Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e3134382e37332e302f32342d3234203d3e2030.roa
File: 3139332e3134382e37332e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: f+xVADmAPJZvWDTrTeS+sDGw2gl7v5Ce7YVGeBACelk=
Subject key identifier: CD:CE:83:A3:68:FE:1B:25:CF:94:3A:62:16:33:E3:09:DC:D8:5E:D1
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 06B886977DF9F7F70433BAD5CFCB06D7C1AB3220
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e3134382e37332e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:57 +0000
ROA not before: Mon 27 Mar 2023 08:22:57 +0000
ROA not after: Mon 25 Mar 2024 08:27:57 +0000
asID: 0
IP address blocks: 193.148.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:b8:86:97:7d:f9:f7:f7:04:33:ba:d5:cf:cb:06:d7:c1:ab:32:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 27 08:22:57 2023 GMT
Not After : Mar 25 08:27:57 2024 GMT
Subject: CN=CDCE83A368FE1B25CF943A621633E309DCD85ED1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:bb:8b:70:82:5b:65:a9:b8:5a:a8:63:a4:ac:
ad:eb:7a:b2:d0:cc:ae:a9:6d:71:b5:20:ff:be:32:
54:dd:ae:6b:79:b7:c1:db:76:48:7e:e4:57:d7:16:
c8:bb:bd:fa:5e:7b:f3:1b:4a:15:e0:b1:23:be:c3:
ec:58:dd:ee:24:53:0a:1c:df:da:7e:4a:a1:3e:f1:
12:23:3a:63:fd:ee:96:f2:1c:77:99:f0:85:69:0c:
a4:61:79:ea:e7:3e:81:c3:dd:dd:85:75:37:13:c2:
46:72:4d:e1:39:a2:4e:df:c2:69:30:45:ec:0c:c3:
7f:2a:de:ad:43:2e:3f:2b:24:11:d1:b3:ee:cd:f9:
da:0f:6f:6c:ce:a6:8d:30:60:93:6d:93:c4:3b:32:
f0:e2:43:3a:bb:7e:7a:3d:0b:bb:fa:ed:92:25:4c:
6b:34:2d:44:8c:51:7e:7d:4b:48:aa:a4:bc:42:cc:
5c:24:98:dd:d9:25:eb:70:02:ac:19:b1:e8:71:a9:
f6:d1:e4:68:41:43:9f:08:d5:73:f1:36:bd:88:c2:
0b:7e:c0:af:2a:d6:90:ea:b4:2d:61:6a:47:11:e3:
93:f5:ee:32:a6:9e:27:a2:48:28:ad:b1:10:6b:0d:
81:1b:31:cb:01:e0:3b:30:a3:08:d4:01:e8:aa:2d:
60:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:CE:83:A3:68:FE:1B:25:CF:94:3A:62:16:33:E3:09:DC:D8:5E:D1
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e3134382e37332e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.73.0/24
Signature Algorithm: sha256WithRSAEncryption
38:98:c8:7f:7b:36:c5:43:05:b5:89:e4:18:28:8b:de:9b:40:
bb:b1:cf:4f:26:80:15:cc:a9:dc:0e:2a:e9:1e:57:92:ac:bf:
5f:35:09:a8:f6:c2:f1:fb:fe:6a:e9:82:c1:85:45:50:a2:62:
a5:20:a6:65:c5:e7:4c:31:6e:e9:90:a6:d2:be:bb:b2:f3:ad:
1c:b8:e3:3b:de:c9:75:7a:91:cd:f9:ea:0c:db:87:4a:02:d9:
0a:15:c9:e1:72:23:40:9a:9f:25:97:71:66:c5:fb:3d:d3:f2:
08:8f:ae:16:11:3f:3e:40:27:f3:de:62:0a:33:ad:17:f1:57:
36:46:93:75:a1:69:17:d9:b6:3b:c5:b3:2f:b8:bb:83:d4:97:
e3:8d:63:ac:5f:d5:1d:d2:7f:82:db:ee:78:54:35:ad:4e:8e:
ec:02:86:0c:1a:45:3e:b8:1d:20:b9:25:67:ed:88:c4:ac:ec:
f3:45:c1:86:ce:da:89:ab:be:c8:93:d4:f8:6a:dd:26:d8:6e:
f8:fa:06:83:a0:be:a7:9b:7f:e2:40:ec:51:ef:0e:93:14:51:
11:85:ab:4c:77:2a:86:43:b6:dd:ed:95:87:b3:e9:2b:e9:e5:
76:e7:82:e8:38:32:c1:96:9b:36:45:19:82:ac:45:2e:19:a6:
be:bf:b8:2e
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUBriGl3359/cEM7rVz8sG18GrMiAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTdaFw0yNDAzMjUwODI3NTdaMDMxMTAvBgNV
BAMTKENEQ0U4M0EzNjhGRTFCMjVDRjk0M0E2MjE2MzNFMzA5RENEODVFRDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWu4twgltlqbhaqGOkrK3rerLQ
zK6pbXG1IP++MlTdrmt5t8Hbdkh+5FfXFsi7vfpee/MbShXgsSO+w+xY3e4kUwoc
39p+SqE+8RIjOmP97pbyHHeZ8IVpDKRheernPoHD3d2FdTcTwkZyTeE5ok7fwmkw
RewMw38q3q1DLj8rJBHRs+7N+doPb2zOpo0wYJNtk8Q7MvDiQzq7fno9C7v67ZIl
TGs0LUSMUX59S0iqpLxCzFwkmN3ZJetwAqwZsehxqfbR5GhBQ58I1XPxNr2Iwgt+
wK8q1pDqtC1hakcR45P17jKmnieiSCitsRBrDYEbMcsB4DswowjUAeiqLWC5AgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUzc6Do2j+GyXPlDpiFjPjCdzYXtEwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTMzMmUzMTM0MzgyZTM3
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMGUSTANBgkq
hkiG9w0BAQsFAAOCAQEAOJjIf3s2xUMFtYnkGCiL3ptAu7HPTyaAFcyp3A4q6R5X
kqy/XzUJqPbC8fv+aumCwYVFUKJipSCmZcXnTDFu6ZCm0r67svOtHLjjO97JdXqR
zfnqDNuHSgLZChXJ4XIjQJqfJZdxZsX7PdPyCI+uFhE/PkAn895iCjOtF/FXNkaT
daFpF9m2O8WzL7i7g9SX441jrF/VHdJ/gtvueFQ1rU6O7AKGDBpFPrgdILklZ+2I
xKzs80XBhs7aiau+yJPU+GrdJthu+PoGg6C+p5t/4kDsUe8OkxRREYWrTHcqhkO2
3e2Vh7PpK+nldueC6DgywZabNkUZgqxFLhmmvr+4Lg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:13 2024 by rpki-client on console-ams.rpki-client.org