Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39342e3130312e3131332e302f32342d3234203d3e2030.roa
File: 39342e3130312e3131332e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: cLeFBREoa489/XfJTiOO1YowboZjg9EzaEkkqcP687I=
Subject key identifier: 1F:0D:B4:12:10:85:C9:FB:40:14:2D:78:83:14:D9:47:C6:DA:89:C0
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 515732E8700CFEE2A15D0F95D2FCFFEAC4B12114
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39342e3130312e3131332e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:52 +0000
ROA not before: Mon 27 Mar 2023 08:22:52 +0000
ROA not after: Mon 25 Mar 2024 08:27:52 +0000
asID: 0
IP address blocks: 94.101.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:57:32:e8:70:0c:fe:e2:a1:5d:0f:95:d2:fc:ff:ea:c4:b1:21:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 27 08:22:52 2023 GMT
Not After : Mar 25 08:27:52 2024 GMT
Subject: CN=1F0DB4121085C9FB40142D788314D947C6DA89C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:73:fd:b5:b3:c5:dd:69:3f:3b:2a:04:18:9b:
7e:d0:92:53:e4:c8:48:19:ef:b3:71:94:81:1b:81:
e9:a2:e6:63:6d:87:eb:e5:77:ce:08:d9:3d:b9:37:
92:a2:99:2c:c1:2f:fb:31:09:fe:3c:8d:aa:7b:59:
ff:53:c9:75:97:6f:cd:b5:b0:92:bd:89:d5:48:89:
2f:81:22:44:90:a1:11:78:6b:41:f5:98:3d:f2:8c:
30:69:13:b1:06:a8:8e:62:0e:d5:9d:f3:07:94:31:
41:6d:61:74:6e:46:22:dc:ef:dc:c6:bb:67:9a:b4:
18:cb:0b:f7:72:b1:19:22:55:4f:34:7a:f7:dd:90:
56:55:7f:f9:54:7b:68:81:07:cb:da:81:d5:5e:60:
ae:6c:9f:59:a9:17:29:bf:1a:6b:87:91:27:db:3f:
08:62:3f:7d:66:ab:1c:c3:bd:a7:35:70:b3:b4:1f:
89:ab:00:4e:21:7a:cc:28:9b:a2:bf:c0:93:80:f8:
3c:5c:6a:30:e0:6d:3e:99:e5:cc:a5:07:b4:c9:37:
50:c9:7f:67:71:68:68:71:00:ac:f2:79:a8:c7:04:
ab:48:2f:6f:c3:79:0f:7f:60:97:98:5f:bb:21:ba:
7f:64:4f:78:b2:53:a0:87:8f:aa:87:80:9a:4c:12:
fa:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:0D:B4:12:10:85:C9:FB:40:14:2D:78:83:14:D9:47:C6:DA:89:C0
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39342e3130312e3131332e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.101.113.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:43:5e:5f:2d:9a:33:8c:ff:66:a1:f4:a6:12:e9:37:e3:93:
f3:d1:e1:53:72:13:94:1f:7c:4f:bf:96:ef:9c:3d:16:44:45:
42:97:1d:47:71:e5:98:62:51:26:f8:55:bb:7a:52:2f:fb:55:
4f:ac:b0:35:0e:18:2d:33:40:4b:40:00:c1:3e:36:90:47:33:
46:61:b2:c7:be:13:de:12:b8:5b:b1:84:4b:23:c3:b9:3b:9d:
94:6e:6b:0a:a8:91:73:90:c7:38:f4:84:40:94:af:7c:e5:e2:
4f:75:32:ad:68:06:33:9c:b6:a6:3e:e6:d2:23:cd:f0:75:8f:
45:aa:16:85:70:76:db:9d:e2:a8:c2:d1:b0:3e:9a:be:39:0c:
38:94:30:d9:2e:f5:4c:68:1d:3f:be:8f:ee:81:06:25:27:4b:
d9:70:e6:1b:f1:db:11:82:af:94:d0:89:04:8a:31:09:a9:99:
5c:bd:85:68:e7:50:7b:23:f9:b6:ee:cd:80:3e:b5:d5:38:a0:
a8:11:63:80:98:95:bb:aa:ce:29:30:65:22:fd:cb:a2:da:9f:
66:60:e7:ef:6c:1c:9e:55:ce:53:fd:e6:d9:a8:65:17:77:9b:
89:52:31:27:3d:36:48:ba:74:5e:50:f7:fe:d0:44:14:5a:29:
84:5f:50:88
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUUVcy6HAM/uKhXQ+V0vz/6sSxIRQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTJaFw0yNDAzMjUwODI3NTJaMDMxMTAvBgNV
BAMTKDFGMERCNDEyMTA4NUM5RkI0MDE0MkQ3ODgzMTREOTQ3QzZEQTg5QzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRc/21s8XdaT87KgQYm37QklPk
yEgZ77NxlIEbgemi5mNth+vld84I2T25N5KimSzBL/sxCf48jap7Wf9TyXWXb821
sJK9idVIiS+BIkSQoRF4a0H1mD3yjDBpE7EGqI5iDtWd8weUMUFtYXRuRiLc79zG
u2eatBjLC/dysRkiVU80evfdkFZVf/lUe2iBB8vagdVeYK5sn1mpFym/GmuHkSfb
PwhiP31mqxzDvac1cLO0H4mrAE4heswom6K/wJOA+DxcajDgbT6Z5cylB7TJN1DJ
f2dxaGhxAKzyeajHBKtIL2/DeQ9/YJeYX7shun9kT3iyU6CHj6qHgJpMEvopAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUHw20EhCFyftAFC14gxTZR8baicAwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzkzNDJlMzEzMDMxMmUzMTMx
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF5lcTANBgkq
hkiG9w0BAQsFAAOCAQEAtUNeXy2aM4z/ZqH0phLpN+OT89HhU3ITlB98T7+W75w9
FkRFQpcdR3HlmGJRJvhVu3pSL/tVT6ywNQ4YLTNAS0AAwT42kEczRmGyx74T3hK4
W7GESyPDuTudlG5rCqiRc5DHOPSEQJSvfOXiT3UyrWgGM5y2pj7m0iPN8HWPRaoW
hXB2253iqMLRsD6avjkMOJQw2S71TGgdP76P7oEGJSdL2XDmG/HbEYKvlNCJBIox
CamZXL2FaOdQeyP5tu7NgD611TigqBFjgJiVu6rOKTBlIv3LotqfZmDn72wcnlXO
U/3m2ahlF3ebiVIxJz02SLp0XlD3/tBEFFophF9QiA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org