Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e39312e302f32342d3234203d3e203434363835.roa
File: 34352e31342e39312e302f32342d3234203d3e203434363835.roa (raw, json)
Hash identifier: HgjVgRM1c4kfKMBzXvO7CnvpK0yUTheN+ELlYv7QGdQ=
Subject key identifier: 5B:0E:2A:0C:E9:D4:74:33:DB:D2:C5:5F:88:9E:FC:35:DE:64:E4:52
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 586127A0777B3F432411D147506099443AA4EAC6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e39312e302f32342d3234203d3e203434363835.roa
Signing time: Mon 27 Mar 2023 08:28:20 +0000
ROA not before: Mon 27 Mar 2023 08:23:20 +0000
ROA not after: Mon 25 Mar 2024 08:28:20 +0000
asID: 44685
IP address blocks: 45.14.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:61:27:a0:77:7b:3f:43:24:11:d1:47:50:60:99:44:3a:a4:ea:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 27 08:23:20 2023 GMT
Not After : Mar 25 08:28:20 2024 GMT
Subject: CN=5B0E2A0CE9D47433DBD2C55F889EFC35DE64E452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c8:37:47:e2:9f:22:34:cf:22:41:bb:a5:9a:
31:8b:db:8c:f5:6d:ca:66:58:04:c5:69:96:c2:e9:
69:3c:01:0e:94:c5:85:52:cb:3a:ae:24:a5:73:b5:
ee:de:69:84:21:01:e0:89:af:36:e8:be:58:0b:f4:
0b:6f:12:50:20:6d:92:8f:c4:33:92:44:52:ff:da:
f8:4b:fa:89:9c:c9:f8:99:25:59:24:d7:58:6d:d9:
d5:bc:d5:75:bb:7a:df:91:37:ec:be:61:76:5b:4b:
d5:04:cc:77:61:f0:34:d4:0a:ea:86:e9:96:fd:65:
d8:ec:7d:35:d5:44:41:6f:5d:f5:9a:37:e5:53:1e:
91:75:14:af:82:78:4b:21:e2:3e:c2:31:65:60:aa:
d8:26:ab:e1:52:85:fc:d8:a4:29:35:1c:84:9c:b5:
3a:cb:d9:38:4c:16:8b:e6:95:5d:04:4d:b7:1f:d9:
b2:54:1f:6f:38:8b:fd:51:a9:3e:51:3c:7e:ac:26:
16:7a:8b:b2:79:3a:a3:68:bb:1a:1c:00:dd:65:ef:
de:0b:19:58:d5:60:7d:a3:a5:13:a1:f2:55:2f:06:
6d:3c:f4:9a:f8:fb:d2:88:38:50:de:4f:66:4f:aa:
0f:55:30:00:f0:15:ee:62:33:11:ba:72:65:a8:36:
fa:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:0E:2A:0C:E9:D4:74:33:DB:D2:C5:5F:88:9E:FC:35:DE:64:E4:52
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e31342e39312e302f32342d3234203d3e203434363835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.91.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:96:c4:a3:a1:ee:e4:21:88:77:19:0d:30:2e:3c:c8:4c:2d:
ec:5c:56:ae:6c:54:8b:44:53:5e:f1:10:85:25:5f:14:c1:83:
b5:b9:0b:3c:46:f7:21:0c:c9:ab:7d:ef:ef:c9:53:72:33:fd:
ef:2b:29:a6:d9:89:a1:dc:aa:c0:bc:3e:03:eb:91:a7:20:8a:
0b:53:10:2d:f4:1b:bd:cc:3d:73:22:de:2c:5d:0f:d2:89:e5:
5b:2d:13:86:19:ad:7b:b5:2b:6e:03:82:ff:94:f1:d3:67:96:
d2:24:e7:b1:81:3a:f5:42:a6:24:cc:bd:f2:aa:96:28:c6:88:
8b:e1:cd:92:65:a8:df:5d:d1:91:9d:4c:51:46:e4:d8:71:85:
d2:6f:70:83:2d:f5:64:99:08:12:8c:6a:db:a7:fa:1b:74:fc:
ed:e0:2b:f7:ef:0e:7a:02:d4:bb:24:d9:e8:cc:3e:47:3b:5e:
1b:be:60:76:c7:69:d5:cf:90:72:00:09:af:d9:99:8e:b6:e5:
fa:ba:a3:36:8e:98:b2:d8:0f:57:73:90:a3:3e:a6:62:37:96:
eb:2d:d1:b6:19:15:65:31:ef:4c:d8:78:23:5d:84:cb:cb:f1:
ff:0e:28:60:ca:77:15:17:4b:e4:6d:60:6c:65:fb:4a:b7:d0:
31:5b:49:76
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUWGEnoHd7P0MkEdFHUGCZRDqk6sYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzAzMjcwODIzMjBaFw0yNDAzMjUwODI4MjBaMDMxMTAvBgNV
BAMTKDVCMEUyQTBDRTlENDc0MzNEQkQyQzU1Rjg4OUVGQzM1REU2NEU0NTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDByDdH4p8iNM8iQbulmjGL24z1
bcpmWATFaZbC6Wk8AQ6UxYVSyzquJKVzte7eaYQhAeCJrzbovlgL9AtvElAgbZKP
xDOSRFL/2vhL+omcyfiZJVkk11ht2dW81XW7et+RN+y+YXZbS9UEzHdh8DTUCuqG
6Zb9ZdjsfTXVREFvXfWaN+VTHpF1FK+CeEsh4j7CMWVgqtgmq+FShfzYpCk1HISc
tTrL2ThMFovmlV0ETbcf2bJUH284i/1RqT5RPH6sJhZ6i7J5OqNouxocAN1l794L
GVjVYH2jpROh8lUvBm089Jr4+9KIOFDeT2ZPqg9VMADwFe5iMxG6cmWoNvp5AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUWw4qDOnUdDPb0sVfiJ78Nd5k5FIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzEzNDJlMzkzMTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzQzNjM4MzUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtDlsw
DQYJKoZIhvcNAQELBQADggEBAJuWxKOh7uQhiHcZDTAuPMhMLexcVq5sVItEU17x
EIUlXxTBg7W5CzxG9yEMyat97+/JU3Iz/e8rKabZiaHcqsC8PgPrkacgigtTEC30
G73MPXMi3ixdD9KJ5VstE4YZrXu1K24Dgv+U8dNnltIk57GBOvVCpiTMvfKqlijG
iIvhzZJlqN9d0ZGdTFFG5NhxhdJvcIMt9WSZCBKMatun+ht0/O3gK/fvDnoC1Lsk
2ejMPkc7Xhu+YHbHadXPkHIACa/ZmY625fq6ozaOmLLYD1dzkKM+pmI3lust0bYZ
FWUx70zYeCNdhMvL8f8OKGDKdxUXS+RtYGxl+0q30DFbSXY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org