Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/PiVzaU8DKE5TVNZPO99XSPTtE1g.roa
File: PiVzaU8DKE5TVNZPO99XSPTtE1g.roa (raw, json)
Hash identifier: vYfAMAqB4HFKrr+jQZH2MZC1oXqDm/f+hj5JBkLUe/o=
Subject key identifier: 3E:25:73:69:4F:03:28:4E:53:54:D6:4F:3B:DF:57:48:F4:ED:13:58
Certificate issuer: /CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Certificate serial: 041A150D
Authority key identifier: BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/PiVzaU8DKE5TVNZPO99XSPTtE1g.roa
Signing time: Thu 03 Feb 2022 11:55:45 +0000
ROA not before: Thu 03 Feb 2022 11:55:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204170
IP address blocks: 178.20.17.0/24 maxlen: 24
178.20.16.0/24 maxlen: 24
178.20.16.0/21 maxlen: 21
178.20.18.0/24 maxlen: 24
178.20.19.0/24 maxlen: 24
178.20.22.0/24 maxlen: 24
178.20.23.0/24 maxlen: 24
178.20.20.0/24 maxlen: 24
178.20.21.0/24 maxlen: 24
84.242.37.0/24 maxlen: 24
84.242.35.0/24 maxlen: 24
84.242.36.0/24 maxlen: 24
84.242.33.0/24 maxlen: 24
84.242.32.0/20 maxlen: 20
84.242.34.0/24 maxlen: 24
84.242.32.0/24 maxlen: 24
84.242.38.0/24 maxlen: 24
84.242.44.0/24 maxlen: 24
84.242.42.0/24 maxlen: 24
84.242.43.0/24 maxlen: 24
84.242.40.0/24 maxlen: 24
84.242.41.0/24 maxlen: 24
84.242.39.0/24 maxlen: 24
84.242.47.0/24 maxlen: 24
84.242.45.0/24 maxlen: 24
84.242.46.0/24 maxlen: 24
206.167.33.0/24 maxlen: 24
141.105.172.0/24 maxlen: 24
141.105.171.0/24 maxlen: 24
185.112.104.0/24 maxlen: 24
141.105.169.0/24 maxlen: 24
185.112.104.0/22 maxlen: 22
141.105.170.0/24 maxlen: 24
141.105.168.0/24 maxlen: 24
141.105.168.0/21 maxlen: 21
185.112.105.0/24 maxlen: 24
185.112.107.0/24 maxlen: 24
141.105.174.0/24 maxlen: 24
141.105.175.0/24 maxlen: 24
141.105.173.0/24 maxlen: 24
185.112.106.0/24 maxlen: 24
78.111.40.0/24 maxlen: 24
78.111.39.0/24 maxlen: 24
78.111.43.0/24 maxlen: 24
78.111.44.0/24 maxlen: 24
78.111.41.0/24 maxlen: 24
78.111.42.0/24 maxlen: 24
78.111.47.0/24 maxlen: 24
78.111.45.0/24 maxlen: 24
78.111.46.0/24 maxlen: 24
96.9.131.0/24 maxlen: 24
96.9.132.0/24 maxlen: 24
96.9.129.0/24 maxlen: 24
96.9.130.0/24 maxlen: 24
96.9.128.0/19 maxlen: 19
96.9.128.0/24 maxlen: 24
96.9.136.0/24 maxlen: 24
96.9.137.0/24 maxlen: 24
96.9.134.0/24 maxlen: 24
96.9.135.0/24 maxlen: 24
96.9.133.0/24 maxlen: 24
96.9.138.0/24 maxlen: 24
96.9.139.0/24 maxlen: 24
96.9.143.0/24 maxlen: 24
96.9.144.0/24 maxlen: 24
96.9.141.0/24 maxlen: 24
96.9.142.0/24 maxlen: 24
96.9.140.0/24 maxlen: 24
96.9.145.0/24 maxlen: 24
96.9.150.0/24 maxlen: 24
96.9.151.0/24 maxlen: 24
96.9.148.0/24 maxlen: 24
96.9.149.0/24 maxlen: 24
96.9.147.0/24 maxlen: 24
96.9.146.0/24 maxlen: 24
96.9.152.0/24 maxlen: 24
96.9.157.0/24 maxlen: 24
96.9.158.0/24 maxlen: 24
96.9.155.0/24 maxlen: 24
96.9.156.0/24 maxlen: 24
96.9.154.0/24 maxlen: 24
96.9.153.0/24 maxlen: 24
96.9.159.0/24 maxlen: 24
185.29.141.0/24 maxlen: 24
185.29.140.0/22 maxlen: 22
185.29.142.0/24 maxlen: 24
185.29.140.0/24 maxlen: 24
185.29.143.0/24 maxlen: 24
78.111.33.0/24 maxlen: 24
78.111.34.0/24 maxlen: 24
78.111.32.0/20 maxlen: 20
78.111.32.0/24 maxlen: 24
78.111.38.0/24 maxlen: 24
78.111.36.0/24 maxlen: 24
78.111.37.0/24 maxlen: 24
78.111.35.0/24 maxlen: 24
199.48.224.0/24 maxlen: 24
94.176.17.0/24 maxlen: 24
94.176.16.0/20 maxlen: 20
94.176.16.0/24 maxlen: 24
94.176.20.0/24 maxlen: 24
94.176.21.0/24 maxlen: 24
94.176.18.0/24 maxlen: 24
94.176.19.0/24 maxlen: 24
94.176.24.0/24 maxlen: 24
94.176.22.0/24 maxlen: 24
94.176.23.0/24 maxlen: 24
94.176.27.0/24 maxlen: 24
94.176.28.0/24 maxlen: 24
94.176.25.0/24 maxlen: 24
94.176.26.0/24 maxlen: 24
94.176.31.0/24 maxlen: 24
94.176.29.0/24 maxlen: 24
94.176.30.0/24 maxlen: 24
5.102.179.0/24 maxlen: 24
5.102.176.0/21 maxlen: 21
5.102.178.0/24 maxlen: 24
5.102.176.0/24 maxlen: 24
5.102.177.0/24 maxlen: 24
5.102.181.0/24 maxlen: 24
5.102.182.0/24 maxlen: 24
5.102.180.0/24 maxlen: 24
5.102.183.0/24 maxlen: 24
2a0a:c740:5::/48 maxlen: 48
2a0a:c740:2::/48 maxlen: 48
2a0a:c740:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 68818189 (0x41a150d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be550b8eff90cccee9f8d3134b6438996b7d27cd
Validity
Not Before: Feb 3 11:55:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3e2573694f03284e5354d64f3bdf5748f4ed1358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:68:cd:07:d1:4c:6e:93:28:bf:33:45:af:3e:
a9:da:7f:4b:63:0e:40:d1:11:3a:11:a0:53:0a:23:
e7:b0:d8:3f:2a:53:16:80:ac:f6:82:d3:a5:62:9b:
e3:85:b5:cd:8a:b4:cd:82:0a:2f:a8:27:99:8c:8e:
85:61:41:c2:da:3e:18:e2:fd:77:d0:e3:b7:23:0a:
8b:d8:95:91:b8:1a:eb:3e:e1:93:93:2c:c4:0b:65:
8e:b8:dc:19:a1:cb:ea:3d:41:ae:8c:13:77:85:8c:
69:6a:fd:2c:bf:b1:24:ad:9b:2e:7a:ca:d0:31:f9:
c5:d6:fc:62:d1:f0:12:d0:f1:49:25:bc:ed:f5:15:
1d:8e:b0:db:5f:4a:dd:68:f3:28:7f:81:59:b0:e4:
d0:94:55:f5:77:6e:3d:cb:72:0b:80:bb:0d:89:dd:
af:40:02:fc:0a:d0:aa:6b:0d:3d:c3:0b:f6:68:bd:
08:e1:23:e0:b9:0e:74:f6:19:86:82:6c:1f:6b:dd:
65:b3:71:c9:7d:fe:5e:ce:f1:a8:33:e6:e8:aa:17:
27:30:f8:35:92:d7:22:ea:5e:17:0b:04:15:32:51:
93:4a:e1:6e:32:56:ab:71:56:f7:ed:54:04:37:41:
fe:a0:68:3e:43:2a:59:86:e9:00:41:ac:39:ea:eb:
0b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:25:73:69:4F:03:28:4E:53:54:D6:4F:3B:DF:57:48:F4:ED:13:58
X509v3 Authority Key Identifier:
keyid:BE:55:0B:8E:FF:90:CC:CE:E9:F8:D3:13:4B:64:38:99:6B:7D:27:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vlULjv-QzM7p-NMTS2Q4mWt9J80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/PiVzaU8DKE5TVNZPO99XSPTtE1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/340dcd-3aee-4012-9233-c15532baff7d/1/vlULjv-QzM7p-NMTS2Q4mWt9J80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.176.0/21
78.111.32.0/20
84.242.32.0/20
94.176.16.0/20
96.9.128.0/19
141.105.168.0/21
178.20.16.0/21
185.29.140.0/22
185.112.104.0/22
199.48.224.0/24
206.167.33.0/24
IPv6:
2a0a:c740:2::/48
2a0a:c740:4::/47
Signature Algorithm: sha256WithRSAEncryption
78:99:0f:05:f7:8d:ea:07:bd:b8:d3:45:a4:f5:96:9f:14:92:
d2:27:e5:25:af:e8:e4:9e:7f:cd:b1:bd:f5:0e:3f:21:24:21:
88:41:e8:ca:92:3a:45:4f:6b:27:c0:86:01:ae:91:fd:b6:7f:
23:56:8e:d4:a5:70:86:18:51:31:19:6d:59:32:c9:62:ee:05:
13:57:dc:a8:a0:f2:3b:b0:39:18:82:f8:51:ee:fd:54:4c:87:
ca:a5:fd:9b:2a:21:55:6e:20:43:50:78:4a:85:61:33:5d:c7:
30:76:6d:f9:1d:c9:19:d3:0a:79:25:2c:55:36:03:4d:65:07:
29:56:6c:7b:03:79:19:51:97:e3:da:e1:ac:1b:f3:21:04:5f:
d4:40:87:d3:7c:c0:f5:96:40:9b:53:5d:ba:31:ee:3b:33:3e:
6d:50:36:cc:6e:32:47:83:e7:7a:20:8e:77:5b:68:4f:1e:a7:
f9:ed:91:84:24:ac:ca:de:9d:59:e1:56:20:38:e0:e3:3e:8a:
0b:d8:b3:cc:94:90:45:c9:fe:30:98:cf:79:5b:0c:67:31:7e:
68:e5:71:9a:81:e0:70:4c:ff:bf:14:1f:18:e4:ea:09:62:1e:
0e:4e:b9:23:5d:a7:f5:24:2c:84:c0:4e:66:ac:2d:d7:e1:3c:
56:65:53:6d
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIEBBoVDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZTU1MGI4ZWZmOTBjY2NlZTlmOGQzMTM0YjY0Mzg5OTZiN2QyN2NkMB4XDTIyMDIw
MzExNTU0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2UyNTczNjk0ZjAz
Mjg0ZTUzNTRkNjRmM2JkZjU3NDhmNGVkMTM1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOxozQfRTG6TKL8zRa8+qdp/S2MOQNEROhGgUwoj57DYPypT
FoCs9oLTpWKb44W1zYq0zYIKL6gnmYyOhWFBwto+GOL9d9DjtyMKi9iVkbga6z7h
k5MsxAtljrjcGaHL6j1BrowTd4WMaWr9LL+xJK2bLnrK0DH5xdb8YtHwEtDxSSW8
7fUVHY6w219K3WjzKH+BWbDk0JRV9XduPctyC4C7DYndr0AC/ArQqmsNPcML9mi9
COEj4LkOdPYZhoJsH2vdZbNxyX3+Xs7xqDPm6KoXJzD4NZLXIupeFwsEFTJRk0rh
bjJWq3FW9+1UBDdB/qBoPkMqWYbpAEGsOerrC+ECAwEAAaOCAl8wggJbMB0GA1Ud
DgQWBBQ+JXNpTwMoTlNU1k8731dI9O0TWDAfBgNVHSMEGDAWgBS+VQuO/5DMzun4
0xNLZDiZa30nzTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZsVUxqdi1Rek03cC1OTVRTMlE0bVd0OUo4MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvMzQwZGNkLTNhZWUtNDAxMi05MjMzLWMxNTUzMmJhZmY3ZC8x
L1BpVnphVThES0U1VFZOWlBPOTlYU1BUdEUxZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
MzQwZGNkLTNhZWUtNDAxMi05MjMzLWMxNTUzMmJhZmY3ZC8xL3ZsVUxqdi1Rek03
cC1OTVRTMlE0bVd0OUo4MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB1
BggrBgEFBQcBBwEB/wRmMGQwSAQCAAEwQgMEAwVmsAMEBE5vIAMEBFTyIAMEBF6w
EAMEBWAJgAMEA41pqAMEA7IUEAMEArkdjAMEArlwaAMEAMcw4AMEAM6nITAYBAIA
AjASAwcAKgrHQAACAwcBKgrHQAAEMA0GCSqGSIb3DQEBCwUAA4IBAQB4mQ8F943q
B72400Wk9ZafFJLSJ+Ulr+jknn/Nsb31Dj8hJCGIQejKkjpFT2snwIYBrpH9tn8j
Vo7UpXCGGFExGW1ZMsli7gUTV9yooPI7sDkYgvhR7v1UTIfKpf2bKiFVbiBDUHhK
hWEzXccwdm35HckZ0wp5JSxVNgNNZQcpVmx7A3kZUZfj2uGsG/MhBF/UQIfTfMD1
lkCbU126Me47Mz5tUDbMbjJHg+d6II53W2hPHqf57ZGEJKzK3p1Z4VYgOODjPooL
2LPMlJBFyf4wmM95WwxnMX5o5XGageBwTP+/FB8Y5OoJYh4OTrkjXaf1JCyEwE5m
rC3X4TxWZVNt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:40 2024 by rpki-client on console-fra.rpki-client.org