Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/69efa1-8c99-48f8-943c-2b4a16594213/1/Q_xflj8b15RQ55o5o4ICJl4K6m4.roa
File: Q_xflj8b15RQ55o5o4ICJl4K6m4.roa (raw, json)
Hash identifier: eeL0RM974Ee6Dpx6aDHxcqpNT44gfQg0TzNHrkTnmiA=
Subject key identifier: 43:FC:5F:96:3F:1B:D7:94:50:E7:9A:39:A3:82:02:26:5E:0A:EA:6E
Certificate issuer: /CN=9054c699a81dd962a8860f3fb0b7d03343debf76
Certificate serial: 370FC047
Authority key identifier: 90:54:C6:99:A8:1D:D9:62:A8:86:0F:3F:B0:B7:D0:33:43:DE:BF:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kFTGmagd2WKohg8_sLfQM0Pev3Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/69efa1-8c99-48f8-943c-2b4a16594213/1/Q_xflj8b15RQ55o5o4ICJl4K6m4.roa
Signing time: Sat 01 Jan 2022 10:54:32 +0000
ROA not before: Sat 01 Jan 2022 10:54:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49148
IP address blocks: 95.130.240.0/24 maxlen: 24
185.160.177.0/24 maxlen: 24
185.160.178.0/24 maxlen: 24
185.160.176.0/24 maxlen: 24
185.160.176.0/22 maxlen: 22
185.160.179.0/24 maxlen: 24
95.130.242.0/24 maxlen: 24
95.130.243.0/24 maxlen: 24
95.130.240.0/21 maxlen: 21
95.130.241.0/24 maxlen: 24
95.130.246.0/24 maxlen: 24
95.130.244.0/24 maxlen: 24
95.130.245.0/24 maxlen: 24
95.130.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 923779143 (0x370fc047)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9054c699a81dd962a8860f3fb0b7d03343debf76
Validity
Not Before: Jan 1 10:54:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43fc5f963f1bd79450e79a39a38202265e0aea6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:58:61:28:3f:8b:b5:c0:10:97:3a:57:9a:44:
b4:24:eb:18:d5:0f:36:29:a6:20:1d:9d:1e:02:8f:
83:a0:01:a4:aa:8e:86:86:f9:e8:cc:5e:c4:b6:2c:
ca:2d:ba:0f:31:1a:27:71:e7:d4:7b:4b:97:7d:e6:
0b:2a:43:b8:0b:48:da:d4:94:ff:47:15:71:66:44:
dd:ec:59:9f:d0:a0:f7:36:2b:eb:62:5e:21:0b:93:
3e:ab:1c:a4:f2:eb:fd:bf:f9:51:1a:1f:bd:c7:dc:
2f:30:9b:cf:93:c3:d3:30:a7:3a:a3:3a:dc:86:41:
97:f5:e0:f1:9b:6b:c0:15:7d:1b:43:e2:25:fc:3a:
68:c1:97:f9:8d:b8:6e:04:1e:a6:93:2a:7c:81:f8:
54:16:c2:d2:74:05:d1:19:34:08:85:07:64:7b:b9:
27:81:77:a9:8b:8d:ef:41:b4:8d:89:8b:a7:0f:5d:
b9:53:64:00:8e:6f:bc:f6:1f:43:9d:22:02:86:46:
40:4f:ff:b4:ab:f7:b3:79:b1:5f:77:f6:3a:51:c2:
b0:9f:a0:cd:8e:e1:ca:b8:2d:22:66:ea:ce:fe:b2:
2a:3e:36:49:52:70:23:22:14:2d:f9:4f:cf:3d:7e:
af:bc:25:c0:2c:6f:4a:a7:05:d9:97:60:79:55:64:
5a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:FC:5F:96:3F:1B:D7:94:50:E7:9A:39:A3:82:02:26:5E:0A:EA:6E
X509v3 Authority Key Identifier:
keyid:90:54:C6:99:A8:1D:D9:62:A8:86:0F:3F:B0:B7:D0:33:43:DE:BF:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kFTGmagd2WKohg8_sLfQM0Pev3Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/69efa1-8c99-48f8-943c-2b4a16594213/1/Q_xflj8b15RQ55o5o4ICJl4K6m4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/69efa1-8c99-48f8-943c-2b4a16594213/1/kFTGmagd2WKohg8_sLfQM0Pev3Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.130.240.0/21
185.160.176.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:d6:8a:96:e1:fb:06:62:16:95:22:18:e2:ca:e1:fd:ad:c9:
51:86:47:d4:09:f8:7e:2a:1e:32:7f:eb:39:bd:0b:95:77:82:
d6:ee:c4:8a:db:96:3d:04:7d:50:5a:a2:4b:a7:d4:af:a2:78:
6a:85:4a:f5:27:28:ee:74:d8:e0:8f:aa:a1:b9:56:5e:05:dd:
5f:d6:dd:28:75:97:99:da:0f:fa:29:eb:d7:da:85:fc:ae:a6:
75:53:5c:17:77:00:88:73:a5:3e:6e:60:e3:ab:9f:76:b3:bc:
1d:ca:8a:c3:42:c0:36:8b:1c:24:c1:d5:0e:d4:1c:4b:14:58:
f2:48:00:03:31:80:35:01:75:ab:19:69:b4:b6:5c:88:35:dc:
d4:be:f8:1a:6e:13:08:e7:a0:6e:4a:66:30:93:71:37:11:1d:
32:34:2d:0f:bb:76:c3:3f:2e:16:96:26:6b:c7:49:f4:ce:0b:
34:b2:ce:c6:1b:d1:82:f7:0c:98:d2:61:e5:ef:13:da:91:23:
6d:d3:69:2c:2e:8c:df:73:33:e1:54:d4:0d:e5:1f:cf:a4:29:
22:df:37:7d:e2:8c:5e:a4:03:98:eb:ed:64:e0:0d:e5:7a:a6:
97:4a:1d:72:2c:be:1b:ce:5e:11:fc:49:35:a3:6d:cf:30:a1:
7d:83:f6:f0
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIENw/ARzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MDU0YzY5OWE4MWRkOTYyYTg4NjBmM2ZiMGI3ZDAzMzQzZGViZjc2MB4XDTIyMDEw
MTEwNTQzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNmYzVmOTYzZjFi
ZDc5NDUwZTc5YTM5YTM4MjAyMjY1ZTBhZWE2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdYYSg/i7XAEJc6V5pEtCTrGNUPNimmIB2dHgKPg6ABpKqO
hob56MxexLYsyi26DzEaJ3Hn1HtLl33mCypDuAtI2tSU/0cVcWZE3exZn9Cg9zYr
62JeIQuTPqscpPLr/b/5URofvcfcLzCbz5PD0zCnOqM63IZBl/Xg8ZtrwBV9G0Pi
Jfw6aMGX+Y24bgQeppMqfIH4VBbC0nQF0Rk0CIUHZHu5J4F3qYuN70G0jYmLpw9d
uVNkAI5vvPYfQ50iAoZGQE//tKv3s3mxX3f2OlHCsJ+gzY7hyrgtImbqzv6yKj42
SVJwIyIULflPzz1+r7wlwCxvSqcF2ZdgeVVkWgECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRD/F+WPxvXlFDnmjmjggImXgrqbjAfBgNVHSMEGDAWgBSQVMaZqB3ZYqiG
Dz+wt9AzQ96/djAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tGVEdtYWdkMldLb2hnOF9zTGZRTTBQZXYzWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvNjllZmExLThjOTktNDhmOC05NDNjLTJiNGExNjU5NDIxMy8x
L1FfeGZsajhiMTVSUTU1bzVvNElDSmw0SzZtNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
NjllZmExLThjOTktNDhmOC05NDNjLTJiNGExNjU5NDIxMy8xL2tGVEdtYWdkMldL
b2hnOF9zTGZRTTBQZXYzWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA1+C8AMEArmgsDANBgkqhkiG9w0B
AQsFAAOCAQEAbdaKluH7BmIWlSIY4srh/a3JUYZH1An4fioeMn/rOb0LlXeC1u7E
ituWPQR9UFqiS6fUr6J4aoVK9Sco7nTY4I+qoblWXgXdX9bdKHWXmdoP+inr19qF
/K6mdVNcF3cAiHOlPm5g46ufdrO8HcqKw0LANoscJMHVDtQcSxRY8kgAAzGANQF1
qxlptLZciDXc1L74Gm4TCOegbkpmMJNxNxEdMjQtD7t2wz8uFpYma8dJ9M4LNLLO
xhvRgvcMmNJh5e8T2pEjbdNpLC6M33Mz4VTUDeUfz6QpIt83feKMXqQDmOvtZOAN
5Xqml0odciy+G85eEfxJNaNtzzChfYP28A==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:42 2023 by rpki-client on console.sobornost.net