Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/352e3235332e3233322e302f32322d3234203d3e2030.roa
File: 352e3235332e3233322e302f32322d3234203d3e2030.roa (raw, json)
Hash identifier: djlZqyeWaOGNcOR55oxNl2TWX7tA/IWzWspBx9ghhXg=
Subject key identifier: 5C:6E:6F:E9:74:9C:9D:ED:48:B3:5B:03:97:66:DF:44:FA:01:7C:CE
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 0DAA0CA10F8D60DC4984CD2A124641CB769ECC7F
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/352e3235332e3233322e302f32322d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:28:16 +0000
ROA not before: Mon 27 Mar 2023 08:23:16 +0000
ROA not after: Mon 25 Mar 2024 08:28:16 +0000
asID: 0
IP address blocks: 5.253.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:aa:0c:a1:0f:8d:60:dc:49:84:cd:2a:12:46:41:cb:76:9e:cc:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Mar 27 08:23:16 2023 GMT
Not After : Mar 25 08:28:16 2024 GMT
Subject: CN=5C6E6FE9749C9DED48B35B039766DF44FA017CCE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:49:3c:b7:81:63:7a:37:bf:c0:86:b6:c7:ec:
65:c1:77:6c:13:33:2a:ff:72:7d:25:9d:01:9b:dc:
95:e6:39:ce:33:e0:b5:44:d4:de:73:ae:af:26:72:
db:6b:38:86:39:85:2d:5e:d7:39:3b:75:55:1d:fe:
74:4d:a0:c7:a4:42:61:ad:6e:cd:de:05:87:af:26:
00:c8:2e:ef:62:59:18:5b:b2:f3:69:10:7c:c4:0e:
31:8f:d8:17:d9:25:0d:32:2e:6e:6f:d2:09:f1:99:
ee:41:8d:af:c5:cd:fe:8c:82:6f:60:66:b4:66:eb:
e2:86:54:e5:9d:0a:be:ba:c2:d6:37:f1:8d:90:a6:
b6:12:ef:7f:10:98:08:90:da:04:7f:4f:ba:46:d2:
a9:a7:fb:f0:17:85:d4:8a:71:7d:65:65:9b:c9:0b:
49:58:4d:34:47:12:78:6d:52:ee:d7:63:22:34:d1:
c0:40:2a:46:ae:e9:ae:28:c9:13:f7:ed:cb:a3:35:
e4:aa:63:22:5c:51:28:33:9a:32:39:3f:6f:b2:9e:
ac:d4:9e:9e:8b:fd:02:df:d3:ff:74:24:54:83:1a:
53:c2:8b:9f:3c:93:b5:45:85:38:b9:90:31:5b:d5:
73:6f:4a:17:2e:b8:d0:bb:57:bd:ae:c3:1e:88:9b:
47:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:6E:6F:E9:74:9C:9D:ED:48:B3:5B:03:97:66:DF:44:FA:01:7C:CE
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/352e3235332e3233322e302f32322d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.232.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:c7:6d:68:5a:f7:1c:fe:fd:74:15:ff:b9:2d:0d:f1:13:84:
20:25:9a:3f:10:f7:b6:03:7d:93:63:92:38:ce:dc:84:59:4a:
84:10:f4:b3:2e:88:bf:62:4d:00:14:de:e5:75:b9:2c:6c:19:
70:83:c2:9d:73:b3:35:2c:f6:c0:a2:f1:fc:24:2c:6c:19:0d:
48:00:7a:c7:6f:f1:f9:f9:47:03:9b:73:3b:19:4a:7e:dd:8b:
e7:2d:31:22:bd:71:6a:46:63:3d:b8:59:89:ed:0b:9c:bd:d5:
ab:6f:3d:ba:05:c7:fe:a9:76:16:56:9e:f9:75:8c:39:0a:db:
1c:46:6f:f5:ba:3c:a1:c3:10:75:53:38:01:bb:e1:9c:58:aa:
c8:a3:04:69:69:8c:d5:ec:13:5d:f1:70:ab:41:e6:fa:71:7b:
c0:97:ba:29:7a:79:2c:f3:70:d4:44:64:50:ab:59:3d:c5:ba:
aa:58:9e:d1:97:e9:56:af:c5:4f:80:e1:52:e8:3f:44:77:6f:
31:4a:c3:0a:77:d6:4c:f4:23:60:81:f2:39:79:67:c7:52:6a:
74:1a:6f:a0:7f:de:9a:c6:0e:54:dc:17:41:9e:19:93:50:76:
3f:f7:d0:23:87:29:23:8c:f1:e1:85:0b:12:1d:02:ad:32:69:
d6:c4:46:fc
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUDaoMoQ+NYNxJhM0qEkZBy3aezH8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yMzAzMjcwODIzMTZaFw0yNDAzMjUwODI4MTZaMDMxMTAvBgNV
BAMTKDVDNkU2RkU5NzQ5QzlERUQ0OEIzNUIwMzk3NjZERjQ0RkEwMTdDQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRSTy3gWN6N7/AhrbH7GXBd2wT
Myr/cn0lnQGb3JXmOc4z4LVE1N5zrq8mcttrOIY5hS1e1zk7dVUd/nRNoMekQmGt
bs3eBYevJgDILu9iWRhbsvNpEHzEDjGP2BfZJQ0yLm5v0gnxme5Bja/Fzf6Mgm9g
ZrRm6+KGVOWdCr66wtY38Y2QprYS738QmAiQ2gR/T7pG0qmn+/AXhdSKcX1lZZvJ
C0lYTTRHEnhtUu7XYyI00cBAKkau6a4oyRP37cujNeSqYyJcUSgzmjI5P2+ynqzU
np6L/QLf0/90JFSDGlPCi588k7VFhTi5kDFb1XNvShcuuNC7V72uwx6Im0d5AgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUXG5v6XScne1Is1sDl2bfRPoBfM4wHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzUyZTMyMzUzMzJlMzIzMzMy
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIF/egwDQYJKoZI
hvcNAQELBQADggEBABzHbWha9xz+/XQV/7ktDfEThCAlmj8Q97YDfZNjkjjO3IRZ
SoQQ9LMuiL9iTQAU3uV1uSxsGXCDwp1zszUs9sCi8fwkLGwZDUgAesdv8fn5RwOb
czsZSn7di+ctMSK9cWpGYz24WYntC5y91atvPboFx/6pdhZWnvl1jDkK2xxGb/W6
PKHDEHVTOAG74ZxYqsijBGlpjNXsE13xcKtB5vpxe8CXuil6eSzzcNREZFCrWT3F
uqpYntGX6VavxU+A4VLoP0R3bzFKwwp31kz0I2CB8jl5Z8dSanQab6B/3prGDlTc
F0GeGZNQdj/30COHKSOM8eGFCxIdAq0yadbERvw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org