Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e20323033353131.roa
File: 34352e39352e3231342e302f32342d3234203d3e20323033353131.roa (raw, json)
Hash identifier: rCH3Qw4WTBZNt3zyVriiJqNEKk0YquNQYWvQtTn5Skc=
Subject key identifier: 58:1E:36:75:AD:90:0F:BB:24:BF:8C:21:BB:AC:95:44:65:1F:BC:D1
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 520F82CA79D9C813A7DA9679D8234DFA3DDBA7D8
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e20323033353131.roa
Signing time: Sun 22 Jan 2023 15:55:43 +0000
ROA not before: Sun 22 Jan 2023 15:50:43 +0000
ROA not after: Sun 21 Jan 2024 15:55:43 +0000
asID: 203511
IP address blocks: 45.95.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:0f:82:ca:79:d9:c8:13:a7:da:96:79:d8:23:4d:fa:3d:db:a7:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jan 22 15:50:43 2023 GMT
Not After : Jan 21 15:55:43 2024 GMT
Subject: CN=581E3675AD900FBB24BF8C21BBAC9544651FBCD1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:cf:e8:af:c1:53:b0:c7:fc:8f:ae:05:d7:42:
03:7b:dc:a6:d6:ef:cb:28:9e:e7:f7:70:83:35:dd:
a2:a2:40:ba:3c:36:85:ee:e0:1c:97:78:c9:b3:ff:
7f:c6:bb:87:3a:2a:30:3f:20:48:0f:c9:98:a4:c6:
7d:4d:a9:21:46:bc:8f:b8:0a:ac:8c:69:29:94:f2:
06:0f:5c:e5:55:47:83:e3:73:4e:47:b9:d5:01:0c:
b4:01:40:65:4e:74:d5:95:b4:5d:e1:2f:04:05:54:
bc:45:ba:87:2a:e0:74:22:c5:f3:b5:d5:49:93:80:
65:3a:28:8b:23:8e:49:bf:7f:5d:71:e8:89:55:c6:
c2:8f:a0:24:99:0d:55:5b:bf:78:24:d4:b6:d0:f7:
2c:5d:39:ed:a4:f0:48:c0:e8:b4:c9:29:2f:bd:dc:
30:9d:9e:a7:3c:40:31:d6:24:b2:4e:a7:2a:44:15:
00:b7:e7:7a:70:cc:67:8c:ee:40:a2:c8:7d:3c:49:
94:36:bd:5a:73:de:6e:6a:51:91:59:e9:df:01:4a:
06:57:96:08:9c:ba:3e:8b:b1:5c:d5:d6:ae:4e:84:
35:0f:fd:ce:51:0a:a7:74:b1:39:a7:76:64:2f:e7:
a5:fb:08:f4:7a:29:58:78:40:cf:a0:69:36:0a:27:
b3:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:1E:36:75:AD:90:0F:BB:24:BF:8C:21:BB:AC:95:44:65:1F:BC:D1
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e20323033353131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.214.0/24
Signature Algorithm: sha256WithRSAEncryption
64:dc:da:48:26:d1:fa:de:fa:e9:45:29:48:4c:4f:0b:3f:d3:
5d:46:0f:25:41:03:44:30:77:fa:86:04:80:ac:7b:6b:0e:43:
07:e1:f0:03:b4:e9:05:17:31:9f:1d:c5:e6:2d:df:a0:10:1d:
d6:59:59:0c:ea:55:e4:a9:f2:64:7a:77:28:25:0d:2e:71:06:
0e:18:d6:73:77:59:80:5f:a9:fc:d6:9c:75:0b:0b:1a:d4:37:
e4:ac:52:e1:d0:d0:86:ed:1c:70:1d:d7:d0:67:ad:ab:25:49:
29:93:f2:1f:21:aa:ad:c2:0b:e6:a8:59:5c:8b:be:d7:1e:51:
dd:ce:9b:2b:b6:bd:5a:d8:1a:e3:97:02:00:8e:af:24:53:78:
a1:4e:9e:87:0e:3f:69:0f:d4:26:bf:df:28:ff:82:d7:90:9b:
dd:c8:ca:f5:76:cc:db:55:c8:0c:be:ea:57:15:6c:f9:e4:38:
12:db:64:31:54:f1:5e:a9:ac:82:5c:9d:93:72:bd:03:00:15:
17:89:68:43:f7:0b:7e:58:cc:a4:eb:17:97:53:67:b3:31:11:
33:de:56:3a:10:e6:51:d6:d4:17:15:a8:62:01:d5:b8:18:73:
b1:30:f0:b5:d5:23:0b:31:e6:b8:fb:42:9d:de:76:67:02:8d:
8e:9e:e1:06
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUUg+CynnZyBOn2pZ52CNN+j3bp9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yMzAxMjIxNTUwNDNaFw0yNDAxMjExNTU1NDNaMDMxMTAvBgNV
BAMTKDU4MUUzNjc1QUQ5MDBGQkIyNEJGOEMyMUJCQUM5NTQ0NjUxRkJDRDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDz+ivwVOwx/yPrgXXQgN73KbW
78sonuf3cIM13aKiQLo8NoXu4ByXeMmz/3/Gu4c6KjA/IEgPyZikxn1NqSFGvI+4
CqyMaSmU8gYPXOVVR4Pjc05HudUBDLQBQGVOdNWVtF3hLwQFVLxFuocq4HQixfO1
1UmTgGU6KIsjjkm/f11x6IlVxsKPoCSZDVVbv3gk1LbQ9yxdOe2k8EjA6LTJKS+9
3DCdnqc8QDHWJLJOpypEFQC353pwzGeM7kCiyH08SZQ2vVpz3m5qUZFZ6d8BSgZX
lgicuj6LsVzV1q5OhDUP/c5RCqd0sTmndmQv56X7CPR6KVh4QM+gaTYKJ7PtAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUWB42da2QD7skv4whu6yVRGUfvNEwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzkzNTJlMzIzMTM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMzMzUzMTMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LV/WMA0GCSqGSIb3DQEBCwUAA4IBAQBk3NpIJtH63vrpRSlITE8LP9NdRg8lQQNE
MHf6hgSArHtrDkMH4fADtOkFFzGfHcXmLd+gEB3WWVkM6lXkqfJkencoJQ0ucQYO
GNZzd1mAX6n81px1Cwsa1DfkrFLh0NCG7RxwHdfQZ62rJUkpk/IfIaqtwgvmqFlc
i77XHlHdzpsrtr1a2BrjlwIAjq8kU3ihTp6HDj9pD9Qmv98o/4LXkJvdyMr1dszb
VcgMvupXFWz55DgS22QxVPFeqayCXJ2Tcr0DABUXiWhD9wt+WMyk6xeXU2ezMREz
3lY6EOZR1tQXFahiAdW4GHOxMPC11SMLMea4+0Kd3nZnAo2OnuEG
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:10 2024 by rpki-client on console-fra.rpki-client.org