Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20333939303435.roa
File: 34352e382e3231372e302f32342d3234203d3e20333939303435.roa (raw, json)
Hash identifier: 5j+1mYZJ9ldMFguO21LWna/V89mvGIlXq0aidL1DmnA=
Subject key identifier: 95:7B:A7:D7:3B:43:2D:9D:3F:C2:96:8D:4B:C6:05:61:A9:B5:74:57
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 084809BF1E14B78DE1290D3604B3AD8F2DC96321
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20333939303435.roa
Signing time: Fri 20 Jan 2023 07:44:01 +0000
ROA not before: Fri 20 Jan 2023 07:39:01 +0000
ROA not after: Fri 19 Jan 2024 07:44:01 +0000
asID: 399045
IP address blocks: 45.8.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:48:09:bf:1e:14:b7:8d:e1:29:0d:36:04:b3:ad:8f:2d:c9:63:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jan 20 07:39:01 2023 GMT
Not After : Jan 19 07:44:01 2024 GMT
Subject: CN=957BA7D73B432D9D3FC2968D4BC60561A9B57457
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:93:fa:5c:e6:1d:38:2f:0a:a2:ea:56:18:bb:
4f:20:50:31:84:1f:f2:f9:61:7a:93:24:7d:ec:26:
84:7c:27:9b:ab:30:da:34:64:e0:5f:09:e1:f5:3c:
ee:57:67:be:c7:3e:27:13:e7:14:d6:f9:7a:91:37:
39:a9:e9:28:a9:1a:25:43:c7:e1:c5:4f:42:c2:79:
02:3f:a7:24:f8:c1:9d:1d:00:13:49:df:f1:5a:2e:
1a:d3:d2:14:0c:72:8f:ec:5e:3c:84:6e:57:02:c6:
fb:3f:35:72:3a:fc:f2:7d:ef:25:a1:b8:79:0e:00:
da:77:ad:52:cf:5f:65:ec:7c:ab:3e:da:a6:bb:09:
93:b7:b5:76:00:b8:cf:df:4c:c2:8a:db:f9:f1:69:
62:9d:3f:df:82:90:4e:58:33:c1:ae:ae:2e:13:0d:
8b:33:f6:ef:9e:9a:05:00:2e:a8:a6:89:fa:94:4f:
b4:c7:6d:a9:65:3f:84:b3:b9:eb:69:94:10:de:0d:
18:60:95:e7:bc:04:48:0e:f8:bf:90:80:2e:a1:88:
b9:99:1e:d8:36:4a:38:3b:ce:aa:fa:ae:4f:91:c3:
c2:bc:b7:1f:d0:34:cd:3c:7f:2d:c6:d6:84:86:b1:
d7:1e:9c:58:ff:45:e2:cd:1c:97:22:57:9c:22:a3:
12:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:7B:A7:D7:3B:43:2D:9D:3F:C2:96:8D:4B:C6:05:61:A9:B5:74:57
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231372e302f32342d3234203d3e20333939303435.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.217.0/24
Signature Algorithm: sha256WithRSAEncryption
83:17:83:4f:bc:c8:0f:78:8c:40:3f:e5:9f:63:71:e2:fc:67:
e7:97:ef:41:5f:c4:92:a4:78:79:dc:b3:14:6d:36:74:e7:53:
8a:47:34:2f:3a:37:55:6f:6e:ad:39:6c:53:10:b3:f4:71:5e:
b1:f5:5a:1c:e1:7e:29:33:7e:8a:b9:88:8e:53:62:8a:6c:86:
80:29:9e:df:51:9f:64:8d:63:12:c6:f0:28:3c:38:c9:21:88:
ff:e8:17:b3:7c:db:cf:98:7f:42:05:cc:2d:7a:8d:ff:0d:21:
6a:d8:54:a3:e5:13:fa:33:23:2b:0c:99:3e:32:d3:0f:d6:20:
50:9b:f5:a7:a4:25:d7:4d:e6:49:60:65:af:7a:f8:ff:7c:45:
6f:42:c9:26:1e:8e:e7:8d:ee:bc:ad:7f:9d:3f:4c:ab:ff:c4:
84:b9:06:21:67:9d:80:fb:c5:65:40:7c:8d:31:a6:5c:24:f2:
74:a6:20:be:37:fc:99:64:42:48:6e:99:cb:41:80:1a:12:55:
48:d5:8c:0b:27:82:b9:35:33:98:0c:5a:fb:43:e3:79:5d:70:
26:cf:59:20:26:b3:cb:98:98:90:f4:e7:b1:d3:f8:c7:8e:85:
dd:a1:20:9b:6d:cf:f1:81:24:90:b8:9d:d5:bf:35:28:c2:b6:
61:36:b6:16
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUCEgJvx4Ut43hKQ02BLOtjy3JYyEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzAxMjAwNzM5MDFaFw0yNDAxMTkwNzQ0MDFaMDMxMTAvBgNV
BAMTKDk1N0JBN0Q3M0I0MzJEOUQzRkMyOTY4RDRCQzYwNTYxQTlCNTc0NTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMk/pc5h04Lwqi6lYYu08gUDGE
H/L5YXqTJH3sJoR8J5urMNo0ZOBfCeH1PO5XZ77HPicT5xTW+XqRNzmp6SipGiVD
x+HFT0LCeQI/pyT4wZ0dABNJ3/FaLhrT0hQMco/sXjyEblcCxvs/NXI6/PJ97yWh
uHkOANp3rVLPX2XsfKs+2qa7CZO3tXYAuM/fTMKK2/nxaWKdP9+CkE5YM8Guri4T
DYsz9u+emgUALqimifqUT7THballP4SzuetplBDeDRhglee8BEgO+L+QgC6hiLmZ
Htg2Sjg7zqr6rk+Rw8K8tx/QNM08fy3G1oSGsdcenFj/ReLNHJciV5wioxJnAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUlXun1ztDLZ0/wpaNS8YFYam1dFcwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzgyZTMyMzEzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzOTMwMzQzNS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0I
2TANBgkqhkiG9w0BAQsFAAOCAQEAgxeDT7zID3iMQD/ln2Nx4vxn55fvQV/EkqR4
edyzFG02dOdTikc0Lzo3VW9urTlsUxCz9HFesfVaHOF+KTN+irmIjlNiimyGgCme
31GfZI1jEsbwKDw4ySGI/+gXs3zbz5h/QgXMLXqN/w0hathUo+UT+jMjKwyZPjLT
D9YgUJv1p6Ql103mSWBlr3r4/3xFb0LJJh6O543uvK1/nT9Mq//EhLkGIWedgPvF
ZUB8jTGmXCTydKYgvjf8mWRCSG6Zy0GAGhJVSNWMCyeCuTUzmAxa+0PjeV1wJs9Z
ICazy5iYkPTnsdP4x46F3aEgm23P8YEkkLid1b81KMK2YTa2Fg==
-----END CERTIFICATE-----
Generated at Fri Mar 14 03:01:32 2025 by rpki-client