Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3138322e33352e302f32342d3234203d3e203132313839.roa
File: 352e3138322e33352e302f32342d3234203d3e203132313839.roa (raw, json)
Hash identifier: BxQ29vhsfi1oY8jYfJEOXXYvtxHFtFgdWe5YicazfuU=
Subject key identifier: B5:82:99:46:02:A5:20:A6:80:E5:D4:06:44:18:D0:68:3F:0F:15:3D
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 38BDAA1841FF2B6CC93BE8A808DDB36AAC0FEFC9
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3138322e33352e302f32342d3234203d3e203132313839.roa
Signing time: Mon 27 Mar 2023 08:27:04 +0000
ROA not before: Mon 27 Mar 2023 08:22:04 +0000
ROA not after: Mon 25 Mar 2024 08:27:04 +0000
asID: 12189
IP address blocks: 5.182.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:bd:aa:18:41:ff:2b:6c:c9:3b:e8:a8:08:dd:b3:6a:ac:0f:ef:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 27 08:22:04 2023 GMT
Not After : Mar 25 08:27:04 2024 GMT
Subject: CN=B582994602A520A680E5D4064418D0683F0F153D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:64:b8:0e:dc:60:02:7e:d0:f7:cd:61:01:46:
03:ab:e4:68:59:5d:ae:03:f2:b4:b4:8d:28:1c:0d:
04:79:65:c0:c6:88:6a:0c:d7:91:fc:09:65:77:88:
fb:d4:3d:56:12:4e:81:9f:72:14:9f:ea:3c:be:74:
37:0f:ae:f8:6e:e1:97:7c:20:c7:2f:8b:81:a1:87:
fb:cf:1b:90:ec:cf:8a:f9:73:58:9b:a5:0a:d6:31:
1e:b7:0e:80:22:50:bd:38:73:26:6e:a0:47:3e:e6:
38:6e:3e:b7:fe:24:da:f1:15:9e:5f:f4:42:53:42:
8e:ef:e4:77:7e:ef:13:46:6a:98:38:f1:c4:2e:2b:
b8:0e:ba:ad:3f:53:79:29:2b:3a:f1:0e:b9:51:4b:
6f:d1:86:b0:e7:40:cb:cf:de:f3:fe:ae:58:00:35:
46:f1:7c:51:d8:7a:57:7d:aa:0d:a1:a9:2a:5c:e0:
48:4d:54:8b:d7:12:5f:35:57:93:6f:32:09:b2:32:
a3:93:5b:34:92:f5:54:5c:c3:a5:33:d4:b4:82:6c:
ad:63:13:0f:91:e6:46:9d:3b:c7:9b:81:ec:07:fe:
d6:9e:18:e9:8f:90:27:ab:d0:a0:d1:55:3f:1c:a3:
15:c6:3d:9d:e4:94:00:6b:3b:99:9e:b3:3b:ee:12:
47:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:82:99:46:02:A5:20:A6:80:E5:D4:06:44:18:D0:68:3F:0F:15:3D
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3138322e33352e302f32342d3234203d3e203132313839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.35.0/24
Signature Algorithm: sha256WithRSAEncryption
70:86:07:66:6a:57:91:62:cd:b2:df:a8:da:0a:5f:b6:49:51:
81:cd:e2:09:80:ed:2e:64:25:c8:fc:3a:25:32:f3:91:c8:0c:
b4:ed:98:56:3a:75:25:95:9c:b4:41:d7:a8:60:b3:a8:36:6a:
79:b0:a6:4e:9b:3c:87:c5:11:65:bb:21:60:d2:7c:b7:73:8b:
c2:70:60:10:0a:8e:d5:e1:16:f4:ec:e5:ea:c5:71:4d:f4:aa:
c3:86:30:7a:83:53:bc:18:1e:5a:8c:8b:82:b1:22:d4:c3:11:
08:fe:d1:99:95:ba:ba:d4:0e:01:08:06:1b:06:31:fa:84:4f:
84:0c:8e:ce:d5:d0:42:15:2d:75:f7:af:d1:ec:25:01:95:5c:
09:bf:18:4d:3a:a1:1b:81:41:34:30:52:94:17:c3:71:06:e3:
29:82:5f:a4:07:fb:8f:82:2b:b2:82:55:9e:24:83:92:04:d6:
98:d5:ae:28:e0:8b:9e:58:70:8b:f5:d1:0d:17:e0:0d:dd:e1:
78:50:dc:89:f1:49:2a:8f:b1:d7:f6:9d:2e:98:f4:ba:9d:81:
21:52:10:33:a4:00:49:b0:fe:85:cd:60:c9:d4:cd:e0:0a:27:
e3:e9:5e:db:ad:01:e0:28:eb:8b:ac:ae:be:27:81:6b:da:b1:
61:0b:a8:34
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUOL2qGEH/K2zJO+ioCN2zaqwP78kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yMzAzMjcwODIyMDRaFw0yNDAzMjUwODI3MDRaMDMxMTAvBgNV
BAMTKEI1ODI5OTQ2MDJBNTIwQTY4MEU1RDQwNjQ0MThEMDY4M0YwRjE1M0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzZLgO3GACftD3zWEBRgOr5GhZ
Xa4D8rS0jSgcDQR5ZcDGiGoM15H8CWV3iPvUPVYSToGfchSf6jy+dDcPrvhu4Zd8
IMcvi4Ghh/vPG5Dsz4r5c1ibpQrWMR63DoAiUL04cyZuoEc+5jhuPrf+JNrxFZ5f
9EJTQo7v5Hd+7xNGapg48cQuK7gOuq0/U3kpKzrxDrlRS2/RhrDnQMvP3vP+rlgA
NUbxfFHYeld9qg2hqSpc4EhNVIvXEl81V5NvMgmyMqOTWzSS9VRcw6Uz1LSCbK1j
Ew+R5kadO8ebgewH/taeGOmPkCer0KDRVT8coxXGPZ3klABrO5meszvuEkcZAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUtYKZRgKlIKaA5dQGRBjQaD8PFT0wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzUyZTMxMzgzMjJlMzMzNTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzIzMTM4Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAFtiMw
DQYJKoZIhvcNAQELBQADggEBAHCGB2ZqV5FizbLfqNoKX7ZJUYHN4gmA7S5kJcj8
OiUy85HIDLTtmFY6dSWVnLRB16hgs6g2anmwpk6bPIfFEWW7IWDSfLdzi8JwYBAK
jtXhFvTs5erFcU30qsOGMHqDU7wYHlqMi4KxItTDEQj+0ZmVurrUDgEIBhsGMfqE
T4QMjs7V0EIVLXX3r9HsJQGVXAm/GE06oRuBQTQwUpQXw3EG4ymCX6QH+4+CK7KC
VZ4kg5IE1pjVrijgi55YcIv10Q0X4A3d4XhQ3InxSSqPsdf2nS6Y9LqdgSFSEDOk
AEmw/oXNYMnUzeAKJ+PpXtutAeAo64usrr4ngWvasWELqDQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:12 2024 by rpki-client on console-ams.rpki-client.org