Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/cd4af6-b742-4cdc-b3a0-67a87d8a3b9b/1/cbNPtvidQAQebFMxGJwavzso-fw.roa
File: cbNPtvidQAQebFMxGJwavzso-fw.roa (raw, json)
Hash identifier: EiLfM2zwuaaXsLCxyjzOPcHhAeqSpXIUr8pIfHHQOTs=
Subject key identifier: 71:B3:4F:B6:F8:9D:40:04:1E:6C:53:31:18:9C:1A:BF:3B:28:F9:FC
Certificate issuer: /CN=d4fdd596267d56f7ce56ebfaec86a32708fede00
Certificate serial: 0C9EC83D
Authority key identifier: D4:FD:D5:96:26:7D:56:F7:CE:56:EB:FA:EC:86:A3:27:08:FE:DE:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P3VliZ9VvfOVuv67IajJwj-3gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/cd4af6-b742-4cdc-b3a0-67a87d8a3b9b/1/cbNPtvidQAQebFMxGJwavzso-fw.roa
Signing time: Sat 01 Jan 2022 06:54:01 +0000
ROA not before: Sat 01 Jan 2022 06:54:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206206
IP address blocks: 185.187.77.0/24 maxlen: 24
185.187.76.0/22 maxlen: 24
185.187.76.0/24 maxlen: 24
185.187.78.0/24 maxlen: 24
185.187.79.0/24 maxlen: 24
185.244.152.0/22 maxlen: 24
185.244.152.0/24 maxlen: 24
185.244.152.0/23 maxlen: 24
185.244.155.0/24 maxlen: 24
185.244.154.0/23 maxlen: 24
185.244.154.0/24 maxlen: 24
185.244.153.0/24 maxlen: 24
212.237.120.0/23 maxlen: 24
212.237.122.0/24 maxlen: 24
212.237.122.0/23 maxlen: 24
212.237.121.0/24 maxlen: 24
212.237.120.0/24 maxlen: 24
212.237.120.0/22 maxlen: 24
212.237.119.0/24 maxlen: 24
212.237.125.0/24 maxlen: 24
212.237.124.0/22 maxlen: 24
212.237.124.0/24 maxlen: 24
212.237.123.0/24 maxlen: 24
212.237.127.0/24 maxlen: 24
212.237.126.0/24 maxlen: 24
185.136.150.0/24 maxlen: 24
185.136.150.0/23 maxlen: 24
185.136.149.0/24 maxlen: 24
185.136.148.0/23 maxlen: 24
185.136.148.0/24 maxlen: 24
185.136.151.0/24 maxlen: 24
37.156.107.0/24 maxlen: 24
37.156.106.0/24 maxlen: 24
212.237.112.0/24 maxlen: 24
212.237.112.0/23 maxlen: 24
212.237.113.0/24 maxlen: 24
212.237.118.0/24 maxlen: 24
212.237.118.0/23 maxlen: 24
212.237.112.0/21 maxlen: 24
212.237.117.0/24 maxlen: 24
212.237.116.0/24 maxlen: 24
212.237.116.0/23 maxlen: 24
212.237.115.0/24 maxlen: 24
212.237.114.0/24 maxlen: 24
212.237.114.0/23 maxlen: 24
37.156.105.0/24 maxlen: 24
37.156.104.0/24 maxlen: 24
37.156.104.0/22 maxlen: 24
185.24.60.0/23 maxlen: 24
185.24.60.0/22 maxlen: 24
185.24.60.0/24 maxlen: 24
185.24.63.0/24 maxlen: 24
185.24.62.0/23 maxlen: 24
185.24.62.0/24 maxlen: 24
185.24.61.0/24 maxlen: 24
2a06:fd80::/48 maxlen: 48
2a06:fd80::/64 maxlen: 64
2a06:fd80:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 211732541 (0xc9ec83d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4fdd596267d56f7ce56ebfaec86a32708fede00
Validity
Not Before: Jan 1 06:54:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71b34fb6f89d40041e6c5331189c1abf3b28f9fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6d:f5:18:17:16:e2:e3:00:99:d5:e9:5f:9d:
55:6e:d8:81:12:d0:f5:a8:db:ee:f1:b9:27:85:37:
86:5f:8c:6e:95:b8:37:e9:10:02:28:a7:ec:6a:58:
d0:a7:9f:85:51:e5:e1:88:f0:ba:49:2b:87:0c:85:
f6:f5:9a:1e:51:3f:b7:c8:89:43:84:31:62:aa:d5:
ae:d1:30:0a:f4:71:67:57:c3:c6:d8:40:ed:46:27:
42:9d:8b:c3:43:88:ab:7b:a1:20:04:65:67:40:4a:
3a:f8:aa:53:26:12:5c:86:af:2e:ed:49:f5:cd:2d:
08:8b:36:52:e4:58:ff:e7:10:22:11:92:3c:9a:41:
d9:e0:1c:75:e1:02:98:8b:8b:a5:90:0a:ef:5f:71:
57:ad:ea:cf:0e:87:0b:68:4b:59:4d:3c:25:52:8b:
58:0d:4c:a2:0a:9d:76:2b:e6:46:9e:4a:c1:37:e1:
ce:be:c2:08:c6:2d:10:b0:13:eb:19:47:56:3a:d0:
35:95:ed:dc:47:a5:92:55:74:b6:63:44:35:ec:2f:
1a:91:38:d2:67:e0:f6:69:6e:2f:92:49:62:a1:8d:
42:6d:61:b3:58:c2:c2:aa:c4:e3:60:a7:78:e8:64:
ea:d8:e6:3e:e9:83:2c:b4:74:55:a7:8d:6b:a0:cf:
7c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B3:4F:B6:F8:9D:40:04:1E:6C:53:31:18:9C:1A:BF:3B:28:F9:FC
X509v3 Authority Key Identifier:
keyid:D4:FD:D5:96:26:7D:56:F7:CE:56:EB:FA:EC:86:A3:27:08:FE:DE:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P3VliZ9VvfOVuv67IajJwj-3gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cd4af6-b742-4cdc-b3a0-67a87d8a3b9b/1/cbNPtvidQAQebFMxGJwavzso-fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cd4af6-b742-4cdc-b3a0-67a87d8a3b9b/1/1P3VliZ9VvfOVuv67IajJwj-3gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.104.0/22
185.24.60.0/22
185.136.148.0/22
185.187.76.0/22
185.244.152.0/22
212.237.112.0/20
IPv6:
2a06:fd80::/47
Signature Algorithm: sha256WithRSAEncryption
39:92:a5:e8:07:b8:23:3b:a4:3c:38:bc:34:92:38:a2:a6:56:
15:6a:45:f2:6d:38:67:1a:e7:17:dd:e3:3f:4b:87:20:3a:5e:
e0:8c:3c:4d:2d:0c:f5:52:7c:3d:68:59:13:f2:76:78:33:17:
6d:d7:c3:0f:4f:49:63:c3:2a:1a:d2:b3:6b:37:d0:7e:fb:59:
96:4f:30:af:ad:6e:25:48:58:7c:a1:84:bb:e9:90:f3:cc:e1:
73:59:65:ec:ae:e2:ad:0b:62:3d:5b:b7:47:b5:6a:e8:3f:d8:
d9:f4:64:33:b6:fd:6b:40:56:41:c2:7b:8f:c1:46:de:ad:d6:
65:35:b5:0a:2d:02:33:9d:b1:30:9d:4e:74:d2:a6:5a:27:83:
19:90:d2:75:76:06:65:b4:42:c5:15:fd:bb:85:72:34:97:67:
6c:5b:5d:f6:c3:5b:3e:09:8f:64:99:e6:82:1f:04:30:1d:5b:
40:fd:b2:28:2f:ea:51:1b:73:97:b9:2d:1c:51:e2:1a:a3:56:
71:f7:ba:e8:81:fc:25:43:9c:34:a6:37:12:f5:2d:14:2a:65:
eb:03:9b:ba:3e:4d:f7:b0:fb:dc:6a:43:9b:b7:70:c5:79:18:
97:48:f6:93:a4:1f:0f:b3:ee:8f:58:24:61:80:b8:95:20:08:
29:2c:17:47
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEDJ7IPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGZkZDU5NjI2N2Q1NmY3Y2U1NmViZmFlYzg2YTMyNzA4ZmVkZTAwMB4XDTIyMDEw
MTA2NTQwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzFiMzRmYjZmODlk
NDAwNDFlNmM1MzMxMTg5YzFhYmYzYjI4ZjlmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5t9RgXFuLjAJnV6V+dVW7YgRLQ9ajb7vG5J4U3hl+MbpW4
N+kQAiin7GpY0KefhVHl4YjwukkrhwyF9vWaHlE/t8iJQ4QxYqrVrtEwCvRxZ1fD
xthA7UYnQp2Lw0OIq3uhIARlZ0BKOviqUyYSXIavLu1J9c0tCIs2UuRY/+cQIhGS
PJpB2eAcdeECmIuLpZAK719xV63qzw6HC2hLWU08JVKLWA1MogqddivmRp5KwTfh
zr7CCMYtELAT6xlHVjrQNZXt3EelklV0tmNENewvGpE40mfg9mluL5JJYqGNQm1h
s1jCwqrE42CneOhk6tjmPumDLLR0VaeNa6DPfFECAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBRxs0+2+J1ABB5sUzEYnBq/Oyj5/DAfBgNVHSMEGDAWgBTU/dWWJn1W985W
6/rshqMnCP7eADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFQM1ZsaVo5VnZmT1Z1djY3SWFqSndqLTNnQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvY2Q0YWY2LWI3NDItNGNkYy1iM2EwLTY3YTg3ZDhhM2I5Yi8x
L2NiTlB0dmlkUUFRZWJGTXhHSndhdnpzby1mdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
Y2Q0YWY2LWI3NDItNGNkYy1iM2EwLTY3YTg3ZDhhM2I5Yi8xLzFQM1ZsaVo5VnZm
T1Z1djY3SWFqSndqLTNnQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wKgQCAAEwJAMEAiWcaAMEArkYPAMEArmIlAMEArm7
TAMEArn0mAMEBNTtcDAPBAIAAjAJAwcBKgb9gAAAMA0GCSqGSIb3DQEBCwUAA4IB
AQA5kqXoB7gjO6Q8OLw0kjiiplYVakXybThnGucX3eM/S4cgOl7gjDxNLQz1Unw9
aFkT8nZ4Mxdt18MPT0ljwyoa0rNrN9B++1mWTzCvrW4lSFh8oYS76ZDzzOFzWWXs
ruKtC2I9W7dHtWroP9jZ9GQztv1rQFZBwnuPwUberdZlNbUKLQIznbEwnU500qZa
J4MZkNJ1dgZltELFFf27hXI0l2dsW132w1s+CY9kmeaCHwQwHVtA/bIoL+pRG3OX
uS0cUeIao1Zx97rogfwlQ5w0pjcS9S0UKmXrA5u6Pk33sPvcakObt3DFeRiXSPaT
pB8Ps+6PWCRhgLiVIAgpLBdH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:20 2023 by rpki-client on console-fra.rpki-client.org