Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32322d3234203d3e20383334.roa
File: 322e35362e3234382e302f32322d3234203d3e20383334.roa (raw, json)
Hash identifier: 2O3ng3DdY1j9bUfq8NYKOud2bu4RJt6w545/GcOsGeM=
Subject key identifier: EC:73:08:72:50:D6:6E:A4:F2:CF:50:B5:00:35:18:93:B3:7D:9F:4A
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 7C985867F2B920D6A67A0D450611E778DC77BA74
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32322d3234203d3e20383334.roa
Signing time: Wed 22 Mar 2023 18:09:34 +0000
ROA not before: Wed 22 Mar 2023 18:04:34 +0000
ROA not after: Wed 20 Mar 2024 18:09:34 +0000
asID: 834
IP address blocks: 2.56.248.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:98:58:67:f2:b9:20:d6:a6:7a:0d:45:06:11:e7:78:dc:77:ba:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 22 18:04:34 2023 GMT
Not After : Mar 20 18:09:34 2024 GMT
Subject: CN=EC73087250D66EA4F2CF50B500351893B37D9F4A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:51:5d:9e:b0:c6:17:e9:bb:5a:93:57:39:8c:
3b:cb:db:d5:08:d9:9a:af:a3:c0:64:5c:d9:fc:6c:
a9:f9:36:81:bc:43:48:04:8a:21:c9:89:f0:e6:07:
dc:ec:90:ef:a5:85:69:89:ed:cf:ce:60:ad:df:bf:
83:d4:03:05:50:bc:92:71:1c:04:0c:9b:41:af:77:
77:d1:e0:dd:8b:6b:72:5c:df:f9:1e:39:60:9f:33:
81:b8:30:65:7d:71:74:3f:58:dd:c6:71:77:1e:56:
a2:9b:f7:c8:e7:fa:2f:7e:fa:a4:5b:cb:84:4b:46:
b6:fd:72:a0:5b:be:12:a7:5a:05:87:3c:67:ab:68:
a0:aa:7a:53:32:33:30:29:d7:eb:be:05:3f:b8:69:
4a:4d:ee:b3:03:5c:9d:67:b2:00:88:15:e8:cd:38:
a8:c2:ca:7a:86:75:bf:1e:31:e9:30:0f:e2:c2:42:
b2:c0:42:a2:9e:3e:9c:3d:50:aa:05:04:16:6d:e6:
c8:23:be:e8:0d:d5:47:51:f5:58:d8:ea:3f:35:1c:
0d:b9:5d:5e:53:ae:27:84:ca:eb:33:fe:da:96:22:
5d:9e:37:0c:b0:84:61:02:89:50:0a:3c:c7:bd:dd:
79:d7:04:84:af:0c:b9:e6:c4:f8:bb:6c:e1:22:ed:
1c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:73:08:72:50:D6:6E:A4:F2:CF:50:B5:00:35:18:93:B3:7D:9F:4A
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32322d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.248.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:7b:ad:20:6e:0c:da:94:6c:c8:61:35:50:57:52:90:53:fe:
02:3e:2d:47:b9:09:35:a9:e5:da:fe:84:49:6a:f9:cb:93:1b:
f4:7e:0b:e0:42:56:4b:5c:8c:c4:9a:fb:ba:4f:b2:3e:2f:14:
35:a3:7f:62:c3:31:a5:ab:85:67:97:3a:35:56:79:4a:f7:6a:
ae:3b:cc:dd:a3:4b:90:52:67:4f:6c:5a:a2:af:41:06:a9:63:
71:08:59:6e:c6:27:b1:b6:c0:f0:28:70:5f:43:bc:5d:71:73:
8c:9c:0c:aa:62:e2:1e:3d:8d:6c:af:1b:f5:23:47:9b:d2:55:
67:fc:19:e2:b6:e9:94:63:b1:25:24:a1:28:50:84:48:14:e1:
93:17:dd:a4:a3:3a:ca:61:0b:2a:af:25:42:cb:c9:40:1c:ce:
06:e7:78:00:ef:14:51:1d:06:63:b0:26:bf:43:99:e0:a4:77:
a9:de:0e:d0:80:9e:31:ea:5b:11:2b:58:2e:00:74:36:70:73:
ad:51:47:b8:42:ab:ff:e7:cf:39:59:de:5d:f2:db:f9:43:99:
dc:ab:67:11:a2:f0:b7:ec:e3:e3:61:91:25:46:83:9a:65:33:
9c:e4:4b:d4:41:cb:2c:40:34:ec:f4:40:87:48:af:58:01:b9:
62:3d:06:1b
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUfJhYZ/K5INameg1FBhHneNx3unQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzAzMjIxODA0MzRaFw0yNDAzMjAxODA5MzRaMDMxMTAvBgNV
BAMTKEVDNzMwODcyNTBENjZFQTRGMkNGNTBCNTAwMzUxODkzQjM3RDlGNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFUV2esMYX6btak1c5jDvL29UI
2Zqvo8BkXNn8bKn5NoG8Q0gEiiHJifDmB9zskO+lhWmJ7c/OYK3fv4PUAwVQvJJx
HAQMm0Gvd3fR4N2La3Jc3/keOWCfM4G4MGV9cXQ/WN3GcXceVqKb98jn+i9++qRb
y4RLRrb9cqBbvhKnWgWHPGeraKCqelMyMzAp1+u+BT+4aUpN7rMDXJ1nsgCIFejN
OKjCynqGdb8eMekwD+LCQrLAQqKePpw9UKoFBBZt5sgjvugN1UdR9VjY6j81HA25
XV5TrieEyusz/tqWIl2eNwywhGECiVAKPMe93XnXBISvDLnmxPi7bOEi7RzNAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQU7HMIclDWbqTyz1C1ADUYk7N9n0owHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzYyZTMyMzQzODJl
MzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgI4+DANBgkq
hkiG9w0BAQsFAAOCAQEApnutIG4M2pRsyGE1UFdSkFP+Aj4tR7kJNanl2v6ESWr5
y5Mb9H4L4EJWS1yMxJr7uk+yPi8UNaN/YsMxpauFZ5c6NVZ5SvdqrjvM3aNLkFJn
T2xaoq9BBqljcQhZbsYnsbbA8ChwX0O8XXFzjJwMqmLiHj2NbK8b9SNHm9JVZ/wZ
4rbplGOxJSShKFCESBThkxfdpKM6ymELKq8lQsvJQBzOBud4AO8UUR0GY7Amv0OZ
4KR3qd4O0ICeMepbEStYLgB0NnBzrVFHuEKr/+fPOVneXfLb+UOZ3KtnEaLwt+zj
42GRJUaDmmUznORL1EHLLEA07PRAh0ivWAG5Yj0GGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org