Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38312e32322e33382e302f32332d3234203d3e2030.roa
File: 38312e32322e33382e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier: 1S7zs9exbN3euik+23en4vH9J/ZH7P1vlpmsUaczYvs=
Subject key identifier: 98:8C:4D:1F:5C:DB:0D:70:52:3E:0A:55:B8:5C:42:64:47:50:69:33
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 0ABFD68F2262C085E91E05BE0A645F109FEED3D6
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38312e32322e33382e302f32332d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:57 +0000
ROA not before: Mon 27 Mar 2023 08:22:57 +0000
ROA not after: Mon 25 Mar 2024 08:27:57 +0000
asID: 0
IP address blocks: 81.22.38.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:bf:d6:8f:22:62:c0:85:e9:1e:05:be:0a:64:5f:10:9f:ee:d3:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 27 08:22:57 2023 GMT
Not After : Mar 25 08:27:57 2024 GMT
Subject: CN=988C4D1F5CDB0D70523E0A55B85C426447506933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:98:ac:05:95:c3:20:f1:00:98:18:3d:b9:dd:
93:a7:db:24:66:4d:53:61:cf:f5:9a:75:0d:d4:fe:
e1:bc:fe:9c:a5:1a:2e:db:1c:0b:80:98:65:3d:46:
d8:66:de:19:7e:da:01:4a:48:d1:3e:3b:e9:15:c4:
b0:4f:75:b6:44:bf:8c:16:d3:ef:ee:03:23:76:c9:
b3:60:1f:eb:a7:0b:c3:44:da:c6:29:d7:56:c6:9f:
32:97:57:aa:77:61:88:ea:d2:78:42:c2:e7:89:36:
69:32:3b:bc:5b:12:ca:b0:a6:14:91:92:aa:bf:8d:
a8:12:5e:e9:99:5b:48:ac:f2:61:83:87:23:76:cd:
fc:af:af:ce:fc:6e:0b:f5:ce:c3:de:a2:aa:36:f5:
25:60:f7:a5:f1:19:93:b8:d1:61:04:86:32:ee:7e:
8f:a8:50:c4:4c:14:35:11:66:fd:ab:40:87:93:e5:
0e:8c:35:8d:83:63:90:af:78:4f:74:ec:12:37:f3:
49:43:e8:4f:7d:6a:3d:1a:d0:da:9e:5e:bd:62:db:
af:2c:4d:77:7d:ff:8c:66:44:88:af:e9:e5:3f:86:
6d:89:7b:65:4a:69:58:72:a8:38:35:fa:0d:22:a7:
80:9e:10:91:fa:97:98:bd:29:58:db:74:d0:77:d8:
8b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:8C:4D:1F:5C:DB:0D:70:52:3E:0A:55:B8:5C:42:64:47:50:69:33
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38312e32322e33382e302f32332d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.38.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:b3:b6:f4:a9:c4:77:89:a0:04:da:dc:76:3a:47:e3:8a:2c:
e5:b8:6f:5b:32:27:a2:3a:ca:b2:02:30:e5:c4:ed:ae:9e:b7:
f7:33:a6:d5:5b:5e:25:4f:c5:28:c3:0d:3d:38:9b:65:60:ed:
0d:71:39:8a:c2:fd:46:3c:da:4f:5c:79:6e:9c:33:55:a7:17:
7b:47:86:b4:64:ed:1a:c2:fa:75:98:1a:10:47:bd:4b:7e:f0:
9a:5c:af:ac:48:c8:57:62:1e:c5:9e:b3:45:84:e4:65:c8:67:
f2:0c:c5:23:c2:9c:88:31:7d:5e:fc:7e:48:98:6d:d5:10:4a:
df:8f:24:a6:47:d4:0e:ab:47:0c:92:0e:2d:5a:6a:52:cb:e2:
06:56:fb:91:b9:34:a2:31:a7:89:04:6b:4f:ab:e3:09:c9:9f:
61:bb:90:29:3c:ed:b4:ed:18:1c:4b:c8:80:d1:15:c8:5e:b7:
6c:61:5d:c6:d0:60:14:f7:95:91:cf:02:cd:c3:af:93:36:15:
31:46:d6:d5:6f:1c:48:b1:fa:ac:89:50:73:0e:c0:01:98:bc:
db:a4:d3:09:46:e3:0b:00:9e:65:5e:6b:c2:a0:91:76:7c:d3:
37:df:58:75:de:a7:9e:d9:73:2e:78:40:45:05:07:3d:a0:fe:
ef:bc:97:5b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIUCr/WjyJiwIXpHgW+CmRfEJ/u09YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTdaFw0yNDAzMjUwODI3NTdaMDMxMTAvBgNV
BAMTKDk4OEM0RDFGNUNEQjBENzA1MjNFMEE1NUI4NUM0MjY0NDc1MDY5MzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwmKwFlcMg8QCYGD253ZOn2yRm
TVNhz/WadQ3U/uG8/pylGi7bHAuAmGU9Rthm3hl+2gFKSNE+O+kVxLBPdbZEv4wW
0+/uAyN2ybNgH+unC8NE2sYp11bGnzKXV6p3YYjq0nhCwueJNmkyO7xbEsqwphSR
kqq/jagSXumZW0is8mGDhyN2zfyvr878bgv1zsPeoqo29SVg96XxGZO40WEEhjLu
fo+oUMRMFDURZv2rQIeT5Q6MNY2DY5CveE907BI380lD6E99aj0a0NqeXr1i268s
TXd9/4xmRIiv6eU/hm2Je2VKaVhyqDg1+g0ip4CeEJH6l5i9KVjbdNB32Iu5AgMB
AAGjggIxMIICLTAdBgNVHQ4EFgQUmIxNH1zbDXBSPgpVuFxCZEdQaTMwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaEGCCsGAQUFBwELBIGUMIGRMIGOBggrBgEFBQcwC4aBgXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzgzMTJlMzIzMjJlMzMzODJl
MzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBURYmMA0GCSqGSIb3
DQEBCwUAA4IBAQAus7b0qcR3iaAE2tx2OkfjiizluG9bMieiOsqyAjDlxO2unrf3
M6bVW14lT8Uoww09OJtlYO0NcTmKwv1GPNpPXHlunDNVpxd7R4a0ZO0awvp1mBoQ
R71LfvCaXK+sSMhXYh7FnrNFhORlyGfyDMUjwpyIMX1e/H5ImG3VEErfjySmR9QO
q0cMkg4tWmpSy+IGVvuRuTSiMaeJBGtPq+MJyZ9hu5ApPO207RgcS8iA0RXIXrds
YV3G0GAU95WRzwLNw6+TNhUxRtbVbxxIsfqsiVBzDsABmLzbpNMJRuMLAJ5lXmvC
oJF2fNM331h13qee2XMueEBFBQc9oP7vvJdb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org