Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39352e3231342e3231362e302f32332d3234203d3e2030.roa
File: 39352e3231342e3231362e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier: PfCgTqhXSz5n4/fqPYs3NSy03RqHgiSxvNlDaw3GG8A=
Subject key identifier: 11:DF:29:C7:A8:B8:CB:A9:26:CC:D5:2E:F5:DA:ED:92:50:37:94:E5
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 1525CD8338E79770F50D14F4D5976DAC0AC11946
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39352e3231342e3231362e302f32332d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:54 +0000
ROA not before: Mon 27 Mar 2023 08:22:54 +0000
ROA not after: Mon 25 Mar 2024 08:27:54 +0000
asID: 0
IP address blocks: 95.214.216.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:25:cd:83:38:e7:97:70:f5:0d:14:f4:d5:97:6d:ac:0a:c1:19:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 27 08:22:54 2023 GMT
Not After : Mar 25 08:27:54 2024 GMT
Subject: CN=11DF29C7A8B8CBA926CCD52EF5DAED92503794E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4e:d3:e4:88:67:b6:ac:4d:95:d5:40:69:8a:
5c:60:c8:12:26:05:db:4d:43:52:91:50:24:e7:2a:
b3:4d:03:df:ef:8a:a3:10:a8:02:4c:29:5a:7f:af:
59:e5:74:33:f8:d0:ce:d0:44:e6:12:fe:22:9c:54:
b7:e3:34:d2:f4:e1:d2:76:9b:5b:16:a6:d1:87:1d:
7f:9e:f7:c3:54:39:6f:e5:6c:c9:bf:5b:f0:4c:f8:
24:21:83:80:37:a3:81:40:98:27:2c:90:67:c9:9e:
54:4e:a5:5c:87:5a:48:7f:c0:a5:c4:82:1b:d3:a6:
05:dc:e8:35:58:b5:ed:2e:0d:4f:3e:f8:88:fd:57:
12:2e:0c:4d:b4:85:df:a6:4b:55:04:14:20:12:fc:
be:43:24:3c:85:4d:94:f3:ba:94:49:a1:f5:a6:af:
03:78:7a:4a:6d:e6:64:46:93:2f:ab:b5:91:95:4a:
12:aa:8c:45:38:3b:6f:a5:a2:29:38:e2:7c:47:bb:
dd:7e:5a:e2:2f:1d:12:d6:5e:f1:e0:7d:f7:9c:02:
9b:d5:3e:e6:fc:f0:9d:c5:10:db:08:65:6a:8b:a8:
9e:e6:11:e3:b5:df:30:c2:4b:be:48:cb:8c:3c:c1:
a9:db:71:3d:44:c7:d6:36:79:31:4a:19:58:8f:bc:
23:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:DF:29:C7:A8:B8:CB:A9:26:CC:D5:2E:F5:DA:ED:92:50:37:94:E5
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/39352e3231342e3231362e302f32332d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.216.0/23
Signature Algorithm: sha256WithRSAEncryption
62:2d:a0:d9:51:36:6e:2b:ee:9f:8b:68:ea:d0:52:49:8f:ba:
3b:9e:d4:08:8f:1f:f4:fe:39:7f:e5:0d:c7:0c:ee:2a:f4:41:
1e:4a:e8:d8:e7:63:89:63:f2:63:ac:39:25:41:78:c5:7a:ae:
75:7f:31:c3:1b:2d:8f:c2:30:71:44:19:25:29:d3:cb:aa:92:
a7:cc:96:d8:0d:4c:28:48:0c:a1:5a:0c:35:a1:1a:b5:60:bf:
a0:7e:1c:6a:e8:c4:df:af:91:29:37:61:44:cf:2f:c6:38:aa:
35:97:96:4f:a0:3d:fa:3f:49:d9:cf:ee:07:05:3d:5c:d6:d9:
14:64:9d:58:98:21:4f:4e:74:e8:e4:8b:c2:97:2a:77:0d:af:
b5:19:43:8f:14:44:ec:4f:38:4d:98:64:04:a3:86:46:d6:4d:
14:4f:51:59:45:2b:ab:a7:04:83:50:29:24:02:19:42:d2:eb:
1f:99:97:25:7c:5c:a6:a7:0c:be:3d:0c:35:74:4d:35:0b:a5:
f1:bf:a9:5e:9b:1e:81:a2:9b:88:c5:a2:1c:3e:c4:b8:b3:25:
43:83:36:03:cd:86:cd:8e:d9:1c:ad:3c:b9:f8:a1:a6:d7:a8:
63:21:96:30:92:0e:11:46:f9:08:44:51:73:91:1b:53:14:1c:
77:f9:b7:48
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUFSXNgzjnl3D1DRT01ZdtrArBGUYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTRaFw0yNDAzMjUwODI3NTRaMDMxMTAvBgNV
BAMTKDExREYyOUM3QThCOENCQTkyNkNDRDUyRUY1REFFRDkyNTAzNzk0RTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnTtPkiGe2rE2V1UBpilxgyBIm
BdtNQ1KRUCTnKrNNA9/viqMQqAJMKVp/r1nldDP40M7QROYS/iKcVLfjNNL04dJ2
m1sWptGHHX+e98NUOW/lbMm/W/BM+CQhg4A3o4FAmCcskGfJnlROpVyHWkh/wKXE
ghvTpgXc6DVYte0uDU8++Ij9VxIuDE20hd+mS1UEFCAS/L5DJDyFTZTzupRJofWm
rwN4ekpt5mRGky+rtZGVShKqjEU4O2+loik44nxHu91+WuIvHRLWXvHgffecApvV
Pub88J3FENsIZWqLqJ7mEeO13zDCS75Iy4w8wanbcT1Ex9Y2eTFKGViPvCPzAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUEd8px6i4y6kmzNUu9drtklA3lOUwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzkzNTJlMzIzMTM0MmUzMjMx
MzYyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAV/W2DANBgkq
hkiG9w0BAQsFAAOCAQEAYi2g2VE2bivun4to6tBSSY+6O57UCI8f9P45f+UNxwzu
KvRBHkro2OdjiWPyY6w5JUF4xXqudX8xwxstj8IwcUQZJSnTy6qSp8yW2A1MKEgM
oVoMNaEatWC/oH4caujE36+RKTdhRM8vxjiqNZeWT6A9+j9J2c/uBwU9XNbZFGSd
WJghT0506OSLwpcqdw2vtRlDjxRE7E84TZhkBKOGRtZNFE9RWUUrq6cEg1ApJAIZ
QtLrH5mXJXxcpqcMvj0MNXRNNQul8b+pXpsegaKbiMWiHD7EuLMlQ4M2A82GzY7Z
HK08ufihpteoYyGWMJIOEUb5CERRc5EbUxQcd/m3SA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-fra.rpki-client.org