7:8d:09:6e:c6:44:44:
97:68:28:3a:4f:87:70:54:b1:e0:37:69:c0:eb:ef:
42:88:1e:f2:0b:52:e2:ce:0c:1b:43:a5:c8:95:b4:
02:2b:9b:d6:ac:3c:42:12:1f:20:c6:5c:fb:a3:6a:
ac:c9:3a:56:24:eb:a2:5a:7a:7a:ef:43:8e:7b:9f:
94:b2:c8:80:e5:6d:cb:63:62:43:24:75:b7:ef:51:
0d:2b:54:96:b6:0f:f2:43:2b:e4:1b:49:ca:40:1a:
14:7a:06:52:67:cb:77:8e:9d:bf:a7:78:0a:3e:41:
a1:e1:91:e3:b4:f6:92:61:69:46:ec:7e:47:64:24:
30:9f:c0:e6:51:b3:a6:30:19:fb:42:32:15:8c:30:
6e:9e:0b:66:1e:32:58:ca:b1:28:5a:85:98:29:f0:
7d:dc:82:1a:d3:4d:a2:24:03:05:b9:aa:76:77:a9:
58:77:3f:8f:52:36:68:71:7a:f4:93:8e:8c:df:52:
39:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:2C:91:B2:FA:42:1A:D9:B1:94:32:52:AC:F5:3D:5B:6A:92:18:38
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3138352e3139332e31382e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.18.0/24
Signature Algorithm: sha256WithRSAEncryption
86:d6:2f:e7:b2:34:06:92:a5:68:3f:44:68:00:dd:50:c8:ac:
4c:80:6b:3d:71:c0:39:5f:a7:98:ee:af:92:d9:19:f3:e5:70:
71:a1:c5:04:70:90:44:86:f6:2f:72:8b:a4:cd:df:3b:3c:74:
b6:67:2d:07:70:99:a7:02:6a:1c:22:df:9d:b4:e7:1d:aa:9f:
99:4f:2b:4a:d2:fa:96:78:f6:c0:d1:a6:e2:40:8c:4a:e0:80:
b5:06:03:56:d2:68:ce:ce:44:5b:6a:a4:a7:21:2e:c1:b0:e3:
96:fe:c6:62:a1:23:60:a7:6b:34:89:5c:2b:0a:37:3e:a2:5d:
7e:4a:df:72:d5:48:14:c4:95:6f:64:0b:47:5c:0e:a8:46:4a:
4a:ba:a4:72:60:13:8a:a9:d0:59:59:f9:0d:31:d1:42:de:e6:
32:aa:19:19:6c:a0:31:9a:82:44:ce:51:59:09:bf:d3:2a:b3:
6f:45:4f:0b:e5:91:3e:9e:4b:09:01:6a:35:c1:b7:1d:1b:29:
f4:85:ef:58:0d:95:8e:ca:f8:b2:4d:6f:02:3d:08:d9:f6:bd:
28:c5:2f:18:01:29:97:03:9c:e0:c8:c6:23:5b:f7:a7:a4:02:
8f:71:c6:85:40:fe:b9:b1:29:e1:ef:c9:46:26:38:1a:e7:66:
6a:1e:7d:fa
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIULvzuAA14mZwE4b+zO6xPJ/OcBzYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTFaFw0yNDAzMjUwODI3NTFaMDMxMTAvBgNV
BAMTKDA5MkM5MUIyRkE0MjFBRDlCMTk0MzI1MkFDRjUzRDVCNkE5MjE4MzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCirICLTSxtLc9jxuJr7ShU2XZ+
DvgpT2hfOTbfr+l4bfQZ2qkrYSTdlfGkLVaKW2OGK0woyKhNwYfC0oqFV0Oiakdn
140JbsZERJdoKDpPh3BUseA3acDr70KIHvILUuLODBtDpciVtAIrm9asPEISHyDG
XPujaqzJOlYk66JaenrvQ457n5SyyIDlbctjYkMkdbfvUQ0rVJa2D/JDK+QbScpA
GhR6BlJny3eOnb+neAo+QaHhkeO09pJhaUbsfkdkJDCfwOZRs6YwGftCMhWMMG6e
C2YeMljKsShahZgp8H3cghrTTaIkAwW5qnZ3qVh3P49SNmhxevSTjozfUjmJAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUCSyRsvpCGtmxlDJSrPU9W2qSGDgwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzODM1MmUzMTM5MzMyZTMx
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnBEjANBgkq
hkiG9w0BAQsFAAOCAQEAhtYv57I0BpKlaD9EaADdUMisTIBrPXHAOV+nmO6vktkZ
8+VwcaHFBHCQRIb2L3KLpM3fOzx0tmctB3CZpwJqHCLfnbTnHaqfmU8rStL6lnj2
wNGm4kCMSuCAtQYDVtJozs5EW2qkpyEuwbDjlv7GYqEjYKdrNIlcKwo3PqJdfkrf
ctVIFMSVb2QLR1wOqEZKSrqkcmATiqnQWVn5DTHRQt7mMqoZGWygMZqCRM5RWQm/
0yqzb0VPC+WRPp5LCQFqNcG3HRsp9IXvWA2Vjsr4sk1vAj0I2fa9KMUvGAEplwOc
4MjGI1v3p6QCj3HGhUD+ubEp4e/JRiY4Gudmah59+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org