Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9ca9bc-e41c-4931-9d9d-ead096812626/1/XGkdTxpJD_clBJW3R9CWsRygpsk.roa
File: XGkdTxpJD_clBJW3R9CWsRygpsk.roa (raw, json)
Hash identifier: fN3xWJosW875eRI4bp6o8hfexJaRS0GijerfmLTE3Dc=
Subject key identifier: 5C:69:1D:4F:1A:49:0F:F7:25:04:95:B7:47:D0:96:B1:1C:A0:A6:C9
Certificate issuer: /CN=5a67da4c5acbd0d9a062f917c576df34acd43343
Certificate serial: 097CB6B9
Authority key identifier: 5A:67:DA:4C:5A:CB:D0:D9:A0:62:F9:17:C5:76:DF:34:AC:D4:33:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WmfaTFrL0NmgYvkXxXbfNKzUM0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/9ca9bc-e41c-4931-9d9d-ead096812626/1/XGkdTxpJD_clBJW3R9CWsRygpsk.roa
Signing time: Sat 01 Jan 2022 13:56:54 +0000
ROA not before: Sat 01 Jan 2022 13:56:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42529
IP address blocks: 195.16.95.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159168185 (0x97cb6b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a67da4c5acbd0d9a062f917c576df34acd43343
Validity
Not Before: Jan 1 13:56:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c691d4f1a490ff7250495b747d096b11ca0a6c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:21:5b:80:f3:9b:51:3d:b1:33:54:90:e3:a5:
40:9e:4e:44:4f:ff:47:cd:f2:3e:59:1e:8a:23:78:
c7:dc:6b:b1:13:e3:58:ff:d2:4e:0e:db:0a:04:8a:
de:83:6f:49:3a:95:d8:2f:78:d7:a6:89:59:22:d3:
c9:e9:c6:73:0a:da:62:ab:84:8b:80:33:7c:e9:f6:
b4:0d:c0:73:29:8b:0b:7b:ca:2f:09:65:20:f2:05:
88:34:77:64:a7:9b:28:80:c9:23:e3:15:9d:36:7f:
b0:fe:b7:3c:b2:af:75:79:e6:a2:ef:10:30:0e:70:
e5:47:f9:92:7a:80:41:fd:0c:3a:e6:32:c0:f3:bf:
d7:de:0c:ab:49:2a:7a:95:ff:fb:f3:a3:e3:0e:98:
b7:4d:6b:78:0a:02:09:bf:ab:a6:f5:23:a8:f8:bf:
5a:b0:d2:4c:06:75:6d:90:d4:a2:6a:ac:45:ca:e6:
97:6d:96:11:de:9b:3c:4d:44:34:19:68:00:5f:88:
55:ce:cd:fc:89:dc:78:f4:7b:34:5a:90:3c:bc:fd:
af:7f:e4:cf:f1:3f:f4:00:f7:f7:9e:fe:89:14:84:
af:32:06:c1:d3:29:69:82:aa:fc:81:66:83:2c:13:
2b:80:28:5a:5f:53:bc:2c:bb:cf:e0:c5:6d:c8:ef:
73:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:69:1D:4F:1A:49:0F:F7:25:04:95:B7:47:D0:96:B1:1C:A0:A6:C9
X509v3 Authority Key Identifier:
keyid:5A:67:DA:4C:5A:CB:D0:D9:A0:62:F9:17:C5:76:DF:34:AC:D4:33:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WmfaTFrL0NmgYvkXxXbfNKzUM0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9ca9bc-e41c-4931-9d9d-ead096812626/1/XGkdTxpJD_clBJW3R9CWsRygpsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9ca9bc-e41c-4931-9d9d-ead096812626/1/WmfaTFrL0NmgYvkXxXbfNKzUM0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.16.95.0/24
Signature Algorithm: sha256WithRSAEncryption
29:a5:6a:a4:ae:aa:92:87:9d:e4:e9:97:bf:0d:62:bb:a9:19:
e1:5a:b0:4b:12:4b:43:8b:f0:ec:42:ab:8d:f8:45:5f:c8:cb:
1c:e2:e1:a9:a0:57:86:53:bc:ba:41:cf:74:50:04:58:de:44:
05:ea:ea:a8:94:ef:fb:21:a1:9a:2a:fa:5f:7e:3b:e9:eb:ac:
ed:f3:07:70:c6:59:40:b7:1b:a0:28:c5:d0:24:cb:9a:af:0d:
df:ec:3f:7e:42:04:c6:e9:4e:f9:62:a6:51:54:59:a9:fa:88:
1c:90:b9:21:2c:05:e5:e2:f2:f9:d4:34:cd:c5:90:66:2d:33:
42:ab:ac:a3:ba:95:f9:1e:d1:46:5c:2d:5c:ec:b8:e7:cf:39:
cc:06:0f:95:59:f7:3f:d0:53:ba:80:b3:f0:8d:a6:ad:c4:cb:
41:c2:c1:d4:e2:b3:15:af:63:b1:ca:af:9b:3d:d1:af:4a:ec:
4d:34:4f:e6:e8:48:58:77:10:f3:91:3d:5e:a8:9d:9d:17:b6:
8a:50:bb:20:c7:33:f4:cf:d6:3b:5f:e3:93:89:dc:97:70:f0:
d9:e9:2a:09:ab:b2:d1:15:14:27:16:00:3a:ec:8d:ca:b0:89:
d7:d6:74:10:b1:81:9f:71:74:db:42:24:0c:f1:8d:6f:b1:58:
10:04:c0:36
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECXy2uTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTY3ZGE0YzVhY2JkMGQ5YTA2MmY5MTdjNTc2ZGYzNGFjZDQzMzQzMB4XDTIyMDEw
MTEzNTY1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWM2OTFkNGYxYTQ5
MGZmNzI1MDQ5NWI3NDdkMDk2YjExY2EwYTZjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPIhW4Dzm1E9sTNUkOOlQJ5ORE//R83yPlkeiiN4x9xrsRPj
WP/STg7bCgSK3oNvSTqV2C9416aJWSLTyenGcwraYquEi4AzfOn2tA3AcymLC3vK
LwllIPIFiDR3ZKebKIDJI+MVnTZ/sP63PLKvdXnmou8QMA5w5Uf5knqAQf0MOuYy
wPO/194Mq0kqepX/+/Oj4w6Yt01reAoCCb+rpvUjqPi/WrDSTAZ1bZDUomqsRcrm
l22WEd6bPE1ENBloAF+IVc7N/IncePR7NFqQPLz9r3/kz/E/9AD3957+iRSErzIG
wdMpaYKq/IFmgywTK4AoWl9TvCy7z+DFbcjvc2sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRcaR1PGkkP9yUElbdH0JaxHKCmyTAfBgNVHSMEGDAWgBRaZ9pMWsvQ2aBi
+RfFdt80rNQzQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dtZmFURnJMME5tZ1l2a1h4WGJmTkt6VU0wTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvOWNhOWJjLWU0MWMtNDkzMS05ZDlkLWVhZDA5NjgxMjYyNi8x
L1hHa2RUeHBKRF9jbEJKVzNSOUNXc1J5Z3Bzay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
OWNhOWJjLWU0MWMtNDkzMS05ZDlkLWVhZDA5NjgxMjYyNi8xL1dtZmFURnJMME5t
Z1l2a1h4WGJmTkt6VU0wTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMQXzANBgkqhkiG9w0BAQsFAAOC
AQEAKaVqpK6qkoed5OmXvw1iu6kZ4VqwSxJLQ4vw7EKrjfhFX8jLHOLhqaBXhlO8
ukHPdFAEWN5EBerqqJTv+yGhmir6X3476eus7fMHcMZZQLcboCjF0CTLmq8N3+w/
fkIExulO+WKmUVRZqfqIHJC5ISwF5eLy+dQ0zcWQZi0zQquso7qV+R7RRlwtXOy4
5885zAYPlVn3P9BTuoCz8I2mrcTLQcLB1OKzFa9jscqvmz3Rr0rsTTRP5uhIWHcQ
85E9XqidnRe2ilC7IMcz9M/WO1/jk4ncl3Dw2ekqCauy0RUUJxYAOuyNyrCJ19Z0
ELGBn3F020IkDPGNb7FYEATANg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:16 2023 by rpki-client on console.sobornost.net