Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/322e35382e33362e302f32322d3234203d3e203432333636.roa
File: 322e35382e33362e302f32322d3234203d3e203432333636.roa (raw, json)
Hash identifier: ewu90dewtY1FW0V2SH94bBWRKx0q7qvj556HefWXT/4=
Subject key identifier: 76:DC:0F:D4:C3:AD:5E:26:82:0F:FC:8A:5D:A4:10:EF:B1:44:DF:5C
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 48365AD8BC289A7108FBC5CC0ACCAAC945BAE7BB
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/322e35382e33362e302f32322d3234203d3e203432333636.roa
Signing time: Mon 17 Apr 2023 11:24:20 +0000
ROA not before: Mon 17 Apr 2023 11:19:20 +0000
ROA not after: Mon 15 Apr 2024 11:24:20 +0000
asID: 42366
IP address blocks: 2.58.36.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:36:5a:d8:bc:28:9a:71:08:fb:c5:cc:0a:cc:aa:c9:45:ba:e7:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Apr 17 11:19:20 2023 GMT
Not After : Apr 15 11:24:20 2024 GMT
Subject: CN=76DC0FD4C3AD5E26820FFC8A5DA410EFB144DF5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:71:12:95:96:c9:99:e1:09:c4:ba:62:d8:e1:
5e:1d:6d:3f:bd:04:12:2a:f5:46:d3:92:77:2d:70:
1e:3a:9f:20:00:f4:74:d7:f6:71:43:b5:13:eb:cc:
a6:a7:12:d7:4f:45:0b:8e:56:90:61:44:f8:ec:f5:
65:b9:53:c8:a3:4c:50:d1:46:f7:db:a9:65:9e:0b:
82:a3:22:e7:38:ee:ed:e3:4d:c5:ec:18:96:37:ec:
e5:1d:5a:c7:90:22:33:92:ee:83:f2:08:b2:d2:04:
e8:e2:15:c9:e8:95:5b:40:7e:76:58:f2:ae:dd:92:
d9:b4:60:d8:e5:4f:49:8c:21:89:df:ad:79:19:71:
ef:34:7c:3a:8f:00:3e:d8:39:41:22:fd:3b:b2:78:
6d:78:6d:5f:d8:26:68:45:27:23:6e:b1:e5:02:b9:
94:8c:8f:b1:55:0b:4a:c1:3a:4b:83:24:82:38:24:
7a:20:d4:ab:6c:b7:ec:36:19:ac:c5:57:e2:2c:57:
d3:37:1f:8b:26:bb:4b:d0:02:c8:29:28:9e:0f:a1:
64:fc:3e:1f:9a:7b:d1:4e:7a:0c:44:80:21:f8:ba:
5d:c6:fe:e7:11:2d:f2:d2:dc:94:c4:da:f2:8a:04:
c4:39:96:ac:5c:01:f7:f5:64:ca:ba:4b:16:b2:b5:
52:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:DC:0F:D4:C3:AD:5E:26:82:0F:FC:8A:5D:A4:10:EF:B1:44:DF:5C
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/322e35382e33362e302f32322d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.36.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:f8:2b:d4:0a:7e:04:0d:f3:5b:9b:d1:71:78:df:2c:a4:a8:
21:61:cc:75:61:e5:4d:58:3b:fc:58:ac:6e:85:0e:ed:06:a1:
f9:e0:b0:38:ac:ca:88:1c:2e:d5:47:f3:8f:cf:61:a8:8d:a7:
ac:e3:9c:68:2e:f6:e1:1e:97:64:8e:6f:59:eb:8a:0f:e2:c3:
7f:8d:29:27:bd:bf:1c:f0:ad:43:37:01:31:66:b8:ea:5f:b1:
18:8b:32:8e:ed:a8:99:b1:33:a2:a7:fe:35:e6:2c:6c:00:af:
9b:cf:f7:7a:5e:d5:62:56:fe:c5:09:85:34:b9:be:1c:9a:43:
91:84:16:6f:af:c3:33:78:66:94:8a:16:8f:e1:f8:44:7c:fa:
ba:6f:94:f1:9b:ef:88:e9:d9:d1:ee:29:e7:87:a0:f9:3f:79:
4e:a3:49:3a:19:47:0b:88:b4:b8:a8:8f:02:62:ff:d6:9f:91:
0c:43:d4:38:79:b5:ab:c1:df:4d:fc:95:5f:45:8c:03:d8:c7:
7c:9d:d6:79:4e:e7:1d:56:0c:06:7a:5a:95:0f:8a:27:e4:1b:
4f:b9:c2:58:48:b2:66:a4:d2:87:df:cf:ae:12:c5:73:55:a2:
27:50:d4:f6:6d:0c:81:26:f8:97:c0:1e:b0:cd:26:7b:81:10:
77:5b:55:88
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUSDZa2LwomnEI+8XMCsyqyUW657swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzA0MTcxMTE5MjBaFw0yNDA0MTUxMTI0MjBaMDMxMTAvBgNV
BAMTKDc2REMwRkQ0QzNBRDVFMjY4MjBGRkM4QTVEQTQxMEVGQjE0NERGNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvcRKVlsmZ4QnEumLY4V4dbT+9
BBIq9UbTknctcB46nyAA9HTX9nFDtRPrzKanEtdPRQuOVpBhRPjs9WW5U8ijTFDR
RvfbqWWeC4KjIuc47u3jTcXsGJY37OUdWseQIjOS7oPyCLLSBOjiFcnolVtAfnZY
8q7dktm0YNjlT0mMIYnfrXkZce80fDqPAD7YOUEi/TuyeG14bV/YJmhFJyNuseUC
uZSMj7FVC0rBOkuDJII4JHog1Ktst+w2GazFV+IsV9M3H4smu0vQAsgpKJ4PoWT8
Ph+ae9FOegxEgCH4ul3G/ucRLfLS3JTE2vKKBMQ5lqxcAff1ZMq6SxaytVKJAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUdtwP1MOtXiaCD/yKXaQQ77FE31wwHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzIyZTM1MzgyZTMzMzYyZTMw
MmYzMjMyMmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjokMA0G
CSqGSIb3DQEBCwUAA4IBAQAK+CvUCn4EDfNbm9FxeN8spKghYcx1YeVNWDv8WKxu
hQ7tBqH54LA4rMqIHC7VR/OPz2Gojaes45xoLvbhHpdkjm9Z64oP4sN/jSknvb8c
8K1DNwExZrjqX7EYizKO7aiZsTOip/415ixsAK+bz/d6XtViVv7FCYU0ub4cmkOR
hBZvr8MzeGaUihaP4fhEfPq6b5Txm++I6dnR7innh6D5P3lOo0k6GUcLiLS4qI8C
Yv/Wn5EMQ9Q4ebWrwd9N/JVfRYwD2Md8ndZ5TucdVgwGelqVD4on5BtPucJYSLJm
pNKH38+uEsVzVaInUNT2bQyBJviXwB6wzSZ7gRB3W1WI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org