Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38342e32312e3137302e302f32342d3234203d3e203432333636.roa
File: 38342e32312e3137302e302f32342d3234203d3e203432333636.roa (raw, json)
Hash identifier: X1z7DVPKRNFhDIdFsgf/PJDandzAPFmwjGBc9YGUNBM=
Subject key identifier: 63:39:50:EC:7F:97:00:67:4B:07:25:4A:48:77:5C:E5:A7:A7:BE:C0
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 4056E7AA55AC3A75428081F64EE3DE55ADC5467E
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38342e32312e3137302e302f32342d3234203d3e203432333636.roa
Signing time: Fri 31 Mar 2023 12:18:19 +0000
ROA not before: Fri 31 Mar 2023 12:13:19 +0000
ROA not after: Fri 29 Mar 2024 12:18:19 +0000
asID: 42366
IP address blocks: 84.21.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:56:e7:aa:55:ac:3a:75:42:80:81:f6:4e:e3:de:55:ad:c5:46:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 31 12:13:19 2023 GMT
Not After : Mar 29 12:18:19 2024 GMT
Subject: CN=633950EC7F9700674B07254A48775CE5A7A7BEC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:97:da:c3:e8:b7:ed:a8:7b:61:4f:0c:1a:a2:
0f:7b:5f:b3:e5:23:d4:8d:7a:05:bf:b8:8c:a2:c5:
34:3f:89:b9:ef:82:38:5d:b9:74:a2:49:64:88:d7:
18:e7:24:eb:41:37:eb:94:d0:ce:a2:ad:db:87:e6:
97:3f:4b:70:4c:98:a8:6f:f1:88:13:fe:4c:34:5a:
41:6f:06:c2:36:5b:89:d2:80:2d:4d:49:53:64:eb:
aa:7b:a0:9e:27:1a:2d:46:c9:35:74:74:3e:cf:b6:
b7:00:f4:5c:05:51:1c:03:f9:e0:2c:1e:90:a2:0c:
4c:90:fa:43:f0:f8:f4:d8:7d:b8:08:fb:16:91:ea:
04:f2:3c:9f:8b:2c:5c:13:47:75:e6:8e:c6:06:8b:
d6:72:2a:14:f4:1d:cb:19:38:df:4e:74:10:a6:27:
a9:e7:20:fc:74:6d:69:27:0f:81:59:34:59:ed:c5:
3e:5a:70:08:57:fa:68:ab:63:08:ae:51:ec:25:b3:
ed:7f:6c:ea:9f:e9:9d:0e:dc:09:92:70:bf:63:3b:
ee:fa:c6:82:68:db:3e:7f:2e:98:c3:e5:6e:32:92:
90:60:30:b4:1a:2c:95:86:5a:7f:bc:ea:c7:2f:70:
cb:08:8c:8a:44:bb:91:43:5e:47:69:5e:73:73:04:
60:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:39:50:EC:7F:97:00:67:4B:07:25:4A:48:77:5C:E5:A7:A7:BE:C0
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/38342e32312e3137302e302f32342d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.170.0/24
Signature Algorithm: sha256WithRSAEncryption
85:2a:db:b5:1b:4e:f7:44:72:16:79:a5:b7:70:82:78:e5:54:
49:24:71:58:4e:45:c3:16:d2:07:f9:60:1c:ae:59:33:29:0c:
8a:c7:a7:37:27:0c:b8:df:03:1a:d4:00:b7:1f:2a:e4:df:17:
f0:6d:fa:c1:a1:dd:db:96:e5:e8:4d:ab:96:88:a0:44:0b:96:
7e:21:e0:59:03:db:7b:1d:8f:c6:b7:28:49:13:df:3f:31:4c:
9c:74:d3:9a:2d:eb:cc:47:a0:e5:2c:b8:ce:f2:06:b5:52:4a:
f2:2e:33:88:cc:bb:29:32:97:4b:39:08:62:d3:92:1d:50:27:
63:39:c8:7a:06:dc:c6:45:77:3c:8a:6d:e2:51:ed:66:41:3f:
39:43:b4:de:98:89:c5:b9:1f:71:1b:41:10:bf:b4:d1:9b:c0:
bb:79:91:d6:fe:e3:ee:73:47:c6:b0:a7:f5:e0:d6:eb:31:a8:
1f:24:fd:96:d7:cb:1f:4a:8b:6c:4a:4e:b9:ee:90:d4:a0:27:
cd:50:c0:b9:42:75:a7:a8:0d:39:6e:2b:ee:11:ed:de:f4:75:
55:6b:8f:ea:c5:af:14:2d:0c:4d:f3:df:85:93:fa:20:5b:c2:
58:f8:d8:12:88:bc:d0:01:c6:8d:2b:44:a0:b5:37:56:75:f8:
5b:2b:08:35
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUQFbnqlWsOnVCgIH2TuPeVa3FRn4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMzExMjEzMTlaFw0yNDAzMjkxMjE4MTlaMDMxMTAvBgNV
BAMTKDYzMzk1MEVDN0Y5NzAwNjc0QjA3MjU0QTQ4Nzc1Q0U1QTdBN0JFQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxl9rD6LftqHthTwwaog97X7Pl
I9SNegW/uIyixTQ/ibnvgjhduXSiSWSI1xjnJOtBN+uU0M6irduH5pc/S3BMmKhv
8YgT/kw0WkFvBsI2W4nSgC1NSVNk66p7oJ4nGi1GyTV0dD7PtrcA9FwFURwD+eAs
HpCiDEyQ+kPw+PTYfbgI+xaR6gTyPJ+LLFwTR3XmjsYGi9ZyKhT0HcsZON9OdBCm
J6nnIPx0bWknD4FZNFntxT5acAhX+mirYwiuUewls+1/bOqf6Z0O3AmScL9jO+76
xoJo2z5/LpjD5W4ykpBgMLQaLJWGWn+86scvcMsIjIpEu5FDXkdpXnNzBGBzAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUYzlQ7H+XAGdLByVKSHdc5aenvsAwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzgzNDJlMzIzMTJlMzEzNzMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMjMzMzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFQV
qjANBgkqhkiG9w0BAQsFAAOCAQEAhSrbtRtO90RyFnmlt3CCeOVUSSRxWE5FwxbS
B/lgHK5ZMykMisenNycMuN8DGtQAtx8q5N8X8G36waHd25bl6E2rloigRAuWfiHg
WQPbex2PxrcoSRPfPzFMnHTTmi3rzEeg5Sy4zvIGtVJK8i4ziMy7KTKXSzkIYtOS
HVAnYznIegbcxkV3PIpt4lHtZkE/OUO03piJxbkfcRtBEL+00ZvAu3mR1v7j7nNH
xrCn9eDW6zGoHyT9ltfLH0qLbEpOue6Q1KAnzVDAuUJ1p6gNOW4r7hHt3vR1VWuP
6sWvFC0MTfPfhZP6IFvCWPjYEoi80AHGjStEoLU3VnX4WysINQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org