Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e35332e3130382e302f32322d3234203d3e203432333636.roa
File: 3139342e35332e3130382e302f32322d3234203d3e203432333636.roa (raw, json)
Hash identifier: zp4E1nmU7QOYxmzOTpxUWvhzrBRfC18O8LkocHX5YZw=
Subject key identifier: B0:CF:1A:DA:DC:73:17:62:68:09:D4:C5:83:14:A1:44:48:4F:AE:23
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 62CC8F3C0CAC154406EDF29E467F86FCB620602C
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e35332e3130382e302f32322d3234203d3e203432333636.roa
Signing time: Fri 31 Mar 2023 12:16:59 +0000
ROA not before: Fri 31 Mar 2023 12:11:59 +0000
ROA not after: Fri 29 Mar 2024 12:16:59 +0000
asID: 42366
IP address blocks: 194.53.108.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:cc:8f:3c:0c:ac:15:44:06:ed:f2:9e:46:7f:86:fc:b6:20:60:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 31 12:11:59 2023 GMT
Not After : Mar 29 12:16:59 2024 GMT
Subject: CN=B0CF1ADADC7317626809D4C58314A144484FAE23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:19:b9:46:7f:84:0a:8b:bd:67:48:b5:3f:98:
cc:9d:a9:51:b5:29:03:40:65:55:b5:74:06:d8:44:
1b:22:21:0c:91:49:6e:79:66:40:17:29:c9:f4:9d:
b9:46:89:82:15:df:30:4c:20:76:11:89:43:e0:14:
05:33:61:d5:dc:b3:4f:3c:2b:57:d2:33:50:87:ba:
cb:07:64:7d:3c:3c:78:01:59:b3:5d:15:82:ae:6f:
b2:d8:03:e7:14:60:4a:f4:39:bd:15:71:35:31:13:
b5:a5:6b:a9:b0:e1:c0:e0:c0:63:5a:1a:da:99:ad:
b5:d5:12:ea:08:c5:36:c4:da:0c:62:f9:de:00:bf:
ee:fb:00:3d:48:6a:db:f4:71:15:13:3d:35:8b:e4:
a8:20:c0:41:d5:1a:62:9d:11:36:db:5e:32:9c:e1:
17:77:a7:80:10:65:55:7b:21:ff:96:7c:7f:e2:37:
ad:81:44:9e:9b:17:27:27:71:58:b8:93:a6:f8:1a:
6d:92:d1:2d:64:74:0c:5e:d7:51:61:6e:c2:e6:a5:
b3:24:32:51:a2:b3:b5:79:bf:4b:be:02:28:e2:8b:
f6:02:e1:61:23:6a:88:fd:43:0a:d2:d7:8a:2f:95:
84:05:3b:dd:b0:0d:44:30:67:b9:e8:7a:fb:a1:29:
45:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:CF:1A:DA:DC:73:17:62:68:09:D4:C5:83:14:A1:44:48:4F:AE:23
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e35332e3130382e302f32322d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.53.108.0/22
Signature Algorithm: sha256WithRSAEncryption
69:34:1f:88:15:9b:3c:22:75:13:fe:e1:bf:e2:cd:7f:6e:8c:
49:41:ba:e6:77:18:71:58:82:8c:3f:2a:22:cb:b6:c3:54:12:
bb:14:45:0e:40:8b:2f:77:a5:49:f3:42:0b:c9:90:e5:89:82:
b9:3b:5e:8e:3f:6a:92:e7:8d:91:d9:f7:be:ab:db:67:66:5a:
aa:b0:b5:38:27:1b:39:78:ff:ed:6f:98:18:12:19:48:28:a4:
91:c7:60:d8:1a:9e:95:f2:e5:84:8d:86:f5:ac:37:4f:70:c3:
de:68:24:5d:d4:9a:b8:4c:5a:e6:bb:1e:9b:b4:ec:b0:24:28:
16:62:84:4a:ca:9d:1b:80:56:27:d6:f3:b0:01:4f:df:37:24:
b1:79:d5:07:fe:fe:4c:5a:ae:74:60:12:8a:65:28:c4:2f:a7:
b5:ff:90:57:18:e3:f6:70:f1:d4:8a:ea:9b:4e:24:1b:cd:2d:
a6:8b:91:6f:d1:db:a4:3d:84:93:d3:e0:f5:d9:aa:48:27:d2:
d4:f0:63:91:9b:dc:e7:c0:af:4f:f2:e7:6b:4e:97:ba:74:c7:
28:f9:5f:bb:00:20:23:7c:a2:85:ac:44:95:09:76:f7:1d:25:
22:36:65:f4:71:0c:d1:09:bb:55:42:68:f4:0e:8b:1e:4b:76:
7b:ac:5c:1d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYsyPPAysFUQG7fKeRn+G/LYgYCwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMzExMjExNTlaFw0yNDAzMjkxMjE2NTlaMDMxMTAvBgNV
BAMTKEIwQ0YxQURBREM3MzE3NjI2ODA5RDRDNTgzMTRBMTQ0NDg0RkFFMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzGblGf4QKi71nSLU/mMydqVG1
KQNAZVW1dAbYRBsiIQyRSW55ZkAXKcn0nblGiYIV3zBMIHYRiUPgFAUzYdXcs088
K1fSM1CHussHZH08PHgBWbNdFYKub7LYA+cUYEr0Ob0VcTUxE7Wla6mw4cDgwGNa
GtqZrbXVEuoIxTbE2gxi+d4Av+77AD1Iatv0cRUTPTWL5KggwEHVGmKdETbbXjKc
4Rd3p4AQZVV7If+WfH/iN62BRJ6bFycncVi4k6b4Gm2S0S1kdAxe11FhbsLmpbMk
MlGis7V5v0u+Aijii/YC4WEjaoj9QwrS14ovlYQFO92wDUQwZ7noevuhKUXdAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsM8a2txzF2JoCdTFgxShREhPriMwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTM0MmUzNTMzMmUzMTMw
MzgyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
wjVsMA0GCSqGSIb3DQEBCwUAA4IBAQBpNB+IFZs8InUT/uG/4s1/boxJQbrmdxhx
WIKMPyoiy7bDVBK7FEUOQIsvd6VJ80ILyZDliYK5O16OP2qS542R2fe+q9tnZlqq
sLU4Jxs5eP/tb5gYEhlIKKSRx2DYGp6V8uWEjYb1rDdPcMPeaCRd1Jq4TFrmux6b
tOywJCgWYoRKyp0bgFYn1vOwAU/fNySxedUH/v5MWq50YBKKZSjEL6e1/5BXGOP2
cPHUiuqbTiQbzS2mi5Fv0dukPYST0+D12apIJ9LU8GORm9znwK9P8udrTpe6dMco
+V+7ACAjfKKFrESVCXb3HSUiNmX0cQzRCbtVQmj0DoseS3Z7rFwd
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org