Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38302e302f32342d3234203d3e2036393339.roa
File: 34352e31322e38302e302f32342d3234203d3e2036393339.roa (raw, json)
Hash identifier: 5VA8yns/VJnoCpdeNlx1ALaFeOGSCEqvim7Yu8zWWkg=
Subject key identifier: 34:38:64:EF:09:D8:87:B9:15:39:CF:AB:46:3B:C9:A0:A5:E3:EF:9F
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 55B1A9185CF9F8DAB8874D1649DB0FCBA28D7FAC
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38302e302f32342d3234203d3e2036393339.roa
Signing time: Wed 22 Mar 2023 18:10:46 +0000
ROA not before: Wed 22 Mar 2023 18:05:46 +0000
ROA not after: Wed 20 Mar 2024 18:10:46 +0000
asID: 6939
IP address blocks: 45.12.80.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:b1:a9:18:5c:f9:f8:da:b8:87:4d:16:49:db:0f:cb:a2:8d:7f:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 22 18:05:46 2023 GMT
Not After : Mar 20 18:10:46 2024 GMT
Subject: CN=343864EF09D887B91539CFAB463BC9A0A5E3EF9F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1b:f2:e0:09:c4:20:b7:ad:60:cc:e7:45:91:
e0:76:c3:2f:82:d8:cf:b6:5e:f4:99:a9:8b:5b:ea:
b1:28:ff:eb:8a:7e:19:24:2b:df:09:3f:9b:f2:b1:
8e:9d:d7:07:16:89:cd:e7:57:43:56:50:23:b4:53:
8f:7b:1c:5a:33:e9:75:bf:96:f2:86:1b:df:6c:97:
9c:23:80:d2:02:cc:b8:95:fa:dd:d8:41:0f:7c:5f:
3d:1b:1b:45:cf:ad:a3:cb:4c:ba:18:ca:e3:88:23:
50:4b:21:0a:78:16:1b:de:6b:d6:78:f2:d5:5c:86:
64:2d:3c:a5:14:d9:30:d0:04:d3:38:b8:58:69:d0:
23:c4:9e:33:4c:b8:d7:a9:b2:c1:d2:ac:44:f5:11:
2d:f6:09:e7:14:1a:be:d9:2e:c1:31:d9:7c:ae:56:
b7:e1:e1:45:8d:c2:37:c6:08:75:ff:be:3f:19:b0:
49:7e:1a:e3:34:75:95:1c:bd:c6:94:35:d8:7f:cd:
7a:86:08:3f:a5:05:50:21:b9:a8:24:c7:ef:15:05:
38:72:4a:fa:8e:98:55:29:05:97:95:4f:d7:c8:e1:
9c:f2:83:fc:61:19:43:03:01:2e:67:60:5d:ed:39:
c0:e2:d3:8f:26:62:a0:c5:a5:57:42:2f:16:0d:7c:
00:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:38:64:EF:09:D8:87:B9:15:39:CF:AB:46:3B:C9:A0:A5:E3:EF:9F
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38302e302f32342d3234203d3e2036393339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.80.0/24
Signature Algorithm: sha256WithRSAEncryption
05:4e:66:3c:5e:c9:d1:9d:2b:62:c9:42:6d:8a:7a:b2:29:b9:
62:b3:05:d7:ab:46:bc:13:cd:13:c4:d4:7a:a6:7f:04:e5:8d:
b0:6a:1a:b9:a1:a0:4c:66:8a:a8:7e:44:e8:e4:0a:a5:bd:a7:
24:4a:92:45:96:f0:c0:41:f5:5e:ee:cc:58:c6:b9:88:07:f8:
d3:08:e7:eb:71:ab:6b:22:06:fc:71:cc:8c:c8:7b:b4:cb:3e:
2c:04:92:47:4d:b4:44:04:b5:88:80:ee:ad:7a:66:d3:79:bb:
04:b6:e8:ec:1d:a1:7e:52:4d:fd:e2:7e:20:3e:fe:49:36:7d:
9e:e9:71:cf:57:2a:4a:3a:d6:92:f7:06:18:ec:77:21:54:11:
61:9c:c3:b0:01:ea:99:61:3a:95:08:07:f5:db:9d:3d:86:e4:
7e:ac:c8:32:f5:c8:e9:e1:8d:1e:c9:14:7f:f2:5a:31:05:03:
eb:b4:4e:c6:65:66:14:88:c4:58:22:95:c2:46:99:83:55:14:
9e:b1:92:e7:ae:3b:f4:64:77:61:49:7f:b9:c7:d2:dd:42:f7:
07:5c:df:58:00:bb:ca:3a:f3:40:03:f9:66:13:45:75:22:d9:
cb:7a:11:4d:74:91:4a:70:7a:a1:39:1c:de:a9:f9:ee:b3:0d:
0b:2c:4f:bc
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUVbGpGFz5+Nq4h00WSdsPy6KNf6wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzAzMjIxODA1NDZaFw0yNDAzMjAxODEwNDZaMDMxMTAvBgNV
BAMTKDM0Mzg2NEVGMDlEODg3QjkxNTM5Q0ZBQjQ2M0JDOUEwQTVFM0VGOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsG/LgCcQgt61gzOdFkeB2wy+C
2M+2XvSZqYtb6rEo/+uKfhkkK98JP5vysY6d1wcWic3nV0NWUCO0U497HFoz6XW/
lvKGG99sl5wjgNICzLiV+t3YQQ98Xz0bG0XPraPLTLoYyuOII1BLIQp4Fhvea9Z4
8tVchmQtPKUU2TDQBNM4uFhp0CPEnjNMuNepssHSrET1ES32CecUGr7ZLsEx2Xyu
Vrfh4UWNwjfGCHX/vj8ZsEl+GuM0dZUcvcaUNdh/zXqGCD+lBVAhuagkx+8VBThy
SvqOmFUpBZeVT9fI4Zzyg/xhGUMDAS5nYF3tOcDi048mYqDFpVdCLxYNfABtAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUNDhk7wnYh7kVOc+rRjvJoKXj758wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMjJlMzgzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzkzMzM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQxQMA0G
CSqGSIb3DQEBCwUAA4IBAQAFTmY8XsnRnStiyUJtinqyKbliswXXq0a8E80TxNR6
pn8E5Y2wahq5oaBMZoqofkTo5AqlvackSpJFlvDAQfVe7sxYxrmIB/jTCOfrcatr
Igb8ccyMyHu0yz4sBJJHTbREBLWIgO6tembTebsEtujsHaF+Uk394n4gPv5JNn2e
6XHPVypKOtaS9wYY7HchVBFhnMOwAeqZYTqVCAf12509huR+rMgy9cjp4Y0eyRR/
8loxBQPrtE7GZWYUiMRYIpXCRpmDVRSesZLnrjv0ZHdhSX+5x9LdQvcHXN9YALvK
OvNAA/lmE0V1ItnLehFNdJFKcHqhORzeqfnusw0LLE+8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org