Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139322e3134352e33382e302f32332d3234203d3e2030.roa
File: 3139322e3134352e33382e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier: Cn/7ohh89FhmrCXykf1lg2t+wG6SLvbBlRFSCiHKRe8=
Subject key identifier: FA:58:12:3E:2C:AA:17:CA:F7:4D:9F:D1:23:3E:DD:A1:35:0D:9B:5F
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 690BCADB133BEAC05AA16D8A4F1B5D114F9DA2E9
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139322e3134352e33382e302f32332d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:57 +0000
ROA not before: Mon 27 Mar 2023 08:22:57 +0000
ROA not after: Mon 25 Mar 2024 08:27:57 +0000
asID: 0
IP address blocks: 192.145.38.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:0b:ca:db:13:3b:ea:c0:5a:a1:6d:8a:4f:1b:5d:11:4f:9d:a2:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 27 08:22:57 2023 GMT
Not After : Mar 25 08:27:57 2024 GMT
Subject: CN=FA58123E2CAA17CAF74D9FD1233EDDA1350D9B5F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5c:e4:cb:92:6f:c0:32:6a:59:c6:9a:11:d1:
d5:cf:88:b6:35:ef:40:4b:7f:48:46:77:54:d9:55:
ca:77:be:aa:9a:a5:47:ab:7e:91:d0:1c:a4:ee:71:
55:74:ef:d3:e8:1d:81:af:ab:7f:31:9f:5c:27:93:
c5:6d:a8:72:97:27:5e:b6:27:78:fa:ca:50:d5:f9:
11:8a:e0:80:a1:c3:ba:47:9a:32:c9:e4:e9:46:4e:
a9:c5:bd:25:32:ab:94:16:a6:5b:39:b7:55:2c:fe:
df:f1:a4:06:ff:53:c8:41:fc:01:02:03:7a:08:ab:
6c:57:d0:77:d2:7a:80:55:b5:15:af:f3:0b:23:ff:
8b:d6:d6:8d:9d:ce:30:89:ac:c7:5b:67:b3:ba:55:
fd:b7:e9:ea:bc:0c:56:f7:77:9e:31:c0:de:5b:8f:
be:6a:98:f3:bb:bd:9a:1d:97:40:a7:bc:21:00:1b:
59:8e:5c:be:9b:85:de:b1:57:43:9b:19:62:fe:3b:
e4:5a:2a:9b:df:ed:18:8d:97:54:0d:1e:a4:ed:fc:
d5:36:09:c5:94:73:a0:05:2e:57:d9:bd:44:37:d1:
87:fa:5d:82:42:33:ff:db:ee:4e:d6:da:45:97:d9:
98:80:c9:2f:fc:08:93:65:5e:2e:0b:6d:25:27:65:
b8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:58:12:3E:2C:AA:17:CA:F7:4D:9F:D1:23:3E:DD:A1:35:0D:9B:5F
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139322e3134352e33382e302f32332d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.38.0/23
Signature Algorithm: sha256WithRSAEncryption
50:70:d6:3e:76:f1:b5:a5:84:b6:67:54:d5:ee:2e:bd:8a:f6:
c4:42:00:63:8d:3d:db:6b:13:38:08:f1:81:d5:d4:ea:b1:26:
fe:d7:b0:89:3b:cc:ea:ea:14:e1:f3:0a:33:7c:86:c5:dd:0d:
90:a9:71:32:ea:ea:1b:37:ba:56:eb:ae:1e:33:0f:76:2c:d0:
6b:ba:4a:6a:bb:1e:bb:bd:c5:84:1c:30:8c:7d:74:b2:71:3f:
4b:47:d3:ef:86:14:ae:21:cb:5b:40:23:aa:b2:f7:41:23:d1:
6d:fb:4d:bb:44:2f:ce:9c:7a:34:b5:85:f1:9c:6c:c0:aa:47:
9a:ad:c3:f5:20:d7:1c:de:4d:4c:29:9f:1a:2f:f9:74:5e:02:
49:55:b3:6a:fc:fd:87:a0:2b:0d:e1:5d:fe:49:8c:2d:c9:dc:
37:93:6f:af:62:4b:24:ff:1a:1e:c9:17:ca:9c:ba:38:34:27:
0d:4f:40:1a:42:ca:09:93:71:83:38:be:4e:b9:0d:70:01:07:
31:4c:fc:ee:8f:1d:6e:91:c8:95:18:bc:88:5b:c4:06:1f:eb:
11:65:45:0c:15:8d:27:7f:2c:e7:53:f2:a5:51:ed:2c:6f:a1:
ac:36:8b:bf:ab:90:ad:5b:16:33:0b:09:63:30:54:be:b3:c0:
77:cc:f7:08
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUaQvK2xM76sBaoW2KTxtdEU+doukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTdaFw0yNDAzMjUwODI3NTdaMDMxMTAvBgNV
BAMTKEZBNTgxMjNFMkNBQTE3Q0FGNzREOUZEMTIzM0VEREExMzUwRDlCNUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrXOTLkm/AMmpZxpoR0dXPiLY1
70BLf0hGd1TZVcp3vqqapUerfpHQHKTucVV079PoHYGvq38xn1wnk8VtqHKXJ162
J3j6ylDV+RGK4IChw7pHmjLJ5OlGTqnFvSUyq5QWpls5t1Us/t/xpAb/U8hB/AEC
A3oIq2xX0HfSeoBVtRWv8wsj/4vW1o2dzjCJrMdbZ7O6Vf236eq8DFb3d54xwN5b
j75qmPO7vZodl0CnvCEAG1mOXL6bhd6xV0ObGWL+O+RaKpvf7RiNl1QNHqTt/NU2
CcWUc6AFLlfZvUQ30Yf6XYJCM//b7k7W2kWX2ZiAyS/8CJNlXi4LbSUnZbibAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQU+lgSPiyqF8r3TZ/RIz7doTUNm18wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTMyMmUzMTM0MzUyZTMz
MzgyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcCRJjANBgkq
hkiG9w0BAQsFAAOCAQEAUHDWPnbxtaWEtmdU1e4uvYr2xEIAY40922sTOAjxgdXU
6rEm/tewiTvM6uoU4fMKM3yGxd0NkKlxMurqGze6VuuuHjMPdizQa7pKarseu73F
hBwwjH10snE/S0fT74YUriHLW0AjqrL3QSPRbftNu0Qvzpx6NLWF8ZxswKpHmq3D
9SDXHN5NTCmfGi/5dF4CSVWzavz9h6ArDeFd/kmMLcncN5Nvr2JLJP8aHskXypy6
ODQnDU9AGkLKCZNxgzi+TrkNcAEHMUz87o8dbpHIlRi8iFvEBh/rEWVFDBWNJ38s
51PypVHtLG+hrDaLv6uQrVsWMwsJYzBUvrPAd8z3CA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org