Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e34362e3234322e302f32342d3234203d3e2030.roa
File: 3139332e34362e3234322e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: 1TH9cFw37JBcsUPdmmuVwmMz88tUMSKnqXNoJAndBqQ=
Subject key identifier: AE:3C:95:32:5F:A9:54:2E:61:DD:D0:5C:12:F5:DD:B6:A7:57:06:B0
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 58B23ECC9E79A6300443263BFE1ED1630304A9A6
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e34362e3234322e302f32342d3234203d3e2030.roa
Signing time: Fri 28 Apr 2023 16:50:25 +0000
ROA not before: Fri 28 Apr 2023 16:45:25 +0000
ROA not after: Fri 26 Apr 2024 16:50:25 +0000
asID: 0
IP address blocks: 193.46.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:b2:3e:cc:9e:79:a6:30:04:43:26:3b:fe:1e:d1:63:03:04:a9:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Apr 28 16:45:25 2023 GMT
Not After : Apr 26 16:50:25 2024 GMT
Subject: CN=AE3C95325FA9542E61DDD05C12F5DDB6A75706B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f1:60:f6:7c:b3:5a:c1:17:b4:79:50:49:1b:
71:ca:b2:f9:93:83:10:ad:15:44:56:45:4d:bb:97:
40:23:07:6d:67:4b:09:c1:de:b4:83:fe:06:28:b0:
5d:48:15:67:b0:0a:23:a8:9b:ed:bc:5d:d5:c0:5d:
d3:7d:27:90:cb:9f:fc:37:d8:65:8d:88:1a:c5:a5:
fa:8f:28:6b:69:9b:b3:c4:ee:6c:f8:df:91:be:42:
57:93:a7:f1:57:d0:4d:ac:a3:47:24:e8:9a:04:05:
1e:0f:7b:a0:c6:6b:28:9e:ba:4b:bd:f5:b9:d7:a4:
4a:89:a8:0b:a2:21:43:e6:8f:0d:29:f3:f1:c3:5a:
56:ca:1c:41:5c:02:cf:d0:0b:ae:48:40:8a:3e:d1:
84:e1:16:e6:2c:16:d9:7b:22:b1:d8:9b:c9:47:8c:
b0:69:c5:28:af:4d:d4:29:64:e2:15:75:dd:e8:d2:
6d:59:70:85:01:dd:75:34:e0:12:e2:54:df:1d:39:
da:94:b4:9a:f3:a9:d2:b4:4a:c8:0d:9a:20:60:84:
a0:51:48:a8:1d:aa:0f:f5:2e:d7:88:a3:05:8b:d6:
41:41:7b:11:af:7c:6b:cd:40:48:0c:63:d3:27:c0:
ec:b0:47:ee:98:20:2a:cc:c8:83:08:94:8e:f9:79:
a5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:3C:95:32:5F:A9:54:2E:61:DD:D0:5C:12:F5:DD:B6:A7:57:06:B0
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139332e34362e3234322e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.46.242.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:97:d5:85:fd:1b:22:68:98:1f:d0:2f:c2:2a:ea:30:b8:40:
ec:c1:c5:37:34:cb:5d:c8:04:51:34:27:5c:06:f1:02:e7:3d:
28:10:b0:dc:17:0f:32:35:33:48:97:c4:6e:d4:09:b7:68:82:
78:b6:37:51:b5:eb:9b:df:ea:9a:08:0b:58:e8:f3:eb:02:59:
be:87:f3:8c:2c:ee:bc:7e:4e:ed:aa:e4:bb:1f:84:26:c8:d4:
8c:1a:fc:23:d3:51:d8:e4:fc:e7:da:f3:ee:6b:de:2e:73:ce:
97:0f:a6:ae:c9:f2:8d:11:97:2e:f4:2b:3e:6f:02:28:9d:f1:
98:d0:8b:e5:0c:92:82:3e:3e:79:eb:6d:b9:b8:5b:9c:41:f2:
9b:49:ff:6d:64:ae:60:1c:a1:db:c9:9a:38:9b:41:b5:0e:f4:
84:a0:ac:44:b9:7a:13:5a:cc:7c:57:5c:95:dc:ff:70:a4:bf:
d5:af:5b:d2:c1:08:d6:50:fe:13:d9:a9:45:df:6d:3c:86:3b:
ae:19:96:4b:78:44:66:c7:64:54:6c:da:e8:ca:8f:1e:cc:49:
4e:d8:76:8b:b9:7b:df:2e:ae:d6:6f:9e:4d:ce:14:77:5e:05:
8a:05:d0:aa:ac:d2:90:f1:62:0e:0f:08:19:fc:85:e8:6d:9a:
9f:3b:69:33
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUWLI+zJ55pjAEQyY7/h7RYwMEqaYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzA0MjgxNjQ1MjVaFw0yNDA0MjYxNjUwMjVaMDMxMTAvBgNV
BAMTKEFFM0M5NTMyNUZBOTU0MkU2MURERDA1QzEyRjVEREI2QTc1NzA2QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV8WD2fLNawRe0eVBJG3HKsvmT
gxCtFURWRU27l0AjB21nSwnB3rSD/gYosF1IFWewCiOom+28XdXAXdN9J5DLn/w3
2GWNiBrFpfqPKGtpm7PE7mz435G+QleTp/FX0E2so0ck6JoEBR4Pe6DGayieuku9
9bnXpEqJqAuiIUPmjw0p8/HDWlbKHEFcAs/QC65IQIo+0YThFuYsFtl7IrHYm8lH
jLBpxSivTdQpZOIVdd3o0m1ZcIUB3XU04BLiVN8dOdqUtJrzqdK0SsgNmiBghKBR
SKgdqg/1LteIowWL1kFBexGvfGvNQEgMY9MnwOywR+6YICrMyIMIlI75eaVrAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUrjyVMl+pVC5h3dBcEvXdtqdXBrAwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTMzMmUzNDM2MmUzMjM0
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEu8jANBgkq
hkiG9w0BAQsFAAOCAQEAnZfVhf0bImiYH9AvwirqMLhA7MHFNzTLXcgEUTQnXAbx
Auc9KBCw3BcPMjUzSJfEbtQJt2iCeLY3UbXrm9/qmggLWOjz6wJZvofzjCzuvH5O
7arkux+EJsjUjBr8I9NR2OT859rz7mveLnPOlw+mrsnyjRGXLvQrPm8CKJ3xmNCL
5QySgj4+eettubhbnEHym0n/bWSuYByh28maOJtBtQ70hKCsRLl6E1rMfFdcldz/
cKS/1a9b0sEI1lD+E9mpRd9tPIY7rhmWS3hEZsdkVGza6MqPHsxJTth2i7l73y6u
1m+eTc4Ud14FigXQqqzSkPFiDg8IGfyF6G2anztpMw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:13 2024 by rpki-client on console-ams.rpki-client.org