Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/ZIkA1utLH72SYcL2j61v6q7Ayyw.roa
File: ZIkA1utLH72SYcL2j61v6q7Ayyw.roa (raw, json)
Hash identifier: 6eleaCefck0VfEQpRVDPMcjsZOD/vSaKLz+jkk7t4yU=
Subject key identifier: 64:89:00:D6:EB:4B:1F:BD:92:61:C2:F6:8F:AD:6F:EA:AE:C0:CB:2C
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 08D0A30C
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/ZIkA1utLH72SYcL2j61v6q7Ayyw.roa
Signing time: Thu 07 Apr 2022 10:28:33 +0000
ROA not before: Thu 07 Apr 2022 10:28:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52116
IP address blocks: 188.255.130.0/24 maxlen: 24
188.255.213.0/24 maxlen: 24
188.255.208.0/22 maxlen: 24
188.255.216.0/24 maxlen: 24
188.255.219.0/24 maxlen: 24
188.255.214.0/23 maxlen: 24
188.255.236.0/24 maxlen: 24
188.255.238.0/24 maxlen: 24
188.255.239.0/24 maxlen: 24
188.255.246.0/24 maxlen: 24
188.255.244.0/23 maxlen: 23
188.255.248.0/24 maxlen: 24
188.255.252.0/24 maxlen: 24
188.255.247.0/24 maxlen: 24
188.255.250.0/23 maxlen: 23
188.255.190.0/24 maxlen: 24
212.69.12.0/24 maxlen: 24
212.69.13.0/24 maxlen: 24
178.253.207.0/24 maxlen: 24
178.253.210.0/24 maxlen: 24
178.253.213.0/24 maxlen: 24
178.253.219.0/24 maxlen: 24
178.253.214.0/24 maxlen: 24
178.253.222.0/24 maxlen: 24
93.186.64.0/24 maxlen: 24
93.186.67.0/24 maxlen: 24
93.186.71.0/24 maxlen: 24
93.186.72.0/24 maxlen: 24
212.69.6.0/24 maxlen: 24
212.69.7.0/24 maxlen: 24
178.253.236.0/24 maxlen: 24
178.253.240.0/24 maxlen: 24
109.233.189.0/24 maxlen: 24
81.18.49.0/24 maxlen: 24
81.18.50.0/24 maxlen: 24
81.18.55.0/24 maxlen: 24
81.18.52.0/23 maxlen: 23
81.18.61.0/24 maxlen: 24
79.175.103.0/24 maxlen: 24
79.175.116.0/24 maxlen: 24
79.175.118.0/24 maxlen: 24
79.175.115.0/24 maxlen: 24
188.215.228.0/24 maxlen: 24
188.255.254.0/24 maxlen: 24
188.255.255.0/24 maxlen: 24
178.219.11.0/24 maxlen: 24
178.219.8.0/23 maxlen: 23
185.47.88.0/24 maxlen: 24
185.47.89.0/24 maxlen: 24
185.47.90.0/24 maxlen: 24
77.105.18.0/23 maxlen: 23
77.105.31.0/24 maxlen: 24
80.74.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147890956 (0x8d0a30c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 7 10:28:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=648900d6eb4b1fbd9261c2f68fad6feaaec0cb2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c0:75:42:ea:83:d0:ca:2b:f7:47:48:d8:cb:
69:4c:27:e0:3a:75:61:64:ad:09:8c:c0:25:0d:79:
23:a6:d0:78:d8:1b:57:2a:c1:2f:6a:9c:2f:34:ee:
fd:48:12:22:2c:3e:fe:34:4e:81:e3:51:37:fa:0c:
36:f7:d0:89:15:3a:59:8e:c9:38:0d:12:0c:02:99:
c7:c7:61:61:cd:a0:d6:93:ea:af:7f:0b:f0:99:f9:
ea:e4:2f:04:ff:b4:54:7b:87:f8:48:18:a3:b9:2d:
36:da:b6:cc:83:9c:c3:6d:c2:d1:64:da:c3:a2:39:
a5:06:d9:44:c1:67:4d:86:34:5a:3c:ee:b5:cd:25:
f5:f6:91:c2:07:80:07:d8:c4:52:2c:40:c2:50:b5:
1c:b4:ef:eb:3d:04:a7:51:5f:49:63:fc:ec:19:41:
55:c4:9b:65:d1:87:73:ae:e1:8c:16:34:86:fe:9e:
13:30:78:69:f3:67:c6:e5:95:08:e3:3d:9b:92:f5:
16:3b:58:07:23:68:c4:55:20:1b:4f:43:79:dc:4f:
0c:57:18:6d:b0:25:fd:79:7c:29:da:71:b4:c1:55:
a6:5e:84:94:ee:22:94:65:d2:b7:9d:de:85:db:36:
c3:84:dc:d2:80:92:e5:74:b6:fd:90:04:8e:00:7f:
d7:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:89:00:D6:EB:4B:1F:BD:92:61:C2:F6:8F:AD:6F:EA:AE:C0:CB:2C
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/ZIkA1utLH72SYcL2j61v6q7Ayyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.18.0/23
77.105.31.0/24
79.175.103.0/24
79.175.115.0-79.175.116.255
79.175.118.0/24
80.74.173.0/24
81.18.49.0-81.18.50.255
81.18.52.0/23
81.18.55.0/24
81.18.61.0/24
93.186.64.0/24
93.186.67.0/24
93.186.71.0-93.186.72.255
109.233.189.0/24
178.219.8.0/23
178.219.11.0/24
178.253.207.0/24
178.253.210.0/24
178.253.213.0-178.253.214.255
178.253.219.0/24
178.253.222.0/24
178.253.236.0/24
178.253.240.0/24
185.47.88.0-185.47.90.255
188.215.228.0/24
188.255.130.0/24
188.255.190.0/24
188.255.208.0/22
188.255.213.0-188.255.216.255
188.255.219.0/24
188.255.236.0/24
188.255.238.0/23
188.255.244.0-188.255.248.255
188.255.250.0-188.255.252.255
188.255.254.0/23
212.69.6.0/23
212.69.12.0/23
Signature Algorithm: sha256WithRSAEncryption
01:cb:06:ca:e8:fa:9c:fe:63:84:49:8c:5a:d7:98:01:fd:dd:
04:8d:e6:b3:6d:8e:9b:54:38:a6:fa:c6:67:4a:e2:49:48:ff:
bc:04:cc:34:53:2d:92:cd:6f:7f:ff:1f:f7:75:9c:15:41:a3:
83:91:6e:16:04:e8:81:cb:4a:8c:0a:fc:b6:4e:f5:14:1a:4c:
c2:af:72:14:61:a6:4a:ab:5b:16:04:48:27:25:52:20:5b:5a:
8f:7e:0e:88:b0:df:a3:c9:3b:78:34:36:36:f1:05:63:0c:ef:
b1:2c:49:5e:1a:3d:9c:b2:99:3f:c0:18:a0:28:19:a5:d6:2a:
df:75:b2:58:34:41:16:2d:23:11:52:ca:8c:82:90:a8:84:fa:
d7:75:bc:b5:07:ad:8f:4d:9a:ea:e2:cc:5c:55:b8:e2:d5:4d:
88:94:cc:3b:e7:15:6b:73:e9:dd:39:6c:cc:d4:96:31:75:2a:
21:c6:a7:88:4e:a6:d5:83:e6:7f:2a:44:2a:1b:f3:a2:f8:44:
01:2b:f9:92:65:ba:51:fb:ba:79:ea:53:d6:91:52:83:47:ab:
76:cd:e5:df:6e:fb:72:dc:47:ba:99:3c:bf:36:5d:0f:e5:fa:
ef:75:7e:2a:b0:c6:e4:74:cb:40:89:3f:61:bf:b6:99:9d:80:
3e:18:77:16
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgIECNCjDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDQw
NzEwMjgzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjQ4OTAwZDZlYjRi
MWZiZDkyNjFjMmY2OGZhZDZmZWFhZWMwY2IyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAInAdULqg9DKK/dHSNjLaUwn4Dp1YWStCYzAJQ15I6bQeNgb
VyrBL2qcLzTu/UgSIiw+/jROgeNRN/oMNvfQiRU6WY7JOA0SDAKZx8dhYc2g1pPq
r38L8Jn56uQvBP+0VHuH+EgYo7ktNtq2zIOcw23C0WTaw6I5pQbZRMFnTYY0Wjzu
tc0l9faRwgeAB9jEUixAwlC1HLTv6z0Ep1FfSWP87BlBVcSbZdGHc67hjBY0hv6e
EzB4afNnxuWVCOM9m5L1FjtYByNoxFUgG09DedxPDFcYbbAl/Xl8KdpxtMFVpl6E
lO4ilGXSt53ehds2w4Tc0oCS5XS2/ZAEjgB/1/sCAwEAAaOCAyswggMnMB0GA1Ud
DgQWBBRkiQDW60sfvZJhwvaPrW/qrsDLLDAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
L1pJa0ExdXRMSDcyU1ljTDJqNjF2NnE3QXl5dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AT8GCCsGAQUFBwEHAQH/BIIBLjCCASowggEmBAIAATCCAR4DBAFNaRIDBABNaR8D
BABPr2cwDAMEAE+vcwMEAE+vdAMEAE+vdgMEAFBKrTAMAwQAURIxAwQAURIyAwQB
URI0AwQAURI3AwQAURI9AwQAXbpAAwQAXbpDMAwDBABdukcDBABdukgDBABt6b0D
BAGy2wgDBACy2wsDBACy/c8DBACy/dIwDAMEALL91QMEALL91gMEALL92wMEALL9
3gMEALL97AMEALL98DAMAwQDuS9YAwQAuS9aAwQAvNfkAwQAvP+CAwQAvP++AwQC
vP/QMAwDBAC8/9UDBAC8/9gDBAC8/9sDBAC8/+wDBAG8/+4wDAMEArz/9AMEALz/
+DAMAwQBvP/6AwQAvP/8AwQBvP/+AwQB1EUGAwQB1EUMMA0GCSqGSIb3DQEBCwUA
A4IBAQABywbK6Pqc/mOESYxa15gB/d0EjeazbY6bVDim+sZnSuJJSP+8BMw0Uy2S
zW9//x/3dZwVQaODkW4WBOiBy0qMCvy2TvUUGkzCr3IUYaZKq1sWBEgnJVIgW1qP
fg6IsN+jyTt4NDY28QVjDO+xLEleGj2cspk/wBigKBml1irfdbJYNEEWLSMRUsqM
gpCohPrXdby1B62PTZrq4sxcVbji1U2IlMw75xVrc+ndOWzM1JYxdSohxqeITqbV
g+Z/KkQqG/Oi+EQBK/mSZbpR+7p56lPWkVKDR6t2zeXfbvty3Ee6mTy/Nl0P5frv
dX4qsMbkdMtAiT9hv7aZnYA+GHcW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:26 2024 by rpki-client on console-fra.rpki-client.org