Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/Kgmds5GAP0yVSo-zrf_orHfpD1c.roa
File: Kgmds5GAP0yVSo-zrf_orHfpD1c.roa (raw, json)
Hash identifier: ocR4DUgzGC9PLH0yaY+n4AcNlRQ8EXnTiGijWDn4ACs=
Subject key identifier: 2A:09:9D:B3:91:80:3F:4C:95:4A:8F:B3:AD:FF:E8:AC:77:E9:0F:57
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 01847B4236E81DD02DDB76F1567E209B4134
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/Kgmds5GAP0yVSo-zrf_orHfpD1c.roa
Signing time: Tue 15 Nov 2022 12:27:27 +0000
ROA not before: Tue 15 Nov 2022 12:27:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38971
IP address blocks: 109.196.132.0/24 maxlen: 24
178.57.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7b:42:36:e8:1d:d0:2d:db:76:f1:56:7e:20:9b:41:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Nov 15 12:27:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a099db391803f4c954a8fb3adffe8ac77e90f57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:57:39:83:99:3b:4e:9f:7d:d5:b8:fb:72:cd:
12:e6:be:f3:76:98:5a:18:36:a5:80:80:66:e1:ed:
9b:97:60:70:b8:8a:f9:e7:a5:65:fe:c7:ac:a5:ac:
d6:c8:d1:ff:d1:ba:b7:41:c6:81:9a:dc:9e:be:37:
0a:22:10:24:02:87:83:0d:5f:c5:cb:32:58:35:84:
89:9d:01:77:83:9a:fc:0e:01:39:ce:f4:35:58:23:
00:90:8c:4d:33:91:95:d9:ab:a0:08:95:b3:d9:61:
c8:90:28:2f:7c:a8:1e:81:27:86:c3:72:80:9d:b7:
ee:60:db:d3:eb:d3:c0:a5:1f:59:fb:92:12:ec:91:
f7:e1:ee:ce:cd:6c:fb:b9:de:67:8b:31:ff:9a:e1:
ab:c7:e2:69:43:63:92:a0:c8:10:74:da:c6:f8:c4:
c1:b1:30:bb:e9:90:19:57:ff:36:7e:7a:48:81:c8:
37:b2:d1:38:3b:94:bf:93:88:07:76:fd:ee:87:51:
48:08:19:f6:52:34:94:27:21:d8:91:fc:ed:fd:07:
b8:7a:f4:c5:30:73:b0:f1:08:c4:ea:33:29:bd:1a:
0a:25:83:54:e7:f2:18:f5:e3:7e:df:5f:1a:43:6f:
36:69:42:53:ee:36:a1:03:34:e3:2a:ee:fe:64:a8:
ba:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:09:9D:B3:91:80:3F:4C:95:4A:8F:B3:AD:FF:E8:AC:77:E9:0F:57
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/Kgmds5GAP0yVSo-zrf_orHfpD1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.196.132.0/24
178.57.71.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:b6:0b:10:f1:9b:32:5d:37:5e:d1:78:8e:04:28:4b:6d:ef:
3f:11:51:53:cf:c8:a4:10:2c:2c:e4:58:3f:84:69:fd:13:5e:
00:6d:b5:1f:be:16:0d:53:b7:28:a7:7c:b2:67:8e:47:df:32:
91:11:f5:a9:1d:f1:e6:3f:e2:f6:bf:0d:0b:a2:49:b6:5a:94:
b3:36:7e:c7:07:d3:c0:9b:89:1b:b7:7c:a3:fc:dc:9b:01:c6:
ce:47:94:03:07:7d:38:4f:29:fc:4c:24:c9:24:51:a3:c9:39:
95:f0:17:ab:d6:a1:ce:4a:ed:57:93:e3:6c:f6:52:b6:8f:82:
30:1e:80:a6:b4:21:31:3f:df:07:cf:26:f9:0b:c1:2d:ad:74:
3e:53:76:3e:a0:8c:3b:7c:d9:02:01:06:fa:6e:0c:07:10:d0:
3e:a8:97:a5:9a:18:4f:50:31:43:0a:30:d3:47:72:91:96:67:
5b:2d:70:0a:ec:e2:03:c1:e6:e5:ca:94:46:92:4a:10:68:73:
42:77:17:09:82:28:22:26:71:ee:3d:2b:7a:7d:09:8e:22:a8:
8f:63:f4:a7:5b:43:54:ca:f0:74:ea:7e:b0:a5:6a:a7:1d:2b:
45:c0:31:b9:96:9c:fd:f9:24:ef:64:1d:9a:ef:2e:d5:54:81:
39:02:e4:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYR7QjboHdAt23bxVn4gm0E0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjIxMTE1MTIyNzI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTA5OWRiMzkxODAzZjRjOTU0YThmYjNhZGZmZThhYzc3ZTkwZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Vc5g5k7Tp991bj7cs0S5r7zdpha
GDalgIBm4e2bl2BwuIr556Vl/sespazWyNH/0bq3QcaBmtyevjcKIhAkAoeDDV/F
yzJYNYSJnQF3g5r8DgE5zvQ1WCMAkIxNM5GV2augCJWz2WHIkCgvfKgegSeGw3KA
nbfuYNvT69PApR9Z+5IS7JH34e7OzWz7ud5nizH/muGrx+JpQ2OSoMgQdNrG+MTB
sTC76ZAZV/82fnpIgcg3stE4O5S/k4gHdv3uh1FICBn2UjSUJyHYkfzt/Qe4evTF
MHOw8QjE6jMpvRoKJYNU5/IY9eN+318aQ282aUJT7jahAzTjKu7+ZKi6kwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCoJnbORgD9MlUqPs63/6Kx36Q9XMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvS2dtZHM1R0FQMHlWU28tenJmX29ySGZwRDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbcSEAwQA
sjlHMA0GCSqGSIb3DQEBCwUAA4IBAQCztgsQ8ZsyXTde0XiOBChLbe8/EVFTz8ik
ECws5Fg/hGn9E14AbbUfvhYNU7cop3yyZ45H3zKREfWpHfHmP+L2vw0Lokm2WpSz
Nn7HB9PAm4kbt3yj/NybAcbOR5QDB304Tyn8TCTJJFGjyTmV8Ber1qHOSu1Xk+Ns
9lK2j4IwHoCmtCExP98Hzyb5C8EtrXQ+U3Y+oIw7fNkCAQb6bgwHENA+qJelmhhP
UDFDCjDTR3KRlmdbLXAK7OIDweblypRGkkoQaHNCdxcJgigiJnHuPSt6fQmOIqiP
Y/SnW0NUyvB06n6wpWqnHStFwDG5lpz9+STvZB2a7y7VVIE5AuRF
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:08 2023 by rpki-client on console.sobornost.net