Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/hDUmOt04w7UdAJHg1nszQNG5gwk.roa
File: hDUmOt04w7UdAJHg1nszQNG5gwk.roa (raw, json)
Hash identifier: HNqbA4PRDxJHZ1bDgKCU1L+F1ybI2Z84LyBAY9o2bgI=
Subject key identifier: 84:35:26:3A:DD:38:C3:B5:1D:00:91:E0:D6:7B:33:40:D1:B9:83:09
Certificate issuer: /CN=59dda75f8110743d250c3068a356ce6acf1c4fe2
Certificate serial: 385A8018
Authority key identifier: 59:DD:A7:5F:81:10:74:3D:25:0C:30:68:A3:56:CE:6A:CF:1C:4F:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd2nX4EQdD0lDDBoo1bOas8cT-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/hDUmOt04w7UdAJHg1nszQNG5gwk.roa
Signing time: Thu 24 Feb 2022 13:08:06 +0000
ROA not before: Thu 24 Feb 2022 13:08:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41897
IP address blocks: 94.248.184.0/21 maxlen: 21
80.245.96.0/22 maxlen: 22
46.40.56.0/22 maxlen: 22
46.40.63.0/24 maxlen: 24
46.40.60.0/23 maxlen: 23
46.40.62.0/24 maxlen: 24
46.40.0.0/18 maxlen: 18
46.40.1.0/24 maxlen: 24
46.40.8.0/22 maxlen: 22
46.40.6.0/24 maxlen: 24
94.248.233.0/24 maxlen: 24
94.248.232.0/24 maxlen: 24
46.40.16.0/21 maxlen: 21
94.248.232.0/21 maxlen: 21
94.248.232.0/22 maxlen: 22
46.40.15.0/24 maxlen: 24
46.40.12.0/23 maxlen: 23
94.248.238.0/24 maxlen: 24
94.248.239.0/24 maxlen: 24
94.248.237.0/24 maxlen: 24
94.248.235.0/24 maxlen: 24
94.248.236.0/24 maxlen: 24
94.248.234.0/24 maxlen: 24
46.40.26.0/24 maxlen: 24
46.40.27.0/24 maxlen: 24
46.40.31.0/24 maxlen: 24
46.40.30.0/24 maxlen: 24
46.40.30.0/23 maxlen: 23
46.40.29.0/24 maxlen: 24
46.40.35.0/24 maxlen: 24
46.40.33.0/24 maxlen: 24
46.40.34.0/24 maxlen: 24
46.40.32.0/24 maxlen: 24
45.158.16.0/22 maxlen: 22
91.147.244.0/22 maxlen: 22
46.40.40.0/21 maxlen: 21
46.40.48.0/21 maxlen: 21
46.251.8.0/22 maxlen: 22
91.102.224.0/21 maxlen: 21
91.102.229.0/24 maxlen: 24
185.231.128.0/22 maxlen: 22
195.192.244.0/22 maxlen: 22
95.85.173.0/24 maxlen: 24
95.85.176.0/22 maxlen: 22
95.85.184.0/23 maxlen: 23
95.85.186.0/23 maxlen: 23
185.169.248.0/22 maxlen: 22
185.169.248.0/24 maxlen: 24
95.85.128.0/22 maxlen: 22
95.85.128.0/18 maxlen: 18
95.85.136.0/22 maxlen: 22
95.85.135.0/24 maxlen: 24
95.85.144.0/21 maxlen: 21
95.85.152.0/23 maxlen: 23
81.24.240.0/21 maxlen: 21
95.85.156.0/22 maxlen: 22
81.24.247.0/24 maxlen: 24
95.85.154.0/23 maxlen: 23
95.85.172.0/24 maxlen: 24
185.141.198.0/24 maxlen: 24
185.141.199.0/24 maxlen: 24
185.141.196.0/22 maxlen: 22
185.141.196.0/23 maxlen: 23
85.222.176.0/21 maxlen: 21
85.222.176.0/20 maxlen: 20
185.6.190.0/24 maxlen: 24
185.6.191.0/24 maxlen: 24
185.6.189.0/24 maxlen: 24
185.6.188.0/24 maxlen: 24
185.6.188.0/22 maxlen: 22
185.10.204.0/22 maxlen: 22
217.17.97.0/24 maxlen: 24
217.17.96.0/20 maxlen: 20
217.17.98.0/24 maxlen: 24
217.17.96.0/24 maxlen: 24
217.17.111.0/24 maxlen: 24
217.17.110.0/24 maxlen: 24
178.20.202.0/23 maxlen: 23
178.20.201.0/24 maxlen: 24
185.37.168.0/22 maxlen: 22
2a00:ad00::/29 maxlen: 29
2a00:ad03::/32 maxlen: 32
2a00:ad00:2010::/44 maxlen: 44
2a00:ad07:3000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 945455128 (0x385a8018)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dda75f8110743d250c3068a356ce6acf1c4fe2
Validity
Not Before: Feb 24 13:08:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8435263add38c3b51d0091e0d67b3340d1b98309
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:73:89:ba:f7:31:d2:af:9c:41:6f:34:b9:ea:
fd:b0:44:93:51:fa:6a:22:78:4a:54:47:a2:d2:fd:
34:52:23:7d:f3:bf:7c:b2:65:0f:9a:0b:5b:d1:aa:
f1:34:ee:6a:a4:7d:d4:7e:d1:07:06:f2:e5:de:39:
4e:16:fa:03:6a:cf:65:55:07:9a:4d:39:24:2e:df:
53:bc:8a:3a:81:0f:46:91:b6:f7:06:04:58:44:35:
cd:d3:79:07:30:47:46:78:67:68:05:17:f2:48:5c:
b2:ca:42:45:ba:b3:c6:29:1d:06:b8:52:ba:7d:d3:
4f:b7:5a:c2:6b:fb:49:c0:3b:32:ed:c0:43:d9:fa:
47:e9:fa:94:a0:96:3e:6b:6a:d0:9b:2c:fb:78:b0:
b0:c2:2d:4b:21:7e:49:24:f5:8f:c3:d5:c2:0a:24:
e8:ee:12:23:3c:95:ab:de:87:36:ec:fb:a3:d5:5e:
db:b7:d2:00:21:c4:3c:57:c8:5f:b0:fe:0a:8d:50:
06:b4:5d:3d:62:16:4b:86:dd:7e:13:2a:30:90:c5:
33:d2:16:db:2a:eb:ea:26:87:05:76:4c:f2:ee:7d:
4e:74:ba:64:b7:18:8d:e7:c3:33:f2:fc:76:06:d3:
c8:29:4e:36:50:de:78:24:b3:2b:86:0d:64:4a:68:
1c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:35:26:3A:DD:38:C3:B5:1D:00:91:E0:D6:7B:33:40:D1:B9:83:09
X509v3 Authority Key Identifier:
keyid:59:DD:A7:5F:81:10:74:3D:25:0C:30:68:A3:56:CE:6A:CF:1C:4F:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd2nX4EQdD0lDDBoo1bOas8cT-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/hDUmOt04w7UdAJHg1nszQNG5gwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ebf3f7-e3ab-4f8c-86e8-7087e3fe2a5d/1/Wd2nX4EQdD0lDDBoo1bOas8cT-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.16.0/22
46.40.0.0/18
46.251.8.0/22
80.245.96.0/22
81.24.240.0/21
85.222.176.0/20
91.102.224.0/21
91.147.244.0/22
94.248.184.0/21
94.248.232.0/21
95.85.128.0/18
178.20.201.0-178.20.203.255
185.6.188.0/22
185.10.204.0/22
185.37.168.0/22
185.141.196.0/22
185.169.248.0/22
185.231.128.0/22
195.192.244.0/22
217.17.96.0/20
IPv6:
2a00:ad00::/29
Signature Algorithm: sha256WithRSAEncryption
c9:26:ba:98:f7:b1:a4:77:a7:ff:19:fc:e4:f4:09:48:ff:2a:
eb:36:93:85:85:e4:22:b1:d0:1a:4d:c9:c0:a9:94:38:25:4a:
ab:fd:8d:4f:b2:00:6b:b4:4a:c2:90:b6:e4:43:00:88:5a:d4:
93:a4:af:ce:d4:fd:01:da:74:53:9b:f8:65:c3:e8:3a:5b:c8:
c7:92:6e:ec:9f:78:23:68:b8:16:fe:62:8a:16:71:ad:fa:40:
df:61:ef:5c:27:7b:02:07:b0:e6:da:9a:6e:de:ef:7c:05:ce:
54:4f:58:e6:d3:8b:6b:e9:a9:24:d8:4e:58:1c:91:03:2e:64:
48:a8:1d:c8:20:83:67:b7:1b:dc:d6:2a:24:a3:dc:91:06:ac:
0d:7c:a5:95:86:0e:99:dc:8c:70:7b:d7:cb:d0:56:ff:17:b7:
28:e5:b3:cb:16:44:28:a0:7a:29:d8:dd:13:10:28:60:73:8f:
5c:3f:2b:30:7f:43:e3:0e:d2:b1:73:aa:c9:4a:8d:1b:be:c2:
cf:da:b9:db:d6:c5:04:49:cc:1f:ed:7a:b5:19:16:1a:17:f9:
6c:d6:d5:28:d2:87:8c:ab:29:d4:15:6b:1a:2d:1a:a3:46:a3:
29:cf:db:97:2d:82:f6:a6:b6:18:c1:d7:6b:66:ac:1d:e5:ca:
dc:0c:e3:80
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgIEOFqAGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OWRkYTc1ZjgxMTA3NDNkMjUwYzMwNjhhMzU2Y2U2YWNmMWM0ZmUyMB4XDTIyMDIy
NDEzMDgwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODQzNTI2M2FkZDM4
YzNiNTFkMDA5MWUwZDY3YjMzNDBkMWI5ODMwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVzibr3MdKvnEFvNLnq/bBEk1H6aiJ4SlRHotL9NFIjffO/
fLJlD5oLW9Gq8TTuaqR91H7RBwby5d45Thb6A2rPZVUHmk05JC7fU7yKOoEPRpG2
9wYEWEQ1zdN5BzBHRnhnaAUX8khcsspCRbqzxikdBrhSun3TT7dawmv7ScA7Mu3A
Q9n6R+n6lKCWPmtq0Jss+3iwsMItSyF+SST1j8PVwgok6O4SIzyVq96HNuz7o9Ve
27fSACHEPFfIX7D+Co1QBrRdPWIWS4bdfhMqMJDFM9IW2yrr6iaHBXZM8u59TnS6
ZLcYjefDM/L8dgbTyClONlDeeCSzK4YNZEpoHCECAwEAAaOCApcwggKTMB0GA1Ud
DgQWBBSENSY63TjDtR0AkeDWezNA0bmDCTAfBgNVHSMEGDAWgBRZ3adfgRB0PSUM
MGijVs5qzxxP4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dkMm5YNEVRZEQwbEREQm9vMWJPYXM4Y1QtSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvZWJmM2Y3LWUzYWItNGY4Yy04NmU4LTcwODdlM2ZlMmE1ZC8x
L2hEVW1PdDA0dzdVZEFKSGcxbnN6UU5HNWd3ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
ZWJmM2Y3LWUzYWItNGY4Yy04NmU4LTcwODdlM2ZlMmE1ZC8xL1dkMm5YNEVRZEQw
bEREQm9vMWJPYXM4Y1QtSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
rAYIKwYBBQUHAQcBAf8EgZwwgZkwgYcEAgABMIGAAwQCLZ4QAwQGLigAAwQCLvsI
AwQCUPVgAwQDURjwAwQEVd6wAwQDW2bgAwQCW5P0AwQDXvi4AwQDXvjoAwQGX1WA
MAwDBACyFMkDBAKyFMgDBAK5BrwDBAK5CswDBAK5JagDBAK5jcQDBAK5qfgDBAK5
54ADBALDwPQDBATZEWAwDQQCAAIwBwMFAyoArQAwDQYJKoZIhvcNAQELBQADggEB
AMkmupj3saR3p/8Z/OT0CUj/Kus2k4WF5CKx0BpNycCplDglSqv9jU+yAGu0SsKQ
tuRDAIha1JOkr87U/QHadFOb+GXD6DpbyMeSbuyfeCNouBb+YooWca36QN9h71wn
ewIHsObamm7e73wFzlRPWObTi2vpqSTYTlgckQMuZEioHcggg2e3G9zWKiSj3JEG
rA18pZWGDpncjHB718vQVv8Xtyjls8sWRCigeinY3RMQKGBzj1w/KzB/Q+MO0rFz
qslKjRu+ws/audvWxQRJzB/terUZFhoX+WzW1SjSh4yrKdQVaxotGqNGoynP25ct
gvamthjB12tmrB3lytwM44A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:05 2024 by rpki-client on console-fra.rpki-client.org