Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/oF2MCV6IYcyWhyrfdyISjrghs0w.roa
File: oF2MCV6IYcyWhyrfdyISjrghs0w.roa (raw, json)
Hash identifier: Ld9dpPJwIyxChF1IYHS6VqFaxiO+bNMM68TdenX/jrY=
Subject key identifier: A0:5D:8C:09:5E:88:61:CC:96:87:2A:DF:77:22:12:8E:B8:21:B3:4C
Certificate issuer: /CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Certificate serial: 04D6E7C9
Authority key identifier: 0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/oF2MCV6IYcyWhyrfdyISjrghs0w.roa
Signing time: Sun 15 May 2022 08:33:40 +0000
ROA not before: Sun 15 May 2022 08:33:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5606
IP address blocks: 128.140.224.0/21 maxlen: 24
176.223.110.0/24 maxlen: 24
89.38.59.0/24 maxlen: 24
84.247.28.0/24 maxlen: 24
91.194.235.0/24 maxlen: 24
188.213.33.0/24 maxlen: 24
89.44.200.0/24 maxlen: 24
188.241.222.0/24 maxlen: 24
109.205.91.0/24 maxlen: 24
109.205.88.0/24 maxlen: 24
109.205.90.0/24 maxlen: 24
109.205.89.0/24 maxlen: 24
193.41.251.0/24 maxlen: 24
109.205.95.0/24 maxlen: 24
94.176.190.0/24 maxlen: 24
188.212.37.0/24 maxlen: 24
87.237.104.0/22 maxlen: 24
87.237.110.0/23 maxlen: 24
86.104.3.0/24 maxlen: 24
188.213.132.0/23 maxlen: 24
86.104.17.0/24 maxlen: 24
188.211.236.0/24 maxlen: 24
212.146.64.0/18 maxlen: 24
89.38.241.0/24 maxlen: 24
93.113.30.0/24 maxlen: 24
188.212.152.0/24 maxlen: 24
93.113.58.0/23 maxlen: 24
37.156.182.0/23 maxlen: 24
89.40.132.0/24 maxlen: 24
77.81.2.0/24 maxlen: 24
89.38.231.0/24 maxlen: 24
185.8.152.0/22 maxlen: 24
85.204.108.0/24 maxlen: 24
89.41.31.0/24 maxlen: 24
89.44.121.0/24 maxlen: 24
193.226.128.0/18 maxlen: 24
5.35.208.0/21 maxlen: 24
89.37.143.0/24 maxlen: 24
85.204.75.0/24 maxlen: 24
89.39.68.0/24 maxlen: 24
194.105.1.0/24 maxlen: 24
85.9.0.0/18 maxlen: 24
2001:4d80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81192905 (0x4d6e7c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Validity
Not Before: May 15 08:33:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a05d8c095e8861cc96872adf7722128eb821b34c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:18:9c:8d:3f:fc:19:9d:c2:70:bc:22:34:36:
aa:01:cf:c2:88:28:1b:99:60:5b:12:e0:d5:ea:b6:
02:ce:bd:d1:9e:59:15:d3:c9:9e:5d:d0:01:33:b1:
6f:3a:64:6d:39:d7:c4:5c:96:84:72:1b:9a:24:0f:
09:5e:86:7d:00:b7:a4:d6:23:9f:80:94:89:58:42:
fc:29:bb:3f:fb:76:8b:bd:a1:90:22:78:d2:26:89:
06:e4:8d:32:f6:b9:87:55:71:b5:c0:ba:8c:b4:ec:
1d:d4:96:f9:40:f5:33:81:af:8d:da:94:65:46:e3:
35:e2:f9:84:09:14:01:90:d1:8e:35:9e:59:1b:02:
52:a9:1b:ed:c1:02:86:e6:c5:33:3b:e6:02:46:fb:
f2:ef:e1:8b:26:72:14:00:0f:f8:43:50:90:89:2a:
27:ce:84:8b:41:e2:8d:b2:16:29:ec:91:81:b7:d6:
dc:5a:7f:a0:89:46:31:84:c0:cc:76:29:63:15:15:
66:9d:1d:34:ba:60:87:bb:02:60:ac:e9:55:7d:05:
fc:91:e0:cc:18:85:ca:6a:7b:81:76:92:12:95:15:
ca:74:9b:79:f2:7f:65:df:d3:30:2a:3c:eb:aa:9b:
33:8e:d2:1d:be:de:b5:1b:82:f0:b0:10:39:f1:a9:
22:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:5D:8C:09:5E:88:61:CC:96:87:2A:DF:77:22:12:8E:B8:21:B3:4C
X509v3 Authority Key Identifier:
keyid:0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/oF2MCV6IYcyWhyrfdyISjrghs0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/CvYXmN0YllwCevp_k64DD_Xh124.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.208.0/21
37.156.182.0/23
77.81.2.0/24
84.247.28.0/24
85.9.0.0/18
85.204.75.0/24
85.204.108.0/24
86.104.3.0/24
86.104.17.0/24
87.237.104.0/22
87.237.110.0/23
89.37.143.0/24
89.38.59.0/24
89.38.231.0/24
89.38.241.0/24
89.39.68.0/24
89.40.132.0/24
89.41.31.0/24
89.44.121.0/24
89.44.200.0/24
91.194.235.0/24
93.113.30.0/24
93.113.58.0/23
94.176.190.0/24
109.205.88.0/22
109.205.95.0/24
128.140.224.0/21
176.223.110.0/24
185.8.152.0/22
188.211.236.0/24
188.212.37.0/24
188.212.152.0/24
188.213.33.0/24
188.213.132.0/23
188.241.222.0/24
193.41.251.0/24
193.226.128.0/18
194.105.1.0/24
212.146.64.0/18
IPv6:
2001:4d80::/32
Signature Algorithm: sha256WithRSAEncryption
13:f9:2c:5a:5a:85:f3:e7:1b:7c:c1:89:ba:a3:d9:c4:21:be:
54:ec:85:19:86:28:60:a1:e9:0e:bd:9d:88:21:39:46:74:54:
93:a6:44:cc:3a:0d:d6:4c:1e:b0:d8:2f:f4:3f:d5:dc:80:ed:
37:0d:18:a9:c2:7a:83:3f:b1:24:d6:0e:30:7f:f1:a2:6c:b4:
7c:20:60:08:4a:dd:67:9f:dd:26:a2:9d:ac:d0:9d:f5:31:f1:
cd:b2:b8:bb:cf:ac:e1:8b:e6:60:62:9b:47:a6:34:4d:b4:7a:
f7:14:fe:34:35:e4:f3:e3:6d:58:65:b3:c4:9d:45:55:67:1e:
c9:3e:f9:10:10:ba:3e:0c:e5:11:40:b4:c2:1a:37:52:70:9e:
b4:d6:c0:b9:9a:09:d9:94:7d:07:6a:e4:cd:51:4b:ec:79:71:
67:9c:ca:ee:63:37:9c:58:db:d1:a0:5a:d9:ed:b4:a9:32:88:
dc:b8:a0:a5:61:fb:75:2d:64:70:35:7b:1f:01:11:47:f8:13:
41:c0:d6:45:7e:36:f9:5b:67:6e:2e:5a:41:49:89:e8:7d:25:
50:55:ff:9a:49:cb:ec:04:93:4d:ff:28:6b:7c:9c:dd:9f:1b:
3f:04:90:84:69:d8:de:e2:4a:62:59:fe:cf:af:66:37:07:41:
d4:3e:14:b0
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgIEBNbnyTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YWY2MTc5OGRkMTg5NjVjMDI3YWZhN2Y5M2FlMDMwZmY1ZTFkNzZlMB4XDTIyMDUx
NTA4MzM0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTA1ZDhjMDk1ZTg4
NjFjYzk2ODcyYWRmNzcyMjEyOGViODIxYjM0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOgYnI0//BmdwnC8IjQ2qgHPwogoG5lgWxLg1eq2As690Z5Z
FdPJnl3QATOxbzpkbTnXxFyWhHIbmiQPCV6GfQC3pNYjn4CUiVhC/Cm7P/t2i72h
kCJ40iaJBuSNMva5h1VxtcC6jLTsHdSW+UD1M4GvjdqUZUbjNeL5hAkUAZDRjjWe
WRsCUqkb7cEChubFMzvmAkb78u/hiyZyFAAP+ENQkIkqJ86Ei0HijbIWKeyRgbfW
3Fp/oIlGMYTAzHYpYxUVZp0dNLpgh7sCYKzpVX0F/JHgzBiFymp7gXaSEpUVynSb
efJ/Zd/TMCo866qbM47SHb7etRuC8LAQOfGpIv0CAwEAAaOCAwQwggMAMB0GA1Ud
DgQWBBSgXYwJXohhzJaHKt93IhKOuCGzTDAfBgNVHSMEGDAWgBQK9heY3RiWXAJ6
+n+TrgMP9eHXbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0N2WVhtTjBZbGx3Q2V2cF9rNjRERF9YaDEyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvNjE1MTY0LTZkOTYtNDg4YS05NmJhLWQ2ZTFlMzQ3ZjljNy8x
L29GMk1DVjZJWWN5V2h5cmZkeUlTanJnaHMwdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
NjE1MTY0LTZkOTYtNDg4YS05NmJhLWQ2ZTFlMzQ3ZjljNy8xL0N2WVhtTjBZbGx3
Q2V2cF9rNjRERF9YaDEyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ARgGCCsGAQUFBwEHAQH/BIIBBzCCAQMwgfEEAgABMIHqAwQDBSPQAwQBJZy2AwQA
TVECAwQAVPccAwQGVQkAAwQAVcxLAwQAVcxsAwQAVmgDAwQAVmgRAwQCV+1oAwQB
V+1uAwQAWSWPAwQAWSY7AwQAWSbnAwQAWSbxAwQAWSdEAwQAWSiEAwQAWSkfAwQA
WSx5AwQAWSzIAwQAW8LrAwQAXXEeAwQBXXE6AwQAXrC+AwQCbc1YAwQAbc1fAwQD
gIzgAwQAsN9uAwQCuQiYAwQAvNPsAwQAvNQlAwQAvNSYAwQAvNUhAwQBvNWEAwQA
vPHeAwQAwSn7AwQGweKAAwQAwmkBAwQG1JJAMA0EAgACMAcDBQAgAU2AMA0GCSqG
SIb3DQEBCwUAA4IBAQAT+SxaWoXz5xt8wYm6o9nEIb5U7IUZhihgoekOvZ2IITlG
dFSTpkTMOg3WTB6w2C/0P9XcgO03DRipwnqDP7Ek1g4wf/GibLR8IGAISt1nn90m
op2s0J31MfHNsri7z6zhi+ZgYptHpjRNtHr3FP40NeTz421YZbPEnUVVZx7JPvkQ
ELo+DOURQLTCGjdScJ601sC5mgnZlH0HauTNUUvseXFnnMruYzecWNvRoFrZ7bSp
MojcuKClYft1LWRwNXsfARFH+BNBwNZFfjb5W2duLlpBSYnofSVQVf+aScvsBJNN
/yhrfJzdnxs/BJCEadje4kpiWf7Pr2Y3B0HUPhSw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:45 2024 by rpki-client on console-fra.rpki-client.org