Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e31302e3135392e302f32342d3234203d3e20323039333731.roa
File: 34352e31302e3135392e302f32342d3234203d3e20323039333731.roa (raw, json)
Hash identifier: 8vsIHWeB21IwiWnAGz1GJJfJVWnzSC0lS67SA5DajjI=
Subject key identifier: DF:37:95:74:91:CA:1B:18:1D:29:E2:D2:5A:CE:14:BA:6B:92:AC:2A
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 0FC2B645EB7604B1C6D991500FFC2C1513561B2F
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e31302e3135392e302f32342d3234203d3e20323039333731.roa
Signing time: Mon 27 Mar 2023 08:28:07 +0000
ROA not before: Mon 27 Mar 2023 08:23:07 +0000
ROA not after: Mon 25 Mar 2024 08:28:07 +0000
asID: 209371
IP address blocks: 45.10.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:c2:b6:45:eb:76:04:b1:c6:d9:91:50:0f:fc:2c:15:13:56:1b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Mar 27 08:23:07 2023 GMT
Not After : Mar 25 08:28:07 2024 GMT
Subject: CN=DF37957491CA1B181D29E2D25ACE14BA6B92AC2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ff:2f:01:fc:40:b7:37:e1:cd:f6:d5:c8:84:
0a:e3:3b:1f:78:df:87:b8:43:71:79:5c:94:3f:31:
eb:70:7b:1e:96:fd:57:9e:7e:ec:23:0f:f1:a2:7a:
59:b3:e0:25:be:bb:a9:09:ab:8f:e4:39:17:e1:e1:
10:8d:f9:63:f6:2d:e5:65:b5:fb:20:75:25:c1:e3:
19:9c:c2:e8:42:4c:98:52:0e:d4:52:18:11:7a:65:
0e:73:59:e7:fa:dd:2c:be:6c:ad:f3:f5:eb:6c:ce:
70:fb:94:6b:80:bb:6a:57:cf:97:43:dc:40:6b:86:
3e:74:ac:c6:77:f4:08:45:07:bb:f3:d5:69:d3:d9:
43:90:66:9f:cf:e2:ec:bf:80:d7:77:a6:be:c1:4b:
65:19:14:04:d1:2d:7b:ec:fc:4e:43:84:73:0e:17:
ba:38:02:6f:0f:d4:52:8d:f3:87:33:b3:b5:d3:64:
21:5a:31:a4:21:7a:44:a4:2f:ee:c7:4d:19:e0:7b:
b6:d6:cb:aa:13:cc:fb:e8:92:09:c5:9e:9c:1a:bf:
36:f2:06:ef:77:cb:e3:81:18:2b:ac:a0:c0:c4:f3:
53:b4:0d:ac:37:f6:9c:26:c3:ea:75:fd:61:1c:1f:
95:54:d2:60:01:b6:7e:25:25:35:2c:09:61:07:80:
f1:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:37:95:74:91:CA:1B:18:1D:29:E2:D2:5A:CE:14:BA:6B:92:AC:2A
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e31302e3135392e302f32342d3234203d3e20323039333731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.159.0/24
Signature Algorithm: sha256WithRSAEncryption
22:f1:8f:cb:5c:49:dc:2e:68:df:70:a7:51:fb:ec:ac:d3:6b:
a6:92:e9:4e:10:8c:9b:0c:3f:9d:cf:75:58:cf:45:26:04:7d:
9a:f4:9d:08:1c:40:3d:c9:8d:1a:bc:31:5e:33:cb:70:b9:6a:
56:b5:09:31:8a:4e:ca:52:dc:55:46:e3:25:53:46:52:cd:97:
16:20:f8:f9:55:a0:df:e2:09:2d:60:06:ca:c8:8c:85:65:2a:
5c:d5:50:b3:9d:a4:9e:f8:93:e4:1a:09:ae:69:40:de:fd:ee:
46:19:0a:3b:3f:d6:7f:8a:e8:fc:fd:05:6f:17:0d:ab:1f:d0:
d0:02:6b:82:fc:4e:3e:a0:6a:b4:f7:aa:5d:fe:65:87:8f:d7:
ae:88:de:e4:32:51:3f:98:80:9b:88:4e:de:a6:11:d0:c3:91:
34:f8:6b:3a:8b:7c:eb:04:58:a4:a2:56:54:07:66:74:72:a2:
61:9e:37:17:24:11:40:ff:0b:02:72:a4:f7:ae:31:bd:c5:99:
3e:b9:ee:36:7c:d2:07:58:86:80:21:cd:fb:34:ee:84:20:55:
11:cb:84:6d:49:f6:fe:4a:e6:c8:16:2b:70:e2:ae:9e:ed:bd:
cf:40:b1:d6:ce:86:1d:5b:34:15:29:9e:e4:e0:35:6c:95:4b:
e8:d4:bf:3d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUD8K2Ret2BLHG2ZFQD/wsFRNWGy8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzAzMjcwODIzMDdaFw0yNDAzMjUwODI4MDdaMDMxMTAvBgNV
BAMTKERGMzc5NTc0OTFDQTFCMTgxRDI5RTJEMjVBQ0UxNEJBNkI5MkFDMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF/y8B/EC3N+HN9tXIhArjOx94
34e4Q3F5XJQ/Metwex6W/VeefuwjD/Gielmz4CW+u6kJq4/kORfh4RCN+WP2LeVl
tfsgdSXB4xmcwuhCTJhSDtRSGBF6ZQ5zWef63Sy+bK3z9etsznD7lGuAu2pXz5dD
3EBrhj50rMZ39AhFB7vz1WnT2UOQZp/P4uy/gNd3pr7BS2UZFATRLXvs/E5DhHMO
F7o4Am8P1FKN84czs7XTZCFaMaQhekSkL+7HTRnge7bWy6oTzPvokgnFnpwavzby
Bu93y+OBGCusoMDE81O0Daw39pwmw+p1/WEcH5VU0mABtn4lJTUsCWEHgPG3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU3zeVdJHKGxgdKeLSWs4UumuSrCowHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzQzNTJlMzEzMDJlMzEzNTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM5MzMzNzMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LQqfMA0GCSqGSIb3DQEBCwUAA4IBAQAi8Y/LXEncLmjfcKdR++ys02umkulOEIyb
DD+dz3VYz0UmBH2a9J0IHEA9yY0avDFeM8twuWpWtQkxik7KUtxVRuMlU0ZSzZcW
IPj5VaDf4gktYAbKyIyFZSpc1VCznaSe+JPkGgmuaUDe/e5GGQo7P9Z/iuj8/QVv
Fw2rH9DQAmuC/E4+oGq096pd/mWHj9euiN7kMlE/mICbiE7ephHQw5E0+Gs6i3zr
BFikolZUB2Z0cqJhnjcXJBFA/wsCcqT3rjG9xZk+ue42fNIHWIaAIc37NO6EIFUR
y4RtSfb+SubIFitw4q6e7b3PQLHWzoYdWzQVKZ7k4DVslUvo1L89
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org