Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/34362e3235302e3232342e302f32312d3234203d3e2033333230.roa
File: 34362e3235302e3232342e302f32312d3234203d3e2033333230.roa (raw, json)
Hash identifier: bd34WrWRncrWAbzZzc02rZt7xLVN9PblPFjoHArIdN8=
Subject key identifier: 60:71:2B:45:20:98:CB:B7:36:85:78:6F:40:F7:84:1A:36:D3:47:D4
Certificate issuer: /CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Certificate serial: 73AB09C72735D75747FF688B68E2718A3255D0A8
Authority key identifier: F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/34362e3235302e3232342e302f32312d3234203d3e2033333230.roa
Signing time: Wed 14 Dec 2022 12:23:03 +0000
ROA not before: Wed 14 Dec 2022 12:18:03 +0000
ROA not after: Wed 13 Dec 2023 12:23:03 +0000
asID: 3320
IP address blocks: 46.250.224.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:ab:09:c7:27:35:d7:57:47:ff:68:8b:68:e2:71:8a:32:55:d0:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f29fbab4db867f6bd9a7eff6aa55d98c162e1aad
Validity
Not Before: Dec 14 12:18:03 2022 GMT
Not After : Dec 13 12:23:03 2023 GMT
Subject: CN=60712B452098CBB73685786F40F7841A36D347D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:63:28:30:29:0e:78:99:25:10:40:9d:89:7a:
1a:98:79:32:0b:61:98:f2:fb:e9:e7:c0:81:43:8d:
e9:f1:2d:5a:c1:15:b3:73:50:31:4d:b4:30:ee:3b:
2b:15:2b:9a:88:c6:da:e6:37:96:2a:ab:6d:db:8d:
e8:0e:cd:5a:5a:a1:1f:09:f7:0d:c6:2f:9e:b5:f3:
11:89:c8:3f:5d:86:cf:05:ac:c8:4f:75:18:16:ae:
e2:ec:2e:42:02:94:89:e2:25:22:56:f6:40:9d:b3:
64:98:13:48:8e:2a:e8:a7:b5:33:9c:09:b3:3b:09:
11:fa:7e:ca:30:c0:ed:7c:57:2f:23:d9:0d:1a:96:
16:b9:88:3c:08:e2:fc:39:46:6b:94:b8:01:e6:8d:
53:36:d5:2b:fc:ee:40:e6:43:7e:c3:c2:fa:12:4c:
17:90:79:e1:f9:72:f9:f0:70:c9:81:df:10:46:98:
d4:05:51:22:13:33:e5:da:4f:37:be:6f:39:a5:df:
f2:a1:52:6f:ce:38:34:6f:0f:51:c2:73:f1:b1:4c:
b5:bc:16:e9:0d:d8:b4:2f:3a:44:7d:64:b4:97:89:
19:21:9a:82:e5:4d:1f:cd:10:0a:ef:2b:75:e0:aa:
01:ba:5e:89:79:3a:ae:5f:1d:97:91:01:7a:24:b8:
a5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:71:2B:45:20:98:CB:B7:36:85:78:6F:40:F7:84:1A:36:D3:47:D4
X509v3 Authority Key Identifier:
keyid:F2:9F:BA:B4:DB:86:7F:6B:D9:A7:EF:F6:AA:55:D9:8C:16:2E:1A:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/F29FBAB4DB867F6BD9A7EFF6AA55D98C162E1AAD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8p-6tNuGf2vZp-_2qlXZjBYuGq0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bf52d814-3d2f-4df4-8140-dfb530f74912/0/34362e3235302e3232342e302f32312d3234203d3e2033333230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.250.224.0/21
Signature Algorithm: sha256WithRSAEncryption
d8:0a:c9:62:30:68:2a:52:ab:28:1b:8a:a0:e7:14:d9:7c:1c:
43:c0:80:79:e3:b8:0a:db:a0:98:f2:7e:09:ee:d9:91:00:41:
f4:3e:77:d4:c2:16:a3:e2:ff:59:aa:b8:82:41:ae:c2:fa:68:
19:14:19:e3:8c:63:80:63:7d:c7:cb:d1:f3:c8:3b:5b:a7:2d:
0f:af:fc:0f:17:61:0c:4c:39:09:6e:30:dd:df:96:06:db:97:
55:42:ba:28:12:8a:a7:8c:0a:a4:09:be:12:fe:3e:62:77:9f:
6f:2a:5a:88:46:ab:f7:6e:4c:17:86:01:bc:23:eb:d6:b4:14:
9f:b0:2c:4b:34:12:b3:b7:5b:1b:19:66:6b:54:bb:f0:48:a6:
4e:c4:28:2a:33:b4:84:28:3d:69:a0:ae:64:80:f7:ca:25:b4:
9c:49:4d:60:04:30:7e:c3:97:88:d0:9f:e2:6f:a0:48:79:49:
75:43:55:8a:67:eb:db:55:0e:c9:a7:72:de:37:5c:0a:7c:18:
1f:61:c4:63:50:fa:24:8b:71:74:27:a0:65:d9:86:61:b7:b7:
f5:7c:40:3f:2f:6a:4f:92:64:97:aa:de:ca:2f:81:27:48:3c:
28:7d:23:93:da:a1:b2:9b:04:6a:35:6d:56:9b:84:2a:4d:5c:
5c:8c:f7:8f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUc6sJxyc111dH/2iLaOJxijJV0KgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjI5ZmJhYjRkYjg2N2Y2YmQ5YTdlZmY2YWE1NWQ5OGMx
NjJlMWFhZDAeFw0yMjEyMTQxMjE4MDNaFw0yMzEyMTMxMjIzMDNaMDMxMTAvBgNV
BAMTKDYwNzEyQjQ1MjA5OENCQjczNjg1Nzg2RjQwRjc4NDFBMzZEMzQ3RDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGYygwKQ54mSUQQJ2JehqYeTIL
YZjy++nnwIFDjenxLVrBFbNzUDFNtDDuOysVK5qIxtrmN5Yqq23bjegOzVpaoR8J
9w3GL5618xGJyD9dhs8FrMhPdRgWruLsLkIClIniJSJW9kCds2SYE0iOKuintTOc
CbM7CRH6fsowwO18Vy8j2Q0alha5iDwI4vw5RmuUuAHmjVM21Sv87kDmQ37DwvoS
TBeQeeH5cvnwcMmB3xBGmNQFUSITM+XaTze+bzml3/KhUm/OODRvD1HCc/GxTLW8
FukN2LQvOkR9ZLSXiRkhmoLlTR/NEArvK3XgqgG6Xol5Oq5fHZeRAXokuKXDAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUYHErRSCYy7c2hXhvQPeEGjbTR9QwHwYDVR0j
BBgwFoAU8p+6tNuGf2vZp+/2qlXZjBYuGq0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQtM2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0
OTEyLzAvRjI5RkJBQjREQjg2N0Y2QkQ5QTdFRkY2QUE1NUQ5OEMxNjJFMUFBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhwLTZ0TnVHZjJ2WnAtXzJxbFhaakJZ
dUdxMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYmY1MmQ4MTQt
M2QyZi00ZGY0LTgxNDAtZGZiNTMwZjc0OTEyLzAvMzQzNjJlMzIzNTMwMmUzMjMy
MzQyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzMzMzMzIzMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAy76
4DANBgkqhkiG9w0BAQsFAAOCAQEA2ArJYjBoKlKrKBuKoOcU2XwcQ8CAeeO4Ctug
mPJ+Ce7ZkQBB9D531MIWo+L/Waq4gkGuwvpoGRQZ44xjgGN9x8vR88g7W6ctD6/8
DxdhDEw5CW4w3d+WBtuXVUK6KBKKp4wKpAm+Ev4+YnefbypaiEar925MF4YBvCPr
1rQUn7AsSzQSs7dbGxlma1S78EimTsQoKjO0hCg9aaCuZID3yiW0nElNYAQwfsOX
iNCf4m+gSHlJdUNVimfr21UOyady3jdcCnwYH2HEY1D6JItxdCegZdmGYbe39XxA
Py9qT5Jkl6reyi+BJ0g8KH0jk9qhspsEajVtVpuEKk1cXIz3jw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:18 2024 by rpki-client on console-fra.rpki-client.org