Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gsA3R4Q-shfG0_1W6Mms2ES6XaA.roa
File: gsA3R4Q-shfG0_1W6Mms2ES6XaA.roa (raw, json)
Hash identifier: i1XHaCz1w51Qqn4dep4Wh0FlNj8H4hziJ/ZhkZNEIAY=
Subject key identifier: 82:C0:37:47:84:3E:B2:17:C6:D3:FD:56:E8:C9:AC:D8:44:BA:5D:A0
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 065E4CDD
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gsA3R4Q-shfG0_1W6Mms2ES6XaA.roa
Signing time: Tue 19 Apr 2022 14:09:34 +0000
ROA not before: Tue 19 Apr 2022 14:09:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61431
IP address blocks: 109.196.128.0/24 maxlen: 24
109.196.130.0/24 maxlen: 24
109.196.129.0/24 maxlen: 24
109.196.131.0/24 maxlen: 24
109.196.135.0/24 maxlen: 24
109.196.134.0/24 maxlen: 24
109.196.136.0/23 maxlen: 23
109.196.138.0/23 maxlen: 23
109.196.142.0/24 maxlen: 24
109.196.141.0/24 maxlen: 24
109.196.143.0/24 maxlen: 24
109.196.140.0/24 maxlen: 24
188.68.5.0/24 maxlen: 24
95.181.215.0/24 maxlen: 24
95.181.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106843357 (0x65e4cdd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Apr 19 14:09:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=82c03747843eb217c6d3fd56e8c9acd844ba5da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:56:18:60:a7:d5:4d:e7:d5:c3:66:e8:9f:86:
2e:74:2b:36:f1:70:03:46:a9:d6:f9:7f:00:ea:0c:
af:d1:e0:fa:23:3a:ea:fc:a4:10:ce:e0:bd:5a:6d:
26:a7:cc:97:b5:5e:75:5a:4c:97:24:00:2a:f2:03:
d3:25:a4:d0:d0:e8:f8:c2:54:ae:5d:12:e9:4f:b9:
77:e5:71:a4:ef:f2:31:d3:bb:88:0e:78:e5:0d:68:
2c:2f:ed:25:82:f3:4e:ad:72:db:a4:58:84:43:d1:
65:b7:ec:ee:bd:1f:73:d2:fb:28:7d:80:1a:51:5d:
52:5b:3d:1e:59:8f:2e:2b:af:0c:be:62:d6:53:75:
de:c2:73:0f:d7:8f:15:f5:cc:73:19:1b:c0:fe:84:
c4:d5:23:50:6e:85:39:77:24:57:be:21:87:c1:32:
b8:8c:18:ae:db:49:f8:67:a5:ea:0f:54:41:c1:36:
28:f7:12:2f:b4:3d:84:ae:6f:b0:be:64:91:5b:b7:
1a:01:ba:3b:ea:59:62:39:5c:49:22:07:31:04:31:
b5:91:51:59:3d:8c:4a:79:28:12:74:d9:06:e5:f5:
62:0c:95:99:f8:9f:f8:49:f5:69:cc:56:24:fd:39:
43:f3:b3:fc:b2:fb:11:3f:ec:11:1f:7c:dc:54:cb:
ec:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C0:37:47:84:3E:B2:17:C6:D3:FD:56:E8:C9:AC:D8:44:BA:5D:A0
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gsA3R4Q-shfG0_1W6Mms2ES6XaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.214.0/23
109.196.128.0/22
109.196.134.0-109.196.143.255
188.68.5.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:2a:e2:49:5a:c5:a5:ca:16:02:e0:0e:a9:da:b8:2a:8c:bd:
90:d3:9a:b1:3d:bd:cc:9c:38:63:e9:a9:8a:03:cf:86:fb:32:
28:fc:3d:e6:9b:86:4a:9e:1c:2a:b8:94:76:80:f3:76:27:91:
c6:bd:5b:a5:4a:86:2a:be:b1:35:98:ac:32:81:a8:a9:6e:f2:
26:e7:af:d1:36:01:c9:ed:d1:f1:03:01:f3:e8:df:30:0a:f5:
e1:e5:7b:b9:62:57:23:fd:07:72:48:d1:c7:6d:cb:63:74:0a:
56:93:f7:b5:b3:d1:0a:09:2c:f9:98:9f:3f:7b:e5:41:87:6d:
18:78:1d:fa:fb:58:0c:9f:d2:78:28:05:13:4c:f6:5b:6a:0e:
ae:e3:4a:83:4f:4a:5c:67:53:c3:a5:e9:5c:b7:fa:1d:81:1a:
84:3f:93:ea:58:23:ff:fc:63:11:d0:80:47:d5:ae:47:6b:5c:
1e:a2:32:6c:a1:1f:bb:6d:d8:e3:45:a3:10:2c:48:a0:ff:6a:
d9:1b:57:09:f0:8b:3a:5a:db:e6:c0:df:ab:cf:df:8e:e9:26:
24:0c:dd:b9:60:35:9d:19:21:b7:3c:5c:07:3f:61:b2:15:df:
b0:c6:07:9b:e3:b8:21:aa:8d:bc:10:77:77:2e:a0:17:8b:ec:
80:0d:2f:94
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEBl5M3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzM4ZWY0MWIyYzAxMDVhOTFjY2JiOWM4OTMzN2ZhZWIxMjlmZjg0MB4XDTIyMDQx
OTE0MDkzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODJjMDM3NDc4NDNl
YjIxN2M2ZDNmZDU2ZThjOWFjZDg0NGJhNWRhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZWGGCn1U3n1cNm6J+GLnQrNvFwA0ap1vl/AOoMr9Hg+iM6
6vykEM7gvVptJqfMl7VedVpMlyQAKvID0yWk0NDo+MJUrl0S6U+5d+VxpO/yMdO7
iA545Q1oLC/tJYLzTq1y26RYhEPRZbfs7r0fc9L7KH2AGlFdUls9HlmPLiuvDL5i
1lN13sJzD9ePFfXMcxkbwP6ExNUjUG6FOXckV74hh8EyuIwYrttJ+Gel6g9UQcE2
KPcSL7Q9hK5vsL5kkVu3GgG6O+pZYjlcSSIHMQQxtZFRWT2MSnkoEnTZBuX1YgyV
mfif+En1acxWJP05Q/Oz/LL7ET/sER983FTL7KUCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSCwDdHhD6yF8bT/VboyazYRLpdoDAfBgNVHSMEGDAWgBSDOO9BssAQWpHM
u5yJM3+usSn/hDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2d6anZRYkxBRUZxUnpMdWNpVE5fcnJFcF80US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNDBkOTk2LWEyY2QtNDFmMS1hNzM4LTI4ZmM3Nzk2Nzc2My8x
L2dzQTNSNFEtc2hmRzBfMVc2TW1zMkVTNlhhQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
NDBkOTk2LWEyY2QtNDFmMS1hNzM4LTI4ZmM3Nzk2Nzc2My8xL2d6anZRYkxBRUZx
UnpMdWNpVE5fcnJFcF80US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAV+11gMEAm3EgDAMAwQBbcSGAwQE
bcSAAwQAvEQFMA0GCSqGSIb3DQEBCwUAA4IBAQC/KuJJWsWlyhYC4A6p2rgqjL2Q
05qxPb3MnDhj6amKA8+G+zIo/D3mm4ZKnhwquJR2gPN2J5HGvVulSoYqvrE1mKwy
gaipbvIm56/RNgHJ7dHxAwHz6N8wCvXh5Xu5Ylcj/QdySNHHbctjdApWk/e1s9EK
CSz5mJ8/e+VBh20YeB36+1gMn9J4KAUTTPZbag6u40qDT0pcZ1PDpelct/odgRqE
P5PqWCP//GMR0IBH1a5Ha1weojJsoR+7bdjjRaMQLEig/2rZG1cJ8Is6WtvmwN+r
z9+O6SYkDN25YDWdGSG3PFwHP2GyFd+wxgeb47ghqo28EHd3LqAXi+yADS+U
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:08 2023 by rpki-client on console.sobornost.net