Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e352e3135342e302f32332d3234203d3e203432333636.roa
File: 3139342e352e3135342e302f32332d3234203d3e203432333636.roa (raw, json)
Hash identifier: +zbj6bc+sIWCTAzlDHsRBBDHuo/WZnH8r7Jy3Sfmm1c=
Subject key identifier: 71:1E:A0:5A:DE:AA:16:BF:85:75:79:C2:08:6D:E9:FA:FC:4B:F7:3C
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 5D3C38C0D53E5D5704A0D1B6AEE7A5D820AA8384
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e352e3135342e302f32332d3234203d3e203432333636.roa
Signing time: Fri 31 Mar 2023 12:16:52 +0000
ROA not before: Fri 31 Mar 2023 12:11:52 +0000
ROA not after: Fri 29 Mar 2024 12:16:52 +0000
asID: 42366
IP address blocks: 194.5.154.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:3c:38:c0:d5:3e:5d:57:04:a0:d1:b6:ae:e7:a5:d8:20:aa:83:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 31 12:11:52 2023 GMT
Not After : Mar 29 12:16:52 2024 GMT
Subject: CN=711EA05ADEAA16BF857579C2086DE9FAFC4BF73C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:01:b9:48:25:a8:02:31:86:ce:e8:63:76:32:
cc:1e:6f:44:06:6e:66:99:07:02:50:58:f8:17:36:
a3:3b:73:ca:05:ed:2b:16:38:0f:78:a9:1d:f9:fc:
c9:0f:0e:34:e7:3c:8f:60:88:c0:71:89:c8:4a:0d:
dc:ac:f6:c6:e7:5e:9e:e0:ba:42:14:6b:a8:48:8a:
cc:ba:d5:95:3e:30:3f:5c:9f:12:8f:89:b7:91:32:
b8:e0:66:53:69:89:24:c0:f0:a2:a9:c4:ee:b6:7a:
84:08:7e:08:52:1c:b9:9e:d1:07:eb:27:db:be:da:
48:a9:55:11:cf:c0:ff:f6:15:3c:c0:05:16:20:94:
48:6e:e8:b5:f6:a7:96:db:a9:eb:03:4c:f8:58:dc:
ee:61:91:fa:16:ef:5f:e0:6f:19:0f:4f:5d:fb:b9:
9e:f9:08:ea:67:74:9e:d2:f5:33:7e:f5:df:b5:ac:
5d:95:d4:86:85:2a:21:cc:cf:16:5d:e3:1c:13:65:
1d:ff:ac:ca:38:8f:cf:61:4f:cc:4e:22:b1:26:e5:
16:34:6c:56:a9:1d:84:8d:60:27:d6:97:2b:d5:f2:
71:e8:0d:f2:cd:83:d7:b1:f3:d4:95:d9:7b:fa:36:
d9:db:93:7f:da:1a:af:6f:07:99:1b:b6:57:b7:62:
90:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:1E:A0:5A:DE:AA:16:BF:85:75:79:C2:08:6D:E9:FA:FC:4B:F7:3C
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e352e3135342e302f32332d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.154.0/23
Signature Algorithm: sha256WithRSAEncryption
82:5a:86:78:da:45:ce:86:80:d3:ca:49:83:49:0f:61:ec:0d:
4d:1b:5a:0f:62:46:90:87:f4:00:06:59:3e:cf:60:93:37:b4:
28:ff:e6:e5:42:7c:3b:ed:95:74:f2:81:2d:79:6e:9d:b1:19:
3d:71:c6:14:b7:33:2b:78:2f:a9:d2:32:bf:f4:ab:27:07:5a:
ad:31:ab:59:78:94:e6:e6:43:7a:f2:95:1c:20:46:48:74:44:
12:10:68:30:7d:6d:84:3a:19:29:fa:48:09:4f:f1:25:39:66:
92:b4:f7:19:07:ea:60:ab:5b:1a:78:ce:ad:8c:5f:3d:2e:f2:
bb:37:2b:c7:ea:69:ac:82:ec:90:69:5d:66:ec:66:14:78:f0:
06:3f:3b:81:a6:e9:9c:61:39:ca:2a:22:e9:26:f2:fb:99:ed:
5e:a0:45:f4:c2:1a:90:1a:d3:3d:3f:32:22:b3:11:46:7a:d1:
70:c9:81:60:76:9d:73:35:9c:f3:ed:17:ef:a3:39:09:85:6a:
13:e4:d3:e5:84:2b:5b:0e:db:83:81:f6:3f:98:d3:0d:ac:ff:
c2:b9:b6:0f:20:48:23:d0:d4:d4:8b:52:51:b2:da:49:08:ee:
1d:2e:47:4f:e6:49:71:2a:23:d8:b7:0b:9c:f1:4e:50:7b:4a:
8e:44:32:94
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUXTw4wNU+XVcEoNG2ruel2CCqg4QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMzExMjExNTJaFw0yNDAzMjkxMjE2NTJaMDMxMTAvBgNV
BAMTKDcxMUVBMDVBREVBQTE2QkY4NTc1NzlDMjA4NkRFOUZBRkM0QkY3M0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/AblIJagCMYbO6GN2Msweb0QG
bmaZBwJQWPgXNqM7c8oF7SsWOA94qR35/MkPDjTnPI9giMBxichKDdys9sbnXp7g
ukIUa6hIisy61ZU+MD9cnxKPibeRMrjgZlNpiSTA8KKpxO62eoQIfghSHLme0Qfr
J9u+2kipVRHPwP/2FTzABRYglEhu6LX2p5bbqesDTPhY3O5hkfoW71/gbxkPT137
uZ75COpndJ7S9TN+9d+1rF2V1IaFKiHMzxZd4xwTZR3/rMo4j89hT8xOIrEm5RY0
bFapHYSNYCfWlyvV8nHoDfLNg9ex89SV2Xv6Ntnbk3/aGq9vB5kbtle3YpCtAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUcR6gWt6qFr+FdXnCCG3p+vxL9zwwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTM0MmUzNTJlMzEzNTM0
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzQzMjMzMzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcIF
mjANBgkqhkiG9w0BAQsFAAOCAQEAglqGeNpFzoaA08pJg0kPYewNTRtaD2JGkIf0
AAZZPs9gkze0KP/m5UJ8O+2VdPKBLXlunbEZPXHGFLczK3gvqdIyv/SrJwdarTGr
WXiU5uZDevKVHCBGSHREEhBoMH1thDoZKfpICU/xJTlmkrT3GQfqYKtbGnjOrYxf
PS7yuzcrx+pprILskGldZuxmFHjwBj87gabpnGE5yioi6Sby+5ntXqBF9MIakBrT
PT8yIrMRRnrRcMmBYHadczWc8+0X76M5CYVqE+TT5YQrWw7bg4H2P5jTDaz/wrm2
DyBII9DU1ItSUbLaSQjuHS5HT+ZJcSoj2LcLnPFOUHtKjkQylA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:13 2024 by rpki-client on console-ams.rpki-client.org