Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/G8K65AYeHk8-DKkagR2Z8G0afDs.roa
File: G8K65AYeHk8-DKkagR2Z8G0afDs.roa (raw, json)
Hash identifier: rL8mHWSmmWnjPs3Gp/UzdSiaDcxdwaWU6idPPEQf6q8=
Subject key identifier: 1B:C2:BA:E4:06:1E:1E:4F:3E:0C:A9:1A:81:1D:99:F0:6D:1A:7C:3B
Certificate issuer: /CN=757f9fdea350a766bb98c604d3b9c27916732209
Certificate serial: 377EF2C0
Authority key identifier: 75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/G8K65AYeHk8-DKkagR2Z8G0afDs.roa
Signing time: Sat 01 Jan 2022 15:02:01 +0000
ROA not before: Sat 01 Jan 2022 15:02:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34403
IP address blocks: 85.158.98.0/24 maxlen: 24
85.158.96.0/22 maxlen: 22
85.158.96.0/24 maxlen: 24
85.158.97.0/24 maxlen: 24
85.158.99.0/24 maxlen: 24
85.158.100.0/24 maxlen: 24
85.158.101.0/24 maxlen: 24
85.158.102.0/24 maxlen: 24
85.158.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 931066560 (0x377ef2c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=757f9fdea350a766bb98c604d3b9c27916732209
Validity
Not Before: Jan 1 15:02:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1bc2bae4061e1e4f3e0ca91a811d99f06d1a7c3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b7:f1:63:bb:07:75:9a:ef:4f:7d:9f:3b:3a:
19:a7:19:a4:74:f3:06:4d:1e:41:48:1e:e5:a5:c3:
26:6a:8e:86:12:4e:8c:f2:1b:8d:31:ab:67:96:93:
a6:b6:94:e0:11:77:a7:14:ba:e3:a0:cc:fd:bd:11:
62:87:4b:c3:22:47:7c:92:a5:43:ee:64:d8:e9:2e:
af:39:d0:f9:6d:f5:64:bf:2c:cb:23:25:05:0a:62:
ca:6c:20:31:03:80:7d:60:cd:cf:0b:e9:24:9a:97:
70:c5:18:4e:a8:87:db:0e:64:1a:9d:b5:25:74:8d:
29:ca:c2:05:d0:f5:24:79:fe:4e:50:73:ea:ae:2d:
4c:74:c7:d8:2e:46:5b:66:38:71:9d:4c:1d:a3:a0:
c1:0d:a5:6f:63:fa:b6:5a:27:54:34:85:70:44:9e:
bc:88:ee:55:aa:84:98:c8:f8:6d:98:c8:1c:5e:e5:
9c:07:35:c4:13:55:c0:57:a6:cc:9e:24:29:e8:68:
ad:e5:16:e5:87:2f:2f:8c:48:cd:c9:18:c4:85:52:
12:8a:bd:0c:a7:98:fe:44:61:1c:99:f3:5a:d8:3d:
ea:26:9e:ee:4d:83:9f:51:03:47:64:5a:c4:f4:4f:
b3:bc:3c:29:d0:77:73:7b:7c:a5:d0:4d:99:ba:25:
ba:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C2:BA:E4:06:1E:1E:4F:3E:0C:A9:1A:81:1D:99:F0:6D:1A:7C:3B
X509v3 Authority Key Identifier:
keyid:75:7F:9F:DE:A3:50:A7:66:BB:98:C6:04:D3:B9:C2:79:16:73:22:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dX-f3qNQp2a7mMYE07nCeRZzIgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/G8K65AYeHk8-DKkagR2Z8G0afDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5a3b6b-9a61-4557-a3d6-c25aba6b55af/1/dX-f3qNQp2a7mMYE07nCeRZzIgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.96.0/21
Signature Algorithm: sha256WithRSAEncryption
61:12:91:2a:04:7b:c5:0a:dc:2e:1a:01:88:85:83:7d:15:7c:
11:e2:7a:7f:c4:af:cf:19:32:02:f4:78:a5:be:ac:4c:ef:0b:
dc:e8:b6:5b:56:8d:30:73:15:4f:ac:07:03:5d:72:82:07:f3:
40:f0:5e:0f:f6:5e:69:58:87:4c:50:de:a5:80:8f:cc:2e:c3:
4d:b5:0b:ba:f9:5f:62:3c:10:44:81:6e:29:ac:38:e0:88:06:
cb:fc:c3:94:67:91:1f:d5:d9:7e:78:ff:26:36:d6:8a:c8:1d:
5f:56:d1:81:fb:9e:94:e4:5d:1b:db:f5:66:13:92:dc:34:aa:
eb:29:96:29:da:99:c3:73:87:13:cd:97:e9:e4:85:c7:98:20:
7c:25:26:88:8b:ff:a7:d2:e7:af:05:7e:ef:86:d5:fe:34:4d:
c4:f1:6f:d3:82:b5:a8:7e:08:b9:31:10:2f:37:36:ba:0e:f6:
76:c6:6b:ea:b6:c4:83:e0:57:fc:8c:c4:8e:23:e4:2a:f5:37:
1e:e9:bb:b1:3e:89:f0:eb:d4:b5:1a:9e:d6:bf:bd:0a:4e:3a:
95:62:5d:15:d5:ba:b6:f1:e7:6a:94:d6:98:89:a1:27:50:f6:
c8:35:0b:70:66:a3:e1:d4:76:c4:15:ea:a4:1e:48:95:a5:b8:
98:01:5e:50
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN37ywDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NTdmOWZkZWEzNTBhNzY2YmI5OGM2MDRkM2I5YzI3OTE2NzMyMjA5MB4XDTIyMDEw
MTE1MDIwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJjMmJhZTQwNjFl
MWU0ZjNlMGNhOTFhODExZDk5ZjA2ZDFhN2MzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJq38WO7B3Wa7099nzs6GacZpHTzBk0eQUge5aXDJmqOhhJO
jPIbjTGrZ5aTpraU4BF3pxS646DM/b0RYodLwyJHfJKlQ+5k2OkurznQ+W31ZL8s
yyMlBQpiymwgMQOAfWDNzwvpJJqXcMUYTqiH2w5kGp21JXSNKcrCBdD1JHn+TlBz
6q4tTHTH2C5GW2Y4cZ1MHaOgwQ2lb2P6tlonVDSFcESevIjuVaqEmMj4bZjIHF7l
nAc1xBNVwFemzJ4kKehoreUW5YcvL4xIzckYxIVSEoq9DKeY/kRhHJnzWtg96iae
7k2Dn1EDR2RaxPRPs7w8KdB3c3t8pdBNmboluv0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQbwrrkBh4eTz4MqRqBHZnwbRp8OzAfBgNVHSMEGDAWgBR1f5/eo1CnZruY
xgTTucJ5FnMiCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RYLWYzcU5RcDJhN21NWUUwN25DZVJaeklnay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvNWEzYjZiLTlhNjEtNDU1Ny1hM2Q2LWMyNWFiYTZiNTVhZi8x
L0c4SzY1QVllSGs4LURLa2FnUjJaOEcwYWZEcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
NWEzYjZiLTlhNjEtNDU1Ny1hM2Q2LWMyNWFiYTZiNTVhZi8xL2RYLWYzcU5RcDJh
N21NWUUwN25DZVJaeklnay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1WeYDANBgkqhkiG9w0BAQsFAAOC
AQEAYRKRKgR7xQrcLhoBiIWDfRV8EeJ6f8SvzxkyAvR4pb6sTO8L3Oi2W1aNMHMV
T6wHA11yggfzQPBeD/ZeaViHTFDepYCPzC7DTbULuvlfYjwQRIFuKaw44IgGy/zD
lGeRH9XZfnj/JjbWisgdX1bRgfuelORdG9v1ZhOS3DSq6ymWKdqZw3OHE82X6eSF
x5ggfCUmiIv/p9LnrwV+74bV/jRNxPFv04K1qH4IuTEQLzc2ug72dsZr6rbEg+BX
/IzEjiPkKvU3Hum7sT6J8OvUtRqe1r+9Ck46lWJdFdW6tvHnapTWmImhJ1D2yDUL
cGaj4dR2xBXqpB5IlaW4mAFeUA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:24 2023 by rpki-client on console.sobornost.net