Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e39302e3132302e302f32322d3234203d3e2030.roa
File: 34352e39302e3132302e302f32322d3234203d3e2030.roa (raw, json)
Hash identifier: Ng2C9hypidTRigyq61W38b6NCdc60PKgyuvIk4MAcM4=
Subject key identifier: A6:5F:21:70:BC:77:EA:72:3B:35:32:9B:0D:56:41:72:FD:BF:5F:1A
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 4B8457B1EA33C880FFCDCDF2FCA9DE746173C9E6
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e39302e3132302e302f32322d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:10 +0000
ROA not before: Mon 27 Mar 2023 08:22:10 +0000
ROA not after: Mon 25 Mar 2024 08:27:10 +0000
asID: 0
IP address blocks: 45.90.120.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:84:57:b1:ea:33:c8:80:ff:cd:cd:f2:fc:a9:de:74:61:73:c9:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 27 08:22:10 2023 GMT
Not After : Mar 25 08:27:10 2024 GMT
Subject: CN=A65F2170BC77EA723B35329B0D564172FDBF5F1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b1:17:53:6a:44:07:fa:27:7a:08:12:43:34:
d7:f6:5d:ad:64:85:ab:9c:f5:a5:29:6d:7e:09:d7:
44:49:5f:21:36:3b:fa:e2:d0:a6:46:aa:86:9c:98:
18:0d:d7:fd:51:77:d2:94:6b:0f:ee:8d:8d:1d:91:
b8:ae:81:34:13:71:08:57:26:5e:b6:eb:fc:51:db:
ab:a0:80:85:5b:6e:75:05:dd:cb:9a:13:90:78:6d:
e0:62:61:44:27:65:92:26:a9:f1:9d:6a:b9:c8:18:
f5:14:7c:74:93:31:1e:e6:d6:ef:3d:a5:da:b8:d6:
27:23:f9:96:26:bb:e5:4a:95:0a:8a:80:dc:39:59:
a5:e8:25:08:a6:fd:12:e0:87:20:ff:d9:c6:fe:ca:
90:d6:a7:37:c2:40:c0:21:52:60:cc:b0:d8:45:53:
4d:96:1f:9a:1e:ac:5e:85:c0:59:4f:52:87:9d:4f:
4d:96:72:90:28:07:16:6d:b5:c0:cd:b7:00:aa:f3:
d9:b4:1a:0b:32:1f:cb:6e:2d:ca:c9:97:97:50:d4:
a6:c9:8a:0c:d7:9e:10:57:de:2b:d2:24:13:22:35:
46:3f:93:63:2b:4c:e2:fd:27:43:1d:d2:c6:70:c1:
ee:fc:dd:bc:df:c4:47:78:ed:1c:e3:26:36:40:27:
eb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:5F:21:70:BC:77:EA:72:3B:35:32:9B:0D:56:41:72:FD:BF:5F:1A
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e39302e3132302e302f32322d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.120.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:5c:5a:b1:d6:a4:23:0f:1e:45:56:82:8d:0f:62:bc:18:a6:
06:b4:27:2b:04:12:62:d0:0d:ca:eb:d4:3d:de:28:16:04:f5:
6a:42:1e:71:2f:66:bc:79:18:d9:42:fa:a5:d8:aa:f7:06:5b:
ce:e9:6d:c7:cb:af:22:42:45:e2:20:0c:0c:82:39:d8:e2:61:
a5:98:2e:59:59:b9:05:c0:90:08:42:97:f3:31:74:1b:78:2c:
4d:c4:ba:e3:d7:15:72:e2:94:3b:a2:d2:99:90:55:de:55:70:
34:e2:f9:c5:01:00:67:4b:42:7d:65:76:e0:1b:df:54:fa:cd:
67:e4:8f:aa:93:5e:54:e8:e3:4c:6e:42:87:ba:ac:3e:f6:83:
8a:54:93:a6:c6:32:fd:38:9f:30:c6:67:01:ff:8e:e2:9a:68:
ca:d5:2e:b2:1e:70:a6:cb:b6:4d:45:99:81:f1:f8:c4:4a:6e:
44:40:43:12:94:99:db:9e:35:4f:e3:4e:c3:62:44:dc:14:37:
88:ef:4c:b8:a5:81:d6:6b:cf:97:8c:ff:87:4a:e3:93:19:22:
60:49:2e:a7:4c:6d:21:e5:4a:84:f7:03:ce:8c:f5:17:10:aa:
6a:44:33:b2:3a:27:a4:19:8d:0e:f8:28:63:93:7b:f5:90:5f:
96:60:54:eb
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUS4RXseozyID/zc3y/KnedGFzyeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yMzAzMjcwODIyMTBaFw0yNDAzMjUwODI3MTBaMDMxMTAvBgNV
BAMTKEE2NUYyMTcwQkM3N0VBNzIzQjM1MzI5QjBENTY0MTcyRkRCRjVGMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLsRdTakQH+id6CBJDNNf2Xa1k
hauc9aUpbX4J10RJXyE2O/ri0KZGqoacmBgN1/1Rd9KUaw/ujY0dkbiugTQTcQhX
Jl626/xR26uggIVbbnUF3cuaE5B4beBiYUQnZZImqfGdarnIGPUUfHSTMR7m1u89
pdq41icj+ZYmu+VKlQqKgNw5WaXoJQim/RLghyD/2cb+ypDWpzfCQMAhUmDMsNhF
U02WH5oerF6FwFlPUoedT02WcpAoBxZttcDNtwCq89m0GgsyH8tuLcrJl5dQ1KbJ
igzXnhBX3ivSJBMiNUY/k2MrTOL9J0Md0sZwwe783bzfxEd47RzjJjZAJ+urAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUpl8hcLx36nI7NTKbDVZBcv2/XxowHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzkzMDJlMzEzMjMw
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAItWngwDQYJKoZI
hvcNAQELBQADggEBAAtcWrHWpCMPHkVWgo0PYrwYpga0JysEEmLQDcrr1D3eKBYE
9WpCHnEvZrx5GNlC+qXYqvcGW87pbcfLryJCReIgDAyCOdjiYaWYLllZuQXAkAhC
l/MxdBt4LE3EuuPXFXLilDui0pmQVd5VcDTi+cUBAGdLQn1lduAb31T6zWfkj6qT
XlTo40xuQoe6rD72g4pUk6bGMv04nzDGZwH/juKaaMrVLrIecKbLtk1FmYHx+MRK
bkRAQxKUmdueNU/jTsNiRNwUN4jvTLilgdZrz5eM/4dK45MZImBJLqdMbSHlSoT3
A86M9RcQqmpEM7I6J6QZjQ74KGOTe/WQX5ZgVOs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:12 2024 by rpki-client on console-ams.rpki-client.org