Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36332e302f32342d3234203d3e203233343730.roa
File: 322e35392e36332e302f32342d3234203d3e203233343730.roa (raw, json)
Hash identifier: G6gKncDCpNkvFgQ8RSQLCn4wf5vI3f7tNvQGtPzAqls=
Subject key identifier: 9C:E8:F5:DE:D5:5D:C1:54:9A:89:AB:09:84:5C:2F:15:43:5C:68:28
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 39DD9FF8D14D19F3B91D2D8B0282E6434E483768
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36332e302f32342d3234203d3e203233343730.roa
Signing time: Fri 22 Dec 2023 08:05:08 +0000
ROA not before: Fri 22 Dec 2023 08:00:08 +0000
ROA not after: Fri 20 Dec 2024 08:05:08 +0000
asID: 23470
IP address blocks: 2.59.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:dd:9f:f8:d1:4d:19:f3:b9:1d:2d:8b:02:82:e6:43:4e:48:37:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Dec 22 08:00:08 2023 GMT
Not After : Dec 20 08:05:08 2024 GMT
Subject: CN=9CE8F5DED55DC1549A89AB09845C2F15435C6828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:30:91:63:0e:81:a6:93:b7:7a:c1:f6:98:8c:
0e:2b:88:16:4d:8a:3e:d9:d3:ba:f5:a5:55:36:5b:
63:c2:db:c2:5f:50:e7:33:15:c7:c1:70:9d:f5:9e:
80:68:51:30:fd:d6:1b:d1:18:63:d3:d1:96:40:d5:
75:80:d3:9d:df:69:32:e7:c5:d4:eb:9b:56:55:35:
84:98:29:07:f2:dd:55:9b:45:69:00:b4:0a:46:b9:
d8:2e:23:98:91:e1:e7:d5:89:6d:79:b0:e5:0b:fd:
14:ff:e0:3c:11:3b:75:92:0e:c4:40:6c:be:32:ab:
34:cb:96:83:d7:3d:88:93:06:45:7e:76:4c:9b:b2:
d6:71:0e:bc:b5:42:e5:d7:ca:5f:f9:90:07:04:1c:
93:19:82:47:43:a5:06:ac:b8:44:1d:f0:23:4e:d2:
ba:65:e8:66:87:1e:03:ee:ae:e9:9a:03:d9:54:5e:
41:6c:d2:50:c6:26:52:d3:ac:c9:cb:96:0b:bb:94:
97:15:f6:68:1e:3c:6f:3c:20:90:86:0a:f2:67:88:
55:c5:3f:a7:8f:32:2c:1b:e0:65:db:3e:78:5a:74:
d6:e9:f8:80:13:aa:e1:ce:d7:95:03:86:b1:a9:db:
52:3f:a2:75:25:34:5b:ba:1d:cd:84:44:5c:4a:c0:
47:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:E8:F5:DE:D5:5D:C1:54:9A:89:AB:09:84:5C:2F:15:43:5C:68:28
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36332e302f32342d3234203d3e203233343730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.63.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:10:1c:ce:38:cf:9b:b4:36:d8:5f:be:e4:a4:a6:28:3f:b2:
9d:b2:fa:3f:b7:44:67:a6:f7:db:54:c9:87:bc:36:a8:cb:73:
c0:4d:70:b1:b3:73:ed:fa:3e:07:19:18:06:e8:c9:40:52:c7:
3c:b3:7a:66:d5:f7:ca:c0:56:d8:e0:44:49:c1:b0:57:ff:81:
37:08:fc:df:dd:17:89:ab:cc:ca:6b:34:d9:cb:7f:1f:d0:f7:
10:e9:33:ef:02:85:6d:56:2f:e8:78:06:57:7d:3b:d5:79:d4:
46:69:8c:aa:be:99:11:e5:bb:a5:88:f0:ac:c4:34:a8:9c:df:
8a:37:a5:e9:71:9b:44:89:0b:e4:96:3f:d5:12:bb:b0:a0:c3:
1d:d9:dd:f7:27:e9:f1:da:6f:80:36:31:20:de:43:7b:87:21:
a2:73:22:f6:bf:f0:84:b4:f0:0b:5c:b7:a6:4a:be:07:b5:c6:
91:51:a3:e8:53:3a:bb:1b:b7:80:01:aa:5b:9f:cc:70:46:5e:
93:35:d4:ba:f9:ca:37:db:09:97:77:77:c6:05:70:0f:55:7a:
43:a9:19:b7:6d:f4:96:48:72:2c:6c:66:8b:16:21:02:06:74:
ce:cd:f9:d5:f7:6c:4c:73:a7:da:3e:ce:31:35:5e:80:df:d0:
5a:b1:f5:6c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUOd2f+NFNGfO5HS2LAoLmQ05IN2gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzEyMjIwODAwMDhaFw0yNDEyMjAwODA1MDhaMDMxMTAvBgNV
BAMTKDlDRThGNURFRDU1REMxNTQ5QTg5QUIwOTg0NUMyRjE1NDM1QzY4MjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHMJFjDoGmk7d6wfaYjA4riBZN
ij7Z07r1pVU2W2PC28JfUOczFcfBcJ31noBoUTD91hvRGGPT0ZZA1XWA053faTLn
xdTrm1ZVNYSYKQfy3VWbRWkAtApGudguI5iR4efViW15sOUL/RT/4DwRO3WSDsRA
bL4yqzTLloPXPYiTBkV+dkybstZxDry1QuXXyl/5kAcEHJMZgkdDpQasuEQd8CNO
0rpl6GaHHgPurumaA9lUXkFs0lDGJlLTrMnLlgu7lJcV9mgePG88IJCGCvJniFXF
P6ePMiwb4GXbPnhadNbp+IATquHO15UDhrGp21I/onUlNFu6Hc2ERFxKwEdJAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUnOj13tVdwVSaiasJhFwvFUNcaCgwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzIyZTM1MzkyZTM2MzMyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMzMzQzNzMwLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjs/MA0G
CSqGSIb3DQEBCwUAA4IBAQAcEBzOOM+btDbYX77kpKYoP7Kdsvo/t0RnpvfbVMmH
vDaoy3PATXCxs3Pt+j4HGRgG6MlAUsc8s3pm1ffKwFbY4ERJwbBX/4E3CPzf3ReJ
q8zKazTZy38f0PcQ6TPvAoVtVi/oeAZXfTvVedRGaYyqvpkR5buliPCsxDSonN+K
N6XpcZtEiQvklj/VEruwoMMd2d33J+nx2m+ANjEg3kN7hyGicyL2v/CEtPALXLem
Sr4HtcaRUaPoUzq7G7eAAapbn8xwRl6TNdS6+co32wmXd3fGBXAPVXpDqRm3bfSW
SHIsbGaLFiECBnTOzfnV92xMc6faPs4xNV6A39BasfVs
-----END CERTIFICATE-----
Generated at Fri Mar 14 00:41:56 2025 by rpki-client