Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/D_HZBkqZVeWCIDfKXHTj3_AyKJM.roa
File: D_HZBkqZVeWCIDfKXHTj3_AyKJM.roa (raw, json)
Hash identifier: QxW46IP1O3VA3z78NYnzj+5MWTCi9lkPEicRp87WO6o=
Subject key identifier: 0F:F1:D9:06:4A:99:55:E5:82:20:37:CA:5C:74:E3:DF:F0:32:28:93
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 07FC42D9
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/D_HZBkqZVeWCIDfKXHTj3_AyKJM.roa
Signing time: Mon 31 Jan 2022 15:34:20 +0000
ROA not before: Mon 31 Jan 2022 15:34:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28964
IP address blocks: 188.255.135.0/24 maxlen: 24
188.255.206.0/23 maxlen: 23
188.255.200.0/24 maxlen: 24
188.255.205.0/24 maxlen: 24
188.255.217.0/24 maxlen: 24
188.255.228.0/24 maxlen: 24
188.255.230.0/23 maxlen: 23
109.121.48.0/24 maxlen: 24
109.121.49.0/24 maxlen: 24
109.121.55.0/24 maxlen: 24
188.255.253.0/24 maxlen: 24
188.255.179.0/24 maxlen: 24
188.255.192.0/23 maxlen: 23
188.255.190.0/24 maxlen: 24
188.255.196.0/22 maxlen: 22
188.255.195.0/24 maxlen: 24
212.69.21.0/24 maxlen: 24
212.69.19.0/24 maxlen: 24
212.69.30.0/24 maxlen: 24
178.253.193.0/24 maxlen: 24
178.253.212.0/24 maxlen: 24
178.253.218.0/24 maxlen: 24
178.253.215.0/24 maxlen: 24
178.253.216.0/24 maxlen: 24
178.253.217.0/24 maxlen: 24
178.253.220.0/23 maxlen: 23
93.186.65.0/24 maxlen: 24
93.186.77.0/24 maxlen: 24
212.69.3.0/24 maxlen: 24
212.69.4.0/24 maxlen: 24
212.69.0.0/23 maxlen: 23
212.69.5.0/24 maxlen: 24
212.69.10.0/23 maxlen: 23
178.253.238.0/24 maxlen: 24
178.253.235.0/24 maxlen: 24
109.233.188.0/24 maxlen: 24
109.233.190.0/24 maxlen: 24
178.253.246.0/24 maxlen: 24
178.253.244.0/24 maxlen: 24
178.253.245.0/24 maxlen: 24
81.18.51.0/24 maxlen: 24
81.18.58.0/24 maxlen: 24
81.18.56.0/24 maxlen: 24
81.18.57.0/24 maxlen: 24
81.18.63.0/24 maxlen: 24
178.219.2.0/24 maxlen: 24
178.219.4.0/22 maxlen: 22
178.219.15.0/24 maxlen: 24
178.219.12.0/23 maxlen: 23
185.47.91.0/24 maxlen: 24
77.105.16.0/24 maxlen: 24
77.105.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133972697 (0x7fc42d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 31 15:34:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ff1d9064a9955e5822037ca5c74e3dff0322893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d8:77:6f:15:d9:77:f0:6a:e5:05:51:dd:d5:
47:b6:ab:5b:49:0e:66:19:02:cf:ec:75:04:f3:39:
c2:ca:ae:c6:e5:2a:b4:56:2d:91:80:a5:b3:ae:d5:
8b:18:18:1b:2b:ab:91:f9:4f:4b:c0:5b:fc:9b:fd:
d1:38:b6:63:ef:99:f5:ef:2a:c1:52:14:a2:19:cd:
06:c3:da:35:5c:14:dc:ef:74:a9:15:f5:b4:e5:52:
ed:99:3e:11:3d:23:e9:cb:3d:aa:4c:8c:8a:2c:52:
9b:39:2c:a4:9f:40:a7:99:08:e0:c3:8e:51:7a:0d:
f4:00:33:32:48:bb:cf:63:60:0a:c4:ae:85:f3:a9:
89:6e:c0:7b:50:4d:79:30:c2:97:df:d5:c3:32:22:
da:84:b9:e5:d2:7b:33:ae:b1:ae:b9:df:82:f6:90:
c1:e1:cc:45:46:57:75:e9:cc:e8:92:ce:4b:cc:da:
95:f4:22:ff:f0:f4:2f:1d:04:82:76:fa:39:f1:98:
fc:61:f3:f7:3f:6e:40:5f:4c:85:1b:95:1a:d0:c4:
1a:08:f3:e2:73:75:7c:a7:69:26:88:a3:94:54:50:
52:42:6a:50:da:58:b7:7b:e4:04:2c:ba:1c:57:18:
2e:99:27:26:34:36:63:6c:ab:25:b6:a1:75:ac:20:
07:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:F1:D9:06:4A:99:55:E5:82:20:37:CA:5C:74:E3:DF:F0:32:28:93
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/D_HZBkqZVeWCIDfKXHTj3_AyKJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.16.0/24
77.105.22.0/24
81.18.51.0/24
81.18.56.0-81.18.58.255
81.18.63.0/24
93.186.65.0/24
93.186.77.0/24
109.121.48.0/23
109.121.55.0/24
109.233.188.0/24
109.233.190.0/24
178.219.2.0/24
178.219.4.0/22
178.219.12.0/23
178.219.15.0/24
178.253.193.0/24
178.253.212.0/24
178.253.215.0-178.253.218.255
178.253.220.0/23
178.253.235.0/24
178.253.238.0/24
178.253.244.0-178.253.246.255
185.47.91.0/24
188.255.135.0/24
188.255.179.0/24
188.255.190.0/24
188.255.192.0/23
188.255.195.0-188.255.200.255
188.255.205.0-188.255.207.255
188.255.217.0/24
188.255.228.0/24
188.255.230.0/23
188.255.253.0/24
212.69.0.0/23
212.69.3.0-212.69.5.255
212.69.10.0/23
212.69.19.0/24
212.69.21.0/24
212.69.30.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:9f:be:b7:4f:63:bb:6b:92:2b:f8:5c:58:51:b9:c3:8e:0e:
d4:1d:d3:3c:1c:56:b6:8d:c0:75:23:73:f0:9b:2b:38:ba:9b:
a0:06:eb:0b:c2:bb:ea:f0:dc:41:d0:5c:3e:04:90:33:46:98:
a5:2f:9a:7a:70:00:8a:6d:a9:2d:41:1a:91:17:05:48:93:43:
d9:dc:3a:52:bb:44:b3:de:3e:43:21:ef:a3:0a:fc:aa:0f:b2:
f7:6e:05:ec:75:eb:09:54:be:7f:dc:21:4d:2c:4a:a6:20:c6:
c4:09:65:be:ba:54:a7:17:d9:3c:95:8c:91:cf:e7:7b:e7:a2:
59:52:75:aa:88:84:8a:c3:2f:8a:f5:d1:be:f3:c8:33:c2:ef:
02:0c:de:53:b7:3f:ce:a7:61:cf:f3:06:d8:a8:f3:32:6b:7f:
a1:b6:f7:cd:97:a1:34:a9:51:28:3d:46:75:d0:49:28:0f:a5:
29:43:48:e9:52:33:70:0f:0e:19:ea:42:4f:73:fe:a1:66:cc:
6d:12:ab:c3:1f:18:ab:a2:3c:bb:0f:11:8b:da:f9:c6:be:08:
cd:af:38:dd:8e:cd:f2:bf:7e:5b:28:da:6c:da:64:c2:08:6d:
28:6b:3a:ed:bd:e4:0f:7c:b4:4d:70:b2:0f:c2:8d:b7:aa:88:
dc:35:d6:af
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgIEB/xC2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDEz
MTE1MzQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGZmMWQ5MDY0YTk5
NTVlNTgyMjAzN2NhNWM3NGUzZGZmMDMyMjg5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANDYd28V2XfwauUFUd3VR7arW0kOZhkCz+x1BPM5wsquxuUq
tFYtkYCls67VixgYGyurkflPS8Bb/Jv90Ti2Y++Z9e8qwVIUohnNBsPaNVwU3O90
qRX1tOVS7Zk+ET0j6cs9qkyMiixSmzkspJ9Ap5kI4MOOUXoN9AAzMki7z2NgCsSu
hfOpiW7Ae1BNeTDCl9/VwzIi2oS55dJ7M66xrrnfgvaQweHMRUZXdenM6JLOS8za
lfQi//D0Lx0Egnb6OfGY/GHz9z9uQF9MhRuVGtDEGgjz4nN1fKdpJoijlFRQUkJq
UNpYt3vkBCy6HFcYLpknJjQ2Y2yrJbahdawgBwsCAwEAAaOCAycwggMjMB0GA1Ud
DgQWBBQP8dkGSplV5YIgN8pcdOPf8DIokzAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
L0RfSFpCa3FaVmVXQ0lEZktYSFRqM19BeUtKTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ATsGCCsGAQUFBwEHAQH/BIIBKjCCASYwggEiBAIAATCCARoDBABNaRADBABNaRYD
BABREjMwDAMEA1ESOAMEAFESOgMEAFESPwMEAF26QQMEAF26TQMEAW15MAMEAG15
NwMEAG3pvAMEAG3pvgMEALLbAgMEArLbBAMEAbLbDAMEALLbDwMEALL9wQMEALL9
1DAMAwQAsv3XAwQAsv3aAwQBsv3cAwQAsv3rAwQAsv3uMAwDBAKy/fQDBACy/fYD
BAC5L1sDBAC8/4cDBAC8/7MDBAC8/74DBAG8/8AwDAMEALz/wwMEALz/yDAMAwQA
vP/NAwQEvP/AAwQAvP/ZAwQAvP/kAwQBvP/mAwQAvP/9AwQB1EUAMAwDBADURQMD
BAHURQQDBAHURQoDBADURRMDBADURRUDBADURR4wDQYJKoZIhvcNAQELBQADggEB
AE6fvrdPY7trkiv4XFhRucOODtQd0zwcVraNwHUjc/CbKzi6m6AG6wvCu+rw3EHQ
XD4EkDNGmKUvmnpwAIptqS1BGpEXBUiTQ9ncOlK7RLPePkMh76MK/KoPsvduBex1
6wlUvn/cIU0sSqYgxsQJZb66VKcX2TyVjJHP53vnollSdaqIhIrDL4r10b7zyDPC
7wIM3lO3P86nYc/zBtio8zJrf6G2982XoTSpUSg9RnXQSSgPpSlDSOlSM3APDhnq
Qk9z/qFmzG0Sq8MfGKuiPLsPEYva+ca+CM2vON2OzfK/flso2mzaZMIIbShrOu29
5A98tE1wsg/CjbeqiNw11q8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:19 2023 by rpki-client on console-ams.rpki-client.org