Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e31352e3130382e302f32342d3234203d3e2030.roa
File: 3139342e31352e3130382e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: RUnCC+rpXCG1mp8brgwe8480RFtTylwLtk3WbyXVSjA=
Subject key identifier: B3:2F:8C:4A:F6:50:56:0B:A2:3C:2A:A0:BE:D6:F8:B1:F7:4C:09:A5
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 3D214F84D6542AF8FEB38E2CB972AF321B9A2003
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e31352e3130382e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:50 +0000
ROA not before: Mon 27 Mar 2023 08:22:50 +0000
ROA not after: Mon 25 Mar 2024 08:27:50 +0000
asID: 0
IP address blocks: 194.15.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:21:4f:84:d6:54:2a:f8:fe:b3:8e:2c:b9:72:af:32:1b:9a:20:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 27 08:22:50 2023 GMT
Not After : Mar 25 08:27:50 2024 GMT
Subject: CN=B32F8C4AF650560BA23C2AA0BED6F8B1F74C09A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:14:f8:06:62:02:15:f5:ed:3c:a7:c0:3c:82:
6f:f3:1b:50:75:73:7e:b2:1a:80:6e:a7:eb:dd:ec:
f9:c8:c5:c8:53:b7:a1:3c:69:ff:03:ed:c5:d4:e5:
c9:67:57:24:8f:32:17:af:dc:b9:98:a9:3f:b1:c6:
c1:e1:21:a0:0b:88:04:c6:6d:9a:bc:80:d9:cb:10:
44:cb:b4:da:91:76:b8:b5:c1:74:e1:a6:e5:92:26:
10:a2:7e:a8:79:4b:f6:88:a8:fb:07:88:ca:a9:94:
f4:97:7e:63:56:16:d5:33:50:8e:d1:29:fe:77:71:
f5:b6:5c:66:cc:55:57:41:ab:b9:32:8f:85:27:04:
57:63:ce:60:12:ad:6d:e5:81:e7:13:40:65:b0:3c:
f5:d3:8a:3d:e2:74:c9:2f:fc:cc:70:3f:83:3a:a6:
68:5c:32:46:d7:2d:93:0f:f8:4f:fb:b1:41:36:fc:
b2:0f:6f:a9:3a:de:44:68:da:aa:dc:a7:ac:88:25:
73:a9:ca:0c:14:6c:69:bd:6d:09:ad:a1:9d:af:4b:
ea:6e:b0:57:e0:88:c2:c3:a1:85:35:a1:9d:5d:02:
9b:e2:12:18:60:1a:f5:86:a1:c8:fa:a6:5e:e4:47:
d2:99:28:9f:30:c5:4e:38:48:d1:69:c0:2b:44:b1:
2b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:2F:8C:4A:F6:50:56:0B:A2:3C:2A:A0:BE:D6:F8:B1:F7:4C:09:A5
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e31352e3130382e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.108.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:a9:cc:fa:dc:79:dc:4c:d2:6f:97:6c:58:18:39:eb:62:1b:
0f:14:6f:25:a3:69:38:5c:5a:4c:18:cb:f0:2e:ef:b5:68:ee:
4f:4a:31:10:1f:35:f6:42:57:32:6e:b2:67:b1:4c:8d:08:62:
b4:6a:65:4f:0e:8d:e4:bd:fa:2c:a1:c8:de:88:33:2b:b2:f3:
87:68:48:29:b8:7a:47:75:eb:ea:60:96:a1:37:d1:99:ea:22:
1b:ed:d4:6e:38:21:77:12:0e:13:4c:bc:50:52:3e:88:da:af:
71:c1:f2:36:a9:34:46:70:48:72:63:6f:26:68:c3:06:54:75:
0a:e0:a6:24:07:2c:ed:8c:bc:f3:9f:58:66:94:59:cf:4c:f2:
61:2d:21:ba:f6:d4:99:fc:36:79:04:66:b0:db:3a:4a:ff:ff:
f5:52:73:d7:a1:d3:cd:5d:b3:c4:49:02:da:3f:b8:f9:89:a3:
e2:55:23:b7:4d:c9:d1:04:59:8d:ef:b6:6c:7f:de:e0:ab:58:
c8:3b:c8:79:d2:ed:53:d8:b0:96:e5:68:a6:03:04:36:01:83:
da:eb:62:b2:8e:7f:a0:7b:4a:56:31:b5:e8:28:ad:fc:ca:41:
16:c3:60:36:c0:87:e2:de:15:54:e5:ba:35:21:18:16:be:3e:
2c:6f:67:83
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUPSFPhNZUKvj+s44suXKvMhuaIAMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTBaFw0yNDAzMjUwODI3NTBaMDMxMTAvBgNV
BAMTKEIzMkY4QzRBRjY1MDU2MEJBMjNDMkFBMEJFRDZGOEIxRjc0QzA5QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCFPgGYgIV9e08p8A8gm/zG1B1
c36yGoBup+vd7PnIxchTt6E8af8D7cXU5clnVySPMhev3LmYqT+xxsHhIaALiATG
bZq8gNnLEETLtNqRdri1wXThpuWSJhCifqh5S/aIqPsHiMqplPSXfmNWFtUzUI7R
Kf53cfW2XGbMVVdBq7kyj4UnBFdjzmASrW3lgecTQGWwPPXTij3idMkv/MxwP4M6
pmhcMkbXLZMP+E/7sUE2/LIPb6k63kRo2qrcp6yIJXOpygwUbGm9bQmtoZ2vS+pu
sFfgiMLDoYU1oZ1dApviEhhgGvWGocj6pl7kR9KZKJ8wxU44SNFpwCtEsSsjAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUsy+MSvZQVguiPCqgvtb4sfdMCaUwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTM0MmUzMTM1MmUzMTMw
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIPbDANBgkq
hkiG9w0BAQsFAAOCAQEAT6nM+tx53EzSb5dsWBg562IbDxRvJaNpOFxaTBjL8C7v
tWjuT0oxEB819kJXMm6yZ7FMjQhitGplTw6N5L36LKHI3ogzK7Lzh2hIKbh6R3Xr
6mCWoTfRmeoiG+3UbjghdxIOE0y8UFI+iNqvccHyNqk0RnBIcmNvJmjDBlR1CuCm
JAcs7Yy8859YZpRZz0zyYS0huvbUmfw2eQRmsNs6Sv//9VJz16HTzV2zxEkC2j+4
+Ymj4lUjt03J0QRZje+2bH/e4KtYyDvIedLtU9iwluVopgMENgGD2utiso5/oHtK
VjG16Cit/MpBFsNgNsCH4t4VVOW6NSEYFr4+LG9ngw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org