Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132302e302f32332d3234203d3e2030.roa
File: 34352e3134312e3132302e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier: mGNqOQF+BLL3mGFu05aJPQ4X8ytW39yrlacQF0LK5xg=
Subject key identifier: 05:B5:97:68:4D:E3:30:4A:AE:FD:91:F3:6A:AB:B2:A2:01:F8:DE:59
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 35F5D897B83AA56D96A7C1586BDBCB21B8838E68
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132302e302f32332d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:07 +0000
ROA not before: Mon 27 Mar 2023 08:22:07 +0000
ROA not after: Mon 25 Mar 2024 08:27:07 +0000
asID: 0
IP address blocks: 45.141.120.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:f5:d8:97:b8:3a:a5:6d:96:a7:c1:58:6b:db:cb:21:b8:83:8e:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 27 08:22:07 2023 GMT
Not After : Mar 25 08:27:07 2024 GMT
Subject: CN=05B597684DE3304AAEFD91F36AABB2A201F8DE59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:3f:db:91:73:a4:db:19:05:ec:39:82:5c:ba:
1e:49:89:38:2a:4f:ba:ae:e4:e2:53:6c:21:90:7e:
07:39:41:c5:9f:a1:42:04:65:a8:c0:d0:9c:5c:40:
29:0d:14:b3:88:29:13:b7:51:73:47:1f:c9:d9:d9:
5d:65:13:4a:bc:ef:3a:e0:72:47:e4:47:99:b2:e0:
0f:19:b0:3b:26:1c:bd:20:53:c0:d7:61:86:09:5d:
cd:03:e6:a6:0b:e8:7c:cf:eb:9a:97:92:48:96:2b:
2f:a8:5e:26:6d:db:88:4f:38:9d:8b:78:3a:77:3d:
b1:cd:b1:cf:39:c4:a9:40:8e:b2:73:f1:2f:69:3f:
af:6f:3d:1d:d1:11:b1:b0:4a:56:79:d3:c6:28:e4:
39:09:bd:2e:ad:f3:f3:87:e4:6f:ba:6c:62:5d:38:
30:79:a5:fb:bf:1a:36:8c:c6:88:f6:32:c0:c5:e0:
ca:b1:cb:83:a4:d6:ed:d7:96:75:a1:4c:07:aa:b1:
5e:57:d7:b2:0d:ac:b8:df:a3:31:af:5d:02:fb:66:
19:ca:e9:7c:bc:ba:ac:c3:74:87:9b:10:23:fa:a7:
4c:de:b3:cd:84:d1:4c:93:78:a2:e1:4f:10:37:4b:
19:b2:23:21:82:37:ad:37:90:45:2d:f2:0d:a0:59:
e5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:B5:97:68:4D:E3:30:4A:AE:FD:91:F3:6A:AB:B2:A2:01:F8:DE:59
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132302e302f32332d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.120.0/23
Signature Algorithm: sha256WithRSAEncryption
46:54:4e:2d:11:4b:5d:cc:de:d8:c7:8b:56:6e:c7:b2:60:24:
0f:4c:b6:17:85:5f:8f:4a:00:b3:3f:38:df:5f:a8:50:8d:18:
eb:be:02:69:9e:ab:55:0b:06:86:20:92:df:5b:78:c4:f4:95:
a5:1e:fc:b0:39:df:64:64:0d:0c:95:93:f9:3e:c8:75:00:a9:
b3:b7:7c:21:18:d1:ad:e5:0a:7c:62:e3:6e:cd:43:62:60:72:
5f:4f:8e:8f:f4:36:b8:4b:4d:2d:03:6a:a3:c4:47:2d:91:2b:
8c:68:fa:a8:5b:c5:0a:07:d6:f9:b4:84:b5:ca:60:00:0f:38:
35:e0:0e:03:e0:57:3a:66:65:82:b1:59:a2:08:da:b7:18:87:
51:9c:86:4f:1d:26:df:e7:f9:9a:ce:b2:ff:9b:40:27:03:09:
7e:c3:de:a9:34:62:00:51:9f:ff:bc:65:c7:ad:35:17:85:96:
24:f2:2f:48:97:50:8b:cd:61:5c:0c:38:2f:93:f0:4a:04:40:
2a:3f:fe:a2:81:c4:d7:a8:c8:b7:9b:27:32:54:2d:cd:7b:4e:
98:c8:23:33:f3:70:29:02:8a:68:d1:4d:c0:6c:09:70:18:a7:
fc:57:60:72:a2:e9:46:18:08:53:dd:1f:42:52:25:ee:29:cc:
56:fa:94:b9
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUNfXYl7g6pW2Wp8FYa9vLIbiDjmgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yMzAzMjcwODIyMDdaFw0yNDAzMjUwODI3MDdaMDMxMTAvBgNV
BAMTKDA1QjU5NzY4NERFMzMwNEFBRUZEOTFGMzZBQUJCMkEyMDFGOERFNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUP9uRc6TbGQXsOYJcuh5JiTgq
T7qu5OJTbCGQfgc5QcWfoUIEZajA0JxcQCkNFLOIKRO3UXNHH8nZ2V1lE0q87zrg
ckfkR5my4A8ZsDsmHL0gU8DXYYYJXc0D5qYL6HzP65qXkkiWKy+oXiZt24hPOJ2L
eDp3PbHNsc85xKlAjrJz8S9pP69vPR3REbGwSlZ508Yo5DkJvS6t8/OH5G+6bGJd
ODB5pfu/GjaMxoj2MsDF4Mqxy4Ok1u3XlnWhTAeqsV5X17INrLjfozGvXQL7ZhnK
6Xy8uqzDdIebECP6p0zes82E0UyTeKLhTxA3SxmyIyGCN603kEUt8g2gWeVpAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUBbWXaE3jMEqu/ZHzaquyogH43lkwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDMxMmUzMTMy
MzAyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS2NeDANBgkq
hkiG9w0BAQsFAAOCAQEARlROLRFLXcze2MeLVm7HsmAkD0y2F4Vfj0oAsz8431+o
UI0Y674CaZ6rVQsGhiCS31t4xPSVpR78sDnfZGQNDJWT+T7IdQCps7d8IRjRreUK
fGLjbs1DYmByX0+Oj/Q2uEtNLQNqo8RHLZErjGj6qFvFCgfW+bSEtcpgAA84NeAO
A+BXOmZlgrFZogjatxiHUZyGTx0m3+f5ms6y/5tAJwMJfsPeqTRiAFGf/7xlx601
F4WWJPIvSJdQi81hXAw4L5PwSgRAKj/+ooHE16jIt5snMlQtzXtOmMgjM/NwKQKK
aNFNwGwJcBin/FdgcqLpRhgIU90fQlIl7inMVvqUuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-fra.rpki-client.org