Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e36312e32392e302f32342d3234203d3e2030.roa
File: 3139342e36312e32392e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: 21YS7/Jl7eQfzVjdPjGApOsmGKtnymArB6rt2vQcNik=
Subject key identifier: 38:F1:BC:21:42:77:2A:7E:65:A0:C3:1C:D6:E4:F4:AE:70:D5:19:05
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 641381B0ECE5931E6BAD60DA393B9720CADA20EB
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e36312e32392e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:54 +0000
ROA not before: Mon 27 Mar 2023 08:22:54 +0000
ROA not after: Mon 25 Mar 2024 08:27:54 +0000
asID: 0
IP address blocks: 194.61.29.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:13:81:b0:ec:e5:93:1e:6b:ad:60:da:39:3b:97:20:ca:da:20:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 27 08:22:54 2023 GMT
Not After : Mar 25 08:27:54 2024 GMT
Subject: CN=38F1BC2142772A7E65A0C31CD6E4F4AE70D51905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f5:66:d8:b7:06:eb:bb:43:f8:dd:c4:84:33:
82:34:f9:1d:ce:65:8b:2d:78:49:21:92:fe:e1:fb:
3e:d3:6e:7a:95:f0:91:c0:75:5a:d1:77:35:bf:1b:
c2:ca:49:e9:4c:32:60:78:10:dd:4d:65:c7:38:40:
2d:fd:e4:dc:79:04:dd:4b:34:18:b4:3e:75:c8:f3:
85:aa:e0:d7:94:9e:1e:34:72:dd:ff:84:8e:48:89:
31:4c:5b:a8:53:12:83:5b:ed:63:59:13:d6:eb:38:
ed:6b:30:20:5f:5f:09:d8:33:01:e1:5c:02:85:09:
be:bc:7f:7e:82:23:20:89:39:86:fb:c7:19:cb:44:
5e:6f:c7:a7:bd:f6:45:a6:1d:8e:b0:2f:54:a9:40:
76:69:6b:62:cf:a0:00:19:24:32:87:cd:a9:9c:90:
8b:9b:53:7f:50:6f:99:2c:8d:38:dc:d6:92:f0:5a:
e0:63:7b:19:aa:fd:ec:03:1d:55:cb:d1:5c:43:c6:
6b:10:a7:dc:9b:b0:d6:8e:37:29:37:03:01:0c:f5:
98:12:ea:9d:70:18:eb:c9:9c:89:92:df:b8:64:8f:
26:6f:5f:19:ba:81:23:5c:77:4c:3d:f5:5e:ed:7c:
98:16:53:1e:05:d6:d5:fb:ad:b2:79:ae:dd:b2:f6:
64:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F1:BC:21:42:77:2A:7E:65:A0:C3:1C:D6:E4:F4:AE:70:D5:19:05
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3139342e36312e32392e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.61.29.0/24
Signature Algorithm: sha256WithRSAEncryption
36:4d:36:34:d8:0e:3c:50:98:de:e8:8d:75:28:8a:5e:65:21:
2c:6a:3d:0a:5a:70:d1:9a:5f:8e:9b:4b:ac:fc:29:68:2f:de:
e1:68:63:03:d6:48:8f:26:cf:06:7e:a5:b7:2a:29:99:e0:90:
75:52:2b:b7:63:74:da:30:b0:83:9a:9a:0f:9c:76:b1:38:4a:
20:ba:73:6d:31:77:88:77:dd:22:c3:d2:4c:97:92:8c:58:92:
b9:48:ce:bd:ac:5d:36:2c:8c:43:3c:8b:f9:99:9b:67:55:53:
e1:71:87:5e:1f:66:83:7d:29:de:0d:bb:8c:d9:44:96:a9:15:
e1:32:68:bd:0f:41:10:79:c1:d0:05:e7:cc:20:87:bf:1f:e2:
af:e4:0f:4a:8c:b7:e2:dc:3a:0c:91:64:7a:41:a9:5c:ba:9c:
f5:e3:85:85:9f:7c:03:dd:cf:26:6f:91:16:a5:7f:1b:c1:d2:
75:94:1b:35:97:43:21:22:a9:73:41:70:0a:42:78:01:6b:0c:
9e:26:48:d2:a8:aa:9f:8f:51:b7:b2:4b:bd:56:ab:ce:91:24:
4c:cd:83:6e:50:fc:80:8e:d2:5c:76:0b:bb:35:a8:a7:11:cd:
0b:72:9f:0a:80:26:a1:b5:f5:2a:9d:d8:8a:f2:75:f7:2b:8a:
07:cd:11:3b
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUZBOBsOzlkx5rrWDaOTuXIMraIOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTRaFw0yNDAzMjUwODI3NTRaMDMxMTAvBgNV
BAMTKDM4RjFCQzIxNDI3NzJBN0U2NUEwQzMxQ0Q2RTRGNEFFNzBENTE5MDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy9WbYtwbru0P43cSEM4I0+R3O
ZYsteEkhkv7h+z7TbnqV8JHAdVrRdzW/G8LKSelMMmB4EN1NZcc4QC395Nx5BN1L
NBi0PnXI84Wq4NeUnh40ct3/hI5IiTFMW6hTEoNb7WNZE9brOO1rMCBfXwnYMwHh
XAKFCb68f36CIyCJOYb7xxnLRF5vx6e99kWmHY6wL1SpQHZpa2LPoAAZJDKHzamc
kIubU39Qb5ksjTjc1pLwWuBjexmq/ewDHVXL0VxDxmsQp9ybsNaONyk3AwEM9ZgS
6p1wGOvJnImS37hkjyZvXxm6gSNcd0w99V7tfJgWUx4F1tX7rbJ5rt2y9mStAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUOPG8IUJ3Kn5loMMc1uT0rnDVGQUwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzOTM0MmUzNjMxMmUzMjM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADCPR0wDQYJKoZI
hvcNAQELBQADggEBADZNNjTYDjxQmN7ojXUoil5lISxqPQpacNGaX46bS6z8KWgv
3uFoYwPWSI8mzwZ+pbcqKZngkHVSK7djdNowsIOamg+cdrE4SiC6c20xd4h33SLD
0kyXkoxYkrlIzr2sXTYsjEM8i/mZm2dVU+Fxh14fZoN9Kd4Nu4zZRJapFeEyaL0P
QRB5wdAF58wgh78f4q/kD0qMt+LcOgyRZHpBqVy6nPXjhYWffAPdzyZvkRalfxvB
0nWUGzWXQyEiqXNBcApCeAFrDJ4mSNKoqp+PUbeyS71Wq86RJEzNg25Q/ICO0lx2
C7s1qKcRzQtynwqAJqG19Sqd2IrydfcrigfNETs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org