Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/PDc4KdKgpxTYkA9e3s0kPtCtNZQ.roa
File: PDc4KdKgpxTYkA9e3s0kPtCtNZQ.roa (raw, json)
Hash identifier: qumFR7B/6f4cmhXl/N8mGHedpUuMwkdrpSZ4IOPgmqU=
Subject key identifier: 3C:37:38:29:D2:A0:A7:14:D8:90:0F:5E:DE:CD:24:3E:D0:AD:35:94
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 08C14642
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/PDc4KdKgpxTYkA9e3s0kPtCtNZQ.roa
Signing time: Mon 04 Apr 2022 12:47:55 +0000
ROA not before: Mon 04 Apr 2022 12:47:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28964
IP address blocks: 188.255.206.0/23 maxlen: 23
188.255.205.0/24 maxlen: 24
188.255.217.0/24 maxlen: 24
188.255.228.0/24 maxlen: 24
188.255.230.0/23 maxlen: 23
109.121.48.0/24 maxlen: 24
109.121.49.0/24 maxlen: 24
109.121.53.0/24 maxlen: 24
109.121.55.0/24 maxlen: 24
188.255.253.0/24 maxlen: 24
188.255.179.0/24 maxlen: 24
188.255.192.0/23 maxlen: 23
188.255.190.0/24 maxlen: 24
188.255.196.0/22 maxlen: 22
188.255.195.0/24 maxlen: 24
212.69.21.0/24 maxlen: 24
212.69.19.0/24 maxlen: 24
212.69.30.0/24 maxlen: 24
178.253.193.0/24 maxlen: 24
178.253.212.0/24 maxlen: 24
178.253.218.0/24 maxlen: 24
178.253.215.0/24 maxlen: 24
178.253.216.0/24 maxlen: 24
178.253.217.0/24 maxlen: 24
178.253.220.0/23 maxlen: 23
93.186.65.0/24 maxlen: 24
93.186.77.0/24 maxlen: 24
212.69.3.0/24 maxlen: 24
212.69.4.0/24 maxlen: 24
212.69.0.0/23 maxlen: 24
212.69.5.0/24 maxlen: 24
178.253.238.0/24 maxlen: 24
178.253.235.0/24 maxlen: 24
109.233.188.0/24 maxlen: 24
109.233.190.0/24 maxlen: 24
178.253.246.0/24 maxlen: 24
178.253.244.0/24 maxlen: 24
178.253.245.0/24 maxlen: 24
81.18.51.0/24 maxlen: 24
81.18.58.0/24 maxlen: 24
81.18.56.0/24 maxlen: 24
81.18.57.0/24 maxlen: 24
81.18.63.0/24 maxlen: 24
79.175.120.0/24 maxlen: 24
178.219.2.0/24 maxlen: 24
178.219.4.0/22 maxlen: 22
178.219.15.0/24 maxlen: 24
178.219.12.0/23 maxlen: 23
185.47.91.0/24 maxlen: 24
77.105.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146884162 (0x8c14642)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 4 12:47:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c373829d2a0a714d8900f5edecd243ed0ad3594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:32:b9:cd:39:42:55:38:03:46:71:10:60:f2:
3a:4f:1f:17:d3:38:73:ff:08:8f:87:d1:2d:40:97:
b7:60:83:ac:28:66:f5:d2:99:32:8c:df:e5:98:38:
ae:6e:fe:d3:17:f5:2f:18:7f:eb:73:d4:4b:b9:bb:
7a:d1:24:29:48:0a:df:3b:b7:7b:f2:31:b3:d8:44:
6f:38:04:ce:88:b5:a9:93:9b:b7:d2:89:59:32:0c:
d2:fd:2b:42:8b:e5:12:74:ed:56:15:71:a4:cb:7c:
de:5b:7d:bc:7d:99:3c:0a:53:c4:71:eb:53:dd:86:
fb:dc:74:06:20:e1:b0:d1:b6:8d:9e:4c:ba:84:92:
ef:74:5f:b6:a6:04:20:b6:1c:9d:7b:d2:1d:06:8e:
be:e8:fd:a8:60:37:b4:20:8d:90:58:d3:0b:85:5c:
59:04:b2:a5:ad:ae:1c:52:91:81:2e:0a:be:ad:c4:
c5:28:fc:38:f0:b1:81:e2:a6:4d:55:6f:f1:38:83:
d3:75:79:1e:cd:18:1a:75:6b:35:00:ac:ef:ed:b2:
b7:69:97:37:4c:79:24:51:c7:85:77:ec:f3:32:92:
53:21:22:10:7f:f0:37:5e:ff:35:d0:43:6b:ff:21:
0e:b2:e3:d3:8e:59:ea:bb:09:7a:35:12:02:34:c5:
88:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:37:38:29:D2:A0:A7:14:D8:90:0F:5E:DE:CD:24:3E:D0:AD:35:94
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/PDc4KdKgpxTYkA9e3s0kPtCtNZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.22.0/24
79.175.120.0/24
81.18.51.0/24
81.18.56.0-81.18.58.255
81.18.63.0/24
93.186.65.0/24
93.186.77.0/24
109.121.48.0/23
109.121.53.0/24
109.121.55.0/24
109.233.188.0/24
109.233.190.0/24
178.219.2.0/24
178.219.4.0/22
178.219.12.0/23
178.219.15.0/24
178.253.193.0/24
178.253.212.0/24
178.253.215.0-178.253.218.255
178.253.220.0/23
178.253.235.0/24
178.253.238.0/24
178.253.244.0-178.253.246.255
185.47.91.0/24
188.255.179.0/24
188.255.190.0/24
188.255.192.0/23
188.255.195.0-188.255.199.255
188.255.205.0-188.255.207.255
188.255.217.0/24
188.255.228.0/24
188.255.230.0/23
188.255.253.0/24
212.69.0.0/23
212.69.3.0-212.69.5.255
212.69.19.0/24
212.69.21.0/24
212.69.30.0/24
Signature Algorithm: sha256WithRSAEncryption
73:21:69:11:5f:3c:dc:32:eb:67:2d:14:9b:3e:e1:9a:ce:6f:
9e:58:af:ce:38:cb:bf:c8:49:4b:cb:1c:2b:66:96:99:ed:23:
9b:1e:2a:6c:f7:fe:51:24:66:ad:29:f3:06:6e:4e:43:aa:9f:
07:60:d3:d4:5f:56:54:2c:a8:e0:c3:c7:6c:82:d3:34:81:cb:
8c:84:df:a1:5c:dc:77:94:f9:c1:1e:1f:87:a4:70:9f:7c:f7:
8c:05:c4:4b:2b:1e:72:f0:d2:ba:94:db:16:a3:9f:e6:a8:ac:
c5:37:4e:aa:92:71:fc:3a:5b:8d:99:d9:3b:c9:da:50:d3:16:
cb:bf:da:02:d5:e6:07:55:ac:f4:1b:ca:b0:9b:26:9f:94:e1:
61:f8:a6:70:46:9b:ba:b5:61:b9:8e:98:36:67:e8:a7:2e:b5:
2e:43:91:86:de:73:12:db:bf:e3:41:4c:f7:2d:68:8b:5b:74:
61:47:4d:a5:8b:05:d5:c4:0c:3c:e2:a8:10:8a:2c:c4:0f:a9:
0b:22:38:92:6c:18:5b:32:d7:1b:6c:2f:b7:41:47:0c:a0:c0:
40:9e:d4:28:3d:93:1f:83:07:b1:62:e5:15:ce:9e:40:87:85:
e8:14:8d:32:20:d7:67:b8:b6:c3:58:0e:0e:df:19:1f:4e:d4:
f8:7c:7f:09
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgIECMFGQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDQw
NDEyNDc1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2MzNzM4MjlkMmEw
YTcxNGQ4OTAwZjVlZGVjZDI0M2VkMGFkMzU5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMEyuc05QlU4A0ZxEGDyOk8fF9M4c/8Ij4fRLUCXt2CDrChm
9dKZMozf5Zg4rm7+0xf1Lxh/63PUS7m7etEkKUgK3zu3e/Ixs9hEbzgEzoi1qZOb
t9KJWTIM0v0rQovlEnTtVhVxpMt83lt9vH2ZPApTxHHrU92G+9x0BiDhsNG2jZ5M
uoSS73RftqYEILYcnXvSHQaOvuj9qGA3tCCNkFjTC4VcWQSypa2uHFKRgS4Kvq3E
xSj8OPCxgeKmTVVv8TiD03V5Hs0YGnVrNQCs7+2yt2mXN0x5JFHHhXfs8zKSUyEi
EH/wN17/NdBDa/8hDrLj045Z6rsJejUSAjTFiCECAwEAAaOCAyEwggMdMB0GA1Ud
DgQWBBQ8Nzgp0qCnFNiQD17ezSQ+0K01lDAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
L1BEYzRLZEtncHhUWWtBOWUzczBrUHRDdE5aUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ATUGCCsGAQUFBwEHAQH/BIIBJDCCASAwggEcBAIAATCCARQDBABNaRYDBABPr3gD
BABREjMwDAMEA1ESOAMEAFESOgMEAFESPwMEAF26QQMEAF26TQMEAW15MAMEAG15
NQMEAG15NwMEAG3pvAMEAG3pvgMEALLbAgMEArLbBAMEAbLbDAMEALLbDwMEALL9
wQMEALL91DAMAwQAsv3XAwQAsv3aAwQBsv3cAwQAsv3rAwQAsv3uMAwDBAKy/fQD
BACy/fYDBAC5L1sDBAC8/7MDBAC8/74DBAG8/8AwDAMEALz/wwMEA7z/wDAMAwQA
vP/NAwQEvP/AAwQAvP/ZAwQAvP/kAwQBvP/mAwQAvP/9AwQB1EUAMAwDBADURQMD
BAHURQQDBADURRMDBADURRUDBADURR4wDQYJKoZIhvcNAQELBQADggEBAHMhaRFf
PNwy62ctFJs+4ZrOb55Yr844y7/ISUvLHCtmlpntI5seKmz3/lEkZq0p8wZuTkOq
nwdg09RfVlQsqODDx2yC0zSBy4yE36Fc3HeU+cEeH4ekcJ9894wFxEsrHnLw0rqU
2xajn+aorMU3TqqScfw6W42Z2TvJ2lDTFsu/2gLV5gdVrPQbyrCbJp+U4WH4pnBG
m7q1YbmOmDZn6KcutS5DkYbecxLbv+NBTPctaItbdGFHTaWLBdXEDDziqBCKLMQP
qQsiOJJsGFsy1xtsL7dBRwygwECe1Cg9kx+DB7Fi5RXOnkCHhegUjTIg12e4tsNY
Dg7fGR9O1Ph8fwk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:32 2023 by rpki-client on console-fra.rpki-client.org