Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/hEeBlh5dyH41Nui-F24bomqP6wU.roa
File: hEeBlh5dyH41Nui-F24bomqP6wU.roa (raw, json)
Hash identifier: gozsJeoqodVD8ODNwml0fCgtlhAW3HbkVlCLsl0Oy94=
Subject key identifier: 84:47:81:96:1E:5D:C8:7E:35:36:E8:BE:17:6E:1B:A2:6A:8F:EB:05
Certificate issuer: /CN=1074db96402ff5cf187564560ea8f13eeeb5ffeb
Certificate serial: 1BA4847A
Authority key identifier: 10:74:DB:96:40:2F:F5:CF:18:75:64:56:0E:A8:F1:3E:EE:B5:FF:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHTblkAv9c8YdWRWDqjxPu61_-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/hEeBlh5dyH41Nui-F24bomqP6wU.roa
Signing time: Sat 01 Jan 2022 12:05:15 +0000
ROA not before: Sat 01 Jan 2022 12:05:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8685
IP address blocks: 212.2.192.0/21 maxlen: 21
212.2.192.0/19 maxlen: 24
212.2.192.0/24 maxlen: 24
212.2.194.0/24 maxlen: 24
212.2.193.0/24 maxlen: 24
212.2.199.0/24 maxlen: 24
212.2.198.0/24 maxlen: 24
212.2.197.0/24 maxlen: 24
212.2.196.0/24 maxlen: 24
212.2.195.0/24 maxlen: 24
212.2.206.0/24 maxlen: 24
212.2.204.0/22 maxlen: 22
212.2.204.0/23 maxlen: 23
212.2.205.0/24 maxlen: 24
212.2.204.0/24 maxlen: 24
212.2.213.0/24 maxlen: 24
212.2.212.0/24 maxlen: 24
212.2.211.0/24 maxlen: 24
212.2.212.0/23 maxlen: 23
212.2.210.0/24 maxlen: 24
212.2.209.0/24 maxlen: 24
212.2.208.0/24 maxlen: 24
212.2.216.0/21 maxlen: 21
212.2.217.0/24 maxlen: 24
212.2.215.0/24 maxlen: 24
212.2.222.0/24 maxlen: 24
82.151.131.0/24 maxlen: 24
82.151.128.0/19 maxlen: 24
82.151.132.0/24 maxlen: 24
82.151.138.0/24 maxlen: 24
82.151.134.0/24 maxlen: 24
82.151.133.0/24 maxlen: 24
82.151.144.0/24 maxlen: 24
82.151.143.0/24 maxlen: 24
82.151.142.0/24 maxlen: 24
82.151.140.0/24 maxlen: 24
185.58.244.0/22 maxlen: 24
94.102.64.0/20 maxlen: 24
94.102.64.0/21 maxlen: 21
94.102.70.0/23 maxlen: 24
94.102.72.0/21 maxlen: 24
94.102.76.0/24 maxlen: 24
212.58.31.0/24 maxlen: 24
212.58.28.0/24 maxlen: 24
81.21.174.0/24 maxlen: 24
81.21.166.0/24 maxlen: 24
81.21.161.0/24 maxlen: 24
81.21.160.0/20 maxlen: 24
81.21.160.0/21 maxlen: 21
81.21.170.0/24 maxlen: 24
81.21.169.0/24 maxlen: 24
81.21.168.0/21 maxlen: 24
81.21.167.0/24 maxlen: 24
82.151.154.0/23 maxlen: 24
212.58.0.0/19 maxlen: 24
212.58.0.0/24 maxlen: 24
212.58.0.0/21 maxlen: 21
212.58.8.0/21 maxlen: 24
212.58.16.0/24 maxlen: 24
212.58.16.0/21 maxlen: 24
212.58.13.0/24 maxlen: 24
212.58.24.0/21 maxlen: 24
212.58.18.0/24 maxlen: 24
213.155.96.0/21 maxlen: 21
213.155.96.0/19 maxlen: 24
213.155.104.0/21 maxlen: 24
213.155.103.0/24 maxlen: 24
213.155.99.0/24 maxlen: 24
213.155.112.0/21 maxlen: 24
213.155.124.0/22 maxlen: 24
213.155.122.0/23 maxlen: 24
213.155.121.0/24 maxlen: 24
213.155.120.0/23 maxlen: 24
2a02:480::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 463766650 (0x1ba4847a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1074db96402ff5cf187564560ea8f13eeeb5ffeb
Validity
Not Before: Jan 1 12:05:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=844781961e5dc87e3536e8be176e1ba26a8feb05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:15:1c:2e:3c:8f:6e:99:38:1a:e3:09:21:b6:
4d:ff:61:31:18:81:40:b6:9c:5d:48:50:b3:14:66:
36:7a:2a:7c:f9:b4:73:59:da:54:e7:8e:bc:2f:3d:
ba:88:44:e7:04:1d:08:b0:35:26:b6:b0:fc:ab:79:
6f:32:4f:1f:21:5d:a9:fe:96:c9:9a:b0:18:23:9e:
78:3d:af:50:e7:8b:f2:3d:79:9d:48:cc:08:b2:b6:
8b:51:53:e2:cb:83:57:0b:fc:90:41:d7:c0:69:68:
66:57:c5:d8:e3:bb:98:4c:c1:de:06:f2:4d:67:23:
3a:40:1e:7f:c0:ee:ee:ab:c1:8d:4d:5d:24:fc:31:
a3:a1:a9:f6:35:01:43:02:0c:0c:3b:0f:6a:db:bc:
6f:f6:5d:64:ba:f7:cd:47:dd:9c:aa:30:2e:3e:a8:
f3:d3:0f:1b:99:9b:68:9e:72:01:0d:92:55:58:73:
85:72:c8:98:b8:19:2b:48:55:d7:d0:a2:5c:39:a8:
ba:df:e0:6d:b2:4e:9f:00:9d:8a:cd:50:a0:72:d8:
52:14:76:a4:88:88:7a:5c:ad:ae:52:ee:6a:05:30:
51:ca:c8:4a:52:26:25:43:50:ca:9a:d2:16:ab:70:
d0:fc:e1:02:a9:5f:1d:d4:cf:5f:83:e9:dc:b2:f0:
a7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:47:81:96:1E:5D:C8:7E:35:36:E8:BE:17:6E:1B:A2:6A:8F:EB:05
X509v3 Authority Key Identifier:
keyid:10:74:DB:96:40:2F:F5:CF:18:75:64:56:0E:A8:F1:3E:EE:B5:FF:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHTblkAv9c8YdWRWDqjxPu61_-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/hEeBlh5dyH41Nui-F24bomqP6wU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/EHTblkAv9c8YdWRWDqjxPu61_-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.160.0/20
82.151.128.0/19
94.102.64.0/20
185.58.244.0/22
212.2.192.0/19
212.58.0.0/19
213.155.96.0/19
IPv6:
2a02:480::/32
Signature Algorithm: sha256WithRSAEncryption
9e:a4:5b:81:ab:3c:e4:92:17:35:ab:51:b5:f7:c6:78:b0:ad:
13:52:25:f6:88:84:62:71:be:39:90:55:e6:31:77:a7:e3:52:
1d:31:55:8c:1d:f4:6f:a8:94:f9:3e:65:3f:84:96:f7:f9:a3:
ae:47:c2:d7:b2:2c:a4:d0:14:22:0f:ea:8e:85:37:8a:46:53:
b5:0b:d9:57:d2:16:da:b3:e0:b5:64:30:36:16:a2:da:f3:46:
b5:19:24:bf:2a:7d:26:2d:9e:f9:38:cb:8c:87:65:14:97:57:
97:b7:80:f7:6a:dd:41:9a:84:cf:2c:e1:9c:1d:2e:f3:66:aa:
1e:8e:68:a5:a4:15:b3:18:49:d3:66:99:41:fc:d3:1c:b1:43:
5f:45:8a:50:a4:40:b8:50:f8:dd:e4:6a:20:ac:d4:78:27:75:
df:a8:4c:e8:98:63:f7:50:ba:45:8a:97:ff:d3:04:83:15:25:
2d:b2:b4:18:06:31:9f:f2:25:58:77:7d:0b:61:65:3e:69:31:
ce:40:8c:07:49:9a:24:06:52:b6:6e:62:7a:0f:5a:bd:a8:99:
c0:89:fc:dc:5b:de:34:59:59:c3:ca:7d:4c:41:4d:ce:c9:1e:
ff:2b:9d:2f:01:0c:2d:84:f9:fe:0d:89:ad:bc:8f:83:8b:17:
a8:83:82:a8
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEG6SEejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MDc0ZGI5NjQwMmZmNWNmMTg3NTY0NTYwZWE4ZjEzZWVlYjVmZmViMB4XDTIyMDEw
MTEyMDUxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODQ0NzgxOTYxZTVk
Yzg3ZTM1MzZlOGJlMTc2ZTFiYTI2YThmZWIwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOwVHC48j26ZOBrjCSG2Tf9hMRiBQLacXUhQsxRmNnoqfPm0
c1naVOeOvC89uohE5wQdCLA1Jraw/Kt5bzJPHyFdqf6WyZqwGCOeeD2vUOeL8j15
nUjMCLK2i1FT4suDVwv8kEHXwGloZlfF2OO7mEzB3gbyTWcjOkAef8Du7qvBjU1d
JPwxo6Gp9jUBQwIMDDsPatu8b/ZdZLr3zUfdnKowLj6o89MPG5mbaJ5yAQ2SVVhz
hXLImLgZK0hV19CiXDmout/gbbJOnwCdis1QoHLYUhR2pIiIelytrlLuagUwUcrI
SlImJUNQyprSFqtw0PzhAqlfHdTPX4Pp3LLwp6MCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBSER4GWHl3IfjU26L4Xbhuiao/rBTAfBgNVHSMEGDAWgBQQdNuWQC/1zxh1
ZFYOqPE+7rX/6zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VIVGJsa0F2OWM4WWRXUldEcWp4UHU2MV8tcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvMWUxZDY5LTBiZmQtNDBhZi04OGIxLWFiNDBiNThhMjg5Mi8x
L2hFZUJsaDVkeUg0MU51aS1GMjRib21xUDZ3VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMv
MWUxZDY5LTBiZmQtNDBhZi04OGIxLWFiNDBiNThhMjg5Mi8xL0VIVGJsa0F2OWM4
WWRXUldEcWp4UHU2MV8tcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBFEVoAMEBVKXgAMEBF5mQAMEArk6
9AMEBdQCwAMEBdQ6AAMEBdWbYDANBAIAAjAHAwUAKgIEgDANBgkqhkiG9w0BAQsF
AAOCAQEAnqRbgas85JIXNatRtffGeLCtE1Il9oiEYnG+OZBV5jF3p+NSHTFVjB30
b6iU+T5lP4SW9/mjrkfC17IspNAUIg/qjoU3ikZTtQvZV9IW2rPgtWQwNhai2vNG
tRkkvyp9Ji2e+TjLjIdlFJdXl7eA92rdQZqEzyzhnB0u82aqHo5opaQVsxhJ02aZ
QfzTHLFDX0WKUKRAuFD43eRqIKzUeCd136hM6Jhj91C6RYqX/9MEgxUlLbK0GAYx
n/IlWHd9C2FlPmkxzkCMB0maJAZStm5ieg9avaiZwIn83FveNFlZw8p9TEFNzske
/yudLwEMLYT5/g2JrbyPg4sXqIOCqA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:31:05 2025 by rpki-client