Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e36362e3133362e302f32322d3234203d3e203432333636.roa
File: 34352e36362e3133362e302f32322d3234203d3e203432333636.roa (raw, json)
Hash identifier: untA/srB5i+yMrPqgc16mHeTbksTfwVGEOCg0W3gu5s=
Subject key identifier: AC:3A:1A:44:2F:41:01:F6:E3:3C:FD:21:5C:63:E5:9C:16:8D:CD:AD
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 69D5E1CA7D209F2178091E6A7A0011268BB23E4E
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e36362e3133362e302f32322d3234203d3e203432333636.roa
Signing time: Fri 31 Mar 2023 12:19:29 +0000
ROA not before: Fri 31 Mar 2023 12:14:29 +0000
ROA not after: Fri 29 Mar 2024 12:19:29 +0000
asID: 42366
IP address blocks: 45.66.136.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:d5:e1:ca:7d:20:9f:21:78:09:1e:6a:7a:00:11:26:8b:b2:3e:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 31 12:14:29 2023 GMT
Not After : Mar 29 12:19:29 2024 GMT
Subject: CN=AC3A1A442F4101F6E33CFD215C63E59C168DCDAD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5d:69:67:1e:58:8d:91:b8:44:e1:d2:fd:e1:
85:51:8a:ca:0d:c2:5e:f6:00:1b:fd:27:c4:5e:01:
b3:1c:c5:ad:63:43:b2:1f:0a:c0:f4:12:ef:70:c0:
f0:33:b6:2a:46:ad:d6:e8:35:20:50:c3:66:76:6d:
52:7b:7d:b5:59:f2:ae:0a:4e:03:7d:ff:e1:e5:50:
a6:79:f0:e2:15:e1:0c:36:4c:2a:9e:11:07:9b:20:
52:a4:05:17:26:e2:ec:12:fc:94:0a:01:c9:d8:17:
4d:ce:85:b1:0d:c3:03:d8:b8:6a:1c:02:b2:02:af:
7b:a5:2a:b0:4e:82:89:c4:9d:7e:fd:ac:15:35:d0:
54:42:d1:45:d1:db:f9:25:6d:36:c2:66:80:11:63:
fe:1d:b4:2b:12:fa:e3:e8:de:9f:ac:4a:0b:14:6d:
9a:17:6f:d6:ce:20:8c:ce:d1:0d:d7:1b:e5:24:90:
ea:2c:3c:54:43:a1:4a:b4:45:0d:f6:48:89:ae:d8:
61:aa:d3:12:1c:ca:a0:25:c6:63:90:f8:fd:2b:9c:
fe:35:17:a7:4a:22:56:3d:bc:2b:31:af:9a:a0:9f:
a6:e6:3e:1e:ed:d2:d7:43:62:f1:b3:c2:4e:59:49:
ca:ba:22:57:d7:c0:d2:63:f1:90:e4:17:83:0f:4f:
2a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:3A:1A:44:2F:41:01:F6:E3:3C:FD:21:5C:63:E5:9C:16:8D:CD:AD
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/34352e36362e3133362e302f32322d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.136.0/22
Signature Algorithm: sha256WithRSAEncryption
95:0f:0c:64:f3:78:9a:73:bb:a5:9f:9d:ce:43:ba:19:b1:23:
d1:29:f1:e2:dd:85:f6:22:07:3e:75:b1:9a:f2:a2:a5:c5:3a:
97:86:9e:7b:d8:ad:86:91:8e:26:26:8d:3a:3a:6c:31:2d:62:
8d:5a:94:43:9a:40:f9:b4:10:75:16:04:14:25:78:67:89:60:
d8:77:17:fc:82:a6:4f:f4:ce:91:7c:28:81:d9:44:03:49:7d:
88:12:b6:05:a5:fd:4f:0d:29:4d:80:4d:48:4b:d6:a9:32:a0:
ff:63:1c:e8:35:58:d7:f8:a2:37:c7:44:5a:4d:0c:b4:0d:c9:
8c:71:a7:f0:2f:bd:37:2b:91:3b:dd:5b:c4:8c:2a:5f:b0:7b:
cc:69:e0:b3:88:38:11:bd:63:d4:16:e1:11:8c:86:6b:4d:dc:
21:76:70:95:2e:6c:ed:3c:06:85:a2:3f:e5:b6:6c:0b:ce:d4:
a7:d9:17:97:73:39:47:50:35:a2:b6:c8:a0:c1:f5:95:9d:ec:
cd:cb:ab:6d:e9:7d:b4:c8:e4:36:ef:51:95:53:b3:bf:00:5c:
28:75:4c:df:a3:f6:cd:6b:04:87:e7:42:64:5f:5c:ae:11:35:
08:b5:05:df:28:60:fb:0e:2b:ed:4d:ec:ff:2e:4e:6a:0b:13:
d3:a7:04:2c
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUadXhyn0gnyF4CR5qegARJouyPk4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMzExMjE0MjlaFw0yNDAzMjkxMjE5MjlaMDMxMTAvBgNV
BAMTKEFDM0ExQTQ0MkY0MTAxRjZFMzNDRkQyMTVDNjNFNTlDMTY4RENEQUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrXWlnHliNkbhE4dL94YVRisoN
wl72ABv9J8ReAbMcxa1jQ7IfCsD0Eu9wwPAztipGrdboNSBQw2Z2bVJ7fbVZ8q4K
TgN9/+HlUKZ58OIV4Qw2TCqeEQebIFKkBRcm4uwS/JQKAcnYF03OhbENwwPYuGoc
ArICr3ulKrBOgonEnX79rBU10FRC0UXR2/klbTbCZoARY/4dtCsS+uPo3p+sSgsU
bZoXb9bOIIzO0Q3XG+UkkOosPFRDoUq0RQ32SImu2GGq0xIcyqAlxmOQ+P0rnP41
F6dKIlY9vCsxr5qgn6bmPh7t0tdDYvGzwk5ZScq6IlfXwNJj8ZDkF4MPTyqzAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUrDoaRC9BAfbjPP0hXGPlnBaNza0wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzQzNTJlMzYzNjJlMzEzMzM2
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzQzMjMzMzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1C
iDANBgkqhkiG9w0BAQsFAAOCAQEAlQ8MZPN4mnO7pZ+dzkO6GbEj0Snx4t2F9iIH
PnWxmvKipcU6l4aee9ithpGOJiaNOjpsMS1ijVqUQ5pA+bQQdRYEFCV4Z4lg2HcX
/IKmT/TOkXwogdlEA0l9iBK2BaX9Tw0pTYBNSEvWqTKg/2Mc6DVY1/iiN8dEWk0M
tA3JjHGn8C+9NyuRO91bxIwqX7B7zGngs4g4Eb1j1BbhEYyGa03cIXZwlS5s7TwG
haI/5bZsC87Up9kXl3M5R1A1orbIoMH1lZ3szcurbel9tMjkNu9RlVOzvwBcKHVM
36P2zWsEh+dCZF9crhE1CLUF3yhg+w4r7U3s/y5OagsT06cELA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org