Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35372e302f32342d3234203d3e20333939373436.roa
File: 34352e3135382e35372e302f32342d3234203d3e20333939373436.roa (raw, json)
Hash identifier: fjvUI+xXD1Egek5WHzaZUbXOnzsqB0ezVqeSbCPePDA=
Subject key identifier: FD:BD:BC:C8:F3:D4:0A:5F:4E:91:10:15:CA:7E:44:21:FA:D1:09:51
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 5FFDD23A86058F2BFB6826F207D92B5F4A112BAA
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35372e302f32342d3234203d3e20333939373436.roa
Signing time: Wed 22 Mar 2023 18:13:23 +0000
ROA not before: Wed 22 Mar 2023 18:08:23 +0000
ROA not after: Wed 20 Mar 2024 18:13:23 +0000
asID: 399746
IP address blocks: 45.158.57.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:fd:d2:3a:86:05:8f:2b:fb:68:26:f2:07:d9:2b:5f:4a:11:2b:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 22 18:08:23 2023 GMT
Not After : Mar 20 18:13:23 2024 GMT
Subject: CN=FDBDBCC8F3D40A5F4E911015CA7E4421FAD10951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:34:6b:37:ba:7e:58:11:35:98:14:6b:0d:14:
52:a8:7a:8e:a2:5d:87:95:2c:c6:7e:ef:77:dc:da:
1e:63:cd:07:8b:19:59:83:ed:81:7b:21:2c:19:b3:
3b:fa:32:d8:31:c8:6d:fa:0a:2e:70:c8:9d:be:96:
1b:ab:87:eb:f8:97:8b:e2:0d:38:85:10:d4:71:a5:
9f:1f:71:3a:10:c8:25:93:9a:6b:3a:e7:f7:e5:db:
d1:a1:51:0d:bc:2b:36:d5:6b:98:9e:19:30:c7:ad:
25:aa:f6:ba:96:75:26:d0:18:cb:ee:cb:cc:49:80:
b9:c4:8b:3b:4c:a8:f7:aa:a2:a6:52:b4:3e:b2:96:
28:77:8d:df:6c:15:2d:cd:8b:63:36:e2:75:e9:b9:
c1:e3:0d:a3:c3:83:81:32:79:7b:ec:a7:eb:33:67:
8a:17:c0:b9:91:76:08:47:51:fe:44:d4:85:51:68:
75:4a:cd:24:43:a1:90:64:55:1e:4b:d1:cd:24:05:
41:69:ff:0a:11:19:a1:a9:c2:8a:40:a1:f4:39:f0:
17:de:43:97:ac:ee:b8:bc:be:a1:0d:cb:c4:a9:c1:
ca:36:3d:0b:29:3c:7c:0a:9a:c0:e5:61:c0:f9:23:
4e:3f:65:ec:de:9d:d9:6a:57:21:5f:ec:d1:e1:22:
2c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:BD:BC:C8:F3:D4:0A:5F:4E:91:10:15:CA:7E:44:21:FA:D1:09:51
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35372e302f32342d3234203d3e20333939373436.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.57.0/24
Signature Algorithm: sha256WithRSAEncryption
13:d1:27:dc:61:31:21:91:57:dc:e9:68:d9:04:ea:ab:07:76:
d5:46:5d:09:33:0b:55:2e:24:98:d5:87:fa:ed:4c:25:7f:16:
83:0c:96:17:30:99:da:a7:02:39:15:c7:94:7a:58:22:cc:f6:
2d:06:62:1f:fc:3a:50:13:29:aa:b9:90:27:9f:ca:63:f2:cf:
5c:60:2c:bf:94:20:07:01:70:15:6d:4a:71:a4:f5:39:a0:b2:
5d:76:0c:24:9d:c2:4c:02:48:d7:99:16:f1:30:1b:90:8b:1f:
c6:27:93:0a:de:85:bb:82:10:d4:f6:af:85:c3:cf:e4:c9:7d:
d8:53:b9:54:95:19:cd:d2:68:53:d5:e6:63:81:72:fa:d8:06:
64:85:0f:fb:0f:5b:a7:44:17:fc:59:57:ba:36:6d:6c:ca:5c:
d3:42:88:2a:ee:50:43:35:be:2b:96:eb:fe:cf:e3:e1:d5:0f:
78:1f:4e:23:19:3b:23:58:33:a0:f7:ea:3c:47:0d:10:d3:53:
71:ff:af:51:51:58:28:87:f8:99:17:99:aa:77:ad:23:7c:17:
b6:44:3e:f2:fc:f0:5c:32:90:13:ef:cf:78:3b:f5:d1:d6:dc:
41:9f:6c:7a:5f:77:26:f8:31:ff:41:e9:39:f5:8c:ef:9f:29:
57:1a:39:3c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUX/3SOoYFjyv7aCbyB9krX0oRK6owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yMzAzMjIxODA4MjNaFw0yNDAzMjAxODEzMjNaMDMxMTAvBgNV
BAMTKEZEQkRCQ0M4RjNENDBBNUY0RTkxMTAxNUNBN0U0NDIxRkFEMTA5NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXNGs3un5YETWYFGsNFFKoeo6i
XYeVLMZ+73fc2h5jzQeLGVmD7YF7ISwZszv6MtgxyG36Ci5wyJ2+lhurh+v4l4vi
DTiFENRxpZ8fcToQyCWTmms65/fl29GhUQ28KzbVa5ieGTDHrSWq9rqWdSbQGMvu
y8xJgLnEiztMqPeqoqZStD6ylih3jd9sFS3Ni2M24nXpucHjDaPDg4EyeXvsp+sz
Z4oXwLmRdghHUf5E1IVRaHVKzSRDoZBkVR5L0c0kBUFp/woRGaGpwopAofQ58Bfe
Q5es7ri8vqENy8Spwco2PQspPHwKmsDlYcD5I04/ZezendlqVyFf7NHhIizfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU/b28yPPUCl9OkRAVyn5EIfrRCVEwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM5MzczNDM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZ45MA0GCSqGSIb3DQEBCwUAA4IBAQAT0SfcYTEhkVfc6WjZBOqrB3bVRl0JMwtV
LiSY1Yf67UwlfxaDDJYXMJnapwI5FceUelgizPYtBmIf/DpQEymquZAnn8pj8s9c
YCy/lCAHAXAVbUpxpPU5oLJddgwkncJMAkjXmRbxMBuQix/GJ5MK3oW7ghDU9q+F
w8/kyX3YU7lUlRnN0mhT1eZjgXL62AZkhQ/7D1unRBf8WVe6Nm1sylzTQogq7lBD
Nb4rluv+z+Ph1Q94H04jGTsjWDOg9+o8Rw0Q01Nx/69RUVgoh/iZF5mqd60jfBe2
RD7y/PBcMpAT7894O/XR1txBn2x6X3cm+DH/Qek59YzvnylXGjk8
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org