Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e352e3135342e302f32332d3234203d3e2030.roa
File: 3139342e352e3135342e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier: KtfiaN6cjE0jFWUibFl6JLNHh6ZEKW2tftCZMfX/lLo=
Subject key identifier: 0B:ED:7D:34:3C:C7:3F:EE:AD:B2:8A:CB:73:75:9D:07:5E:7B:27:B9
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 08F446A34AF7D0BC581BAC05835EC6037A3D2347
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e352e3135342e302f32332d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:57 +0000
ROA not before: Mon 27 Mar 2023 08:22:57 +0000
ROA not after: Mon 25 Mar 2024 08:27:57 +0000
asID: 0
IP address blocks: 194.5.154.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:f4:46:a3:4a:f7:d0:bc:58:1b:ac:05:83:5e:c6:03:7a:3d:23:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 27 08:22:57 2023 GMT
Not After : Mar 25 08:27:57 2024 GMT
Subject: CN=0BED7D343CC73FEEADB28ACB73759D075E7B27B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f3:c9:4a:08:10:e0:ef:27:a1:61:58:74:68:
b6:dc:e5:93:a5:5c:2d:d5:88:1e:16:c7:cc:fa:3b:
8f:44:ec:58:87:90:34:9d:3e:64:4d:ff:c4:d4:f5:
8e:52:34:21:7c:96:b5:4b:84:73:00:96:3a:6f:50:
d4:ef:35:e2:b2:57:0c:a4:40:67:66:1e:b8:e5:24:
af:3e:bf:0b:66:31:97:ef:51:19:c7:e8:2d:8d:91:
1a:fb:fb:0c:3f:87:3a:cc:cd:33:f4:39:c0:89:24:
08:ec:54:a6:d0:c8:84:bb:89:12:c6:d6:02:49:fd:
51:ef:29:85:64:36:a3:66:09:cf:59:6f:4e:c6:b8:
1a:4d:6e:98:3d:9e:e9:bc:92:60:5a:6d:25:7e:e9:
c5:61:e7:59:76:17:f7:40:21:72:19:01:05:e8:ac:
62:63:0f:0a:e7:51:96:59:1e:c2:39:e0:af:7c:0d:
b1:44:ce:1d:fb:98:92:3b:12:5a:54:b4:68:37:dd:
87:4f:e6:a3:a1:66:43:30:f6:ce:a2:4e:85:91:06:
17:bf:b5:7c:56:2f:7f:de:44:ea:bd:78:57:29:89:
d0:5a:8a:b1:8e:05:29:38:54:e5:f7:67:a6:5c:a0:
de:01:d6:1c:56:03:92:a3:30:8e:1d:79:bf:1b:f9:
9b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:ED:7D:34:3C:C7:3F:EE:AD:B2:8A:CB:73:75:9D:07:5E:7B:27:B9
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e352e3135342e302f32332d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.154.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:ba:e5:d9:bf:ee:da:39:6f:0b:e9:cb:d3:67:72:27:28:dd:
fd:13:88:66:0c:5b:dd:26:01:d0:80:84:e2:18:7e:21:55:72:
ec:9c:ff:91:7f:5e:b7:ad:d6:b1:df:3a:74:e6:0c:5c:3b:70:
6e:5e:16:6b:66:dc:28:74:66:2a:7a:c2:c7:8b:62:b1:0e:ad:
9a:a1:78:f6:89:a6:1c:e9:5e:c2:18:4e:ff:2e:be:61:15:de:
3e:db:2b:2d:c4:e8:70:3d:54:c0:a7:c5:89:97:d6:44:68:81:
b1:58:89:fc:a0:77:f4:d6:fd:94:96:a7:d4:a2:de:03:ec:a8:
b2:6d:87:42:0a:b8:d7:4e:11:52:e4:f6:2a:6e:a5:7a:0d:a1:
6b:c2:c2:40:d4:9f:85:a2:ed:4a:7f:9c:92:72:f3:45:a6:b8:
e9:e6:cb:58:a4:40:9e:b3:00:b8:2f:ab:84:b4:6d:78:e6:9e:
bd:14:2f:0b:9c:f2:81:91:e7:f4:48:95:d6:26:0b:fb:da:b5:
a9:cc:e3:18:ae:17:e8:44:e6:ac:9d:28:81:58:1e:05:be:df:
70:78:ca:25:d7:a6:a2:aa:43:d2:5f:a4:df:65:00:35:aa:2d:
b4:c8:e7:bb:20:b3:62:bc:b7:b6:ec:f6:0a:7c:43:54:45:28:
a6:9f:97:84
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUCPRGo0r30LxYG6wFg17GA3o9I0cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTdaFw0yNDAzMjUwODI3NTdaMDMxMTAvBgNV
BAMTKDBCRUQ3RDM0M0NDNzNGRUVBREIyOEFDQjczNzU5RDA3NUU3QjI3QjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy88lKCBDg7yehYVh0aLbc5ZOl
XC3ViB4Wx8z6O49E7FiHkDSdPmRN/8TU9Y5SNCF8lrVLhHMAljpvUNTvNeKyVwyk
QGdmHrjlJK8+vwtmMZfvURnH6C2NkRr7+ww/hzrMzTP0OcCJJAjsVKbQyIS7iRLG
1gJJ/VHvKYVkNqNmCc9Zb07GuBpNbpg9num8kmBabSV+6cVh51l2F/dAIXIZAQXo
rGJjDwrnUZZZHsI54K98DbFEzh37mJI7ElpUtGg33YdP5qOhZkMw9s6iToWRBhe/
tXxWL3/eROq9eFcpidBairGOBSk4VOX3Z6ZcoN4B1hxWA5KjMI4deb8b+Zu3AgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUC+19NDzHP+6tsorLc3WdB157J7kwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTM0MmUzNTJlMzEzNTM0
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHCBZowDQYJKoZI
hvcNAQELBQADggEBAKG65dm/7to5bwvpy9Nncico3f0TiGYMW90mAdCAhOIYfiFV
cuyc/5F/Xret1rHfOnTmDFw7cG5eFmtm3Ch0Zip6wseLYrEOrZqhePaJphzpXsIY
Tv8uvmEV3j7bKy3E6HA9VMCnxYmX1kRogbFYifygd/TW/ZSWp9Si3gPsqLJth0IK
uNdOEVLk9ipupXoNoWvCwkDUn4Wi7Up/nJJy80WmuOnmy1ikQJ6zALgvq4S0bXjm
nr0ULwuc8oGR5/RIldYmC/vatanM4xiuF+hE5qydKIFYHgW+33B4yiXXpqKqQ9Jf
pN9lADWqLbTI57sgs2K8t7bs9gp8Q1RFKKafl4Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org