Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39352e3231342e3131322e302f32322d3234203d3e2030.roa
File: 39352e3231342e3131322e302f32322d3234203d3e2030.roa (raw, json)
Hash identifier: ELE9wBZ7qfRXv0P2PTO0CQXWUyEH3unOCsTeACdWWo4=
Subject key identifier: 74:5F:35:56:50:FB:94:90:01:C7:3F:29:34:23:6F:02:23:A6:12:14
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7FA72D13E778A0FAD13FC0E17AE03339B3A75870
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39352e3231342e3131322e302f32322d3234203d3e2030.roa
Signing time: Fri 20 Oct 2023 13:41:56 +0000
ROA not before: Fri 20 Oct 2023 13:36:56 +0000
ROA not after: Fri 18 Oct 2024 13:41:56 +0000
asID: 0
IP address blocks: 95.214.112.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:a7:2d:13:e7:78:a0:fa:d1:3f:c0:e1:7a:e0:33:39:b3:a7:58:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 20 13:36:56 2023 GMT
Not After : Oct 18 13:41:56 2024 GMT
Subject: CN=745F355650FB949001C73F2934236F0223A61214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:97:d9:a1:13:5e:10:cd:60:c9:38:a9:05:92:
16:fb:b2:59:3a:12:c6:6a:08:6b:0b:f2:29:19:8d:
8c:ff:7e:3e:89:bb:09:cf:fb:d4:f9:4e:ee:1f:75:
22:f0:62:52:ac:64:ee:57:c0:84:75:e5:af:bf:49:
a9:54:0b:2a:ca:dd:9e:ae:53:ed:62:c7:ad:d2:64:
9d:53:f9:b7:ab:78:10:bf:3a:ea:1c:8a:08:b8:49:
f6:a9:b5:29:b6:92:8c:b2:1b:e0:2b:6b:7d:35:61:
4c:56:e1:df:f1:2b:9f:5a:f0:4b:94:8c:5c:64:dc:
1f:be:2b:54:f9:ce:8e:57:a5:59:81:71:05:fb:17:
1d:9f:e6:50:57:5f:38:e8:0e:89:b2:da:a2:d4:79:
f3:79:72:56:e0:16:33:b5:53:6a:b9:46:96:a2:df:
16:6a:f0:96:6d:62:a1:0b:7f:a9:3d:46:13:31:3d:
af:25:0c:6e:3e:43:ee:08:67:18:45:74:1d:a9:8a:
ed:91:c0:8c:32:f2:80:fc:26:e7:0f:90:82:16:52:
28:4c:2d:a0:81:15:67:75:96:00:cf:64:aa:a7:21:
22:92:51:91:ba:3a:c9:a3:40:e1:be:d7:c1:d1:2b:
9e:44:41:35:82:f8:4b:d2:01:13:a4:07:90:95:7f:
2a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:5F:35:56:50:FB:94:90:01:C7:3F:29:34:23:6F:02:23:A6:12:14
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39352e3231342e3131322e302f32322d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.112.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:a5:7c:1a:36:32:9c:12:8e:71:e7:8b:c9:ea:35:b5:0e:fa:
d0:16:3d:09:cd:ab:b7:b0:54:83:60:50:b3:b3:1f:e6:95:e8:
90:cd:c5:f5:e3:a1:af:68:37:3d:47:df:ba:a9:60:68:29:12:
6f:b3:48:8b:1e:45:21:16:ad:b6:e1:96:fd:1f:91:c6:b0:14:
3a:a0:88:c2:94:46:1c:c9:79:50:76:4b:ef:34:7a:73:57:ff:
b2:f9:a6:2f:98:a6:da:e6:23:29:55:b3:7c:96:f7:d8:5b:f9:
f6:1a:40:60:58:eb:1b:c0:97:0a:68:3d:36:ec:50:4a:07:3f:
0f:2b:ca:f7:d7:c0:68:c6:52:d8:1a:d4:4d:7f:9b:90:bd:97:
f0:d2:71:6c:7c:bd:17:44:b2:39:f0:8a:6e:6c:2a:24:bf:56:
ad:be:e3:07:c7:b1:72:07:88:fc:f2:f9:97:c2:ce:22:81:cf:
e0:62:10:12:3a:50:37:46:20:09:02:a4:d6:04:1e:1d:d4:05:
49:89:54:5a:c4:41:7b:73:50:e0:75:da:9c:16:83:9b:61:d0:
a1:6f:25:b5:6f:41:1e:2b:52:48:24:b1:37:58:fd:ed:67:0e:
7f:b4:8a:b4:2b:9d:53:d9:8d:73:11:79:90:ea:1a:3e:38:c8:
82:09:13:bb
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUf6ctE+d4oPrRP8DheuAzObOnWHAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEwMjAxMzM2NTZaFw0yNDEwMTgxMzQxNTZaMDMxMTAvBgNV
BAMTKDc0NUYzNTU2NTBGQjk0OTAwMUM3M0YyOTM0MjM2RjAyMjNBNjEyMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdl9mhE14QzWDJOKkFkhb7slk6
EsZqCGsL8ikZjYz/fj6JuwnP+9T5Tu4fdSLwYlKsZO5XwIR15a+/SalUCyrK3Z6u
U+1ix63SZJ1T+bereBC/Ouocigi4SfaptSm2koyyG+Ara301YUxW4d/xK59a8EuU
jFxk3B++K1T5zo5XpVmBcQX7Fx2f5lBXXzjoDomy2qLUefN5clbgFjO1U2q5Rpai
3xZq8JZtYqELf6k9RhMxPa8lDG4+Q+4IZxhFdB2piu2RwIwy8oD8JucPkIIWUihM
LaCBFWd1lgDPZKqnISKSUZG6OsmjQOG+18HRK55EQTWC+EvSAROkB5CVfyqxAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUdF81VlD7lJABxz8pNCNvAiOmEhQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNTJlMzIzMTM0MmUzMTMx
MzIyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAl/WcDANBgkq
hkiG9w0BAQsFAAOCAQEAnaV8GjYynBKOceeLyeo1tQ760BY9Cc2rt7BUg2BQs7Mf
5pXokM3F9eOhr2g3PUffuqlgaCkSb7NIix5FIRattuGW/R+RxrAUOqCIwpRGHMl5
UHZL7zR6c1f/svmmL5im2uYjKVWzfJb32Fv59hpAYFjrG8CXCmg9NuxQSgc/DyvK
99fAaMZS2BrUTX+bkL2X8NJxbHy9F0SyOfCKbmwqJL9Wrb7jB8excgeI/PL5l8LO
IoHP4GIQEjpQN0YgCQKk1gQeHdQFSYlUWsRBe3NQ4HXanBaDm2HQoW8ltW9BHitS
SCSxN1j97WcOf7SKtCudU9mNcxF5kOoaPjjIggkTuw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:36:34 2025 by rpki-client