Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38312e32322e33372e302f32342d3234203d3e203432333636.roa
File: 38312e32322e33372e302f32342d3234203d3e203432333636.roa (raw, json)
Hash identifier: XSne+KwjWospDw9tpNUni4VLjUWl0XrRTq15vDfj8tU=
Subject key identifier: C4:08:70:D8:37:EF:E8:B6:93:4E:35:11:A7:FC:D3:DB:8C:19:EE:9E
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 56EF3951FB1550A56395E2CF87856C3B25C29016
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38312e32322e33372e302f32342d3234203d3e203432333636.roa
Signing time: Fri 31 Mar 2023 12:17:18 +0000
ROA not before: Fri 31 Mar 2023 12:12:18 +0000
ROA not after: Fri 29 Mar 2024 12:17:18 +0000
asID: 42366
IP address blocks: 81.22.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:ef:39:51:fb:15:50:a5:63:95:e2:cf:87:85:6c:3b:25:c2:90:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 31 12:12:18 2023 GMT
Not After : Mar 29 12:17:18 2024 GMT
Subject: CN=C40870D837EFE8B6934E3511A7FCD3DB8C19EE9E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e8:44:95:83:5e:8f:7c:28:fc:e5:e7:24:38:
50:4a:d7:d8:39:90:7d:89:f1:a0:99:a9:dd:5f:5e:
9a:2a:a9:30:1e:31:93:fd:dc:9c:90:64:9f:fd:c2:
20:25:13:47:29:8c:42:fa:72:79:40:cf:c2:db:53:
d2:5b:0e:d9:ec:fe:e7:12:d9:f7:14:98:5b:f6:bc:
84:05:89:c6:5a:4b:a5:44:9b:7b:8b:a6:2c:4e:3f:
9e:7e:18:f1:59:a5:cb:7f:81:e6:e4:35:7a:c1:c5:
aa:18:b8:cb:d2:4c:b7:45:45:4d:9b:b1:30:de:6e:
7e:cd:f1:f6:c2:78:c4:25:9a:e2:ec:24:5d:74:1c:
5e:8e:99:68:30:4e:31:10:44:14:46:56:da:1e:46:
1b:69:6b:a2:70:88:37:cd:79:bb:93:79:a7:6a:c7:
3e:f1:18:29:b1:46:ae:74:be:00:61:f8:fb:2f:4e:
ee:85:f9:d1:08:3d:48:36:43:11:05:0d:5e:de:af:
cf:aa:f9:e1:01:69:96:30:ed:66:bc:33:8a:52:e4:
b0:53:ac:97:77:3d:d9:7c:db:3c:50:2e:c0:bf:b6:
10:6e:2b:ee:62:30:24:9a:db:dc:fc:a6:02:ae:29:
03:ef:04:7e:98:d7:a6:cf:d6:c8:32:b3:c4:91:a1:
60:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:08:70:D8:37:EF:E8:B6:93:4E:35:11:A7:FC:D3:DB:8C:19:EE:9E
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38312e32322e33372e302f32342d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.37.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:e5:a3:25:b3:57:61:91:9b:ab:55:92:93:25:62:82:9b:8a:
01:9f:c5:4d:74:82:27:09:08:4a:b5:fe:85:d6:69:3c:e8:8d:
7b:3d:f8:bf:c9:1f:b0:3d:44:bf:ce:33:1b:da:52:e8:22:c6:
0c:d7:a2:75:65:df:07:e4:c0:cc:7c:29:a4:b0:3c:ad:a5:c5:
ca:83:4f:d9:be:cb:39:3c:44:74:24:21:00:27:f2:6b:b0:9e:
51:f8:b5:85:08:b7:6d:87:66:0f:9a:eb:5c:26:65:40:63:58:
64:a3:3f:b9:da:ca:5f:cf:55:7d:5d:5d:43:5d:51:c2:16:31:
88:f2:11:98:df:22:2b:ec:8f:08:32:c4:6d:82:8d:43:ef:7f:
ba:f3:ec:2f:cf:e6:92:ff:d9:e8:84:ce:1a:35:60:99:d0:fb:
89:94:05:fd:09:a3:5d:c7:91:e3:64:4d:14:61:1e:4e:00:0f:
99:49:9e:ce:66:b2:7c:3e:45:b4:62:61:7d:35:19:f9:8d:0a:
de:cb:18:f5:46:d0:98:d4:4e:fd:79:82:48:78:e1:e8:6e:2a:
b0:77:af:5e:41:32:0b:24:c8:19:2e:02:5c:8a:dc:e2:c7:ce:
ba:92:89:08:2f:f8:1a:6d:23:75:c7:22:9f:17:de:c6:a2:66:
d5:0c:ec:1b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUVu85UfsVUKVjleLPh4VsOyXCkBYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMzExMjEyMThaFw0yNDAzMjkxMjE3MThaMDMxMTAvBgNV
BAMTKEM0MDg3MEQ4MzdFRkU4QjY5MzRFMzUxMUE3RkNEM0RCOEMxOUVFOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz6ESVg16PfCj85eckOFBK19g5
kH2J8aCZqd1fXpoqqTAeMZP93JyQZJ/9wiAlE0cpjEL6cnlAz8LbU9JbDtns/ucS
2fcUmFv2vIQFicZaS6VEm3uLpixOP55+GPFZpct/gebkNXrBxaoYuMvSTLdFRU2b
sTDebn7N8fbCeMQlmuLsJF10HF6OmWgwTjEQRBRGVtoeRhtpa6JwiDfNebuTeadq
xz7xGCmxRq50vgBh+PsvTu6F+dEIPUg2QxEFDV7er8+q+eEBaZYw7Wa8M4pS5LBT
rJd3Pdl82zxQLsC/thBuK+5iMCSa29z8pgKuKQPvBH6Y16bP1sgys8SRoWDRAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUxAhw2Dfv6LaTTjURp/zT24wZ7p4wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzgzMTJlMzIzMjJlMzMzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzMzM2MzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABRFiUw
DQYJKoZIhvcNAQELBQADggEBAIzloyWzV2GRm6tVkpMlYoKbigGfxU10gicJCEq1
/oXWaTzojXs9+L/JH7A9RL/OMxvaUugixgzXonVl3wfkwMx8KaSwPK2lxcqDT9m+
yzk8RHQkIQAn8muwnlH4tYUIt22HZg+a61wmZUBjWGSjP7nayl/PVX1dXUNdUcIW
MYjyEZjfIivsjwgyxG2CjUPvf7rz7C/P5pL/2eiEzho1YJnQ+4mUBf0Jo13HkeNk
TRRhHk4AD5lJns5msnw+RbRiYX01GfmNCt7LGPVG0JjUTv15gkh44ehuKrB3r15B
MgskyBkuAlyK3OLHzrqSiQgv+BptI3XHIp8X3saiZtUM7Bs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:13 2024 by rpki-client on console-ams.rpki-client.org