Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/352e3235322e3134302e302f32322d3234203d3e203432333636.roa
File: 352e3235322e3134302e302f32322d3234203d3e203432333636.roa (raw, json)
Hash identifier: i9N3CBdLHPUd4+mAT+Ap7jF5hLrXYsJmIMeysFlJ44g=
Subject key identifier: 51:24:34:17:79:CD:EB:A1:48:2A:FC:54:BF:67:05:0A:16:65:91:4A
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 0BAE8F439999D655B92951965601E98CDA7259E0
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/352e3235322e3134302e302f32322d3234203d3e203432333636.roa
Signing time: Fri 31 Mar 2023 12:19:22 +0000
ROA not before: Fri 31 Mar 2023 12:14:22 +0000
ROA not after: Fri 29 Mar 2024 12:19:22 +0000
asID: 42366
IP address blocks: 5.252.140.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:ae:8f:43:99:99:d6:55:b9:29:51:96:56:01:e9:8c:da:72:59:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 31 12:14:22 2023 GMT
Not After : Mar 29 12:19:22 2024 GMT
Subject: CN=5124341779CDEBA1482AFC54BF67050A1665914A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7f:aa:eb:14:81:21:07:55:cd:f5:76:9c:50:
d1:c9:39:02:3f:1c:71:ee:04:ef:46:14:de:95:c3:
4a:ca:7a:81:aa:6e:0c:cc:7f:98:5d:75:08:73:06:
2f:1d:1c:2f:b2:81:43:1c:39:04:8e:41:ed:38:80:
63:bc:44:ea:02:ca:54:7d:ff:be:ed:dd:8b:72:f3:
5e:ad:4c:59:33:6f:a0:df:a2:f8:ca:f7:05:74:5a:
a5:74:a2:19:b5:99:44:5e:8c:ff:66:0d:e1:b5:31:
39:f8:f8:18:9e:25:93:2a:78:94:b0:68:7b:35:10:
ae:f7:b6:d6:a0:66:08:3b:55:20:ad:4e:94:0f:64:
5c:ad:ec:95:1f:9e:38:ca:5e:22:5e:7c:65:93:ae:
e7:49:30:0e:30:c3:7a:6d:b6:36:55:0d:39:e2:ef:
4d:a7:9e:22:ac:e0:52:15:df:d7:da:e4:8c:1a:66:
cb:06:ee:9a:f7:aa:2a:70:ab:98:f8:79:01:5b:28:
e4:5c:24:72:17:43:25:52:cc:31:16:a3:de:25:ee:
b1:34:b6:61:5e:0e:e2:d1:75:dc:02:4f:23:aa:28:
c9:3c:f5:dc:c4:7c:0d:32:90:7d:72:f9:92:4e:d7:
6b:d0:02:a4:b5:06:25:19:30:fd:0a:a0:39:8b:2e:
ad:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:24:34:17:79:CD:EB:A1:48:2A:FC:54:BF:67:05:0A:16:65:91:4A
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/352e3235322e3134302e302f32322d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.140.0/22
Signature Algorithm: sha256WithRSAEncryption
79:26:3c:61:c9:0f:2b:6a:15:87:bd:aa:88:e5:d6:cf:53:92:
ee:29:52:9c:87:c8:27:dc:70:c6:af:6a:73:16:56:54:06:d7:
ab:98:24:44:18:f1:6d:3f:93:ed:de:f5:43:5d:f2:b9:a4:de:
0a:af:56:3a:04:d1:99:2e:f6:24:96:38:29:da:1a:9f:53:e2:
93:43:e9:79:17:20:81:03:79:6b:76:c7:73:63:85:16:32:4b:
40:9f:01:c5:89:22:ac:d3:72:7c:10:a1:ab:78:02:02:17:4a:
17:6f:15:16:41:7d:5f:cb:97:a8:3a:95:9b:79:7e:b2:91:00:
6c:86:c7:e1:0f:4d:f1:31:93:da:55:1b:f3:0f:2c:cf:6f:9f:
70:8f:d0:fd:96:73:5a:60:32:d9:3a:40:12:bb:a9:48:57:15:
71:0d:50:c5:d8:df:cb:ec:a5:e8:3a:1f:6f:b2:42:ed:d3:92:
82:75:fa:3c:3a:31:32:4c:fe:b1:8f:a6:a1:3c:1b:e3:74:53:
90:4c:0a:e5:13:71:bd:a5:db:d2:7c:a3:3e:0a:f7:57:2a:ad:
2e:a2:c1:af:e8:da:de:af:46:90:55:1c:b1:c7:a2:de:bf:53:
98:08:d5:df:b9:c0:98:db:cd:42:6c:ef:7e:ef:ea:0b:b1:56:
f4:52:e8:fc
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUC66PQ5mZ1lW5KVGWVgHpjNpyWeAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMzExMjE0MjJaFw0yNDAzMjkxMjE5MjJaMDMxMTAvBgNV
BAMTKDUxMjQzNDE3NzlDREVCQTE0ODJBRkM1NEJGNjcwNTBBMTY2NTkxNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCff6rrFIEhB1XN9XacUNHJOQI/
HHHuBO9GFN6Vw0rKeoGqbgzMf5hddQhzBi8dHC+ygUMcOQSOQe04gGO8ROoCylR9
/77t3Yty816tTFkzb6DfovjK9wV0WqV0ohm1mURejP9mDeG1MTn4+BieJZMqeJSw
aHs1EK73ttagZgg7VSCtTpQPZFyt7JUfnjjKXiJefGWTrudJMA4ww3pttjZVDTni
702nniKs4FIV39fa5IwaZssG7pr3qipwq5j4eQFbKORcJHIXQyVSzDEWo94l7rE0
tmFeDuLRddwCTyOqKMk89dzEfA0ykH1y+ZJO12vQAqS1BiUZMP0KoDmLLq2fAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUUSQ0F3nN66FIKvxUv2cFChZlkUowHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzUyZTMyMzUzMjJlMzEzNDMw
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzQzMjMzMzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgX8
jDANBgkqhkiG9w0BAQsFAAOCAQEAeSY8YckPK2oVh72qiOXWz1OS7ilSnIfIJ9xw
xq9qcxZWVAbXq5gkRBjxbT+T7d71Q13yuaTeCq9WOgTRmS72JJY4Kdoan1Pik0Pp
eRcggQN5a3bHc2OFFjJLQJ8BxYkirNNyfBChq3gCAhdKF28VFkF9X8uXqDqVm3l+
spEAbIbH4Q9N8TGT2lUb8w8sz2+fcI/Q/ZZzWmAy2TpAErupSFcVcQ1Qxdjfy+yl
6Dofb7JC7dOSgnX6PDoxMkz+sY+moTwb43RTkEwK5RNxvaXb0nyjPgr3VyqtLqLB
r+ja3q9GkFUcscei3r9TmAjV37nAmNvNQmzvfu/qC7FW9FLo/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:13 2024 by rpki-client on console-ams.rpki-client.org