Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/34352e38312e35372e302f32342d3234203d3e20383334.roa
File: 34352e38312e35372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: KRgt8OCLUPfp1sUoTN0grfhk77Z+KB6CIAvRblUwArE=
Subject key identifier: 8B:48:92:9C:59:EC:75:04:75:B1:FE:7E:9B:C7:FB:9E:C0:08:52:A1
Certificate issuer: /CN=5da3215abfa4621d57709f838a92801f2e90ddfe
Certificate serial: 074B77E2631822195C776BBF48380E5279C9C08F
Authority key identifier: 5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/34352e38312e35372e302f32342d3234203d3e20383334.roa
Signing time: Mon 10 Apr 2023 15:30:03 +0000
ROA not before: Mon 10 Apr 2023 15:25:03 +0000
ROA not after: Mon 08 Apr 2024 15:30:03 +0000
asID: 834
IP address blocks: 45.81.57.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:4b:77:e2:63:18:22:19:5c:77:6b:bf:48:38:0e:52:79:c9:c0:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da3215abfa4621d57709f838a92801f2e90ddfe
Validity
Not Before: Apr 10 15:25:03 2023 GMT
Not After : Apr 8 15:30:03 2024 GMT
Subject: CN=8B48929C59EC750475B1FE7E9BC7FB9EC00852A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b3:28:e3:7e:25:7d:3f:a3:79:71:65:99:ae:
d6:3c:5d:ad:b0:33:3f:6c:9f:27:ab:bb:ab:fe:36:
5a:f2:5b:d4:eb:80:d8:01:b2:9a:ce:b1:70:5a:a5:
5a:18:26:6f:df:f1:ee:ea:47:a6:b3:77:2f:bf:bd:
4e:a2:6e:03:d8:25:40:f6:35:46:79:e0:fd:94:c2:
e0:d5:c1:07:8d:bf:2f:2e:b3:54:f7:96:e0:17:2d:
60:8a:29:24:c1:0e:4d:a9:4c:53:22:f2:cd:70:bf:
19:eb:75:8c:16:24:c7:28:a9:c9:a4:d7:99:26:a5:
b5:2e:0f:22:49:de:6b:8b:55:30:7d:e1:41:e9:c6:
33:fb:32:a0:4a:4a:f8:79:04:f6:2c:69:45:20:22:
10:fc:df:66:9c:e7:24:85:9c:f4:d9:69:43:fd:60:
1a:b7:8b:3c:61:03:12:da:66:24:f7:88:2b:fe:9f:
53:66:91:63:8e:70:5c:48:d6:9b:5f:80:17:7a:a8:
46:9e:5b:82:96:49:91:d4:c8:e7:c1:c9:07:f9:bb:
b9:bd:50:dc:2e:9c:18:71:04:2d:23:42:07:7d:22:
f0:42:01:27:0c:97:e7:d9:ce:d5:dc:84:ad:a2:25:
7f:9a:0a:d8:39:de:40:80:a0:c0:6a:cf:cf:0e:b4:
b0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:48:92:9C:59:EC:75:04:75:B1:FE:7E:9B:C7:FB:9E:C0:08:52:A1
X509v3 Authority Key Identifier:
keyid:5D:A3:21:5A:BF:A4:62:1D:57:70:9F:83:8A:92:80:1F:2E:90:DD:FE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/5DA3215ABFA4621D57709F838A92801F2E90DDFE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaMhWr-kYh1XcJ-DipKAHy6Q3f4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf24567b-7a74-4c1f-aa85-dd24af73ccbb/0/34352e38312e35372e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.57.0/24
Signature Algorithm: sha256WithRSAEncryption
74:cb:8b:70:52:ec:8b:cb:9f:2d:20:cd:5d:36:38:4e:41:d5:
6b:a8:ee:6f:cb:54:6c:76:5f:ce:1c:aa:06:de:38:de:8c:58:
43:eb:6b:f5:88:cb:3f:87:63:e3:00:ed:cb:64:72:89:10:07:
08:20:5b:24:14:8b:16:ce:45:ce:53:50:8d:2c:db:ea:39:ec:
94:6f:6f:d6:77:21:48:57:3c:0e:18:23:3d:88:a9:d3:4d:e6:
fd:1a:0f:d2:30:02:14:7d:a9:78:0f:90:30:c0:be:8b:08:a3:
44:e9:be:d5:e7:ae:62:f3:1b:5b:46:cd:42:7c:7f:49:02:96:
bb:44:68:be:bc:03:32:10:1d:c4:e1:f2:f2:01:e6:ee:46:dc:
9e:b8:97:bd:1e:c2:b2:e5:e0:5c:e9:ff:df:39:f0:8c:29:6c:
83:5c:89:4c:5e:c2:1e:8a:a2:60:d9:af:36:aa:6a:24:d8:7b:
ba:33:98:f9:03:8d:6e:86:66:db:d2:ac:58:fe:48:62:bc:03:
a6:2f:56:79:83:74:46:2c:6f:1a:37:8f:29:f2:8f:8e:a6:29:
04:f7:93:f1:66:e9:b9:c0:49:57:dd:e1:03:da:e2:5a:2c:2d:
59:b0:07:52:cc:e5:56:19:45:b6:a8:44:be:31:e6:5b:2e:29:
e8:32:8c:91
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUB0t34mMYIhlcd2u/SDgOUnnJwI8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWRhMzIxNWFiZmE0NjIxZDU3NzA5ZjgzOGE5MjgwMWYy
ZTkwZGRmZTAeFw0yMzA0MTAxNTI1MDNaFw0yNDA0MDgxNTMwMDNaMDMxMTAvBgNV
BAMTKDhCNDg5MjlDNTlFQzc1MDQ3NUIxRkU3RTlCQzdGQjlFQzAwODUyQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgsyjjfiV9P6N5cWWZrtY8Xa2w
Mz9snyeru6v+NlryW9TrgNgBsprOsXBapVoYJm/f8e7qR6azdy+/vU6ibgPYJUD2
NUZ54P2UwuDVwQeNvy8us1T3luAXLWCKKSTBDk2pTFMi8s1wvxnrdYwWJMcoqcmk
15kmpbUuDyJJ3muLVTB94UHpxjP7MqBKSvh5BPYsaUUgIhD832ac5ySFnPTZaUP9
YBq3izxhAxLaZiT3iCv+n1NmkWOOcFxI1ptfgBd6qEaeW4KWSZHUyOfByQf5u7m9
UNwunBhxBC0jQgd9IvBCAScMl+fZztXchK2iJX+aCtg53kCAoMBqz88OtLDLAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUi0iSnFnsdQR1sf5+m8f7nsAIUqEwHwYDVR0j
BBgwFoAUXaMhWr+kYh1XcJ+DipKAHy6Q3f4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmYyNDU2N2ItN2E3NC00YzFmLWFhODUtZGQyNGFmNzNj
Y2JiLzAvNURBMzIxNUFCRkE0NjIxRDU3NzA5RjgzOEE5MjgwMUYyRTkwRERGRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hhTWhXci1rWWgxWGNKLURpcEtBSHk2
UTNmNC5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmYyNDU2N2It
N2E3NC00YzFmLWFhODUtZGQyNGFmNzNjY2JiLzAvMzQzNTJlMzgzMTJlMzUzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1ROTANBgkq
hkiG9w0BAQsFAAOCAQEAdMuLcFLsi8ufLSDNXTY4TkHVa6jub8tUbHZfzhyqBt44
3oxYQ+tr9YjLP4dj4wDty2RyiRAHCCBbJBSLFs5FzlNQjSzb6jnslG9v1nchSFc8
DhgjPYip003m/RoP0jACFH2peA+QMMC+iwijROm+1eeuYvMbW0bNQnx/SQKWu0Ro
vrwDMhAdxOHy8gHm7kbcnriXvR7CsuXgXOn/3znwjClsg1yJTF7CHoqiYNmvNqpq
JNh7ujOY+QONboZm29KsWP5IYrwDpi9WeYN0RixvGjePKfKPjqYpBPeT8WbpucBJ
V93hA9riWiwtWbAHUszlVhlFtqhEvjHmWy4p6DKMkQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:18 2024 by rpki-client on console-fra.rpki-client.org