Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132332e302f32342d3234203d3e2030.roa
File: 34352e3134312e3132332e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: mXe1AyqoCpibQMKRgK/Nm/8tclsr4zVBT80rVl3XrLE=
Subject key identifier: 03:79:3B:CD:B8:62:51:DE:0B:D9:16:26:79:09:E6:E3:5C:4E:86:5B
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 296F815E69BB49BF8F7573F91DECC415F45D70E8
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132332e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:07 +0000
ROA not before: Mon 27 Mar 2023 08:22:07 +0000
ROA not after: Mon 25 Mar 2024 08:27:07 +0000
asID: 0
IP address blocks: 45.141.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:6f:81:5e:69:bb:49:bf:8f:75:73:f9:1d:ec:c4:15:f4:5d:70:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 27 08:22:07 2023 GMT
Not After : Mar 25 08:27:07 2024 GMT
Subject: CN=03793BCDB86251DE0BD916267909E6E35C4E865B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:26:94:59:8f:ad:19:8d:0e:02:de:b9:3c:1c:
7b:92:f2:c4:e5:b6:55:ef:46:63:9d:8b:6c:fa:e7:
24:ec:2d:cd:2b:95:30:d3:a9:e7:07:9b:3f:52:f8:
13:95:a7:fc:65:33:70:70:27:71:2a:f1:14:77:94:
ab:e5:c4:35:69:20:85:d4:f9:ef:9d:e6:c4:6e:fa:
e0:ec:e3:7e:e3:fe:c8:93:0a:5b:9c:de:b6:4e:d6:
18:2f:86:99:d6:30:ca:84:b4:ed:35:d6:59:45:d1:
61:11:34:99:7e:9a:1f:68:26:7a:36:da:f9:54:b3:
e9:5a:af:71:37:4f:c7:b1:ca:cb:b4:a9:82:a9:09:
a1:85:15:fa:d6:4b:e4:f7:85:1c:eb:b4:4a:ff:6f:
4a:55:aa:0b:72:47:59:65:cb:c6:ad:a7:7d:84:35:
18:b6:25:ab:4e:11:35:6b:fb:29:bd:54:d6:bd:47:
e5:ac:40:19:8f:e7:cf:34:52:97:51:e8:30:12:4b:
1f:69:05:8e:59:b2:cf:a8:40:b9:25:fd:c6:49:a9:
0f:38:de:14:8a:ac:80:10:b4:51:46:f8:75:06:ba:
a5:45:44:79:34:43:c1:e6:d7:42:fa:e2:87:10:87:
73:4b:ca:a8:94:25:6b:d6:c0:04:06:ca:3c:16:7d:
ae:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:79:3B:CD:B8:62:51:DE:0B:D9:16:26:79:09:E6:E3:5C:4E:86:5B
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132332e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.123.0/24
Signature Algorithm: sha256WithRSAEncryption
46:4f:8c:74:98:80:69:ab:12:14:3e:a4:5c:c6:92:10:00:f9:
20:67:a8:74:cd:a0:2c:c0:0e:c3:e6:41:8f:a6:9f:0d:26:a5:
15:e1:ee:7b:4c:14:18:1a:b1:0d:c7:39:d0:02:58:c1:a5:b4:
7b:19:4f:6c:07:2d:e6:d1:68:81:15:17:3b:76:83:8d:12:2f:
cf:ee:9e:1a:bf:97:bc:83:ce:65:c7:4a:2d:8f:57:0f:96:5b:
ce:29:aa:b6:bc:bd:92:0a:c7:6a:7b:6f:27:21:50:57:46:c1:
2a:f3:e9:5b:1d:d4:3b:e9:82:f5:6d:4d:84:f8:6c:97:34:80:
85:3a:ad:17:b7:6e:6a:ed:0a:4f:3c:1a:2d:cc:79:4c:af:d3:
4f:f2:18:ce:1b:9c:34:a6:f0:5c:34:0d:87:e2:5a:80:9e:fb:
d4:d6:a1:8f:d9:6c:e4:8b:55:23:dc:db:e6:71:cc:02:76:80:
a3:a2:d8:6a:c6:1b:4d:e3:c7:e5:79:ed:1b:dd:b7:c9:d8:cf:
b6:8b:6b:81:9e:10:8e:11:5f:bb:8e:76:38:ff:28:d5:cc:6b:
50:48:04:c8:6d:d2:04:77:28:e9:e7:2c:39:f2:64:26:6a:de:
68:e7:6d:d5:76:58:50:46:63:9b:77:fb:96:d5:1d:d7:7a:c4:
24:2c:4f:18
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUKW+BXmm7Sb+PdXP5HezEFfRdcOgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yMzAzMjcwODIyMDdaFw0yNDAzMjUwODI3MDdaMDMxMTAvBgNV
BAMTKDAzNzkzQkNEQjg2MjUxREUwQkQ5MTYyNjc5MDlFNkUzNUM0RTg2NUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYJpRZj60ZjQ4C3rk8HHuS8sTl
tlXvRmOdi2z65yTsLc0rlTDTqecHmz9S+BOVp/xlM3BwJ3Eq8RR3lKvlxDVpIIXU
+e+d5sRu+uDs437j/siTCluc3rZO1hgvhpnWMMqEtO011llF0WERNJl+mh9oJno2
2vlUs+lar3E3T8exysu0qYKpCaGFFfrWS+T3hRzrtEr/b0pVqgtyR1lly8atp32E
NRi2JatOETVr+ym9VNa9R+WsQBmP5880UpdR6DASSx9pBY5Zss+oQLkl/cZJqQ84
3hSKrIAQtFFG+HUGuqVFRHk0Q8Hm10L64ocQh3NLyqiUJWvWwAQGyjwWfa5LAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUA3k7zbhiUd4L2RYmeQnm41xOhlswHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDMxMmUzMTMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2NezANBgkq
hkiG9w0BAQsFAAOCAQEARk+MdJiAaasSFD6kXMaSEAD5IGeodM2gLMAOw+ZBj6af
DSalFeHue0wUGBqxDcc50AJYwaW0exlPbAct5tFogRUXO3aDjRIvz+6eGr+XvIPO
ZcdKLY9XD5Zbzimqtry9kgrHantvJyFQV0bBKvPpWx3UO+mC9W1NhPhslzSAhTqt
F7duau0KTzwaLcx5TK/TT/IYzhucNKbwXDQNh+JagJ771Nahj9ls5ItVI9zb5nHM
AnaAo6LYasYbTePH5XntG923ydjPtotrgZ4QjhFfu452OP8o1cxrUEgEyG3SBHco
6ecsOfJkJmreaOdt1XZYUEZjm3f7ltUd13rEJCxPGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:12 2024 by rpki-client on console-ams.rpki-client.org