Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3135352e34302e302f32322d3234203d3e203432333636.roa
File: 34352e3135352e34302e302f32322d3234203d3e203432333636.roa (raw, json)
Hash identifier: +6Tr4qfOU7f5Bv9+BIs2lOG44LufKoUK97NILCypDrM=
Subject key identifier: A8:63:4F:1E:FE:DA:EC:69:89:49:FA:6C:A9:58:15:F8:AD:E7:E2:CA
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 3EBC22C64BB95A4D5B76A5DDB1199E566A921744
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3135352e34302e302f32322d3234203d3e203432333636.roa
Signing time: Mon 10 Apr 2023 08:21:24 +0000
ROA not before: Mon 10 Apr 2023 08:16:24 +0000
ROA not after: Mon 08 Apr 2024 08:21:24 +0000
asID: 42366
IP address blocks: 45.155.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:bc:22:c6:4b:b9:5a:4d:5b:76:a5:dd:b1:19:9e:56:6a:92:17:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 10 08:16:24 2023 GMT
Not After : Apr 8 08:21:24 2024 GMT
Subject: CN=A8634F1EFEDAEC698949FA6CA95815F8ADE7E2CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f4:4e:59:6b:6c:fc:68:40:67:fd:d3:40:8c:
fc:7a:0b:36:20:e6:86:4a:b2:a8:30:25:a0:23:e4:
f0:ef:0b:c5:a2:19:b9:9b:ff:9f:5e:34:56:72:03:
f4:45:b7:bf:2e:a7:dd:6a:b3:8c:0b:a0:e2:69:c9:
4c:89:73:43:c2:49:dc:33:30:98:01:8f:d8:f9:ca:
ea:6c:83:7d:21:ae:e7:1e:4e:ba:85:a2:31:91:87:
89:0f:71:e7:cf:19:ed:70:71:33:a7:29:af:43:d4:
bf:88:38:0d:e3:58:a2:fd:d7:04:62:a4:e6:20:20:
b8:7a:5e:b8:96:7b:d8:ef:38:14:17:5e:25:b1:48:
a3:0b:b4:53:8c:a0:f1:22:87:5d:69:a0:e5:f7:dd:
d5:df:ce:9f:10:7a:47:f2:b8:6d:46:0f:70:ad:53:
2f:47:ee:60:0f:38:47:9e:69:c3:13:da:6d:2d:95:
ac:84:90:cc:b8:3a:e8:2e:0d:d8:9f:39:fe:40:65:
14:6d:6d:49:fc:80:25:8e:96:bc:39:8d:dd:cd:1d:
a4:29:d9:f0:12:9e:ac:c8:f5:84:10:22:bd:86:db:
17:b2:94:67:a4:29:a1:80:67:d0:9b:56:36:e1:b5:
c9:52:60:0d:47:0d:85:95:aa:54:b0:62:f9:6e:25:
25:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:63:4F:1E:FE:DA:EC:69:89:49:FA:6C:A9:58:15:F8:AD:E7:E2:CA
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3135352e34302e302f32322d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.40.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:64:80:fa:a4:64:5d:ae:d0:7f:c1:bf:c3:43:78:af:56:45:
dc:ba:2b:da:4f:4d:f1:f5:9e:e2:d1:7b:df:3f:ff:f7:d0:c5:
ec:bc:c0:86:ae:5b:15:a7:f2:3d:9f:e2:17:61:df:fd:ee:d9:
8a:6f:f9:1f:a9:e5:20:eb:bd:a7:29:3a:b0:a3:11:c6:f4:4c:
e3:62:ad:b1:cb:42:c7:a6:eb:18:9a:23:4e:e2:7a:52:a2:7f:
16:74:47:ce:d5:4b:fa:1b:51:16:0d:04:e4:87:fc:c2:f3:f6:
7c:93:a9:71:23:c7:e2:25:74:2f:f2:82:4f:47:a4:36:61:3a:
25:d5:43:37:ab:7e:9b:cf:67:e9:ea:83:43:37:b9:35:53:24:
48:c9:17:0f:dc:94:5f:40:af:45:04:6f:56:bd:de:00:67:8b:
90:c6:5f:cf:54:fb:90:4e:aa:ce:92:40:dc:39:7f:1e:fc:f8:
4a:8e:88:42:b5:25:03:db:f6:25:fc:a3:05:aa:a1:27:6b:aa:
90:7d:2f:a8:a3:a5:02:c2:d3:22:31:e5:57:a3:fb:fe:b5:b8:
b7:cb:18:0f:d0:46:37:59:56:6f:bb:18:5e:c5:45:3c:ad:05:
68:e3:aa:6f:f2:ee:3b:b0:19:c8:68:06:68:37:e9:7f:eb:01:
ca:18:ab:b3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUPrwixku5Wk1bdqXdsRmeVmqSF0QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yMzA0MTAwODE2MjRaFw0yNDA0MDgwODIxMjRaMDMxMTAvBgNV
BAMTKEE4NjM0RjFFRkVEQUVDNjk4OTQ5RkE2Q0E5NTgxNUY4QURFN0UyQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa9E5Za2z8aEBn/dNAjPx6CzYg
5oZKsqgwJaAj5PDvC8WiGbmb/59eNFZyA/RFt78up91qs4wLoOJpyUyJc0PCSdwz
MJgBj9j5yupsg30hruceTrqFojGRh4kPcefPGe1wcTOnKa9D1L+IOA3jWKL91wRi
pOYgILh6XriWe9jvOBQXXiWxSKMLtFOMoPEih11poOX33dXfzp8QekfyuG1GD3Ct
Uy9H7mAPOEeeacMT2m0tlayEkMy4OuguDdifOf5AZRRtbUn8gCWOlrw5jd3NHaQp
2fASnqzI9YQQIr2G2xeylGekKaGAZ9CbVjbhtclSYA1HDYWVqlSwYvluJSXdAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUqGNPHv7a7GmJSfpsqVgV+K3n4sowHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzEzNTM1MmUzNDMw
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzQzMjMzMzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2b
KDANBgkqhkiG9w0BAQsFAAOCAQEAXWSA+qRkXa7Qf8G/w0N4r1ZF3Lor2k9N8fWe
4tF73z//99DF7LzAhq5bFafyPZ/iF2Hf/e7Zim/5H6nlIOu9pyk6sKMRxvRM42Kt
sctCx6brGJojTuJ6UqJ/FnRHztVL+htRFg0E5If8wvP2fJOpcSPH4iV0L/KCT0ek
NmE6JdVDN6t+m89n6eqDQze5NVMkSMkXD9yUX0CvRQRvVr3eAGeLkMZfz1T7kE6q
zpJA3Dl/Hvz4So6IQrUlA9v2JfyjBaqhJ2uqkH0vqKOlAsLTIjHlV6P7/rW4t8sY
D9BGN1lWb7sYXsVFPK0FaOOqb/LuO7AZyGgGaDfpf+sByhirsw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:13 2024 by rpki-client on console-ams.rpki-client.org