Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38342e3133362e302f32332d3234203d3e203432333636.roa
File: 34352e38342e3133362e302f32332d3234203d3e203432333636.roa (raw, json)
Hash identifier: 1BOd123Te2Hr85z+I0JVhw6vv5W7aleLkL4pCxuBXow=
Subject key identifier: D5:2E:61:12:6E:47:4F:B3:D2:D0:E9:3B:BA:F0:6E:B1:98:E3:E0:F8
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 3AB46B0458716A9A886FC127E6AA55FB9B7F6BB1
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38342e3133362e302f32332d3234203d3e203432333636.roa
Signing time: Mon 10 Apr 2023 08:20:47 +0000
ROA not before: Mon 10 Apr 2023 08:15:47 +0000
ROA not after: Mon 08 Apr 2024 08:20:47 +0000
asID: 42366
IP address blocks: 45.84.136.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:b4:6b:04:58:71:6a:9a:88:6f:c1:27:e6:aa:55:fb:9b:7f:6b:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 10 08:15:47 2023 GMT
Not After : Apr 8 08:20:47 2024 GMT
Subject: CN=D52E61126E474FB3D2D0E93BBAF06EB198E3E0F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a8:20:be:d2:9f:33:64:81:56:b9:e7:36:b0:
76:51:5d:76:57:5a:aa:04:c2:fe:48:78:95:e9:60:
53:96:8d:25:3c:74:3e:5b:eb:29:c2:03:e9:39:cb:
d0:ea:59:ad:b5:0f:99:8d:87:33:58:a3:8b:57:82:
72:c3:41:48:d6:fe:70:74:e1:16:fd:0d:70:50:cc:
27:7a:bc:b2:ce:bf:3e:8e:68:b9:3b:21:6b:af:64:
9c:c6:ac:21:47:a7:12:fc:b7:8d:cb:66:4c:7c:dd:
97:ab:d2:4e:71:b1:61:e4:28:c7:39:0e:ee:d1:a2:
3b:8e:19:24:29:96:e6:28:e6:c5:f7:fd:0a:13:95:
60:9a:44:64:87:72:21:12:54:e4:d9:c0:89:44:16:
49:d3:bb:6f:5f:53:60:3e:cb:00:46:77:8e:4a:1c:
60:17:f0:88:9f:57:00:f9:cf:71:50:b4:ee:c4:f6:
d3:43:66:1e:45:c3:5e:5e:81:ee:a4:ff:f5:55:eb:
25:d9:6e:29:69:fc:b7:f2:aa:d2:43:47:3e:26:b3:
7d:22:83:fc:57:e3:cf:55:92:e7:c2:4d:e2:a9:14:
25:49:0c:a0:b5:7b:02:42:10:19:1c:11:89:8f:61:
e8:bd:c9:2a:80:07:a3:b4:21:ec:58:cd:4d:77:79:
44:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:2E:61:12:6E:47:4F:B3:D2:D0:E9:3B:BA:F0:6E:B1:98:E3:E0:F8
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38342e3133362e302f32332d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.136.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:1a:82:24:f2:6e:2b:2e:68:48:28:3f:59:8b:c8:0a:63:f5:
01:70:dd:3a:4d:a4:ca:b5:20:4e:44:4e:67:7f:e0:40:4e:dd:
cd:78:20:6c:42:14:15:de:3e:42:d8:84:f8:4a:39:8c:e5:71:
1a:01:57:2b:5e:de:a5:6a:60:d0:35:95:77:fb:24:bb:da:52:
e0:97:3c:b2:b5:b6:30:18:81:f4:05:9b:58:6a:d6:22:6c:f2:
a8:de:63:a4:4b:b2:38:3f:ab:d3:2d:d5:cc:84:bf:ed:3a:33:
e3:1e:fe:c6:ba:4f:c8:0a:27:52:62:2f:c7:72:68:fe:9b:b3:
bb:09:41:19:74:a0:ac:f2:6b:28:de:e3:c9:bb:6e:86:73:62:
08:96:b9:9e:71:0b:7e:04:8b:a8:90:1c:cb:84:6b:04:65:fe:
d6:8a:7a:ad:e9:ca:cf:12:da:fa:e5:7c:35:1c:3a:5d:a5:2e:
92:3c:a0:40:36:53:25:56:c2:26:3f:8b:9e:1d:e7:75:af:1a:
45:b7:34:a8:d0:d3:cf:07:50:92:bc:62:73:cb:c3:36:d5:6f:
a9:f6:fd:1b:ec:13:13:59:21:9e:25:45:a0:7b:b9:75:ac:8e:
7d:dd:79:6f:37:d9:83:f0:e5:57:2f:6e:56:58:1b:4f:aa:8f:
9f:3b:a5:ed
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUOrRrBFhxapqIb8En5qpV+5t/a7EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yMzA0MTAwODE1NDdaFw0yNDA0MDgwODIwNDdaMDMxMTAvBgNV
BAMTKEQ1MkU2MTEyNkU0NzRGQjNEMkQwRTkzQkJBRjA2RUIxOThFM0UwRjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCqCC+0p8zZIFWuec2sHZRXXZX
WqoEwv5IeJXpYFOWjSU8dD5b6ynCA+k5y9DqWa21D5mNhzNYo4tXgnLDQUjW/nB0
4Rb9DXBQzCd6vLLOvz6OaLk7IWuvZJzGrCFHpxL8t43LZkx83Zer0k5xsWHkKMc5
Du7RojuOGSQpluYo5sX3/QoTlWCaRGSHciESVOTZwIlEFknTu29fU2A+ywBGd45K
HGAX8IifVwD5z3FQtO7E9tNDZh5Fw15ege6k//VV6yXZbilp/LfyqtJDRz4ms30i
g/xX489VkufCTeKpFCVJDKC1ewJCEBkcEYmPYei9ySqAB6O0IexYzU13eURBAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU1S5hEm5HT7PS0Ok7uvBusZjj4PgwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzgzNDJlMzEzMzM2
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzQzMjMzMzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS1U
iDANBgkqhkiG9w0BAQsFAAOCAQEAXhqCJPJuKy5oSCg/WYvICmP1AXDdOk2kyrUg
TkROZ3/gQE7dzXggbEIUFd4+QtiE+Eo5jOVxGgFXK17epWpg0DWVd/sku9pS4Jc8
srW2MBiB9AWbWGrWImzyqN5jpEuyOD+r0y3VzIS/7Toz4x7+xrpPyAonUmIvx3Jo
/puzuwlBGXSgrPJrKN7jybtuhnNiCJa5nnELfgSLqJAcy4RrBGX+1op6renKzxLa
+uV8NRw6XaUukjygQDZTJVbCJj+Lnh3nda8aRbc0qNDTzwdQkrxic8vDNtVvqfb9
G+wTE1khniVFoHu5dayOfd15bzfZg/DlVy9uVlgbT6qPnzul7Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org