Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/FQCrtnbTrBgXv_Zn_2ulvznpH_E.roa
File: FQCrtnbTrBgXv_Zn_2ulvznpH_E.roa (raw, json)
Hash identifier: 1DeRbBJpUyghF566uCqQCaM1ERblysX899r6qzsFG+Q=
Subject key identifier: 15:00:AB:B6:76:D3:AC:18:17:BF:F6:67:FF:6B:A5:BF:39:E9:1F:F1
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 07BBA0CD
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/FQCrtnbTrBgXv_Zn_2ulvznpH_E.roa
Signing time: Tue 04 Jan 2022 10:16:26 +0000
ROA not before: Tue 04 Jan 2022 10:16:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28964
IP address blocks: 188.255.135.0/24 maxlen: 24
188.255.206.0/23 maxlen: 23
188.255.200.0/24 maxlen: 24
188.255.205.0/24 maxlen: 24
188.255.217.0/24 maxlen: 24
188.255.228.0/24 maxlen: 24
188.255.230.0/23 maxlen: 23
109.121.48.0/24 maxlen: 24
109.121.49.0/24 maxlen: 24
188.255.253.0/24 maxlen: 24
188.255.179.0/24 maxlen: 24
188.255.192.0/23 maxlen: 23
188.255.190.0/24 maxlen: 24
188.255.196.0/22 maxlen: 22
188.255.195.0/24 maxlen: 24
212.69.21.0/24 maxlen: 24
212.69.19.0/24 maxlen: 24
212.69.30.0/24 maxlen: 24
178.253.193.0/24 maxlen: 24
178.253.212.0/24 maxlen: 24
178.253.218.0/24 maxlen: 24
178.253.215.0/24 maxlen: 24
178.253.216.0/24 maxlen: 24
178.253.217.0/24 maxlen: 24
178.253.220.0/23 maxlen: 23
93.186.65.0/24 maxlen: 24
93.186.77.0/24 maxlen: 24
212.69.3.0/24 maxlen: 24
212.69.4.0/24 maxlen: 24
212.69.0.0/23 maxlen: 23
212.69.5.0/24 maxlen: 24
212.69.10.0/23 maxlen: 23
178.253.238.0/24 maxlen: 24
178.253.235.0/24 maxlen: 24
109.233.188.0/24 maxlen: 24
109.233.190.0/24 maxlen: 24
178.253.246.0/24 maxlen: 24
178.253.244.0/24 maxlen: 24
178.253.245.0/24 maxlen: 24
81.18.51.0/24 maxlen: 24
81.18.58.0/24 maxlen: 24
81.18.56.0/24 maxlen: 24
81.18.57.0/24 maxlen: 24
81.18.63.0/24 maxlen: 24
178.219.2.0/24 maxlen: 24
178.219.4.0/22 maxlen: 22
178.219.15.0/24 maxlen: 24
178.219.12.0/23 maxlen: 23
185.47.91.0/24 maxlen: 24
77.105.16.0/24 maxlen: 24
77.105.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 129736909 (0x7bba0cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 4 10:16:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1500abb676d3ac1817bff667ff6ba5bf39e91ff1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:22:70:58:88:f5:0c:58:45:c6:a8:7a:79:74:
9e:3d:cf:f3:fc:12:39:ca:dc:6f:40:e9:7e:e4:6b:
0e:70:ce:a5:a9:6c:4f:2a:dd:6b:2f:a6:fe:31:3c:
97:dd:e5:27:30:f1:19:36:67:39:3d:25:f4:59:12:
91:14:d0:68:2f:26:d7:15:55:65:57:36:a8:31:1b:
8a:31:df:3c:22:35:9e:dd:3a:02:d5:f4:9b:6b:24:
78:54:cf:a5:a7:89:32:58:76:1b:71:7b:e5:80:3b:
69:07:79:50:2c:3d:d9:7a:48:e5:fe:01:38:e8:6f:
f7:35:2f:7a:5b:7c:5f:86:1e:91:06:d3:87:57:c2:
dc:08:cb:9d:84:9d:99:67:50:4e:10:b7:6f:5f:35:
98:d7:3a:e7:d3:2f:4a:a5:7c:44:ab:4a:69:d8:95:
8d:99:c3:33:0b:0d:d7:30:06:6d:bf:fe:5e:7f:c1:
49:70:f7:2b:1f:e4:8b:cc:73:8d:e3:72:bc:d5:ef:
7e:f5:3a:8e:83:66:8a:fe:f6:fa:ae:87:6f:01:d6:
9d:c6:7d:83:1b:db:c2:1d:ad:22:0f:ed:ce:07:d6:
e4:8e:d5:d3:33:78:bd:de:c1:00:59:71:12:75:8f:
8d:e2:32:85:37:f1:42:b2:ba:4d:7e:7f:7c:ad:d2:
06:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:00:AB:B6:76:D3:AC:18:17:BF:F6:67:FF:6B:A5:BF:39:E9:1F:F1
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/FQCrtnbTrBgXv_Zn_2ulvznpH_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.16.0/24
77.105.22.0/24
81.18.51.0/24
81.18.56.0-81.18.58.255
81.18.63.0/24
93.186.65.0/24
93.186.77.0/24
109.121.48.0/23
109.233.188.0/24
109.233.190.0/24
178.219.2.0/24
178.219.4.0/22
178.219.12.0/23
178.219.15.0/24
178.253.193.0/24
178.253.212.0/24
178.253.215.0-178.253.218.255
178.253.220.0/23
178.253.235.0/24
178.253.238.0/24
178.253.244.0-178.253.246.255
185.47.91.0/24
188.255.135.0/24
188.255.179.0/24
188.255.190.0/24
188.255.192.0/23
188.255.195.0-188.255.200.255
188.255.205.0-188.255.207.255
188.255.217.0/24
188.255.228.0/24
188.255.230.0/23
188.255.253.0/24
212.69.0.0/23
212.69.3.0-212.69.5.255
212.69.10.0/23
212.69.19.0/24
212.69.21.0/24
212.69.30.0/24
Signature Algorithm: sha256WithRSAEncryption
33:45:b1:8d:1e:f1:6a:20:bd:d3:13:01:56:cf:d6:a4:dd:68:
ed:b6:2a:85:0a:8c:72:ff:eb:c9:b5:51:65:bf:b1:ba:09:5f:
f5:d8:78:38:13:d0:5a:b5:82:cc:52:cc:2e:db:9f:3c:7c:3d:
a1:17:4c:46:1f:39:b1:f6:84:93:27:f6:b4:cf:2b:f7:21:f8:
cb:7f:6f:36:d9:de:88:a4:bf:ad:e8:8a:00:4a:bf:5a:36:f3:
23:19:1e:e1:f4:a1:ea:4b:29:d1:82:3a:4e:69:70:1a:6d:8a:
d8:c2:56:2c:37:1c:61:0d:93:9e:79:d6:40:ec:8d:76:fd:73:
70:b4:a7:e1:b2:ff:30:07:45:38:d4:3d:a4:69:9a:85:63:1e:
f1:a2:61:9d:2b:4a:f8:ee:62:63:28:87:f4:b2:d0:0c:9e:eb:
cd:4b:1d:7a:03:c7:60:eb:e5:60:b5:33:30:e6:16:22:e3:0c:
7a:17:82:34:26:f4:e3:f9:d7:45:a8:d8:36:79:46:5a:1a:33:
f4:f2:2f:91:6c:c7:59:c8:63:18:3f:6b:2c:05:58:36:0a:8d:
73:aa:3d:ba:c1:27:aa:46:bd:e6:c6:b9:0c:d2:6a:6d:7b:aa:
6b:00:d6:db:9e:8f:f5:e5:84:53:c5:39:e6:a8:c3:ff:33:d1:
f0:2e:86:eb
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgIEB7ugzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDEw
NDEwMTYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTUwMGFiYjY3NmQz
YWMxODE3YmZmNjY3ZmY2YmE1YmYzOWU5MWZmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANIicFiI9QxYRcaoenl0nj3P8/wSOcrcb0DpfuRrDnDOpals
Tyrday+m/jE8l93lJzDxGTZnOT0l9FkSkRTQaC8m1xVVZVc2qDEbijHfPCI1nt06
AtX0m2skeFTPpaeJMlh2G3F75YA7aQd5UCw92XpI5f4BOOhv9zUvelt8X4YekQbT
h1fC3AjLnYSdmWdQThC3b181mNc659MvSqV8RKtKadiVjZnDMwsN1zAGbb/+Xn/B
SXD3Kx/ki8xzjeNyvNXvfvU6joNmiv72+q6HbwHWncZ9gxvbwh2tIg/tzgfW5I7V
0zN4vd7BAFlxEnWPjeIyhTfxQrK6TX5/fK3SBqMCAwEAAaOCAyEwggMdMB0GA1Ud
DgQWBBQVAKu2dtOsGBe/9mf/a6W/Oekf8TAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
L0ZRQ3J0bmJUckJnWHZfWm5fMnVsdnpucEhfRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ATUGCCsGAQUFBwEHAQH/BIIBJDCCASAwggEcBAIAATCCARQDBABNaRADBABNaRYD
BABREjMwDAMEA1ESOAMEAFESOgMEAFESPwMEAF26QQMEAF26TQMEAW15MAMEAG3p
vAMEAG3pvgMEALLbAgMEArLbBAMEAbLbDAMEALLbDwMEALL9wQMEALL91DAMAwQA
sv3XAwQAsv3aAwQBsv3cAwQAsv3rAwQAsv3uMAwDBAKy/fQDBACy/fYDBAC5L1sD
BAC8/4cDBAC8/7MDBAC8/74DBAG8/8AwDAMEALz/wwMEALz/yDAMAwQAvP/NAwQE
vP/AAwQAvP/ZAwQAvP/kAwQBvP/mAwQAvP/9AwQB1EUAMAwDBADURQMDBAHURQQD
BAHURQoDBADURRMDBADURRUDBADURR4wDQYJKoZIhvcNAQELBQADggEBADNFsY0e
8WogvdMTAVbP1qTdaO22KoUKjHL/68m1UWW/sboJX/XYeDgT0Fq1gsxSzC7bnzx8
PaEXTEYfObH2hJMn9rTPK/ch+Mt/bzbZ3oikv63oigBKv1o28yMZHuH0oepLKdGC
Ok5pcBptitjCViw3HGENk5551kDsjXb9c3C0p+Gy/zAHRTjUPaRpmoVjHvGiYZ0r
SvjuYmMoh/Sy0Aye681LHXoDx2Dr5WC1MzDmFiLjDHoXgjQm9OP510Wo2DZ5Rloa
M/TyL5Fsx1nIYxg/aywFWDYKjXOqPbrBJ6pGvebGuQzSam17qmsA1tuej/XlhFPF
Oeaow/8z0fAuhus=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:19 2023 by rpki-client on console-ams.rpki-client.org