Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e35332e3130382e302f32322d3234203d3e2030.roa
File: 3139342e35332e3130382e302f32322d3234203d3e2030.roa (raw, json)
Hash identifier: g4/7ymv8Pvtkg18S1dj2cBBDsgOz9H8Lx0nCTQSnWUs=
Subject key identifier: B8:BB:B4:36:94:A7:FD:D6:6A:D8:CD:F7:15:DB:3E:C5:93:EF:2F:23
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 18D6A9ED79F32DFD8770BDE28C676A9DC86E19C3
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e35332e3130382e302f32322d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:52 +0000
ROA not before: Mon 27 Mar 2023 08:22:52 +0000
ROA not after: Mon 25 Mar 2024 08:27:52 +0000
asID: 0
IP address blocks: 194.53.108.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:d6:a9:ed:79:f3:2d:fd:87:70:bd:e2:8c:67:6a:9d:c8:6e:19:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 27 08:22:52 2023 GMT
Not After : Mar 25 08:27:52 2024 GMT
Subject: CN=B8BBB43694A7FDD66AD8CDF715DB3EC593EF2F23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:78:ad:5f:f5:e9:85:8f:45:d6:89:24:92:0d:
6b:6d:4e:1c:d0:e5:a5:23:84:de:36:18:1f:40:9e:
fa:7f:48:d4:b0:48:78:cc:08:5c:22:75:ad:eb:ff:
77:02:bb:47:28:1d:f5:bc:b1:b2:89:d3:f5:5e:cf:
d6:eb:7a:22:e7:7c:7b:ba:b7:ba:9e:c7:ab:6d:f4:
ea:41:bf:c1:7a:d5:7a:af:67:6b:7e:f9:8d:88:c8:
6d:4a:39:a2:4e:b7:e6:03:20:29:72:de:93:50:75:
ba:0a:86:eb:19:27:05:ae:a8:9b:91:d6:75:ec:16:
ca:12:88:c6:8a:f4:dc:62:02:7c:a4:2b:8a:ec:88:
d7:ec:dd:c2:7a:18:d7:e3:b6:35:db:0b:45:d8:cc:
dd:e0:66:be:e9:8b:fb:ba:be:2e:0c:d6:3c:15:1e:
69:26:90:9f:88:07:a3:ed:87:32:4a:34:d8:32:c3:
45:f4:6b:b2:00:8d:f8:62:35:17:b1:30:a6:69:f1:
3d:c0:6f:aa:e0:5b:85:99:f3:f7:1f:1a:46:d5:c2:
40:4d:66:74:b8:b4:4c:86:6e:f7:f3:03:84:2c:ab:
83:3f:40:9e:07:0d:a4:2e:58:eb:56:88:ba:c9:e9:
85:79:4b:84:6f:17:cd:01:a8:ee:af:60:f9:fd:96:
c4:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:BB:B4:36:94:A7:FD:D6:6A:D8:CD:F7:15:DB:3E:C5:93:EF:2F:23
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e35332e3130382e302f32322d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.53.108.0/22
Signature Algorithm: sha256WithRSAEncryption
af:09:e2:f0:ea:26:14:af:58:27:57:ed:61:ce:8e:f2:b2:8b:
86:f8:64:85:56:a8:a5:48:74:71:d1:94:02:6f:f9:92:3e:fd:
9b:70:aa:3f:0c:6a:45:fe:4f:51:bb:30:1c:48:87:53:c1:63:
34:7b:9f:e8:e1:13:71:b3:28:63:c2:cf:dc:3f:0a:42:2d:c7:
78:f8:a1:6c:b3:71:a5:4d:47:35:c2:4c:ad:0c:4a:5d:55:ac:
a5:44:45:31:35:81:a2:d1:3c:14:3b:b7:99:49:e5:a2:c3:c4:
a7:17:2a:a7:db:12:c7:8d:96:c4:20:00:f5:68:10:e7:da:59:
9e:0f:41:ce:9e:7e:10:8d:c9:d9:21:f9:ea:03:44:85:17:52:
83:fd:fa:16:3f:87:c1:39:81:a0:73:2f:5e:e0:33:56:66:71:
da:19:53:bf:51:e3:6c:4b:02:65:5a:da:59:db:e7:bd:87:bc:
8d:ad:ab:87:7f:95:bd:6f:90:5f:bd:43:4a:20:0b:31:5c:ea:
1e:8b:4d:a0:23:7c:c2:85:4b:c4:ae:e9:f7:6b:41:30:95:38:
88:32:54:0a:95:1d:82:19:87:d9:39:d0:b7:f1:09:df:4a:d4:
19:cb:36:fb:43:5f:29:68:b3:50:07:4c:46:eb:d9:bf:ae:b5:
30:97:3c:a6
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUGNap7XnzLf2HcL3ijGdqnchuGcMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTJaFw0yNDAzMjUwODI3NTJaMDMxMTAvBgNV
BAMTKEI4QkJCNDM2OTRBN0ZERDY2QUQ4Q0RGNzE1REIzRUM1OTNFRjJGMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjeK1f9emFj0XWiSSSDWttThzQ
5aUjhN42GB9Anvp/SNSwSHjMCFwida3r/3cCu0coHfW8sbKJ0/Vez9breiLnfHu6
t7qex6tt9OpBv8F61XqvZ2t++Y2IyG1KOaJOt+YDICly3pNQdboKhusZJwWuqJuR
1nXsFsoSiMaK9NxiAnykK4rsiNfs3cJ6GNfjtjXbC0XYzN3gZr7pi/u6vi4M1jwV
HmkmkJ+IB6PthzJKNNgyw0X0a7IAjfhiNRexMKZp8T3Ab6rgW4WZ8/cfGkbVwkBN
ZnS4tEyGbvfzA4Qsq4M/QJ4HDaQuWOtWiLrJ6YV5S4RvF80BqO6vYPn9lsTxAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUuLu0NpSn/dZq2M33Fds+xZPvLyMwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTM0MmUzNTMzMmUzMTMw
MzgyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsI1bDANBgkq
hkiG9w0BAQsFAAOCAQEArwni8OomFK9YJ1ftYc6O8rKLhvhkhVaopUh0cdGUAm/5
kj79m3CqPwxqRf5PUbswHEiHU8FjNHuf6OETcbMoY8LP3D8KQi3HePihbLNxpU1H
NcJMrQxKXVWspURFMTWBotE8FDu3mUnlosPEpxcqp9sSx42WxCAA9WgQ59pZng9B
zp5+EI3J2SH56gNEhRdSg/36Fj+HwTmBoHMvXuAzVmZx2hlTv1HjbEsCZVraWdvn
vYe8ja2rh3+VvW+QX71DSiALMVzqHotNoCN8woVLxK7p92tBMJU4iDJUCpUdghmH
2TnQt/EJ30rUGcs2+0NfKWizUAdMRuvZv661MJc8pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:13 2024 by rpki-client on console-ams.rpki-client.org