Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32342d3234203d3e203231383539.roa
File: 34352e39352e3231322e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: 3UCL7JG9EViBr3xOTZsvRJMUCJ7hFr8jVKziAoT4ldY=
Subject key identifier: 5C:9B:F1:12:C2:98:7F:3A:2B:46:9A:8E:E6:49:4A:CB:76:97:06:1F
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 3D551CF859CB8F9722D93033EABC0445A1C5D66A
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32342d3234203d3e203231383539.roa
Signing time: Sat 23 Dec 2023 09:58:29 +0000
ROA not before: Sat 23 Dec 2023 09:53:29 +0000
ROA not after: Sat 21 Dec 2024 09:58:29 +0000
asID: 21859
IP address blocks: 45.95.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:55:1c:f8:59:cb:8f:97:22:d9:30:33:ea:bc:04:45:a1:c5:d6:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Dec 23 09:53:29 2023 GMT
Not After : Dec 21 09:58:29 2024 GMT
Subject: CN=5C9BF112C2987F3A2B469A8EE6494ACB7697061F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b8:94:1f:51:8c:f5:26:3f:b0:12:2f:88:07:
51:e8:26:cd:a9:33:b2:44:ec:64:b2:ce:00:c0:f1:
8d:fe:da:5a:8b:6c:92:59:66:c8:17:59:cd:a1:7d:
2c:93:f7:c5:f5:bf:42:fc:ca:da:5a:af:97:c2:35:
4d:56:e4:17:ea:79:39:54:05:8c:57:b0:50:0d:45:
da:1d:60:68:0e:ab:01:27:36:ed:6c:7d:86:d3:e9:
b0:95:4c:9c:41:50:d8:89:25:79:8c:6b:91:f7:36:
37:05:5b:9b:f0:18:71:5c:5f:78:b8:8d:e9:9d:fa:
d3:68:f7:67:5e:15:01:f6:0e:76:ca:04:67:af:39:
47:9d:85:fb:54:a3:f0:5b:38:08:9d:95:5b:a6:8a:
b5:24:66:ee:1b:f5:5f:b6:a9:f7:af:04:e1:9d:f3:
0b:bb:61:de:80:9b:04:ef:31:15:fd:c6:ef:43:22:
c2:70:a3:a9:55:92:83:9b:89:a7:59:61:d8:89:6b:
a0:42:0a:7b:db:5f:65:08:bb:f9:06:25:b0:81:f3:
51:41:6d:ba:8d:cc:a6:c2:8b:9c:3a:10:7f:bf:cf:
d3:fe:f1:ed:9c:f7:1d:e2:d0:aa:32:77:9a:15:65:
7f:f8:69:e9:68:80:b9:ff:d0:61:1f:a0:85:a4:ae:
48:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:9B:F1:12:C2:98:7F:3A:2B:46:9A:8E:E6:49:4A:CB:76:97:06:1F
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231322e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.212.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:ba:eb:40:6e:90:12:b3:4d:de:39:43:52:c7:92:8a:21:cb:
19:87:ef:79:5c:dc:e4:f6:80:ef:aa:57:b4:18:f9:64:f2:7a:
11:98:e5:4c:42:b2:8c:54:b2:4a:0d:6d:7d:b0:5d:41:ae:b3:
df:ab:aa:1b:dd:c7:62:e6:aa:22:ab:20:f9:ff:61:45:65:b1:
b1:5c:0e:62:29:08:45:b3:ba:19:f0:ce:40:60:60:c9:d8:42:
02:d5:3e:6c:a8:50:3f:b3:2c:a1:42:38:a9:c4:0b:6b:a3:c8:
65:bc:9d:ad:eb:f1:db:d8:41:fd:f4:f7:ae:01:64:5a:73:d5:
44:89:ef:67:4a:d8:50:c8:5b:5e:ca:e8:fc:6f:05:05:29:8e:
6b:9d:3b:98:53:b1:9c:db:ad:51:97:ba:31:0d:07:3e:85:6b:
41:77:a7:cf:bc:95:9e:91:fe:b3:56:87:0c:d8:74:ac:ad:d0:
52:da:81:23:49:24:e5:d1:6d:05:7a:6c:61:fc:cc:7f:c6:1d:
e0:8f:55:09:da:ea:62:a4:7f:28:29:68:f1:70:ab:51:8d:56:
4b:b4:d2:29:55:c6:5c:6b:2b:e8:37:2a:fa:d6:e5:59:1e:2c:
ca:a3:a0:64:4b:21:b0:28:45:26:80:25:d1:32:fd:94:06:dc:
e2:96:19:95
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUPVUc+FnLj5ci2TAz6rwERaHF1mowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzEyMjMwOTUzMjlaFw0yNDEyMjEwOTU4MjlaMDMxMTAvBgNV
BAMTKDVDOUJGMTEyQzI5ODdGM0EyQjQ2OUE4RUU2NDk0QUNCNzY5NzA2MUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyuJQfUYz1Jj+wEi+IB1HoJs2p
M7JE7GSyzgDA8Y3+2lqLbJJZZsgXWc2hfSyT98X1v0L8ytpar5fCNU1W5BfqeTlU
BYxXsFANRdodYGgOqwEnNu1sfYbT6bCVTJxBUNiJJXmMa5H3NjcFW5vwGHFcX3i4
jemd+tNo92deFQH2DnbKBGevOUedhftUo/BbOAidlVumirUkZu4b9V+2qfevBOGd
8wu7Yd6AmwTvMRX9xu9DIsJwo6lVkoObiadZYdiJa6BCCnvbX2UIu/kGJbCB81FB
bbqNzKbCi5w6EH+/z9P+8e2c9x3i0Koyd5oVZX/4aelogLn/0GEfoIWkrkiNAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUXJvxEsKYfzorRpqO5klKy3aXBh8wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzkzNTJlMzIzMTMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM4MzUzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1f
1DANBgkqhkiG9w0BAQsFAAOCAQEAmrrrQG6QErNN3jlDUseSiiHLGYfveVzc5PaA
76pXtBj5ZPJ6EZjlTEKyjFSySg1tfbBdQa6z36uqG93HYuaqIqsg+f9hRWWxsVwO
YikIRbO6GfDOQGBgydhCAtU+bKhQP7MsoUI4qcQLa6PIZbydrevx29hB/fT3rgFk
WnPVRInvZ0rYUMhbXsro/G8FBSmOa507mFOxnNutUZe6MQ0HPoVrQXenz7yVnpH+
s1aHDNh0rK3QUtqBI0kk5dFtBXpsYfzMf8Yd4I9VCdrqYqR/KClo8XCrUY1WS7TS
KVXGXGsr6Dcq+tblWR4syqOgZEshsChFJoAl0TL9lAbc4pYZlQ==
-----END CERTIFICATE-----
Generated at Fri Mar 14 03:01:39 2025 by rpki-client