Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e26d9c-d851-4a69-95f9-1504ea53e255/1/GsLj1HvRTLsd1p7dsl8s83noR3c.roa
File: GsLj1HvRTLsd1p7dsl8s83noR3c.roa (raw, json)
Hash identifier: fLneHQQO7esuVtOml7DKGyJxY8mmiDjBKmk865oclHU=
Subject key identifier: 1A:C2:E3:D4:7B:D1:4C:BB:1D:D6:9E:DD:B2:5F:2C:F3:79:E8:47:77
Certificate issuer: /CN=70ad353cc1a0d16d5e8e14a37575a6f3d60563f8
Certificate serial: 44B5A025
Authority key identifier: 70:AD:35:3C:C1:A0:D1:6D:5E:8E:14:A3:75:75:A6:F3:D6:05:63:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cK01PMGg0W1ejhSjdXWm89YFY_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e26d9c-d851-4a69-95f9-1504ea53e255/1/GsLj1HvRTLsd1p7dsl8s83noR3c.roa
Signing time: Sat 01 Jan 2022 11:57:16 +0000
ROA not before: Sat 01 Jan 2022 11:57:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24971
IP address blocks: 149.62.144.0/21 maxlen: 21
178.238.32.0/20 maxlen: 20
77.93.192.0/19 maxlen: 19
83.167.224.0/19 maxlen: 19
80.79.16.0/20 maxlen: 20
81.31.32.0/20 maxlen: 20
185.58.40.0/22 maxlen: 22
85.118.128.0/21 maxlen: 21
89.185.224.0/19 maxlen: 19
2a01:430::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1152753701 (0x44b5a025)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70ad353cc1a0d16d5e8e14a37575a6f3d60563f8
Validity
Not Before: Jan 1 11:57:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ac2e3d47bd14cbb1dd69eddb25f2cf379e84777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ad:c4:d3:00:7f:9a:9b:45:54:6d:03:b5:c1:
de:a8:c0:82:2a:08:a3:cc:c6:68:2e:6d:77:8e:41:
02:8a:88:3b:4d:09:55:43:f4:4f:38:8b:59:cb:b1:
91:97:87:72:3a:40:13:cf:53:72:a0:e7:b2:4f:64:
03:04:43:23:03:9c:f0:0f:29:47:71:6d:e2:b3:42:
17:07:1c:9f:df:02:b3:60:c8:a4:f0:35:13:ea:96:
19:76:c9:49:10:71:83:83:b3:d6:06:e3:2b:12:f6:
6c:d4:af:58:79:16:fc:40:df:93:f9:7f:8f:c2:82:
dc:44:50:76:1c:f3:57:02:25:7c:d4:75:73:b2:e4:
bb:36:dd:e8:1f:b7:77:a5:5d:03:fd:96:5f:09:c8:
c9:57:c9:75:3c:0b:a5:e6:17:c1:09:77:e0:84:ee:
aa:13:0c:c5:d9:04:f6:20:a4:29:38:d3:f0:06:f9:
5e:41:8a:57:d7:56:b5:48:66:12:d4:b9:08:64:e8:
99:57:e1:cd:58:30:9f:74:c9:be:be:9f:05:2d:5c:
07:6e:12:e6:a8:56:d5:e5:2b:95:bc:05:fe:9a:98:
a6:03:6a:0d:96:30:d2:14:16:de:84:f0:54:53:d7:
32:25:76:d2:d4:76:b8:41:5f:d5:70:c8:16:52:71:
12:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:C2:E3:D4:7B:D1:4C:BB:1D:D6:9E:DD:B2:5F:2C:F3:79:E8:47:77
X509v3 Authority Key Identifier:
keyid:70:AD:35:3C:C1:A0:D1:6D:5E:8E:14:A3:75:75:A6:F3:D6:05:63:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cK01PMGg0W1ejhSjdXWm89YFY_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e26d9c-d851-4a69-95f9-1504ea53e255/1/GsLj1HvRTLsd1p7dsl8s83noR3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e26d9c-d851-4a69-95f9-1504ea53e255/1/cK01PMGg0W1ejhSjdXWm89YFY_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.192.0/19
80.79.16.0/20
81.31.32.0/20
83.167.224.0/19
85.118.128.0/21
89.185.224.0/19
149.62.144.0/21
178.238.32.0/20
185.58.40.0/22
IPv6:
2a01:430::/32
Signature Algorithm: sha256WithRSAEncryption
08:ad:2e:0f:6b:56:f5:9a:c9:98:fc:ab:cd:c5:07:4f:ad:c5:
d2:45:67:06:a6:5a:8f:eb:fe:e6:9d:48:2e:21:8d:f6:f5:15:
cf:3d:47:8e:da:71:85:a5:4b:d3:b5:d0:16:c8:14:b4:2c:2d:
46:9d:d8:38:0a:27:33:15:0a:d4:50:3a:f2:0a:59:dd:b9:a7:
b8:3d:75:6f:28:8f:54:47:eb:e7:1e:4b:17:ee:8a:b8:20:ba:
4f:a5:79:87:74:c3:e8:54:59:91:47:3d:f6:27:a7:37:ad:c5:
49:c7:db:5d:8a:8c:04:d8:75:31:9c:54:d7:ae:b0:b9:40:73:
54:e6:56:43:87:84:d1:c5:c5:72:85:88:11:f5:ac:66:6e:ff:
06:fc:ce:14:28:dd:f3:d7:a9:df:ac:08:0c:d4:ad:ee:15:b4:
b4:20:46:bb:e6:2e:59:80:f5:d0:50:d1:4e:ab:1c:4f:3c:5c:
a0:bb:0b:1f:25:64:30:42:f5:e2:3f:46:24:89:53:c8:aa:eb:
bf:96:b2:74:d5:66:2d:b6:8f:f5:85:29:38:63:15:39:ca:25:
f2:d1:5e:d0:9f:b8:7e:97:7f:74:46:b7:f0:d6:5f:d4:4d:e3:
e9:88:a1:01:07:1c:64:97:b0:e6:d9:36:f0:11:03:b8:6e:0a:
85:8a:7a:f6
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIERLWgJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MGFkMzUzY2MxYTBkMTZkNWU4ZTE0YTM3NTc1YTZmM2Q2MDU2M2Y4MB4XDTIyMDEw
MTExNTcxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWFjMmUzZDQ3YmQx
NGNiYjFkZDY5ZWRkYjI1ZjJjZjM3OWU4NDc3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN2txNMAf5qbRVRtA7XB3qjAgioIo8zGaC5td45BAoqIO00J
VUP0TziLWcuxkZeHcjpAE89TcqDnsk9kAwRDIwOc8A8pR3Ft4rNCFwccn98Cs2DI
pPA1E+qWGXbJSRBxg4Oz1gbjKxL2bNSvWHkW/EDfk/l/j8KC3ERQdhzzVwIlfNR1
c7Lkuzbd6B+3d6VdA/2WXwnIyVfJdTwLpeYXwQl34ITuqhMMxdkE9iCkKTjT8Ab5
XkGKV9dWtUhmEtS5CGTomVfhzVgwn3TJvr6fBS1cB24S5qhW1eUrlbwF/pqYpgNq
DZYw0hQW3oTwVFPXMiV20tR2uEFf1XDIFlJxEhUCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBQawuPUe9FMux3Wnt2yXyzzeehHdzAfBgNVHSMEGDAWgBRwrTU8waDRbV6O
FKN1dabz1gVj+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NLMDFQTUdnMFcxZWpoU2pkWFdtODlZRllfZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvZTI2ZDljLWQ4NTEtNGE2OS05NWY5LTE1MDRlYTUzZTI1NS8x
L0dzTGoxSHZSVExzZDFwN2RzbDhzODNub1IzYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
ZTI2ZDljLWQ4NTEtNGE2OS05NWY5LTE1MDRlYTUzZTI1NS8xL2NLMDFQTUdnMFcx
ZWpoU2pkWFdtODlZRllfZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEBU1dwAMEBFBPEAMEBFEfIAMEBVOn
4AMEA1V2gAMEBVm54AMEA5U+kAMEBLLuIAMEArk6KDANBAIAAjAHAwUAKgEEMDAN
BgkqhkiG9w0BAQsFAAOCAQEACK0uD2tW9ZrJmPyrzcUHT63F0kVnBqZaj+v+5p1I
LiGN9vUVzz1HjtpxhaVL07XQFsgUtCwtRp3YOAonMxUK1FA68gpZ3bmnuD11byiP
VEfr5x5LF+6KuCC6T6V5h3TD6FRZkUc99ienN63FScfbXYqMBNh1MZxU166wuUBz
VOZWQ4eE0cXFcoWIEfWsZm7/BvzOFCjd89ep36wIDNSt7hW0tCBGu+YuWYD10FDR
TqscTzxcoLsLHyVkMEL14j9GJIlTyKrrv5aydNVmLbaP9YUpOGMVOcol8tFe0J+4
fpd/dEa38NZf1E3j6YihAQccZJew5tk28BEDuG4KhYp69g==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:29 2023 by rpki-client on console.sobornost.net