Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133362e31362e302f32342d3234203d3e203235303938.roa
File: 34352e3133362e31362e302f32342d3234203d3e203235303938.roa (raw, json)
Hash identifier: ZxbTLg6eHbx/FpHayrecPZPwWwmk8t3IrcPhjDhjAHs=
Subject key identifier: 96:42:8B:0B:92:A0:34:E9:C5:8A:50:E1:7C:C6:5F:38:92:DE:C0:3F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2E11DA313B84AD192F46D4917153752CBA59F961
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133362e31362e302f32342d3234203d3e203235303938.roa
Signing time: Mon 27 Mar 2023 08:28:58 +0000
ROA not before: Mon 27 Mar 2023 08:23:58 +0000
ROA not after: Mon 25 Mar 2024 08:28:58 +0000
asID: 25098
IP address blocks: 45.136.16.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:11:da:31:3b:84:ad:19:2f:46:d4:91:71:53:75:2c:ba:59:f9:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 27 08:23:58 2023 GMT
Not After : Mar 25 08:28:58 2024 GMT
Subject: CN=96428B0B92A034E9C58A50E17CC65F3892DEC03F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:10:86:b3:6b:8a:30:e7:70:7f:87:3a:bc:99:
f9:5f:d3:f3:35:5f:75:b7:60:4b:76:be:1d:0b:11:
da:bc:3d:f5:23:b9:06:50:16:2a:be:e3:c7:99:ea:
11:65:e4:94:c2:11:68:ce:d5:00:95:62:e5:95:ab:
c3:71:b8:fd:0c:9f:c4:76:12:84:11:61:5b:78:9e:
87:10:38:d9:9d:f7:b2:2a:df:27:27:35:c9:b1:8b:
c9:71:fc:ff:13:63:a5:53:f6:6c:0b:b3:64:66:5a:
32:63:88:76:ed:4f:6a:71:23:b5:77:1e:8a:16:b7:
10:a4:dd:82:32:48:93:75:52:ff:5d:61:49:79:2d:
3e:81:86:70:f4:06:38:a1:35:7f:fa:77:d6:c7:2e:
d2:42:fc:ff:b6:5a:03:a9:d6:da:4b:1b:78:d4:81:
fe:c3:3d:54:53:e3:d4:29:4d:ca:09:a1:34:86:7b:
41:58:ee:cb:d6:ae:b8:29:4a:ab:49:40:a4:15:6d:
21:0a:9f:ff:d4:d7:6c:42:cf:14:6d:5b:d8:12:25:
df:fd:e3:bf:34:53:ad:9a:70:cb:b5:7f:99:fb:22:
3d:fe:e3:6c:78:d2:04:af:5f:87:8f:1a:05:f9:b5:
ec:6b:ff:ce:a3:a8:35:a6:b4:e5:bb:0c:f0:93:51:
3d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:42:8B:0B:92:A0:34:E9:C5:8A:50:E1:7C:C6:5F:38:92:DE:C0:3F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e3133362e31362e302f32342d3234203d3e203235303938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.16.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:17:69:50:7e:bf:74:2a:1a:5a:6e:f1:a3:eb:0b:a3:9e:4f:
f8:96:c1:20:eb:d7:bc:cc:a0:99:e6:4d:57:d4:3a:04:67:02:
20:e0:59:e8:cf:30:d5:38:50:ad:2c:8a:f0:05:08:4d:53:ca:
13:ea:08:74:4d:36:aa:f0:2d:fd:9b:bd:10:3e:e3:a2:7d:32:
33:80:72:b3:ba:8d:68:d8:9c:d9:59:ee:fa:e1:13:82:42:2b:
04:e4:5d:06:a9:0e:1c:e9:0c:fc:35:cb:42:ff:87:e7:72:21:
95:c6:50:0c:00:aa:2b:40:3c:b5:da:a9:06:17:ca:bd:0e:62:
09:dd:e4:b3:7e:c4:fa:cb:22:1f:4d:9a:67:87:26:9f:7f:57:
31:c4:be:91:26:cf:b4:4e:27:95:04:ba:9b:b8:b5:3f:8c:06:
a6:9b:52:99:91:66:9d:2c:85:80:8b:7b:c5:e2:dc:a2:84:2f:
f5:07:48:4f:57:a6:ff:95:fc:ad:06:3d:9a:46:6e:c3:fc:9a:
9f:e1:1c:54:93:64:4b:a3:ec:d4:d7:4f:54:67:0f:e9:b3:d4:
e3:02:b4:91:a6:de:44:3f:ee:0b:b8:04:82:d6:16:f8:0c:1f:
27:ec:f7:ad:a5:96:19:95:c0:83:43:66:46:b1:2e:12:b6:d6:
0b:85:0b:31
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIULhHaMTuErRkvRtSRcVN1LLpZ+WEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzAzMjcwODIzNThaFw0yNDAzMjUwODI4NThaMDMxMTAvBgNV
BAMTKDk2NDI4QjBCOTJBMDM0RTlDNThBNTBFMTdDQzY1RjM4OTJERUMwM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdEIaza4ow53B/hzq8mflf0/M1
X3W3YEt2vh0LEdq8PfUjuQZQFiq+48eZ6hFl5JTCEWjO1QCVYuWVq8NxuP0Mn8R2
EoQRYVt4nocQONmd97Iq3ycnNcmxi8lx/P8TY6VT9mwLs2RmWjJjiHbtT2pxI7V3
HooWtxCk3YIySJN1Uv9dYUl5LT6BhnD0BjihNX/6d9bHLtJC/P+2WgOp1tpLG3jU
gf7DPVRT49QpTcoJoTSGe0FY7svWrrgpSqtJQKQVbSEKn//U12xCzxRtW9gSJd/9
4780U62acMu1f5n7Ij3+42x40gSvX4ePGgX5texr/86jqDWmtOW7DPCTUT2hAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUlkKLC5KgNOnFilDhfMZfOJLewD8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzMzM2MmUzMTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNTMwMzkzOC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2I
EDANBgkqhkiG9w0BAQsFAAOCAQEAnBdpUH6/dCoaWm7xo+sLo55P+JbBIOvXvMyg
meZNV9Q6BGcCIOBZ6M8w1ThQrSyK8AUITVPKE+oIdE02qvAt/Zu9ED7jon0yM4By
s7qNaNic2Vnu+uETgkIrBORdBqkOHOkM/DXLQv+H53IhlcZQDACqK0A8tdqpBhfK
vQ5iCd3ks37E+ssiH02aZ4cmn39XMcS+kSbPtE4nlQS6m7i1P4wGpptSmZFmnSyF
gIt7xeLcooQv9QdIT1em/5X8rQY9mkZuw/yan+EcVJNkS6Ps1NdPVGcP6bPU4wK0
kabeRD/uC7gEgtYW+AwfJ+z3raWWGZXAg0NmRrEuErbWC4ULMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org