Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38342e32312e3137302e302f32342d3234203d3e2030.roa
File: 38342e32312e3137302e302f32342d3234203d3e2030.roa (raw, json)
Hash identifier: A6kpzBCvLyOlyTnFnLyaodPuko2Vw4DaKK+3DakiFK8=
Subject key identifier: 2E:30:57:45:F0:7F:80:39:AB:E3:D5:08:ED:37:9C:CE:38:68:47:5E
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 70225D74A08E68599639394BFCEDCFA6895D61A8
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38342e32312e3137302e302f32342d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:53 +0000
ROA not before: Mon 27 Mar 2023 08:22:53 +0000
ROA not after: Mon 25 Mar 2024 08:27:53 +0000
asID: 0
IP address blocks: 84.21.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:22:5d:74:a0:8e:68:59:96:39:39:4b:fc:ed:cf:a6:89:5d:61:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 27 08:22:53 2023 GMT
Not After : Mar 25 08:27:53 2024 GMT
Subject: CN=2E305745F07F8039ABE3D508ED379CCE3868475E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c1:da:46:a8:eb:4b:e8:d4:2c:a9:1c:f6:1c:
d2:23:a0:0c:ea:eb:cc:7d:ae:ff:43:6a:26:0a:1b:
b4:00:7f:e8:b5:2c:e6:39:ff:f6:5f:d3:44:57:34:
f0:21:28:86:11:13:43:b6:64:38:4e:9a:b7:16:c5:
5c:30:7e:4d:13:0a:cf:dc:f9:70:2a:78:e5:1f:5e:
e4:10:16:23:c9:e9:88:fe:24:dc:7f:11:f1:80:44:
2a:15:95:42:e8:a0:1e:fc:d5:56:08:9a:83:f7:ab:
ca:30:a5:25:c7:84:59:d0:1d:85:f2:70:74:dd:80:
63:4c:14:58:b3:2a:0a:81:85:2a:b0:f2:a3:50:6a:
da:37:41:5d:36:56:55:c7:b7:69:bf:ac:8e:db:f0:
8a:3c:fa:82:5c:9e:fe:cf:d5:91:4c:03:6b:ae:66:
79:9d:0b:fb:f9:f4:3f:48:97:7f:13:e2:9b:7f:a8:
b6:76:1e:03:b8:f6:16:2e:74:aa:1e:5c:00:fc:f2:
17:ed:76:e8:e8:0d:5f:6d:bd:74:76:49:aa:1f:67:
24:2e:8e:e9:a1:3a:7f:25:4e:ca:d7:8f:cb:fc:08:
53:ee:b8:57:4a:ce:81:d4:e5:0c:a6:e6:23:33:ae:
1c:8c:af:13:57:b5:81:55:ac:f4:eb:a0:8f:ea:b6:
73:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:30:57:45:F0:7F:80:39:AB:E3:D5:08:ED:37:9C:CE:38:68:47:5E
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38342e32312e3137302e302f32342d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.170.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:1d:f9:06:fb:c3:80:bf:d8:42:61:43:45:53:1e:40:9f:ab:
be:35:dd:01:46:bb:4d:c4:f9:1e:ad:ca:d1:92:f7:4b:4c:d0:
18:f8:57:d6:ff:2b:8f:90:62:2b:e1:9d:b3:d6:00:5a:8c:69:
52:f5:71:33:8d:eb:4a:1e:b5:4b:d0:d2:45:26:21:5a:cf:e8:
13:08:74:83:fd:a3:05:20:46:e2:cf:50:10:78:fd:52:87:1c:
66:61:de:ba:a3:a0:b8:c2:c7:90:97:60:51:cc:12:7e:af:19:
82:15:5a:6c:14:09:e4:71:ea:39:6d:b2:b0:63:8c:da:10:86:
60:b2:c4:86:24:86:cb:d6:f9:93:a7:a9:73:23:fa:f6:3c:6a:
53:c5:43:36:20:a2:51:90:ce:72:0e:a8:be:d9:04:a4:ff:39:
e0:87:16:c5:7f:fc:4d:58:47:95:ca:8b:36:2a:35:d6:b0:bc:
ea:49:25:ec:9e:a6:f7:83:de:0e:bb:75:e3:60:e1:ae:80:59:
a1:00:de:63:d6:46:07:36:73:d6:f5:cc:b6:b1:ba:25:cb:08:
97:6e:01:0e:52:2c:93:b5:e2:2d:12:59:40:5e:4f:bf:c2:7f:
9d:61:a4:02:99:b6:00:21:d2:3b:e1:b3:8a:4b:a0:2e:7c:b8:
ca:2c:55:e5
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUcCJddKCOaFmWOTlL/O3PpoldYagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTNaFw0yNDAzMjUwODI3NTNaMDMxMTAvBgNV
BAMTKDJFMzA1NzQ1RjA3RjgwMzlBQkUzRDUwOEVEMzc5Q0NFMzg2ODQ3NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJwdpGqOtL6NQsqRz2HNIjoAzq
68x9rv9DaiYKG7QAf+i1LOY5//Zf00RXNPAhKIYRE0O2ZDhOmrcWxVwwfk0TCs/c
+XAqeOUfXuQQFiPJ6Yj+JNx/EfGARCoVlULooB781VYImoP3q8owpSXHhFnQHYXy
cHTdgGNMFFizKgqBhSqw8qNQato3QV02VlXHt2m/rI7b8Io8+oJcnv7P1ZFMA2uu
ZnmdC/v59D9Il38T4pt/qLZ2HgO49hYudKoeXAD88hftdujoDV9tvXR2SaofZyQu
jumhOn8lTsrXj8v8CFPuuFdKzoHU5Qym5iMzrhyMrxNXtYFVrPTroI/qtnPLAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQULjBXRfB/gDmr49UI7TeczjhoR14wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzgzNDJlMzIzMTJlMzEzNzMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABUFaowDQYJKoZI
hvcNAQELBQADggEBAA4d+Qb7w4C/2EJhQ0VTHkCfq7413QFGu03E+R6tytGS90tM
0Bj4V9b/K4+QYivhnbPWAFqMaVL1cTON60oetUvQ0kUmIVrP6BMIdIP9owUgRuLP
UBB4/VKHHGZh3rqjoLjCx5CXYFHMEn6vGYIVWmwUCeRx6jltsrBjjNoQhmCyxIYk
hsvW+ZOnqXMj+vY8alPFQzYgolGQznIOqL7ZBKT/OeCHFsV//E1YR5XKizYqNdaw
vOpJJeyepveD3g67deNg4a6AWaEA3mPWRgc2c9b1zLaxuiXLCJduAQ5SLJO14i0S
WUBeT7/Cf51hpAKZtgAh0jvhs4pLoC58uMosVeU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:13 2024 by rpki-client on console-ams.rpki-client.org