Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39382e302f32342d3234203d3e2030.roa
File: 34352e3133372e39382e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: 7f8VFX3U4AfvP6xEFyXdT0NSvxuvLegrbScedt8ZVd0=
Subject key identifier: 50:48:0A:72:E1:FB:32:B8:B9:71:0F:D8:B6:5A:77:22:12:A2:28:DA
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 5A0D5CA23BE2CA66750B0DC115F0937A6BC52B92
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39382e302f32342d3234203d3e2030.roa
Signing time: Sat 01 Apr 2023 07:17:20 +0000
ROA not before: Sat 01 Apr 2023 07:12:20 +0000
ROA not after: Sat 30 Mar 2024 07:17:20 +0000
asID: 0
IP address blocks: 45.137.98.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:0d:5c:a2:3b:e2:ca:66:75:0b:0d:c1:15:f0:93:7a:6b:c5:2b:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Apr 1 07:12:20 2023 GMT
Not After : Mar 30 07:17:20 2024 GMT
Subject: CN=50480A72E1FB32B8B9710FD8B65A772212A228DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:00:f7:da:f5:b2:82:88:cb:a5:ab:39:5b:e2:
85:ed:39:cd:ff:cb:f3:bb:b1:e9:af:11:fd:95:b4:
12:6f:e6:5c:b3:a5:33:30:c9:89:b4:d4:ac:f1:5d:
7a:5b:10:f8:f7:f3:1e:5d:f0:6c:10:82:53:98:1b:
e9:9a:e0:a6:d5:ea:77:9e:37:88:05:dc:d6:16:9f:
48:6e:b5:1b:7b:85:43:ea:6b:1d:a5:5d:a7:92:14:
18:8e:a7:fb:fa:30:33:70:38:4a:33:0e:92:3f:07:
a4:d5:a6:c4:c9:28:f1:5c:2d:72:45:36:23:8a:b0:
b0:da:ee:d7:db:9d:ae:51:b0:72:94:95:e3:9b:f2:
3e:1e:06:85:a7:bc:f8:6c:52:a4:29:55:e5:c7:3a:
5a:f0:f0:5e:fd:6a:7e:26:b2:aa:db:9e:39:28:d7:
db:f4:ec:cc:a5:e5:88:bd:13:07:d6:dd:74:cf:da:
0b:88:bf:05:82:34:c7:85:e9:2c:8d:5c:b6:5f:62:
4b:ab:d7:5a:86:10:8d:e2:db:a8:16:1c:8e:af:11:
d1:17:9a:9b:b5:e2:d4:34:cb:49:81:60:8a:7c:23:
84:3f:8a:59:10:9e:11:5b:b5:ed:7e:e5:11:a8:04:
64:3a:49:35:2d:a9:6b:0b:da:28:d8:f8:53:1d:fc:
69:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:48:0A:72:E1:FB:32:B8:B9:71:0F:D8:B6:5A:77:22:12:A2:28:DA
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39382e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.98.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:6f:de:6e:26:e4:bd:71:d8:a9:2a:a0:d4:9c:8f:b5:cc:9c:
c9:39:75:b2:ee:38:b6:f9:3a:d0:1d:0b:f9:1b:b4:bf:91:34:
1d:a3:4a:18:d7:e8:a2:27:05:bc:5d:7c:ea:2b:0c:95:7e:0f:
9f:74:de:07:0d:a6:e9:7a:23:58:62:c4:a2:06:ff:27:2c:06:
3b:4d:9e:67:e4:e6:1c:82:cc:59:29:10:5d:41:81:75:70:87:
c2:a4:b7:23:41:c2:a4:cd:e1:bc:c9:cd:09:74:12:39:ab:f1:
8e:e4:5a:76:2b:4b:e8:13:50:38:c5:a5:11:86:e6:c6:84:ea:
f7:83:c0:df:4b:b2:5e:bb:63:a4:ce:48:c1:a8:17:3b:20:b5:
63:17:fc:c8:5f:b2:82:3b:6c:31:46:85:e0:3b:b3:82:f4:27:
ed:55:0f:d8:ff:66:a2:2a:ee:90:75:f0:6d:6f:bf:95:69:0b:
3d:b3:c6:29:fb:fc:33:e2:09:e1:15:f9:87:ba:61:88:0f:e2:
50:46:1b:c6:16:5a:c9:c4:63:0a:24:23:85:3b:3a:f7:a2:8d:
95:d8:01:a4:ae:e6:d1:4f:c4:87:a7:51:56:9c:5d:48:fa:6a:
55:18:24:42:47:63:37:b4:00:1e:e5:dc:b0:55:f8:6f:ff:40:
6f:df:cb:0f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUWg1cojviymZ1Cw3BFfCTemvFK5IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzA0MDEwNzEyMjBaFw0yNDAzMzAwNzE3MjBaMDMxMTAvBgNV
BAMTKDUwNDgwQTcyRTFGQjMyQjhCOTcxMEZEOEI2NUE3NzIyMTJBMjI4REEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhAPfa9bKCiMulqzlb4oXtOc3/
y/O7semvEf2VtBJv5lyzpTMwyYm01KzxXXpbEPj38x5d8GwQglOYG+ma4KbV6nee
N4gF3NYWn0hutRt7hUPqax2lXaeSFBiOp/v6MDNwOEozDpI/B6TVpsTJKPFcLXJF
NiOKsLDa7tfbna5RsHKUleOb8j4eBoWnvPhsUqQpVeXHOlrw8F79an4msqrbnjko
19v07Myl5Yi9EwfW3XTP2guIvwWCNMeF6SyNXLZfYkur11qGEI3i26gWHI6vEdEX
mpu14tQ0y0mBYIp8I4Q/ilkQnhFbte1+5RGoBGQ6STUtqWsL2ijY+FMd/GklAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUUEgKcuH7Mri5cQ/Ytlp3IhKiKNowHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtiWIwDQYJKoZI
hvcNAQELBQADggEBAA1v3m4m5L1x2KkqoNScj7XMnMk5dbLuOLb5OtAdC/kbtL+R
NB2jShjX6KInBbxdfOorDJV+D5903gcNpul6I1hixKIG/ycsBjtNnmfk5hyCzFkp
EF1BgXVwh8KktyNBwqTN4bzJzQl0Ejmr8Y7kWnYrS+gTUDjFpRGG5saE6veDwN9L
sl67Y6TOSMGoFzsgtWMX/MhfsoI7bDFGheA7s4L0J+1VD9j/ZqIq7pB18G1vv5Vp
Cz2zxin7/DPiCeEV+Ye6YYgP4lBGG8YWWsnEYwokI4U7OveijZXYAaSu5tFPxIen
UVacXUj6alUYJEJHYze0AB7l3LBV+G//QG/fyw8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:56:36 2025 by rpki-client