Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35382e302f32342d3234203d3e20313336353537.roa
File: 322e35392e35382e302f32342d3234203d3e20313336353537.roa (raw, json)
Hash identifier: t9EY3b6X3WLqfq1OuA4X/tcLQlgfmDHjD6mup+ahna0=
Subject key identifier: 20:CA:4B:4C:B8:E8:2C:A8:CC:E8:8D:AB:58:D1:FF:15:C5:47:27:F0
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 5E8305B867C29B867927493B07ABD8F75EF886B2
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35382e302f32342d3234203d3e20313336353537.roa
Signing time: Wed 22 Mar 2023 18:10:18 +0000
ROA not before: Wed 22 Mar 2023 18:05:18 +0000
ROA not after: Wed 20 Mar 2024 18:10:18 +0000
asID: 136557
IP address blocks: 2.59.58.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:83:05:b8:67:c2:9b:86:79:27:49:3b:07:ab:d8:f7:5e:f8:86:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 22 18:05:18 2023 GMT
Not After : Mar 20 18:10:18 2024 GMT
Subject: CN=20CA4B4CB8E82CA8CCE88DAB58D1FF15C54727F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2a:9f:9c:5a:5c:fe:0f:8a:9b:da:ee:9f:73:
f5:9e:d0:c8:51:c9:4c:3d:e3:88:7d:03:e5:7c:4e:
8c:c3:d8:1f:68:35:8f:09:e8:07:34:32:9d:bd:47:
eb:8a:6f:0b:c9:e5:aa:01:03:73:f7:80:3f:7a:5b:
a2:0a:be:18:26:77:1f:cd:e1:f2:43:5a:e7:66:95:
bd:2a:50:71:aa:76:c9:1b:cb:2b:55:42:a5:89:af:
af:d1:e9:89:8a:57:6e:a8:fc:51:4e:c6:f5:22:42:
2f:c4:f4:f9:f0:2d:ac:89:2a:20:46:bc:72:62:55:
f2:e0:57:85:d3:68:f4:cc:53:6c:18:78:2a:43:58:
9a:db:67:de:80:48:a4:6f:2b:e7:90:1e:f7:b0:f9:
63:eb:9e:e9:ff:b5:09:e2:5b:43:53:ab:cf:65:03:
ad:98:ab:8f:00:83:c9:ea:63:f9:5f:c7:c9:9d:61:
65:52:e7:f9:f1:93:9c:73:a2:2e:a2:fc:c3:c3:79:
93:18:12:53:9b:6d:54:14:19:b3:19:47:66:30:80:
39:98:5b:a5:47:61:cc:56:f1:97:9b:36:04:09:21:
ee:7b:61:58:b8:b9:d4:21:59:df:84:08:38:27:9e:
db:9f:6d:e5:fc:a3:d7:dd:f4:8e:75:37:0d:13:09:
21:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:CA:4B:4C:B8:E8:2C:A8:CC:E8:8D:AB:58:D1:FF:15:C5:47:27:F0
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35382e302f32342d3234203d3e20313336353537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.58.0/24
Signature Algorithm: sha256WithRSAEncryption
af:1a:dc:99:fe:e9:21:38:bc:78:a2:e0:52:4f:93:6e:03:8e:
8c:9b:44:6b:32:ee:ac:5e:c2:f3:53:5e:a3:75:9e:8e:77:0c:
54:40:ca:d1:eb:53:77:67:8d:a7:b7:d8:da:30:1c:2d:34:cc:
c7:5f:94:67:2a:11:d0:fd:e0:25:9e:b5:7b:43:0d:92:6d:8a:
d8:ac:b6:a1:7c:70:45:57:87:0d:6c:7a:bf:d8:c4:bd:f2:76:
a5:e3:15:6d:73:8b:f5:0b:89:1a:21:26:6c:b2:04:57:25:b3:
f2:b0:56:51:40:d9:95:ff:ba:e7:15:f4:3b:d3:45:5e:d1:51:
ff:8a:a9:50:a9:5e:54:86:83:87:e0:56:2c:7e:9a:3f:41:51:
e8:c8:78:fc:58:f1:11:88:fd:e2:1f:73:aa:22:2f:8f:87:7e:
40:b8:f5:68:12:80:9b:5d:f4:a7:2a:6d:45:a7:f8:31:57:af:
f0:9a:1d:4e:fd:6a:d7:1c:c9:c3:53:ac:db:77:b6:86:99:7c:
57:1d:85:26:82:86:e9:92:eb:b8:aa:9f:a6:29:47:e4:05:83:
80:b1:80:64:1d:af:43:95:c8:e9:04:80:2f:a2:cf:80:e0:84:
03:1d:57:2c:69:9e:f8:ce:05:88:80:77:2d:ea:e7:67:f1:9d:
5a:c7:c5:ef
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUXoMFuGfCm4Z5J0k7B6vY9174hrIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzAzMjIxODA1MThaFw0yNDAzMjAxODEwMThaMDMxMTAvBgNV
BAMTKDIwQ0E0QjRDQjhFODJDQThDQ0U4OERBQjU4RDFGRjE1QzU0NzI3RjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUKp+cWlz+D4qb2u6fc/We0MhR
yUw944h9A+V8TozD2B9oNY8J6Ac0Mp29R+uKbwvJ5aoBA3P3gD96W6IKvhgmdx/N
4fJDWudmlb0qUHGqdskbyytVQqWJr6/R6YmKV26o/FFOxvUiQi/E9PnwLayJKiBG
vHJiVfLgV4XTaPTMU2wYeCpDWJrbZ96ASKRvK+eQHvew+WPrnun/tQniW0NTq89l
A62Yq48Ag8nqY/lfx8mdYWVS5/nxk5xzoi6i/MPDeZMYElObbVQUGbMZR2YwgDmY
W6VHYcxW8ZebNgQJIe57YVi4udQhWd+ECDgnntufbeX8o9fd9I51Nw0TCSGpAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUIMpLTLjoLKjM6I2rWNH/FcVHJ/AwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzkyZTM1MzgyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNTM1Mzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOzow
DQYJKoZIhvcNAQELBQADggEBAK8a3Jn+6SE4vHii4FJPk24DjoybRGsy7qxewvNT
XqN1no53DFRAytHrU3dnjae32NowHC00zMdflGcqEdD94CWetXtDDZJtitistqF8
cEVXhw1ser/YxL3ydqXjFW1zi/ULiRohJmyyBFcls/KwVlFA2ZX/uucV9DvTRV7R
Uf+KqVCpXlSGg4fgVix+mj9BUejIePxY8RGI/eIfc6oiL4+HfkC49WgSgJtd9Kcq
bUWn+DFXr/CaHU79atccycNTrNt3toaZfFcdhSaChumS67iqn6YpR+QFg4CxgGQd
r0OVyOkEgC+iz4DghAMdVyxpnvjOBYiAdy3q52fxnVrHxe8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:00:50 2025 by rpki-client