Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38342e302f32342d3234203d3e20383334.roa
File: 3231332e3133392e38342e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: s/f5u0zK5NMooqPwGiF/HJRqBOIRoEvpzEPb65T1RyY=
Subject key identifier: B2:DE:EC:EB:07:D1:D9:91:E6:F7:48:05:69:CF:C8:C4:05:77:DE:38
Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Certificate serial: 3C4F674FCBAED392710001917CA374951F1756E2
Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38342e302f32342d3234203d3e20383334.roa
Signing time: Fri 17 May 2024 15:36:20 +0000
ROA not before: Fri 17 May 2024 15:31:20 +0000
ROA not after: Fri 16 May 2025 15:36:20 +0000
asID: 834
IP address blocks: 213.139.84.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:4f:67:4f:cb:ae:d3:92:71:00:01:91:7c:a3:74:95:1f:17:56:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e
Validity
Not Before: May 17 15:31:20 2024 GMT
Not After : May 16 15:36:20 2025 GMT
Subject: CN=B2DEECEB07D1D991E6F7480569CFC8C40577DE38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:37:17:3a:ec:39:22:70:c6:07:d4:a7:d8:e4:
ab:bb:72:df:45:fa:2b:88:70:3b:e5:21:ca:89:4d:
01:4c:bd:d4:9a:58:0f:b5:39:bd:5c:0a:94:0f:c6:
93:2d:c2:24:ff:85:5b:18:0a:92:c2:39:4b:0f:d0:
61:ee:1c:e5:11:21:88:c8:72:67:c5:97:7b:c8:de:
a0:a8:43:56:7a:d1:dd:00:0a:31:08:6a:7f:ca:13:
0f:6b:0b:c7:8c:22:0f:78:7c:3f:43:ac:0f:33:1c:
c9:89:b3:e4:79:4c:5c:ca:ff:f1:b5:a3:8e:5c:5f:
0b:a9:2a:3c:f1:43:82:d6:41:b3:fc:4a:29:8a:48:
c5:ec:82:80:9e:e1:a3:bb:d3:c7:07:c5:84:3d:b6:
6a:cb:b1:3f:d4:67:15:7a:97:67:cd:72:aa:a0:78:
da:a0:60:02:c8:af:c2:59:4d:a8:dc:c7:cb:05:0f:
9b:78:43:37:7f:ea:79:c8:a3:10:bf:2d:aa:b9:de:
ed:da:6a:c6:5a:13:eb:17:4d:cf:53:8f:22:6c:f8:
c0:5a:ae:52:60:8a:15:81:8b:1d:28:97:ff:a3:2e:
a1:76:2b:75:d9:55:7d:ad:d4:d8:99:ca:6e:ee:6d:
26:04:cd:37:f6:d4:ab:88:da:1c:8b:17:87:5e:51:
27:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DE:EC:EB:07:D1:D9:91:E6:F7:48:05:69:CF:C8:C4:05:77:DE:38
X509v3 Authority Key Identifier:
keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e38342e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.139.84.0/24
Signature Algorithm: sha256WithRSAEncryption
60:72:c3:d5:d4:ca:4a:f2:1a:6f:c1:f1:fd:d6:3c:0b:30:cc:
8b:f7:fb:0f:88:75:5f:b0:7a:dc:dd:60:52:08:47:78:04:b6:
83:e2:40:43:ad:2d:8a:01:be:ea:f2:ff:80:13:13:29:51:16:
15:6b:49:43:73:3d:3b:dc:ba:b5:f1:a5:45:65:cb:4a:59:bf:
82:ff:48:86:94:a9:fa:63:e4:23:15:06:be:06:d7:44:fe:a5:
0e:9e:14:5b:c6:98:3c:9c:73:14:80:63:3b:b1:69:f8:15:c5:
89:87:06:74:63:97:74:d5:31:d6:a8:58:fc:28:99:c5:11:4c:
01:b8:bc:7f:58:cb:fa:76:88:2f:e2:f6:78:17:4f:ef:99:2d:
7f:0f:6b:f6:87:58:e2:6a:d2:de:36:f0:78:c2:b0:f5:a1:3d:
0e:cf:88:20:c9:f8:c2:28:96:4a:c4:26:07:59:9e:93:98:c0:
e2:53:be:b1:24:56:44:30:e2:9d:ca:cf:08:e2:9a:e4:ba:3b:
5f:2b:9c:cf:d2:10:ff:cf:1b:45:9b:90:3b:2c:5b:d6:e6:65:
6e:2f:c2:b8:e9:08:48:e1:52:39:db:b8:2f:69:92:b7:d6:02:
b9:72:21:fb:f1:88:26:bb:4d:13:2e:ea:b8:aa:60:60:9f:2d:
fa:c7:ca:7c
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUPE9nT8uu05JxAAGRfKN0lR8XVuIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk
NDhjN2QzZTAeFw0yNDA1MTcxNTMxMjBaFw0yNTA1MTYxNTM2MjBaMDMxMTAvBgNV
BAMTKEIyREVFQ0VCMDdEMUQ5OTFFNkY3NDgwNTY5Q0ZDOEM0MDU3N0RFMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNNxc67DkicMYH1KfY5Ku7ct9F
+iuIcDvlIcqJTQFMvdSaWA+1Ob1cCpQPxpMtwiT/hVsYCpLCOUsP0GHuHOURIYjI
cmfFl3vI3qCoQ1Z60d0ACjEIan/KEw9rC8eMIg94fD9DrA8zHMmJs+R5TFzK//G1
o45cXwupKjzxQ4LWQbP8SimKSMXsgoCe4aO708cHxYQ9tmrLsT/UZxV6l2fNcqqg
eNqgYALIr8JZTajcx8sFD5t4Qzd/6nnIoxC/Laq53u3aasZaE+sXTc9TjyJs+MBa
rlJgihWBix0ol/+jLqF2K3XZVX2t1NiZym7ubSYEzTf21KuI2hyLF4deUSezAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUst7s6wfR2ZHm90gFac/IxAV33jgwHwYDVR0j
BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj
MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT
TWZUNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt
YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM4
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADVi1Qw
DQYJKoZIhvcNAQELBQADggEBAGByw9XUykryGm/B8f3WPAswzIv3+w+IdV+wetzd
YFIIR3gEtoPiQEOtLYoBvury/4ATEylRFhVrSUNzPTvcurXxpUVly0pZv4L/SIaU
qfpj5CMVBr4G10T+pQ6eFFvGmDyccxSAYzuxafgVxYmHBnRjl3TVMdaoWPwomcUR
TAG4vH9Yy/p2iC/i9ngXT++ZLX8Pa/aHWOJq0t428HjCsPWhPQ7PiCDJ+MIolkrE
JgdZnpOYwOJTvrEkVkQw4p3KzwjimuS6O18rnM/SEP/PG0WbkDssW9bmZW4vwrjp
CEjhUjnbuC9pkrfWArlyIfvxiCa7TRMu6riqYGCfLfrHynw=
-----END CERTIFICATE-----
Generated at Sat Jun 14 21:52:26 2025 by rpki-client