Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38342e32312e3136382e302f32332d3234203d3e2030.roa
File: 38342e32312e3136382e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier: r3DaY9nxe/pljvrsy9vGUXhP8+Hdoxratzw2mrbXhHg=
Subject key identifier: DA:DA:B3:B7:26:D7:CE:58:66:08:D0:7C:79:D6:BF:E3:B8:52:3D:EE
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 4963AD9F159903D11BEA623A62035B24A5E06F67
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38342e32312e3136382e302f32332d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:56 +0000
ROA not before: Mon 27 Mar 2023 08:22:56 +0000
ROA not after: Mon 25 Mar 2024 08:27:56 +0000
asID: 0
IP address blocks: 84.21.168.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:63:ad:9f:15:99:03:d1:1b:ea:62:3a:62:03:5b:24:a5:e0:6f:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 27 08:22:56 2023 GMT
Not After : Mar 25 08:27:56 2024 GMT
Subject: CN=DADAB3B726D7CE586608D07C79D6BFE3B8523DEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8a:b9:12:fb:b0:7c:3c:c9:4d:f1:62:3e:b6:
83:0b:25:3b:7f:60:b7:32:4f:d4:32:03:48:2d:b0:
8b:61:74:2f:a3:7e:45:14:ab:27:f7:a9:96:b6:54:
d7:8f:70:c9:79:f3:14:73:52:ae:16:43:c8:97:53:
6c:ae:09:2b:5a:7a:24:59:08:1a:72:0c:d2:0c:5c:
2e:c8:fa:57:9a:38:74:c0:ba:59:bd:f5:7f:de:07:
c6:4b:d4:e0:dd:34:75:4d:c9:44:aa:23:d6:c3:0c:
cd:18:4e:1b:6f:85:90:e4:0d:09:c0:1c:fe:eb:c5:
9e:0d:22:07:17:3a:9f:56:03:3f:81:a1:d8:c2:6a:
af:a7:dc:6a:67:55:3f:0d:02:ed:34:d0:0c:8d:79:
a5:05:66:15:ce:fd:60:2b:de:c4:3d:72:17:d2:80:
f0:55:82:c6:46:97:66:22:23:ab:2c:29:e4:eb:ab:
f3:36:01:1a:b1:7b:84:0f:41:4d:db:e7:e2:0e:48:
7b:56:c7:07:16:1d:6b:37:44:61:0d:e2:36:c4:7b:
a2:dc:8c:4a:c4:4e:e4:58:27:ba:7c:88:49:90:c4:
ca:d7:91:cd:06:09:be:a3:6e:97:da:17:09:c0:f7:
00:43:b8:0c:fe:3e:a8:32:3d:07:cc:1d:52:0c:9d:
50:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:DA:B3:B7:26:D7:CE:58:66:08:D0:7C:79:D6:BF:E3:B8:52:3D:EE
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38342e32312e3136382e302f32332d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.168.0/23
Signature Algorithm: sha256WithRSAEncryption
97:f3:a7:d8:62:2e:1a:29:c6:4a:fd:47:14:ff:01:68:55:25:
3a:35:de:fd:bf:e9:dd:66:76:ad:e2:fa:d7:41:bc:19:55:be:
53:e4:6f:30:30:22:a0:55:7f:08:b7:3f:cb:aa:52:6b:a4:37:
93:b4:ec:3a:c9:58:2f:ea:e0:1a:04:4c:db:ff:b9:d2:7e:b3:
5e:a5:cc:a3:fe:99:d1:2a:69:a7:12:96:39:41:f8:f2:1f:0c:
de:9c:9d:f7:7e:af:2a:c5:17:73:2b:ae:bb:a1:1b:07:0e:2a:
8f:3c:be:40:39:d9:21:2e:1b:28:0d:00:a2:a7:b1:a9:63:bf:
82:4b:8d:c2:5e:98:45:8d:1d:ce:c6:4a:3a:33:08:1d:da:20:
94:d0:e7:6b:02:70:c0:bc:19:d9:9d:99:cf:e1:7e:3d:a9:b6:
6e:18:8d:6f:90:e6:a4:5a:78:70:86:2e:5a:c4:78:15:0e:81:
e9:03:c6:df:9e:29:7f:2d:84:10:15:91:de:05:c2:be:96:4c:
ae:d3:b3:51:96:27:b7:65:14:c1:22:80:83:0b:1b:df:4d:99:
93:e9:9f:72:11:14:14:e3:a3:b2:77:0d:2a:91:4e:90:09:f8:
8b:d7:04:b4:d9:23:66:b0:f6:0d:98:11:c7:08:e3:63:7f:5a:
79:b9:39:37
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUSWOtnxWZA9Eb6mI6YgNbJKXgb2cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTZaFw0yNDAzMjUwODI3NTZaMDMxMTAvBgNV
BAMTKERBREFCM0I3MjZEN0NFNTg2NjA4RDA3Qzc5RDZCRkUzQjg1MjNERUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCirkS+7B8PMlN8WI+toMLJTt/
YLcyT9QyA0gtsIthdC+jfkUUqyf3qZa2VNePcMl58xRzUq4WQ8iXU2yuCStaeiRZ
CBpyDNIMXC7I+leaOHTAulm99X/eB8ZL1ODdNHVNyUSqI9bDDM0YThtvhZDkDQnA
HP7rxZ4NIgcXOp9WAz+BodjCaq+n3GpnVT8NAu000AyNeaUFZhXO/WAr3sQ9chfS
gPBVgsZGl2YiI6ssKeTrq/M2ARqxe4QPQU3b5+IOSHtWxwcWHWs3RGEN4jbEe6Lc
jErETuRYJ7p8iEmQxMrXkc0GCb6jbpfaFwnA9wBDuAz+PqgyPQfMHVIMnVCBAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQU2tqztybXzlhmCNB8eda/47hSPe4wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzgzNDJlMzIzMTJlMzEzNjM4
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFUFagwDQYJKoZI
hvcNAQELBQADggEBAJfzp9hiLhopxkr9RxT/AWhVJTo13v2/6d1mdq3i+tdBvBlV
vlPkbzAwIqBVfwi3P8uqUmukN5O07DrJWC/q4BoETNv/udJ+s16lzKP+mdEqaacS
ljlB+PIfDN6cnfd+ryrFF3MrrruhGwcOKo88vkA52SEuGygNAKKnsaljv4JLjcJe
mEWNHc7GSjozCB3aIJTQ52sCcMC8Gdmdmc/hfj2ptm4YjW+Q5qRaeHCGLlrEeBUO
gekDxt+eKX8thBAVkd4Fwr6WTK7Ts1GWJ7dlFMEigIMLG99NmZPpn3IRFBTjo7J3
DSqRTpAJ+IvXBLTZI2aw9g2YEccI42N/Wnm5OTc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:13 2024 by rpki-client on console-ams.rpki-client.org