Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32342d3234203d3e20323039303433.roa
File: 34352e39352e3231322e302f32342d3234203d3e20323039303433.roa (raw, json)
Hash identifier: JuDf0Q4kFhaMRAPMtRpMVYlb1ULdIBoRmO7z98UkfWk=
Subject key identifier: 18:6D:49:BA:BD:26:8A:72:20:79:09:43:67:4D:41:76:12:0F:BA:ED
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 055847D808AA839D5B7800F20ADC5C06DD865898
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32342d3234203d3e20323039303433.roa
Signing time: Mon 10 Apr 2023 19:13:16 +0000
ROA not before: Mon 10 Apr 2023 19:08:16 +0000
ROA not after: Mon 08 Apr 2024 19:13:16 +0000
asID: 209043
IP address blocks: 45.95.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:58:47:d8:08:aa:83:9d:5b:78:00:f2:0a:dc:5c:06:dd:86:58:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Apr 10 19:08:16 2023 GMT
Not After : Apr 8 19:13:16 2024 GMT
Subject: CN=186D49BABD268A7220790943674D4176120FBAED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:50:fb:dc:9f:88:47:f3:49:59:3a:f0:32:21:
b9:09:74:d0:13:99:1f:b4:97:2c:f3:97:25:e4:03:
4b:cf:61:e6:20:a6:5e:eb:44:ca:ef:29:4a:e9:f7:
4d:52:2d:c0:5c:12:dc:ef:ee:8e:82:a0:97:a6:a6:
1f:ee:a1:5f:e4:37:d6:cb:4a:82:c5:12:7d:ab:4c:
0d:13:a2:b6:5a:62:e5:d6:9a:74:87:4c:b8:39:6e:
bd:6c:c9:26:f3:9f:c6:2c:c6:02:4c:af:2f:f9:1b:
87:f7:26:6c:ac:2d:6e:eb:35:88:3f:20:60:4c:c1:
e1:b8:95:0c:a5:68:02:84:9d:fa:ad:40:d1:b7:b7:
ca:e4:81:ea:3c:77:b8:76:cb:48:42:82:df:fd:33:
ba:43:29:c8:32:9f:bf:f6:29:1f:ae:20:7b:99:67:
60:65:20:2b:3f:45:6f:61:ed:8e:1d:a2:23:08:1a:
f8:dd:30:cb:27:e4:87:94:35:1e:e2:8a:f6:6a:86:
5b:1f:53:36:11:38:9d:fe:73:84:ef:3c:25:d5:4a:
58:aa:8f:f2:d0:af:c9:55:ab:6b:90:5c:9b:ec:b0:
fa:d1:be:ee:0f:7e:ae:86:af:07:79:fd:28:32:fe:
c2:5f:e8:79:da:c6:42:d7:b4:18:92:d4:95:b9:e1:
59:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:6D:49:BA:BD:26:8A:72:20:79:09:43:67:4D:41:76:12:0F:BA:ED
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32342d3234203d3e20323039303433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.212.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:b4:5d:d9:10:8b:f2:71:12:e0:51:73:a3:65:32:09:e0:12:
cf:00:92:ea:6f:9a:22:12:e4:48:0f:c2:76:27:63:18:76:6c:
41:0d:3e:ee:db:73:3f:bd:f3:74:b6:19:cc:08:bd:82:ff:66:
c6:f4:ae:77:e0:59:8e:4b:79:90:4d:e0:4b:62:75:96:a1:f5:
cb:b6:50:fa:6b:4e:96:71:ea:0c:ff:ee:38:ee:a3:be:0b:10:
04:b8:f7:c9:2e:fe:d3:00:59:d9:cd:bd:a1:bc:43:66:cf:a5:
0b:3d:11:ea:ee:bc:ac:1c:30:a7:a4:ef:6c:cc:10:48:c7:26:
0c:90:2e:b2:c2:a5:9a:22:c7:fa:a3:86:cc:cd:de:57:fc:90:
8b:05:9b:d9:96:b1:b7:ee:79:d9:27:5f:31:6f:31:b4:9e:fe:
4e:ee:fd:46:90:e7:42:2f:b2:c7:52:c3:15:06:2d:8f:17:c9:
3c:6c:2e:e0:66:c5:73:84:88:12:72:3a:de:38:a1:a3:b7:2d:
7a:ea:79:63:f7:60:d0:b7:59:24:63:56:28:b7:61:66:ed:b7:
75:90:2d:e7:86:77:3a:ba:e3:32:e4:a9:e4:91:f3:d7:b3:ad:
76:0d:c6:56:6e:83:9e:43:16:cf:d5:e9:94:4d:c5:8e:a6:80:
b6:4d:6a:48
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBVhH2Aiqg51beADyCtxcBt2GWJgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzA0MTAxOTA4MTZaFw0yNDA0MDgxOTEzMTZaMDMxMTAvBgNV
BAMTKDE4NkQ0OUJBQkQyNjhBNzIyMDc5MDk0MzY3NEQ0MTc2MTIwRkJBRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6UPvcn4hH80lZOvAyIbkJdNAT
mR+0lyzzlyXkA0vPYeYgpl7rRMrvKUrp901SLcBcEtzv7o6CoJemph/uoV/kN9bL
SoLFEn2rTA0TorZaYuXWmnSHTLg5br1sySbzn8YsxgJMry/5G4f3JmysLW7rNYg/
IGBMweG4lQylaAKEnfqtQNG3t8rkgeo8d7h2y0hCgt/9M7pDKcgyn7/2KR+uIHuZ
Z2BlICs/RW9h7Y4doiMIGvjdMMsn5IeUNR7iivZqhlsfUzYROJ3+c4TvPCXVSliq
j/LQr8lVq2uQXJvssPrRvu4Pfq6Grwd5/Sgy/sJf6HnaxkLXtBiS1JW54VltAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUGG1Jur0minIgeQlDZ01BdhIPuu0wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzkzNTJlMzIzMTMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM5MzAzNDMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LV/UMA0GCSqGSIb3DQEBCwUAA4IBAQC0tF3ZEIvycRLgUXOjZTIJ4BLPAJLqb5oi
EuRID8J2J2MYdmxBDT7u23M/vfN0thnMCL2C/2bG9K534FmOS3mQTeBLYnWWofXL
tlD6a06WceoM/+447qO+CxAEuPfJLv7TAFnZzb2hvENmz6ULPRHq7rysHDCnpO9s
zBBIxyYMkC6ywqWaIsf6o4bMzd5X/JCLBZvZlrG37nnZJ18xbzG0nv5O7v1GkOdC
L7LHUsMVBi2PF8k8bC7gZsVzhIgScjreOKGjty166nlj92DQt1kkY1Yot2Fm7bd1
kC3nhnc6uuMy5KnkkfPXs612DcZWboOeQxbP1emUTcWOpoC2TWpI
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:56 2024 by rpki-client on console-ams.rpki-client.org