Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/gjs1lQ46wyPz__fQOlQatcrkZu8.roa
File: gjs1lQ46wyPz__fQOlQatcrkZu8.roa (raw, json)
Hash identifier: IsJLnON+JZsvkmhf+YOXrfQwnWSiHTZyap/9vVR3kak=
Subject key identifier: 82:3B:35:95:0E:3A:C3:23:F3:FF:F7:D0:3A:54:1A:B5:CA:E4:66:EF
Certificate issuer: /CN=3406d2c439ccbcb78a82d5cb2b4c3ff6e9934b96
Certificate serial: 01826322869985401F5B750A5064227DFE48
Authority key identifier: 34:06:D2:C4:39:CC:BC:B7:8A:82:D5:CB:2B:4C:3F:F6:E9:93:4B:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAbSxDnMvLeKgtXLK0w_9umTS5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/gjs1lQ46wyPz__fQOlQatcrkZu8.roa
Signing time: Wed 03 Aug 2022 09:56:23 +0000
ROA not before: Wed 03 Aug 2022 09:56:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213122
IP address blocks: 5.252.166.0/24 maxlen: 24
5.252.164.0/24 maxlen: 24
5.252.165.0/24 maxlen: 24
45.130.152.0/24 maxlen: 24
45.130.153.0/24 maxlen: 24
45.87.62.0/24 maxlen: 24
45.87.63.0/24 maxlen: 24
45.87.60.0/24 maxlen: 24
45.87.61.0/24 maxlen: 24
185.162.74.0/24 maxlen: 24
2a0e:f380::/32 maxlen: 32
2a0e:f380:ffff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:63:22:86:99:85:40:1f:5b:75:0a:50:64:22:7d:fe:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3406d2c439ccbcb78a82d5cb2b4c3ff6e9934b96
Validity
Not Before: Aug 3 09:56:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=823b35950e3ac323f3fff7d03a541ab5cae466ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e6:9c:53:6a:6d:f7:65:14:fa:a1:f3:66:5a:
a4:b1:f0:b1:63:bd:3c:e4:3d:19:c2:db:cd:d4:a9:
cd:fc:1a:7f:e2:04:77:65:36:7e:26:4c:01:b0:09:
a9:a3:f3:16:04:45:97:50:41:24:cd:f3:51:c3:70:
48:12:11:66:59:5e:dd:a0:c9:25:bc:70:ab:c7:cc:
57:50:10:04:f2:a5:b4:b9:88:5a:15:c5:69:2c:22:
21:99:a1:6d:1f:71:76:82:c8:77:1e:3f:7e:19:f8:
d4:92:16:b5:10:90:d7:b7:76:ad:07:84:fa:89:8d:
9c:61:bb:af:50:2f:29:61:88:b5:d6:a2:d0:27:41:
27:bf:99:2f:45:86:5d:7d:8d:04:1e:d4:9c:76:5b:
36:3b:b5:ae:39:be:6b:7b:a3:e7:36:c0:1e:96:61:
1f:a8:c2:38:d0:dc:a0:ee:51:18:ea:f2:7e:6f:2f:
86:67:30:ae:df:53:e3:cf:0d:dc:3c:7f:0c:84:f5:
07:7c:01:c4:95:30:11:35:09:9b:d2:26:32:3d:43:
b5:0b:b0:b6:11:7b:40:7e:f2:14:91:3b:7d:18:65:
55:2c:05:cb:e6:2c:ef:1d:28:4d:df:5c:59:e2:61:
3e:18:c2:e7:d9:10:ae:b9:8c:f5:d2:9b:14:01:72:
2a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:3B:35:95:0E:3A:C3:23:F3:FF:F7:D0:3A:54:1A:B5:CA:E4:66:EF
X509v3 Authority Key Identifier:
keyid:34:06:D2:C4:39:CC:BC:B7:8A:82:D5:CB:2B:4C:3F:F6:E9:93:4B:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAbSxDnMvLeKgtXLK0w_9umTS5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/gjs1lQ46wyPz__fQOlQatcrkZu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/NAbSxDnMvLeKgtXLK0w_9umTS5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.164.0-5.252.166.255
45.87.60.0/22
45.130.152.0/23
185.162.74.0/24
IPv6:
2a0e:f380::/32
Signature Algorithm: sha256WithRSAEncryption
0b:50:e2:92:0c:c6:a7:25:17:21:4f:04:70:88:b6:fd:4f:84:
ad:fb:98:a2:45:7c:5e:5b:e6:f1:30:bc:b5:22:8c:11:d7:14:
db:22:d7:85:e5:c4:72:3d:b3:58:79:2a:a5:7a:53:ce:82:c0:
93:ef:35:ee:e0:56:ab:d7:72:78:52:30:3c:e2:0c:13:31:ea:
f6:58:d9:9c:8d:7a:b6:a2:90:1e:91:84:34:89:af:69:3e:64:
c8:42:fc:8f:27:a1:28:d7:e7:59:be:5e:70:9b:63:f1:9d:65:
54:aa:fc:c9:66:de:d2:74:81:21:f1:b8:a1:0a:65:9e:a6:a7:
c6:51:f5:e7:60:14:77:ea:04:11:a3:68:93:3f:e0:67:57:da:
cd:be:28:f3:d8:f0:59:aa:ad:95:7b:0c:d1:b8:76:98:2e:8a:
f8:dd:78:06:17:7b:1e:70:f1:8b:6d:9c:07:6b:da:07:7e:ad:
06:68:7e:90:83:ae:81:34:3a:a1:f7:55:d1:78:6c:98:b8:e4:
93:8a:1e:28:1f:a0:c3:89:91:c1:8b:81:d1:3b:09:c6:38:e1:
99:ed:90:f2:6d:9e:b6:9d:5c:de:f1:07:80:d4:c6:38:41:da:
f2:fc:d5:cb:b7:20:5d:90:0d:94:54:96:66:76:3f:ed:4b:43:
bd:c4:ce:49
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYJjIoaZhUAfW3UKUGQiff5IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDZkMmM0MzljY2JjYjc4YTgyZDVjYjJiNGMzZmY2ZTk5
MzRiOTYwHhcNMjIwODAzMDk1NjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjNiMzU5NTBlM2FjMzIzZjNmZmY3ZDAzYTU0MWFiNWNhZTQ2NmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eacU2pt92UU+qHzZlqksfCxY708
5D0ZwtvN1KnN/Bp/4gR3ZTZ+JkwBsAmpo/MWBEWXUEEkzfNRw3BIEhFmWV7doMkl
vHCrx8xXUBAE8qW0uYhaFcVpLCIhmaFtH3F2gsh3Hj9+GfjUkha1EJDXt3atB4T6
iY2cYbuvUC8pYYi11qLQJ0Env5kvRYZdfY0EHtScdls2O7WuOb5re6PnNsAelmEf
qMI40Nyg7lEY6vJ+by+GZzCu31Pjzw3cPH8MhPUHfAHElTARNQmb0iYyPUO1C7C2
EXtAfvIUkTt9GGVVLAXL5izvHShN31xZ4mE+GMLn2RCuuYz10psUAXIqxwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFII7NZUOOsMj8//30DpUGrXK5GbvMB8GA1UdIwQY
MBaAFDQG0sQ5zLy3ioLVyytMP/bpk0uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFiU3hEbk12TGVLZ3RYTEswd185dW1UUzVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wYTNhMGYtNjBmOC00YTFjLWJiYTAt
N2I4ODBjMDYzMzY3LzEvZ2pzMWxRNDZ3eVB6X19mUU9sUWF0Y3JrWnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wYTNhMGYtNjBmOC00YTFjLWJiYTAtN2I4ODBjMDYzMzY3
LzEvTkFiU3hEbk12TGVLZ3RYTEswd185dW1UUzVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAIF/KQD
BAAF/KYDBAItVzwDBAEtgpgDBAC5okowDQQCAAIwBwMFACoO84AwDQYJKoZIhvcN
AQELBQADggEBAAtQ4pIMxqclFyFPBHCItv1PhK37mKJFfF5b5vEwvLUijBHXFNsi
14XlxHI9s1h5KqV6U86CwJPvNe7gVqvXcnhSMDziDBMx6vZY2ZyNeraikB6RhDSJ
r2k+ZMhC/I8noSjX51m+XnCbY/GdZVSq/Mlm3tJ0gSHxuKEKZZ6mp8ZR9edgFHfq
BBGjaJM/4GdX2s2+KPPY8FmqrZV7DNG4dpguivjdeAYXex5w8YttnAdr2gd+rQZo
fpCDroE0OqH3VdF4bJi45JOKHigfoMOJkcGLgdE7CcY44ZntkPJtnradXN7xB4DU
xjhB2vL81cu3IF2QDZRUlmZ2P+1LQ73Ezkk=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:21 2023 by rpki-client on console.sobornost.net