Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e36362e3133362e302f32322d3234203d3e2030.roa
File: 34352e36362e3133362e302f32322d3234203d3e2030.roa (raw, json)
Hash identifier: u6DC4tKZSX64AmL1OrAuKppd4OBYbBi4+Kw4jWQmZuI=
Subject key identifier: 84:D5:80:52:A5:22:20:E0:7C:A1:FA:AF:AE:04:32:2E:DD:62:5B:97
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 2CB85D5BBCEBD5B198BA91DC74D610699714BFF6
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e36362e3133362e302f32322d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:56 +0000
ROA not before: Mon 27 Mar 2023 08:22:56 +0000
ROA not after: Mon 25 Mar 2024 08:27:56 +0000
asID: 0
IP address blocks: 45.66.136.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:b8:5d:5b:bc:eb:d5:b1:98:ba:91:dc:74:d6:10:69:97:14:bf:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 27 08:22:56 2023 GMT
Not After : Mar 25 08:27:56 2024 GMT
Subject: CN=84D58052A52220E07CA1FAAFAE04322EDD625B97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:25:07:5c:11:09:47:b1:d3:22:b9:9b:e6:f6:
83:86:4c:f8:0f:08:80:4b:80:8c:e1:1e:a0:f2:17:
f2:1e:7f:8e:fa:c4:8e:49:bb:55:74:85:f2:1c:d0:
fb:0f:9b:b4:84:44:c4:c6:8b:3b:31:ba:9a:df:ef:
50:c9:ec:59:e7:a4:34:79:c8:fb:f6:ac:ff:52:f4:
f4:20:ad:5a:b7:23:1e:0b:69:93:83:31:01:91:69:
bb:ba:ed:2a:29:09:33:01:04:8d:1d:09:d1:8b:ce:
19:fd:13:f2:36:9b:f4:a7:e5:63:bc:35:d2:0e:ce:
71:0f:12:5e:2c:25:ae:92:64:ee:4c:07:47:16:86:
a9:c1:81:ec:5e:50:f0:89:c4:9a:a4:14:62:12:48:
b5:aa:a9:7a:d3:ad:f7:4a:31:e9:89:4f:57:da:b7:
89:ea:f9:19:a3:57:c7:5c:63:cc:ec:88:6c:4b:82:
6f:fa:56:35:88:f6:4e:b7:b2:d7:18:82:a7:95:24:
74:b5:04:98:11:0d:fd:e6:23:f3:6c:ae:ae:d7:b2:
8b:93:d7:f0:8e:c9:cc:a8:db:e8:60:d1:c8:f2:25:
77:6a:f9:88:df:24:8e:cb:b5:74:48:c5:b2:2d:7e:
50:4d:4a:c0:85:e6:86:ba:01:cc:27:17:33:b4:50:
7c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D5:80:52:A5:22:20:E0:7C:A1:FA:AF:AE:04:32:2E:DD:62:5B:97
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e36362e3133362e302f32322d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.136.0/22
Signature Algorithm: sha256WithRSAEncryption
05:74:1e:b1:3b:28:3f:ad:8b:37:84:90:93:63:7e:b0:d5:7e:
10:d5:92:98:d9:4f:39:37:00:76:0f:fe:81:fd:29:0a:38:fd:
48:2d:be:d9:dc:ee:8d:6b:b1:46:84:80:7b:d4:9d:47:71:27:
4a:2d:16:a7:cb:3f:32:f7:80:c5:70:69:26:09:6c:17:e6:60:
10:c5:58:f7:1a:12:b6:95:57:47:57:ed:ef:21:3d:76:42:69:
e8:ba:4b:eb:63:03:a5:64:b5:09:52:ca:38:9e:75:37:7e:3d:
86:7e:1f:62:d7:34:5f:aa:5f:75:d7:48:c7:80:d6:da:8c:a9:
05:4b:7d:9c:d0:19:9f:53:28:dc:05:b7:b0:4b:61:75:ce:cf:
02:63:d8:4d:0e:db:b8:a7:46:6b:3e:36:bf:57:e1:83:f8:3c:
8d:63:ae:c4:a2:47:63:0f:dc:ca:81:e3:0d:29:e0:82:dd:f3:
0c:ee:be:fc:d0:1f:c1:68:9e:b5:ed:82:38:0a:98:16:bb:60:
d4:e8:90:c5:c7:63:68:0a:ea:b6:12:bd:84:92:19:a3:3a:37:
e9:ef:64:7a:10:52:42:07:55:4d:78:e8:bc:23:9a:b2:9e:b0:
bc:17:74:05:41:1c:9c:a4:34:ee:e6:ea:52:37:35:4a:f9:4f:
2f:8c:6f:ea
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIULLhdW7zr1bGYupHcdNYQaZcUv/YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTZaFw0yNDAzMjUwODI3NTZaMDMxMTAvBgNV
BAMTKDg0RDU4MDUyQTUyMjIwRTA3Q0ExRkFBRkFFMDQzMjJFREQ2MjVCOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyJQdcEQlHsdMiuZvm9oOGTPgP
CIBLgIzhHqDyF/Ief476xI5Ju1V0hfIc0PsPm7SERMTGizsxuprf71DJ7FnnpDR5
yPv2rP9S9PQgrVq3Ix4LaZODMQGRabu67SopCTMBBI0dCdGLzhn9E/I2m/Sn5WO8
NdIOznEPEl4sJa6SZO5MB0cWhqnBgexeUPCJxJqkFGISSLWqqXrTrfdKMemJT1fa
t4nq+RmjV8dcY8zsiGxLgm/6VjWI9k63stcYgqeVJHS1BJgRDf3mI/Nsrq7XsouT
1/COycyo2+hg0cjyJXdq+YjfJI7LtXRIxbItflBNSsCF5oa6AcwnFzO0UHwxAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUhNWAUqUiIOB8ofqvrgQyLt1iW5cwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzQzNTJlMzYzNjJlMzEzMzM2
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAItQogwDQYJKoZI
hvcNAQELBQADggEBAAV0HrE7KD+tizeEkJNjfrDVfhDVkpjZTzk3AHYP/oH9KQo4
/Ugtvtnc7o1rsUaEgHvUnUdxJ0otFqfLPzL3gMVwaSYJbBfmYBDFWPcaEraVV0dX
7e8hPXZCaei6S+tjA6VktQlSyjiedTd+PYZ+H2LXNF+qX3XXSMeA1tqMqQVLfZzQ
GZ9TKNwFt7BLYXXOzwJj2E0O27inRms+Nr9X4YP4PI1jrsSiR2MP3MqB4w0p4ILd
8wzuvvzQH8FonrXtgjgKmBa7YNTokMXHY2gK6rYSvYSSGaM6N+nvZHoQUkIHVU14
6LwjmrKesLwXdAVBHJykNO7m6lI3NUr5Ty+Mb+o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:13 2024 by rpki-client on console-ams.rpki-client.org