Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/_D5tX18gh14IjrivI0LmGNV00Do.roa
File: _D5tX18gh14IjrivI0LmGNV00Do.roa (raw, json)
Hash identifier: 5GTYoO6R/3JuVNdLN7ILAeGtPiLI0vEQHhLSzmvApxs=
Subject key identifier: FC:3E:6D:5F:5F:20:87:5E:08:8E:B8:AF:23:42:E6:18:D5:74:D0:3A
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 018CC3B689751C4BC4DC94A5BB3D27ECDBC7
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/_D5tX18gh14IjrivI0LmGNV00Do.roa
Signing time: Mon 01 Jan 2024 06:29:29 +0000
ROA not before: Mon 01 Jan 2024 06:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61431
IP address blocks: 109.196.128.0/24 maxlen: 24
109.196.130.0/24 maxlen: 24
109.196.129.0/24 maxlen: 24
109.196.131.0/24 maxlen: 24
109.196.135.0/24 maxlen: 24
109.196.134.0/24 maxlen: 24
109.196.136.0/23 maxlen: 23
109.196.138.0/23 maxlen: 23
109.196.140.0/24 maxlen: 24
109.196.142.0/24 maxlen: 24
109.196.141.0/24 maxlen: 24
109.196.143.0/24 maxlen: 24
188.68.5.0/24 maxlen: 24
95.181.215.0/24 maxlen: 24
95.181.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 23:26:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:89:75:1c:4b:c4:dc:94:a5:bb:3d:27:ec:db:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jan 1 06:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc3e6d5f5f20875e088eb8af2342e618d574d03a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0b:09:e4:33:66:1e:1f:a5:3b:72:29:31:e0:
52:0f:d9:f2:69:74:b1:45:a0:9e:56:16:2e:e3:78:
fe:be:58:5a:94:23:ee:9d:c1:9a:02:3b:aa:3a:7e:
df:e8:59:0a:56:1c:2e:01:64:dd:d8:e1:af:f6:83:
df:59:ec:97:54:a4:26:51:73:fa:92:da:f3:1b:aa:
fe:d6:34:d9:11:df:25:d2:48:69:00:bf:56:65:c2:
fc:bf:65:a0:dc:0e:2d:30:25:1d:92:1d:7b:b5:04:
81:7d:59:95:1d:cb:1d:c5:14:d0:d8:d7:e9:96:35:
e3:0f:d8:98:09:d3:84:41:ea:f4:7c:e5:38:18:72:
d8:56:19:7a:a0:f3:db:7d:9a:26:1c:b2:31:ac:97:
ac:37:86:d4:86:7a:b1:a0:e1:d6:e7:00:fa:38:f7:
c0:23:fd:e2:ff:6b:e2:fc:c7:5d:17:41:8f:72:a8:
12:dd:3d:43:2e:4f:b5:ba:89:c3:c2:87:92:13:1e:
7a:37:8b:ff:63:9f:cc:ef:2e:5a:72:05:f4:d0:80:
f0:4d:20:f9:fb:39:59:c0:46:f8:c5:ea:88:11:31:
7e:35:ca:8d:3b:0f:03:6e:ed:fc:72:16:5d:78:dc:
d1:46:dd:55:d5:c0:11:50:8b:63:98:24:ca:0f:ab:
ac:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:3E:6D:5F:5F:20:87:5E:08:8E:B8:AF:23:42:E6:18:D5:74:D0:3A
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/_D5tX18gh14IjrivI0LmGNV00Do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.214.0/23
109.196.128.0/22
109.196.134.0-109.196.143.255
188.68.5.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:60:c1:10:8b:f3:af:af:ff:c5:cd:84:98:9d:0d:3d:82:5b:
15:0e:75:aa:0a:20:db:38:7e:89:88:b9:1e:de:68:5c:f9:28:
da:f9:dc:7f:c4:44:0b:f0:75:b6:e3:54:8a:06:61:1c:ac:31:
21:2a:54:47:c7:6f:b3:0a:f3:98:a9:35:d1:c7:d4:d3:0f:78:
12:2b:26:f5:51:0e:af:5c:bf:6f:ea:52:5e:24:22:15:c3:f5:
38:02:a8:e3:3e:ba:29:4b:e2:3b:97:99:54:fc:82:52:5d:85:
5e:08:eb:4d:5d:2e:8e:7a:cc:2c:9d:b5:77:be:50:f1:30:d6:
e3:10:6e:7c:7c:6c:67:ab:e9:e8:2f:f3:55:20:4f:0a:0f:dc:
05:c1:59:d7:4c:19:36:68:77:fe:0e:a5:01:3c:9d:13:9a:45:
24:8c:f1:32:4c:b6:60:cb:19:27:42:de:ab:70:cc:5f:1a:39:
93:02:04:4f:8e:92:67:e6:43:47:6f:fd:86:43:9d:02:a0:4e:
7f:df:ff:c3:1b:21:f0:8d:82:95:67:19:af:0a:d9:d2:82:f1:
48:cf:af:a1:b3:2b:ec:59:12:aa:db:7b:2d:56:1a:ad:ac:b9:
59:92:33:87:29:ec:be:0f:72:a3:8f:59:92:ae:00:b2:06:52:
06:2f:3a:ff
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzDtol1HEvE3JSluz0n7NvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjQwMTAxMDYyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzNlNmQ1ZjVmMjA4NzVlMDg4ZWI4YWYyMzQyZTYxOGQ1NzRkMDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAsJ5DNmHh+lO3IpMeBSD9nyaXSx
RaCeVhYu43j+vlhalCPuncGaAjuqOn7f6FkKVhwuAWTd2OGv9oPfWeyXVKQmUXP6
ktrzG6r+1jTZEd8l0khpAL9WZcL8v2Wg3A4tMCUdkh17tQSBfVmVHcsdxRTQ2Nfp
ljXjD9iYCdOEQer0fOU4GHLYVhl6oPPbfZomHLIxrJesN4bUhnqxoOHW5wD6OPfA
I/3i/2vi/MddF0GPcqgS3T1DLk+1uonDwoeSEx56N4v/Y5/M7y5acgX00IDwTSD5
+zlZwEb4xeqIETF+NcqNOw8Dbu38chZdeNzRRt1V1cARUItjmCTKD6uszQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPw+bV9fIIdeCI64ryNC5hjVdNA6MB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvX0Q1dFgxOGdoMTRJanJpdkkwTG1HTlYwMERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBX7XWAwQC
bcSAMAwDBAFtxIYDBARtxIADBAC8RAUwDQYJKoZIhvcNAQELBQADggEBALVgwRCL
86+v/8XNhJidDT2CWxUOdaoKINs4fomIuR7eaFz5KNr53H/ERAvwdbbjVIoGYRys
MSEqVEfHb7MK85ipNdHH1NMPeBIrJvVRDq9cv2/qUl4kIhXD9TgCqOM+uilL4juX
mVT8glJdhV4I601dLo56zCydtXe+UPEw1uMQbnx8bGer6egv81UgTwoP3AXBWddM
GTZod/4OpQE8nROaRSSM8TJMtmDLGSdC3qtwzF8aOZMCBE+OkmfmQ0dv/YZDnQKg
Tn/f/8MbIfCNgpVnGa8K2dKC8UjPr6GzK+xZEqrbey1WGq2suVmSM4cp7L4PcqOP
WZKuALIGUgYvOv8=
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:59:23 2024 by rpki-client on console.sobornost.net