Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/mKg6kYquRM3kHI2vCig7oSvG3bc.roa
File: mKg6kYquRM3kHI2vCig7oSvG3bc.roa (raw, json)
Hash identifier: q1PGrXmV0wh0ili0mGHVX/06sZfkUrV4lgfvzla1WBo=
Subject key identifier: 98:A8:3A:91:8A:AE:44:CD:E4:1C:8D:AF:0A:28:3B:A1:2B:C6:DD:B7
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0870BBB7
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/mKg6kYquRM3kHI2vCig7oSvG3bc.roa
Signing time: Mon 21 Mar 2022 10:19:08 +0000
ROA not before: Mon 21 Mar 2022 10:19:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28964
IP address blocks: 188.255.135.0/24 maxlen: 24
188.255.206.0/23 maxlen: 23
188.255.200.0/24 maxlen: 24
188.255.205.0/24 maxlen: 24
188.255.217.0/24 maxlen: 24
188.255.228.0/24 maxlen: 24
188.255.230.0/23 maxlen: 23
109.121.48.0/24 maxlen: 24
109.121.49.0/24 maxlen: 24
109.121.53.0/24 maxlen: 24
109.121.55.0/24 maxlen: 24
188.255.253.0/24 maxlen: 24
188.255.179.0/24 maxlen: 24
188.255.192.0/23 maxlen: 23
188.255.190.0/24 maxlen: 24
188.255.196.0/22 maxlen: 22
188.255.195.0/24 maxlen: 24
212.69.21.0/24 maxlen: 24
212.69.19.0/24 maxlen: 24
212.69.30.0/24 maxlen: 24
178.253.193.0/24 maxlen: 24
178.253.212.0/24 maxlen: 24
178.253.218.0/24 maxlen: 24
178.253.215.0/24 maxlen: 24
178.253.216.0/24 maxlen: 24
178.253.217.0/24 maxlen: 24
178.253.220.0/23 maxlen: 23
93.186.65.0/24 maxlen: 24
93.186.77.0/24 maxlen: 24
212.69.3.0/24 maxlen: 24
212.69.4.0/24 maxlen: 24
212.69.0.0/23 maxlen: 23
212.69.5.0/24 maxlen: 24
212.69.10.0/23 maxlen: 23
178.253.238.0/24 maxlen: 24
178.253.235.0/24 maxlen: 24
109.233.188.0/24 maxlen: 24
109.233.190.0/24 maxlen: 24
178.253.246.0/24 maxlen: 24
178.253.244.0/24 maxlen: 24
178.253.245.0/24 maxlen: 24
81.18.51.0/24 maxlen: 24
81.18.58.0/24 maxlen: 24
81.18.56.0/24 maxlen: 24
81.18.57.0/24 maxlen: 24
81.18.63.0/24 maxlen: 24
79.175.120.0/24 maxlen: 24
178.219.2.0/24 maxlen: 24
178.219.4.0/22 maxlen: 22
178.219.15.0/24 maxlen: 24
178.219.12.0/23 maxlen: 23
185.47.91.0/24 maxlen: 24
77.105.16.0/24 maxlen: 24
77.105.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141605815 (0x870bbb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Mar 21 10:19:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98a83a918aae44cde41c8daf0a283ba12bc6ddb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:04:92:d8:f5:49:5c:d5:cc:b7:50:31:d8:10:
5e:8d:1d:ea:d0:d5:ea:dd:a2:f4:ee:f6:3e:58:fb:
c1:61:dc:a9:6a:66:ba:21:ad:1a:ba:e4:b3:42:d4:
52:be:da:41:c4:49:6c:70:19:bd:a3:63:89:04:d5:
b4:48:fd:71:38:81:a1:ea:a5:2d:6a:97:a5:0e:45:
3a:66:4e:9b:11:8c:71:44:0b:3c:02:c7:5a:32:27:
10:6f:6a:19:7b:76:e8:d7:d9:f3:a2:6e:52:5e:a9:
e4:12:a3:58:da:0a:a6:89:ac:60:e1:a8:3b:fe:71:
38:6c:59:3b:7c:d8:c6:1d:db:5c:0d:97:6c:65:04:
f6:00:06:b1:89:11:8f:69:cd:6c:15:b6:11:38:19:
d8:f0:31:d3:20:8c:6e:e3:9c:74:6f:c1:08:0c:22:
47:28:50:3b:6b:28:7b:0f:7e:9e:85:ec:c9:57:cc:
14:01:c0:a5:f2:4a:a7:db:18:29:13:1f:c0:1c:62:
ec:46:1c:79:ce:a4:f4:e6:2a:71:59:0c:54:d7:5d:
bd:b7:bf:a0:b1:b0:18:87:e5:3c:ae:8f:59:45:ad:
eb:46:8f:e4:2c:45:b9:ef:a6:07:c6:63:58:32:54:
7f:69:bb:14:9a:a0:92:12:5f:64:ab:e6:54:3f:98:
57:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A8:3A:91:8A:AE:44:CD:E4:1C:8D:AF:0A:28:3B:A1:2B:C6:DD:B7
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/mKg6kYquRM3kHI2vCig7oSvG3bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.16.0/24
77.105.22.0/24
79.175.120.0/24
81.18.51.0/24
81.18.56.0-81.18.58.255
81.18.63.0/24
93.186.65.0/24
93.186.77.0/24
109.121.48.0/23
109.121.53.0/24
109.121.55.0/24
109.233.188.0/24
109.233.190.0/24
178.219.2.0/24
178.219.4.0/22
178.219.12.0/23
178.219.15.0/24
178.253.193.0/24
178.253.212.0/24
178.253.215.0-178.253.218.255
178.253.220.0/23
178.253.235.0/24
178.253.238.0/24
178.253.244.0-178.253.246.255
185.47.91.0/24
188.255.135.0/24
188.255.179.0/24
188.255.190.0/24
188.255.192.0/23
188.255.195.0-188.255.200.255
188.255.205.0-188.255.207.255
188.255.217.0/24
188.255.228.0/24
188.255.230.0/23
188.255.253.0/24
212.69.0.0/23
212.69.3.0-212.69.5.255
212.69.10.0/23
212.69.19.0/24
212.69.21.0/24
212.69.30.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:f2:dd:fb:25:4e:51:c5:52:c6:e8:5c:33:43:5a:6f:ed:ce:
89:02:e3:8d:c7:77:d7:f7:54:7f:ad:a7:3b:a9:83:ef:a2:28:
86:03:44:ae:5b:22:90:4a:4f:ff:0c:21:52:08:c3:9a:6b:da:
4b:0e:54:64:be:f0:e3:39:85:fd:47:90:e2:f4:f0:9a:8f:1f:
f8:ab:fc:9f:f0:47:2b:70:ce:ad:4d:9b:74:6c:40:e5:8e:5c:
5b:27:fd:4a:ac:d0:d1:ad:d9:33:7a:67:f0:ee:d2:68:38:c9:
9a:9c:f1:64:89:99:8e:98:e5:96:bc:34:b1:bd:26:af:d6:10:
66:c8:6b:87:6c:f1:fb:50:6c:8b:75:c9:50:af:1b:5f:8f:a7:
23:d9:94:6a:dc:41:e3:22:dd:b3:36:d6:a9:e7:b1:af:58:7d:
17:96:5f:f2:b7:d1:9b:5f:a0:d1:ce:46:87:75:3f:ed:cd:be:
69:0a:1b:d4:4d:be:ae:31:5c:b4:1c:7a:d5:c4:98:f8:d7:1a:
29:41:80:bf:79:f6:bc:bf:96:6d:e6:df:8a:3e:81:1c:0a:3e:
23:e1:73:17:d8:f9:e3:76:b3:f1:27:82:33:a9:42:c5:5d:f0:
82:bf:79:df:9d:56:eb:4a:66:4f:3d:1d:b1:55:8e:0f:0e:d0:
45:a5:2f:4e
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgIECHC7tzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg0ZTQ3MzhhNzBlYTM5YzA4Y2VmMjEwNDMyYWUzOTllYzdlOTE1MB4XDTIyMDMy
MTEwMTkwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOThhODNhOTE4YWFl
NDRjZGU0MWM4ZGFmMGEyODNiYTEyYmM2ZGRiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMsEktj1SVzVzLdQMdgQXo0d6tDV6t2i9O72Plj7wWHcqWpm
uiGtGrrks0LUUr7aQcRJbHAZvaNjiQTVtEj9cTiBoeqlLWqXpQ5FOmZOmxGMcUQL
PALHWjInEG9qGXt26NfZ86JuUl6p5BKjWNoKpomsYOGoO/5xOGxZO3zYxh3bXA2X
bGUE9gAGsYkRj2nNbBW2ETgZ2PAx0yCMbuOcdG/BCAwiRyhQO2soew9+noXsyVfM
FAHApfJKp9sYKRMfwBxi7EYcec6k9OYqcVkMVNddvbe/oLGwGIflPK6PWUWt60aP
5CxFue+mB8ZjWDJUf2m7FJqgkhJfZKvmVD+YV4kCAwEAAaOCAzMwggMvMB0GA1Ud
DgQWBBSYqDqRiq5EzeQcja8KKDuhK8bdtzAfBgNVHSMEGDAWgBRvhORzinDqOcCM
7yEEMq45nsfpFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0VGtjNHB3NmpuQWpPOGhCREt1T1o3SDZSVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8x
L21LZzZrWXF1Uk0za0hJMnZDaWc3b1N2RzNiYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
ZGRmOGIzLTFjMDgtNDk1Yy04ZGRmLWZhZTVkYmVkM2IxYi8xL2I0VGtjNHB3Nmpu
QWpPOGhCREt1T1o3SDZSVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AUcGCCsGAQUFBwEHAQH/BIIBNjCCATIwggEuBAIAATCCASYDBABNaRADBABNaRYD
BABPr3gDBABREjMwDAMEA1ESOAMEAFESOgMEAFESPwMEAF26QQMEAF26TQMEAW15
MAMEAG15NQMEAG15NwMEAG3pvAMEAG3pvgMEALLbAgMEArLbBAMEAbLbDAMEALLb
DwMEALL9wQMEALL91DAMAwQAsv3XAwQAsv3aAwQBsv3cAwQAsv3rAwQAsv3uMAwD
BAKy/fQDBACy/fYDBAC5L1sDBAC8/4cDBAC8/7MDBAC8/74DBAG8/8AwDAMEALz/
wwMEALz/yDAMAwQAvP/NAwQEvP/AAwQAvP/ZAwQAvP/kAwQBvP/mAwQAvP/9AwQB
1EUAMAwDBADURQMDBAHURQQDBAHURQoDBADURRMDBADURRUDBADURR4wDQYJKoZI
hvcNAQELBQADggEBAG7y3fslTlHFUsboXDNDWm/tzokC443Hd9f3VH+tpzupg++i
KIYDRK5bIpBKT/8MIVIIw5pr2ksOVGS+8OM5hf1HkOL08JqPH/ir/J/wRytwzq1N
m3RsQOWOXFsn/Uqs0NGt2TN6Z/Du0mg4yZqc8WSJmY6Y5Za8NLG9Jq/WEGbIa4ds
8ftQbIt1yVCvG1+PpyPZlGrcQeMi3bM21qnnsa9YfReWX/K30ZtfoNHORod1P+3N
vmkKG9RNvq4xXLQcetXEmPjXGilBgL959ry/lm3m34o+gRwKPiPhcxfY+eN2s/En
gjOpQsVd8IK/ed+dVutKZk89HbFVjg8O0EWlL04=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:35 2023 by rpki-client on console-fra.rpki-client.org