Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/vX3l0RFP8wYWbYzlIK4XOLo03gE.roa
File: vX3l0RFP8wYWbYzlIK4XOLo03gE.roa (raw, json)
Hash identifier: O/CBbzcjLBMSdex+uXzn+zvPanYhxx6neciF073udd4=
Subject key identifier: BD:7D:E5:D1:11:4F:F3:06:16:6D:8C:E5:20:AE:17:38:BA:34:DE:01
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01823982B55CD29E1C3C64870491A0E23BDE
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/vX3l0RFP8wYWbYzlIK4XOLo03gE.roa
Signing time: Tue 26 Jul 2022 07:57:23 +0000
ROA not before: Tue 26 Jul 2022 07:57:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28964
IP address blocks: 178.253.193.0/24 maxlen: 24
178.253.212.0/24 maxlen: 24
178.253.218.0/24 maxlen: 24
178.253.216.0/24 maxlen: 24
178.253.217.0/24 maxlen: 24
178.253.220.0/23 maxlen: 23
93.186.65.0/24 maxlen: 24
93.186.77.0/24 maxlen: 24
188.255.206.0/23 maxlen: 23
188.255.205.0/24 maxlen: 24
188.255.207.0/24 maxlen: 24
188.255.217.0/24 maxlen: 24
188.255.228.0/24 maxlen: 24
188.255.230.0/23 maxlen: 23
109.121.48.0/24 maxlen: 24
109.121.49.0/24 maxlen: 24
109.121.53.0/24 maxlen: 24
109.121.55.0/24 maxlen: 24
212.69.3.0/24 maxlen: 24
212.69.4.0/24 maxlen: 24
188.255.253.0/24 maxlen: 24
212.69.5.0/24 maxlen: 24
178.253.238.0/24 maxlen: 24
109.233.188.0/24 maxlen: 24
109.233.190.0/24 maxlen: 24
178.253.246.0/24 maxlen: 24
178.253.244.0/24 maxlen: 24
178.253.245.0/24 maxlen: 24
81.18.51.0/24 maxlen: 24
81.18.58.0/24 maxlen: 24
81.18.56.0/24 maxlen: 24
81.18.57.0/24 maxlen: 24
188.255.179.0/24 maxlen: 24
81.18.63.0/24 maxlen: 24
188.255.192.0/23 maxlen: 23
188.255.190.0/24 maxlen: 24
188.255.196.0/22 maxlen: 22
188.255.195.0/24 maxlen: 24
79.175.120.0/24 maxlen: 24
212.69.21.0/24 maxlen: 24
212.69.19.0/24 maxlen: 24
212.69.30.0/24 maxlen: 24
178.219.2.0/24 maxlen: 24
178.219.4.0/22 maxlen: 22
178.219.15.0/24 maxlen: 24
178.219.12.0/23 maxlen: 23
77.105.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:39:82:b5:5c:d2:9e:1c:3c:64:87:04:91:a0:e2:3b:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jul 26 07:57:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd7de5d1114ff306166d8ce520ae1738ba34de01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:94:4f:10:7b:a0:57:1f:e9:6b:7b:9e:87:ac:
92:07:94:d5:a6:aa:1d:0c:e0:70:5e:43:5e:55:a8:
26:77:55:f8:ed:b0:55:78:fe:88:70:41:56:1d:93:
76:3a:cb:d6:30:d6:2a:46:3f:99:22:4d:a1:b8:0f:
68:f4:a1:33:ed:6b:4c:3c:6c:74:b7:a0:8d:f5:cd:
be:1f:29:52:ef:3e:25:e2:03:27:02:6d:30:46:0b:
14:85:ea:62:f7:2e:79:68:f8:4a:45:5c:39:01:a2:
6b:94:3f:9d:de:a6:05:64:a7:ff:27:61:e8:78:02:
4e:07:f4:3d:36:3c:ff:1a:cd:7d:cf:1e:ae:3e:9e:
dc:9a:4a:7b:d9:5d:fb:b1:28:dd:65:f9:c6:e9:f3:
b5:ce:d0:c7:6f:b7:bb:e0:d7:de:fb:67:3b:cd:4f:
9a:1a:29:48:d4:0e:25:17:b9:d6:95:be:21:29:af:
3f:97:90:2e:50:38:c5:5c:6b:0b:f3:49:5b:85:f9:
df:2f:bd:cc:8f:d3:06:7e:7a:c6:cc:f1:60:56:28:
0c:4a:04:f0:b9:11:4c:5f:65:3e:b5:6b:e8:1e:80:
96:c1:7f:d4:3e:d1:43:58:aa:2c:0a:58:e2:b9:2b:
07:63:cf:e8:dc:8e:0b:7c:19:52:3f:a0:9b:1f:9d:
f2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:7D:E5:D1:11:4F:F3:06:16:6D:8C:E5:20:AE:17:38:BA:34:DE:01
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/vX3l0RFP8wYWbYzlIK4XOLo03gE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.39.0/24
79.175.120.0/24
81.18.51.0/24
81.18.56.0-81.18.58.255
81.18.63.0/24
93.186.65.0/24
93.186.77.0/24
109.121.48.0/23
109.121.53.0/24
109.121.55.0/24
109.233.188.0/24
109.233.190.0/24
178.219.2.0/24
178.219.4.0/22
178.219.12.0/23
178.219.15.0/24
178.253.193.0/24
178.253.212.0/24
178.253.216.0-178.253.218.255
178.253.220.0/23
178.253.238.0/24
178.253.244.0-178.253.246.255
188.255.179.0/24
188.255.190.0/24
188.255.192.0/23
188.255.195.0-188.255.199.255
188.255.205.0-188.255.207.255
188.255.217.0/24
188.255.228.0/24
188.255.230.0/23
188.255.253.0/24
212.69.3.0-212.69.5.255
212.69.19.0/24
212.69.21.0/24
212.69.30.0/24
Signature Algorithm: sha256WithRSAEncryption
96:c9:25:fa:98:a5:ff:5d:5a:c4:88:b5:17:9a:77:86:c0:96:
03:4d:88:ac:43:f9:a9:2f:40:62:53:7a:3c:a8:91:fc:b5:85:
06:8b:c0:de:8f:8b:5d:dd:15:0a:2f:73:af:8d:38:80:70:19:
9c:86:b9:ed:4a:6a:65:3d:0d:ef:ae:8a:5e:9d:09:24:42:02:
42:29:ad:12:c9:2c:36:8b:d2:0a:aa:d9:d0:b9:1e:29:22:28:
c1:7d:b5:85:b1:47:05:88:a3:d8:e0:bd:70:3c:ed:5e:e9:fa:
8e:dc:f2:10:32:91:05:59:5c:99:84:cb:e6:11:4c:35:1f:13:
9d:c8:28:3c:36:bc:ce:bc:c5:54:2e:be:43:04:f2:bc:02:07:
fc:c5:39:a4:95:17:8e:cb:e8:0c:86:5e:79:fe:53:cd:19:5d:
85:a7:86:15:31:35:2c:0f:28:ac:9a:3e:70:5d:d4:55:dc:b6:
67:0d:5b:c5:59:ca:14:7a:e0:1e:bc:b3:f1:38:03:b6:79:f9:
5e:fa:f9:60:f9:f3:cd:50:a3:4a:a6:31:29:f7:97:cb:32:9c:
73:57:0c:59:6b:35:3f:f1:b7:b5:d4:24:ff:8b:5f:fa:d2:d0:
89:4d:89:8d:f5:c9:99:cf:26:de:17:f5:ac:01:16:69:97:8a:
f5:c3:b4:05
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAYI5grVc0p4cPGSHBJGg4jveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjIwNzI2MDc1NzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDdkZTVkMTExNGZmMzA2MTY2ZDhjZTUyMGFlMTczOGJhMzRkZTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJRPEHugVx/pa3ueh6ySB5TVpqod
DOBwXkNeVagmd1X47bBVeP6IcEFWHZN2OsvWMNYqRj+ZIk2huA9o9KEz7WtMPGx0
t6CN9c2+HylS7z4l4gMnAm0wRgsUhepi9y55aPhKRVw5AaJrlD+d3qYFZKf/J2Ho
eAJOB/Q9Njz/Gs19zx6uPp7cmkp72V37sSjdZfnG6fO1ztDHb7e74Nfe+2c7zU+a
GilI1A4lF7nWlb4hKa8/l5AuUDjFXGsL80lbhfnfL73Mj9MGfnrGzPFgVigMSgTw
uRFMX2U+tWvoHoCWwX/UPtFDWKosCljiuSsHY8/o3I4LfBlSP6CbH53yUQIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFL195dERT/MGFm2M5SCuFzi6NN4BMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvdlgzbDBSRlA4d1lXYll6bElLNFhPTG8wM2dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCCAQoEAgABMIIB
AgMEAE1pJwMEAE+veAMEAFESMzAMAwQDURI4AwQAURI6AwQAURI/AwQAXbpBAwQA
XbpNAwQBbXkwAwQAbXk1AwQAbXk3AwQAbem8AwQAbem+AwQAstsCAwQCstsEAwQB
stsMAwQAstsPAwQAsv3BAwQAsv3UMAwDBAOy/dgDBACy/doDBAGy/dwDBACy/e4w
DAMEArL99AMEALL99gMEALz/swMEALz/vgMEAbz/wDAMAwQAvP/DAwQDvP/AMAwD
BAC8/80DBAS8/8ADBAC8/9kDBAC8/+QDBAG8/+YDBAC8//0wDAMEANRFAwMEAdRF
BAMEANRFEwMEANRFFQMEANRFHjANBgkqhkiG9w0BAQsFAAOCAQEAlskl+pil/11a
xIi1F5p3hsCWA02IrEP5qS9AYlN6PKiR/LWFBovA3o+LXd0VCi9zr404gHAZnIa5
7UpqZT0N766KXp0JJEICQimtEsksNovSCqrZ0LkeKSIowX21hbFHBYij2OC9cDzt
Xun6jtzyEDKRBVlcmYTL5hFMNR8TncgoPDa8zrzFVC6+QwTyvAIH/MU5pJUXjsvo
DIZeef5TzRldhaeGFTE1LA8orJo+cF3UVdy2Zw1bxVnKFHrgHryz8TgDtnn5Xvr5
YPnzzVCjSqYxKfeXyzKcc1cMWWs1P/G3tdQk/4tf+tLQiU2JjfXJmc8m3hf1rAEW
aZeK9cO0BQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:27 2024 by rpki-client on console-fra.rpki-client.org