Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/pkDId4XGyj5GCusPqP_SWR9f4wk.roa
File: pkDId4XGyj5GCusPqP_SWR9f4wk.roa (raw, json)
Hash identifier: /NVZFTDoCHHgije13HCzWSsBW+rmz+GCN9+fxo3nPms=
Subject key identifier: A6:40:C8:77:85:C6:CA:3E:46:0A:EB:0F:A8:FF:D2:59:1F:5F:E3:09
Certificate issuer: /CN=edb926f8c603aab79cb46a883bf632564a3faabf
Certificate serial: 170C8318
Authority key identifier: ED:B9:26:F8:C6:03:AA:B7:9C:B4:6A:88:3B:F6:32:56:4A:3F:AA:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7bkm-MYDqrectGqIO_YyVko_qr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/pkDId4XGyj5GCusPqP_SWR9f4wk.roa
Signing time: Fri 18 Mar 2022 10:43:13 +0000
ROA not before: Fri 18 Mar 2022 10:43:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42695
IP address blocks: 86.107.49.0/24 maxlen: 24
86.107.48.0/24 maxlen: 24
86.107.48.0/23 maxlen: 24
185.16.84.0/22 maxlen: 24
89.46.81.0/24 maxlen: 24
89.46.80.0/24 maxlen: 24
89.46.83.0/24 maxlen: 24
89.46.82.0/24 maxlen: 24
89.46.84.0/23 maxlen: 23
89.46.86.0/24 maxlen: 24
89.46.87.0/24 maxlen: 24
185.2.152.0/22 maxlen: 24
188.241.198.0/24 maxlen: 24
188.241.198.0/23 maxlen: 24
188.241.199.0/24 maxlen: 24
89.36.90.0/23 maxlen: 23
45.114.121.0/24 maxlen: 24
45.114.120.0/22 maxlen: 24
45.114.123.0/24 maxlen: 24
45.114.122.0/24 maxlen: 24
141.255.184.0/21 maxlen: 24
37.153.138.0/23 maxlen: 24
185.52.156.0/22 maxlen: 24
89.45.226.0/24 maxlen: 24
89.45.226.0/23 maxlen: 24
37.153.172.0/23 maxlen: 23
188.240.222.0/23 maxlen: 24
91.106.192.0/21 maxlen: 24
91.123.192.0/20 maxlen: 24
89.45.227.0/24 maxlen: 24
185.103.48.0/23 maxlen: 23
185.103.51.0/24 maxlen: 24
185.103.50.0/24 maxlen: 24
89.42.140.0/23 maxlen: 24
185.62.204.0/24 maxlen: 24
185.62.204.0/22 maxlen: 24
185.62.206.0/24 maxlen: 24
185.62.205.0/24 maxlen: 24
185.62.207.0/24 maxlen: 24
116.206.168.0/22 maxlen: 24
188.240.92.0/22 maxlen: 24
77.81.188.0/23 maxlen: 24
188.240.18.0/23 maxlen: 24
188.95.224.0/21 maxlen: 24
46.254.10.0/23 maxlen: 23
46.254.8.0/21 maxlen: 24
46.254.13.0/24 maxlen: 24
46.254.12.0/24 maxlen: 24
46.254.15.0/24 maxlen: 24
46.254.14.0/24 maxlen: 24
188.212.108.0/23 maxlen: 24
103.57.72.0/22 maxlen: 24
103.57.74.0/24 maxlen: 24
103.57.75.0/24 maxlen: 24
86.107.242.0/23 maxlen: 24
77.81.6.0/23 maxlen: 24
103.81.140.0/22 maxlen: 24
89.40.216.0/23 maxlen: 23
2a03:d7c0::/29 maxlen: 48
2a03:b000:3002::/48 maxlen: 48
2a03:b000:200::/40 maxlen: 40
2a03:b000:400::/40 maxlen: 40
2a03:b000:700::/40 maxlen: 40
2a03:b000:900::/40 maxlen: 40
2a03:b000:600::/40 maxlen: 40
2a03:b000:500::/40 maxlen: 40
2a03:b000::/40 maxlen: 40
2a03:b000:800::/40 maxlen: 40
2a03:b000:b00::/40 maxlen: 40
2a03:b000:100::/40 maxlen: 40
2a03:b000:c00::/40 maxlen: 40
2a04:f180::/29 maxlen: 48
2a06:2980::/29 maxlen: 48
2a00:16d8::/32 maxlen: 48
2a03:b000:3001::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 386695960 (0x170c8318)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edb926f8c603aab79cb46a883bf632564a3faabf
Validity
Not Before: Mar 18 10:43:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a640c87785c6ca3e460aeb0fa8ffd2591f5fe309
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:56:38:da:80:00:b5:43:09:5f:06:40:4d:06:
fb:99:bc:06:c7:d6:e3:93:7e:5e:58:c7:b2:d5:be:
c1:ee:5a:95:3e:a8:14:11:8c:24:32:25:6a:77:c6:
4c:79:ab:7e:7c:99:bd:4d:7e:cb:3f:2a:39:a6:b4:
d2:bd:e5:92:e0:cb:2e:d8:25:f9:6b:04:5c:f0:b7:
c4:2b:18:a4:ec:bd:b6:bb:d0:47:8c:e6:bb:25:ac:
96:ef:9d:62:05:b9:c8:dc:2d:8a:4f:15:f6:d6:d6:
95:db:06:d0:5c:18:0a:07:c6:5f:4c:3d:1d:77:68:
66:36:53:cb:60:9a:51:87:b4:3e:39:7d:67:32:d6:
5f:3f:54:4f:21:4c:37:70:91:07:30:03:2b:7c:24:
99:53:8e:da:27:b5:3f:ad:4a:e3:77:17:bb:bb:9d:
35:1c:73:91:29:50:68:80:99:92:11:37:98:d6:64:
15:b6:9d:9f:7e:fb:28:ad:c0:2f:68:c0:92:31:70:
7d:40:91:d1:86:b8:42:80:ca:6e:b8:f4:df:45:2d:
6f:43:20:81:ab:c7:3e:5f:c6:ef:7a:ff:4e:a7:24:
a6:94:c8:bf:83:30:33:4c:8d:12:b3:ad:c0:18:f5:
fb:9f:d7:64:bd:a2:c9:ff:82:9d:be:26:02:95:2e:
46:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:40:C8:77:85:C6:CA:3E:46:0A:EB:0F:A8:FF:D2:59:1F:5F:E3:09
X509v3 Authority Key Identifier:
keyid:ED:B9:26:F8:C6:03:AA:B7:9C:B4:6A:88:3B:F6:32:56:4A:3F:AA:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bkm-MYDqrectGqIO_YyVko_qr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/pkDId4XGyj5GCusPqP_SWR9f4wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/7bkm-MYDqrectGqIO_YyVko_qr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.138.0/23
37.153.172.0/23
45.114.120.0/22
46.254.8.0/21
77.81.6.0/23
77.81.188.0/23
86.107.48.0/23
86.107.242.0/23
89.36.90.0/23
89.40.216.0/23
89.42.140.0/23
89.45.226.0/23
89.46.80.0/21
91.106.192.0/21
91.123.192.0/20
103.57.72.0/22
103.81.140.0/22
116.206.168.0/22
141.255.184.0/21
185.2.152.0/22
185.16.84.0/22
185.52.156.0/22
185.62.204.0/22
185.103.48.0/22
188.95.224.0/21
188.212.108.0/23
188.240.18.0/23
188.240.92.0/22
188.240.222.0/23
188.241.198.0/23
IPv6:
2a00:16d8::/32
2a03:b000::-2a03:b000:2ff:ffff:ffff:ffff:ffff:ffff
2a03:b000:400::-2a03:b000:9ff:ffff:ffff:ffff:ffff:ffff
2a03:b000:b00::-2a03:b000:cff:ffff:ffff:ffff:ffff:ffff
2a03:b000:3001::-2a03:b000:3002:ffff:ffff:ffff:ffff:ffff
2a03:d7c0::/29
2a04:f180::/29
2a06:2980::/29
Signature Algorithm: sha256WithRSAEncryption
ac:3e:e7:17:f9:9a:f9:7d:d5:8b:38:92:a4:b9:7c:8f:77:6f:
5c:6d:c7:be:75:09:fb:fc:48:d0:4f:65:96:b9:5d:f6:cf:4f:
de:1a:fb:f1:fa:48:21:62:73:20:ec:7f:8e:5a:99:7a:c2:ff:
3a:25:cd:c1:3f:6c:63:c2:a8:cc:d3:77:c6:d4:c8:57:34:20:
67:94:21:41:2a:a4:46:51:ec:54:43:0a:0e:95:81:85:b0:be:
39:75:a7:3c:4a:99:f1:34:22:eb:f6:b5:25:9a:cb:58:2c:47:
4a:6e:a0:ff:6f:32:15:d4:a5:5b:bc:a8:73:b8:bd:49:9f:19:
f0:a9:bc:33:3c:ab:13:7f:1f:98:02:b4:e7:15:c9:b0:ba:9d:
a5:9b:18:3e:24:bb:0c:83:38:2e:a4:2f:30:49:2f:da:8e:94:
36:19:0f:6b:42:e4:e4:06:84:db:c6:17:80:12:6e:12:cf:6e:
32:70:e1:0d:8b:c1:5b:b6:13:21:6e:af:a7:97:22:b4:dd:11:
ba:37:f6:dc:e8:d0:23:28:02:59:c0:ee:c1:15:fc:21:84:af:
c1:d6:63:d4:b7:13:94:c9:0a:a0:b8:f7:7d:77:7d:77:2e:e8:
7b:a5:68:fc:88:e5:c0:96:21:d5:02:0d:d3:76:ea:84:05:d4:
2f:73:54:77
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgIEFwyDGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZGI5MjZmOGM2MDNhYWI3OWNiNDZhODgzYmY2MzI1NjRhM2ZhYWJmMB4XDTIyMDMx
ODEwNDMxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTY0MGM4Nzc4NWM2
Y2EzZTQ2MGFlYjBmYThmZmQyNTkxZjVmZTMwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVWONqAALVDCV8GQE0G+5m8BsfW45N+XljHstW+we5alT6o
FBGMJDIlanfGTHmrfnyZvU1+yz8qOaa00r3lkuDLLtgl+WsEXPC3xCsYpOy9trvQ
R4zmuyWslu+dYgW5yNwtik8V9tbWldsG0FwYCgfGX0w9HXdoZjZTy2CaUYe0Pjl9
ZzLWXz9UTyFMN3CRBzADK3wkmVOO2ie1P61K43cXu7udNRxzkSlQaICZkhE3mNZk
Fbadn377KK3AL2jAkjFwfUCR0Ya4QoDKbrj030Utb0MggavHPl/G73r/TqckppTI
v4MwM0yNErOtwBj1+5/XZL2iyf+Cnb4mApUuRo0CAwEAAaOCAyswggMnMB0GA1Ud
DgQWBBSmQMh3hcbKPkYK6w+o/9JZH1/jCTAfBgNVHSMEGDAWgBTtuSb4xgOqt5y0
aog79jJWSj+qvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzdia20tTVlEcXJlY3RHcUlPX1l5VmtvX3FyOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvNTZjOTM0LWNmMTQtNGE0Zi1hZTdjLTNiZDE5NzhiZjJmNi8x
L3BrRElkNFhHeWo1R0N1c1BxUF9TV1I5ZjR3ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
NTZjOTM0LWNmMTQtNGE0Zi1hZTdjLTNiZDE5NzhiZjJmNi8xLzdia20tTVlEcXJl
Y3RHcUlPX1l5VmtvX3FyOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AT8GCCsGAQUFBwEHAQH/BIIBLjCCASowgbsEAgABMIG0AwQBJZmKAwQBJZmsAwQC
LXJ4AwQDLv4IAwQBTVEGAwQBTVG8AwQBVmswAwQBVmvyAwQBWSRaAwQBWSjYAwQB
WSqMAwQBWS3iAwQDWS5QAwQDW2rAAwQEW3vAAwQCZzlIAwQCZ1GMAwQCdM6oAwQD
jf+4AwQCuQKYAwQCuRBUAwQCuTScAwQCuT7MAwQCuWcwAwQDvF/gAwQBvNRsAwQB
vPASAwQCvPBcAwQBvPDeAwQBvPHGMGoEAgACMGQDBQAqABbYMA4DBAQqA7ADBgAq
A7AAAjAQAwYCKgOwAAQDBgEqA7AACDAQAwYAKgOwAAsDBgAqA7AADDASAwcAKgOw
ADABAwcAKgOwADACAwUDKgPXwAMFAyoE8YADBQMqBimAMA0GCSqGSIb3DQEBCwUA
A4IBAQCsPucX+Zr5fdWLOJKkuXyPd29cbce+dQn7/EjQT2WWuV32z0/eGvvx+kgh
YnMg7H+OWpl6wv86Jc3BP2xjwqjM03fG1MhXNCBnlCFBKqRGUexUQwoOlYGFsL45
dac8SpnxNCLr9rUlmstYLEdKbqD/bzIV1KVbvKhzuL1JnxnwqbwzPKsTfx+YArTn
Fcmwup2lmxg+JLsMgzgupC8wSS/ajpQ2GQ9rQuTkBoTbxheAEm4Sz24ycOENi8Fb
thMhbq+nlyK03RG6N/bc6NAjKAJZwO7BFfwhhK/B1mPUtxOUyQqguPd9d313Luh7
pWj8iOXAliHVAg3TduqEBdQvc1R3
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:35 2023 by rpki-client on console-ams.rpki-client.org