Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1HOLbP5ndlsxQS4YQHK2o47yiJM.roa
File: 1HOLbP5ndlsxQS4YQHK2o47yiJM.roa (raw, json)
Hash identifier: VRPOWgT77QXfkQmDJX5CINUFyZeeVPqkAJmiGUUHIM0=
Subject key identifier: D4:73:8B:6C:FE:67:76:5B:31:41:2E:18:40:72:B6:A3:8E:F2:88:93
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 0182C4977206689F0FE906243A793AE4081F
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1HOLbP5ndlsxQS4YQHK2o47yiJM.roa
Signing time: Mon 22 Aug 2022 08:07:15 +0000
ROA not before: Mon 22 Aug 2022 08:07:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208677
IP address blocks: 46.243.172.0/24 maxlen: 24
37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
178.170.242.0/24 maxlen: 24
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
37.230.139.0/24 maxlen: 24
87.242.88.0/21 maxlen: 21
37.18.102.0/24 maxlen: 24
37.18.100.0/23 maxlen: 23
37.18.107.0/24 maxlen: 24
37.18.112.0/23 maxlen: 23
37.18.108.0/22 maxlen: 22
37.18.115.0/24 maxlen: 24
37.18.114.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
37.230.179.0/24 maxlen: 24
37.18.122.0/24 maxlen: 24
37.230.186.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.180.0/23 maxlen: 23
46.243.206.0/24 maxlen: 24
46.243.205.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
46.243.244.0/23 maxlen: 23
37.18.72.0/23 maxlen: 23
188.72.106.0/23 maxlen: 23
188.72.108.0/23 maxlen: 23
37.230.192.0/21 maxlen: 21
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
94.139.252.0/22 maxlen: 22
178.170.192.0/22 maxlen: 22
178.170.191.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
178.170.196.0/23 maxlen: 23
141.101.201.0/24 maxlen: 24
141.101.151.0/24 maxlen: 24
45.89.224.0/22 maxlen: 22
2a0c:2b80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c4:97:72:06:68:9f:0f:e9:06:24:3a:79:3a:e4:08:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: Aug 22 08:07:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4738b6cfe67765b31412e184072b6a38ef28893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:71:c5:8f:a1:4a:26:ce:95:53:ed:a1:05:5f:
b8:6c:d3:ab:07:5c:51:a1:7f:89:61:01:3a:31:73:
31:a1:60:d8:d2:0c:ed:b6:3e:c3:93:7b:8d:81:ce:
45:59:4f:d7:87:36:88:db:e9:6f:af:7c:5a:2b:aa:
7d:ca:9a:2c:e0:bc:df:36:3f:7d:aa:e1:4f:22:15:
ee:d6:59:68:89:ce:49:b6:8e:2c:1a:48:ff:fb:a1:
d2:cd:7a:a7:89:9b:e5:b4:a8:98:a3:b6:5b:41:ab:
6d:e1:66:13:ce:ae:3a:74:9d:d8:b1:76:fb:ff:cd:
c1:6f:68:fd:ee:c7:e6:6b:28:dc:d9:79:2b:13:44:
54:de:b0:20:15:5a:e1:1f:dc:38:39:b6:25:b7:fa:
7a:42:b4:23:51:d2:ca:5b:3c:d4:df:52:08:51:cd:
8e:36:1f:5b:2d:c9:96:c3:ce:5e:d8:91:d8:d7:6e:
5d:1d:dc:f8:60:10:b4:29:18:d2:72:06:b0:3b:84:
f7:63:77:50:66:5d:01:62:ff:0d:bd:ac:6c:fd:b4:
42:81:d5:a2:a4:f7:53:ce:d0:d1:3f:ea:57:00:7c:
06:ca:a6:ae:86:8d:ce:8b:2b:51:b9:ea:93:3f:91:
64:ec:53:51:c1:9d:ae:a1:7e:91:55:2e:1d:1c:79:
df:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:73:8B:6C:FE:67:76:5B:31:41:2E:18:40:72:B6:A3:8E:F2:88:93
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1HOLbP5ndlsxQS4YQHK2o47yiJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.230.139.0/24
37.230.179.0-37.230.181.255
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
46.243.141.0-46.243.143.255
46.243.172.0/24
46.243.201.0/24
46.243.205.0-46.243.206.255
46.243.226.0/23
46.243.244.0/23
87.242.88.0/21
94.139.252.0/22
141.101.151.0/24
141.101.201.0/24
178.170.191.0-178.170.197.255
178.170.242.0/24
188.72.106.0-188.72.109.255
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
85:73:3d:f8:68:c7:bb:15:9b:94:60:87:28:3f:65:6b:ce:19:
da:b2:51:28:0f:47:b0:1f:77:12:68:7f:b1:c7:43:a2:4d:cf:
89:fe:6d:36:dc:b3:3b:b1:c8:cc:8d:e5:4f:22:9e:88:71:55:
fb:4b:d2:15:4e:62:3d:58:4f:5c:95:04:2c:22:77:99:b8:00:
52:8e:3b:d2:18:c3:1b:71:20:bc:e3:62:fa:7e:c5:5a:11:19:
ac:d8:96:3e:7c:ad:35:b5:c3:97:5f:c2:a0:3d:46:87:0e:65:
1a:69:e1:35:38:41:46:e6:f7:df:d8:c4:c6:eb:6c:70:f3:e7:
a2:9d:2e:42:61:b8:d2:a0:1b:f6:0e:b0:2e:be:b5:9c:07:4c:
a9:28:09:d6:fd:e2:69:1d:d3:1e:2c:8e:fb:2f:7a:0e:de:58:
7a:7a:99:c3:bd:85:4a:68:03:23:f7:fe:24:e4:45:43:af:fd:
32:ee:29:de:68:9f:71:a3:24:79:33:3c:20:e7:18:af:be:f0:
ef:91:36:26:2c:42:52:7f:65:0d:8e:08:e6:37:13:77:32:ee:
98:ce:44:2b:d5:f7:21:7c:d7:53:d8:9a:18:83:f2:75:04:f9:
09:84:5b:40:7d:9e:0a:f6:c7:29:46:90:8b:d7:72:68:15:59:
f9:bd:98:81
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgISAYLEl3IGaJ8P6QYkOnk65AgfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MTllMWYzZmU2OWI0ZWJkZmYwMmE5YTg1N2U3YzZjMmIy
NTMwMWEwHhcNMjIwODIyMDgwNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDczOGI2Y2ZlNjc3NjViMzE0MTJlMTg0MDcyYjZhMzhlZjI4ODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinHFj6FKJs6VU+2hBV+4bNOrB1xR
oX+JYQE6MXMxoWDY0gzttj7Dk3uNgc5FWU/XhzaI2+lvr3xaK6p9ypos4LzfNj99
quFPIhXu1lloic5Jto4sGkj/+6HSzXqniZvltKiYo7ZbQatt4WYTzq46dJ3YsXb7
/83Bb2j97sfmayjc2XkrE0RU3rAgFVrhH9w4ObYlt/p6QrQjUdLKWzzU31IIUc2O
Nh9bLcmWw85e2JHY125dHdz4YBC0KRjScgawO4T3Y3dQZl0BYv8Nvaxs/bRCgdWi
pPdTztDRP+pXAHwGyqauho3OiytRueqTP5Fk7FNRwZ2uoX6RVS4dHHnfPQIDAQAB
o4IC/zCCAvswHQYDVR0OBBYEFNRzi2z+Z3ZbMUEuGEBytqOO8oiTMB8GA1UdIwQY
MBaAFPkZ4fP+abTr3/AqmoV+fGwrJTAaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Sbmg4XzVwdE92ZjhDcWFoWDU4YkNzbE1Cby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAz
LWRhZDA0MjBiODVkMy8xLzFIT0xiUDVuZGxzeFFTNFlRSEsybzQ3eWlKTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAzLWRhZDA0MjBiODVk
My8xLzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggERBggrBgEFBQcBBwEB/wSCAQAwgf0wgesEAgABMIHk
MAwDBAMlEggDBAAlEgoDBAAlEhYDBAElEkgwDAMEAiUSZAMEACUSZjAMAwQAJRJr
AwQAJRJ6AwQAJeaLMAwDBAAl5rMDBAEl5rQwDAMEAyXmuAMEACXmugMEAyXmwAME
ACXm4AMEACXm6QMEAi0JGAMEAi1Z4DAMAwQALvONAwQELvOAAwQALvOsAwQALvPJ
MAwDBAAu880DBAAu884DBAEu8+IDBAEu8/QDBANX8lgDBAJei/wDBACNZZcDBACN
ZckwDAMEALKqvwMEAbKqxAMEALKq8jAMAwQBvEhqAwQBvEhsMA0EAgACMAcDBQMq
DCuAMA0GCSqGSIb3DQEBCwUAA4IBAQCFcz34aMe7FZuUYIcoP2VrzhnaslEoD0ew
H3cSaH+xx0OiTc+J/m023LM7scjMjeVPIp6IcVX7S9IVTmI9WE9clQQsIneZuABS
jjvSGMMbcSC842L6fsVaERms2JY+fK01tcOXX8KgPUaHDmUaaeE1OEFG5vff2MTG
62xw8+einS5CYbjSoBv2DrAuvrWcB0ypKAnW/eJpHdMeLI77L3oO3lh6epnDvYVK
aAMj9/4k5EVDr/0y7ineaJ9xoyR5Mzwg5xivvvDvkTYmLEJSf2UNjgjmNxN3Mu6Y
zkQr1fchfNdT2JoYg/J1BPkJhFtAfZ4K9scpRpCL13JoFVn5vZiB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:55 2024 by rpki-client on console-ams.rpki-client.org