Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e3134382e37352e302f32342d3234203d3e2030.roa
File: 3139332e3134382e37352e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: 1nV0/Ihanlo4mn5MNksUtqy15Two29aSaPnYIoUUc1E=
Subject key identifier: C8:9B:5D:2F:74:14:AC:D5:E0:50:B0:62:FC:1F:F6:AC:E4:EF:CC:6D
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 55DFAF9A1A2DFA85FA2ABDA9CB26B2A49B075E59
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e3134382e37352e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:54 +0000
ROA not before: Mon 27 Mar 2023 08:22:54 +0000
ROA not after: Mon 25 Mar 2024 08:27:54 +0000
asID: 0
IP address blocks: 193.148.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:df:af:9a:1a:2d:fa:85:fa:2a:bd:a9:cb:26:b2:a4:9b:07:5e:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 27 08:22:54 2023 GMT
Not After : Mar 25 08:27:54 2024 GMT
Subject: CN=C89B5D2F7414ACD5E050B062FC1FF6ACE4EFCC6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:66:b2:30:50:c8:80:cf:dd:9e:f9:e5:39:24:
7b:b6:77:96:ef:14:69:91:7a:e5:ce:bd:bb:7d:b2:
3b:4f:85:ba:28:d7:a7:5d:a3:4f:25:46:6a:74:eb:
4f:55:16:15:9a:6c:1e:b6:e3:fd:94:10:d0:ec:d8:
cc:51:e9:5d:11:28:52:ee:48:98:29:1f:11:eb:24:
e5:2f:0b:48:60:86:bb:09:bf:e0:45:60:9c:e8:b2:
68:be:60:65:11:8b:40:33:fa:9a:1e:78:e8:fd:5f:
fa:13:84:13:71:fe:3d:8b:67:57:71:de:0c:5c:0b:
c9:45:76:4f:e9:e5:3c:36:0c:dd:39:f0:bc:30:3f:
5c:66:3a:1c:a1:74:93:a4:ba:2e:37:0d:07:ca:ba:
80:97:70:5d:e2:c8:f8:d6:18:8b:93:5c:53:2f:62:
56:cd:53:ae:67:55:d8:f8:6c:d7:fc:ba:48:bd:23:
96:54:65:85:51:b3:5c:3f:6c:4f:ac:f2:6b:2a:c5:
1b:f2:fc:94:6a:fc:e5:13:58:c2:3f:ab:35:5a:aa:
0c:dc:1e:2a:a2:a1:02:a1:9c:f7:4d:40:a8:30:64:
39:5e:57:70:15:8a:23:1b:ae:1d:2e:86:80:c9:5f:
75:3f:5c:2c:03:e1:ee:49:77:73:72:2f:33:49:39:
f1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:9B:5D:2F:74:14:AC:D5:E0:50:B0:62:FC:1F:F6:AC:E4:EF:CC:6D
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e3134382e37352e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.148.75.0/24
Signature Algorithm: sha256WithRSAEncryption
63:93:21:4d:82:dc:aa:62:b7:23:4c:63:63:9e:08:d7:aa:96:
c0:e1:4c:97:72:39:1f:f5:0c:ee:4d:28:21:ce:7a:68:37:ea:
91:d5:dc:44:86:70:89:c2:99:35:d8:90:82:bf:d7:12:da:65:
ef:69:82:d9:4f:87:75:35:04:d6:d1:26:66:a0:bc:ab:11:b4:
3a:7a:82:b8:f1:d3:70:18:00:51:97:b5:3a:65:5b:0e:80:88:
5b:79:74:4e:40:4f:17:0e:80:f4:46:5a:c2:ed:b4:08:69:58:
2c:76:b9:d8:86:3f:1e:39:13:3b:08:22:a5:fa:44:bd:08:ae:
bd:51:7c:7d:2a:e8:01:00:f8:40:65:ab:53:ae:59:28:9d:7d:
b6:36:50:f2:b8:d4:0b:ae:4c:2b:3a:75:94:e4:c2:ff:48:4e:
6e:6e:fc:b4:7f:a3:58:13:fd:68:98:eb:d0:4c:79:8f:26:c4:
c7:73:f7:19:20:28:f2:06:a9:fe:7d:e9:f2:8b:f7:ee:72:39:
ac:bd:23:84:71:f6:43:9e:c3:ea:f3:6f:8d:57:79:ab:25:40:
4e:cb:30:3c:39:ca:f9:13:a1:d3:3d:f4:b9:45:51:39:1a:91:
b9:9b:01:ca:d4:40:83:21:83:4c:b3:67:f6:51:56:02:77:29:
fe:93:94:af
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUVd+vmhot+oX6Kr2pyyaypJsHXlkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTRaFw0yNDAzMjUwODI3NTRaMDMxMTAvBgNV
BAMTKEM4OUI1RDJGNzQxNEFDRDVFMDUwQjA2MkZDMUZGNkFDRTRFRkNDNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWZrIwUMiAz92e+eU5JHu2d5bv
FGmReuXOvbt9sjtPhboo16ddo08lRmp0609VFhWabB624/2UENDs2MxR6V0RKFLu
SJgpHxHrJOUvC0hghrsJv+BFYJzosmi+YGURi0Az+poeeOj9X/oThBNx/j2LZ1dx
3gxcC8lFdk/p5Tw2DN058LwwP1xmOhyhdJOkui43DQfKuoCXcF3iyPjWGIuTXFMv
YlbNU65nVdj4bNf8uki9I5ZUZYVRs1w/bE+s8msqxRvy/JRq/OUTWMI/qzVaqgzc
HiqioQKhnPdNQKgwZDleV3AViiMbrh0uhoDJX3U/XCwD4e5Jd3NyLzNJOfGZAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUyJtdL3QUrNXgULBi/B/2rOTvzG0wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTMzMmUzMTM0MzgyZTM3
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMGUSzANBgkq
hkiG9w0BAQsFAAOCAQEAY5MhTYLcqmK3I0xjY54I16qWwOFMl3I5H/UM7k0oIc56
aDfqkdXcRIZwicKZNdiQgr/XEtpl72mC2U+HdTUE1tEmZqC8qxG0OnqCuPHTcBgA
UZe1OmVbDoCIW3l0TkBPFw6A9EZawu20CGlYLHa52IY/HjkTOwgipfpEvQiuvVF8
fSroAQD4QGWrU65ZKJ19tjZQ8rjUC65MKzp1lOTC/0hObm78tH+jWBP9aJjr0Ex5
jybEx3P3GSAo8gap/n3p8ov37nI5rL0jhHH2Q57D6vNvjVd5qyVATsswPDnK+ROh
0z30uUVRORqRuZsBytRAgyGDTLNn9lFWAncp/pOUrw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:13 2024 by rpki-client on console-ams.rpki-client.org