Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/rZnGYOAmGutmr4DHXiNL5Nqgrmw.roa
File: rZnGYOAmGutmr4DHXiNL5Nqgrmw.roa (raw, json)
Hash identifier: KRMi8UYLR9pHyroxlQNMAjZOL2lvG9KQXMRcRlvxY5w=
Subject key identifier: AD:99:C6:60:E0:26:1A:EB:66:AF:80:C7:5E:23:4B:E4:DA:A0:AE:6C
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 0185161D8CF944D27A0EFC44447B0640EA67
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/rZnGYOAmGutmr4DHXiNL5Nqgrmw.roa
Signing time: Thu 15 Dec 2022 14:08:33 +0000
ROA not before: Thu 15 Dec 2022 14:08:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8641
IP address blocks: 213.208.160.0/21 maxlen: 21
213.208.168.0/23 maxlen: 23
213.208.170.0/24 maxlen: 24
213.208.172.0/22 maxlen: 22
213.208.176.0/21 maxlen: 21
213.208.186.0/23 maxlen: 23
213.208.184.0/24 maxlen: 24
213.208.188.0/22 maxlen: 22
81.26.144.0/21 maxlen: 21
81.26.144.0/24 maxlen: 24
81.26.152.0/22 maxlen: 22
185.106.107.0/24 maxlen: 24
77.94.162.0/24 maxlen: 24
77.94.160.0/19 maxlen: 19
84.47.128.0/22 maxlen: 22
77.94.175.0/24 maxlen: 24
84.47.135.0/24 maxlen: 24
84.47.134.0/23 maxlen: 23
84.47.136.0/24 maxlen: 24
84.47.140.0/22 maxlen: 22
84.47.144.0/23 maxlen: 23
84.47.152.0/23 maxlen: 23
85.91.96.0/21 maxlen: 21
84.47.147.0/24 maxlen: 24
77.94.189.0/24 maxlen: 24
84.47.148.0/22 maxlen: 22
84.47.156.0/22 maxlen: 22
84.47.160.0/24 maxlen: 24
84.47.161.0/24 maxlen: 24
84.47.162.0/24 maxlen: 24
84.47.163.0/24 maxlen: 24
84.47.160.0/22 maxlen: 22
85.91.112.0/22 maxlen: 22
84.47.164.0/23 maxlen: 23
84.47.168.0/21 maxlen: 21
85.91.118.0/23 maxlen: 23
213.135.64.0/22 maxlen: 22
213.135.70.0/23 maxlen: 23
84.47.178.0/24 maxlen: 24
85.91.122.0/24 maxlen: 24
84.47.176.0/24 maxlen: 24
213.135.69.0/24 maxlen: 24
84.47.177.0/24 maxlen: 24
84.47.176.0/23 maxlen: 23
85.91.120.0/23 maxlen: 23
84.47.181.0/24 maxlen: 24
213.135.72.0/23 maxlen: 23
84.47.182.0/23 maxlen: 23
84.47.186.0/23 maxlen: 23
213.135.77.0/24 maxlen: 24
213.135.80.0/24 maxlen: 24
84.47.190.0/23 maxlen: 23
213.135.79.0/24 maxlen: 24
213.135.80.0/21 maxlen: 21
213.135.88.0/22 maxlen: 22
2a02:bc8::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:16:1d:8c:f9:44:d2:7a:0e:fc:44:44:7b:06:40:ea:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Dec 15 14:08:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad99c660e0261aeb66af80c75e234be4daa0ae6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:cd:4b:61:67:b3:22:d8:34:47:6e:3e:af:37:
13:e8:81:80:b0:ce:92:1d:8b:29:88:a9:a8:89:37:
70:3a:18:1f:7f:1c:56:d3:f3:7b:2f:61:23:4c:1a:
2b:30:49:c4:51:38:1f:ae:1a:97:bc:64:bb:05:39:
47:32:f3:16:4b:d5:a3:cd:f8:24:f4:e0:9b:e6:2e:
9a:0e:48:fc:33:e4:e9:9e:93:7e:0a:db:31:11:6b:
0b:23:de:c8:a7:82:a0:a4:12:d2:06:cd:56:cb:75:
5e:8a:34:fb:69:73:df:4f:9b:75:fe:05:78:02:fc:
78:34:ea:fe:3c:56:7a:ad:f5:b1:ca:35:b1:82:fb:
54:27:37:0e:7d:97:9e:0f:64:28:23:a3:27:dd:c7:
63:87:71:14:1a:72:0a:a3:4c:1c:64:61:e0:92:5e:
80:01:f0:8d:39:c2:cc:6e:9f:85:b1:80:b0:e3:a2:
9b:35:55:c1:2e:a2:3c:d6:83:7c:e7:0f:3f:20:cb:
48:c9:05:23:ed:46:f3:1e:71:82:91:09:74:1a:39:
a6:6a:c3:37:a2:77:df:10:8e:b8:99:ce:e1:01:80:
f1:7b:99:bd:1f:c1:51:e1:94:4f:9c:a4:e8:43:47:
51:38:43:60:8b:6e:5b:82:72:61:0c:43:8e:3b:f4:
a1:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:99:C6:60:E0:26:1A:EB:66:AF:80:C7:5E:23:4B:E4:DA:A0:AE:6C
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/rZnGYOAmGutmr4DHXiNL5Nqgrmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.160.0/19
81.26.144.0-81.26.155.255
84.47.128.0/22
84.47.134.0-84.47.136.255
84.47.140.0-84.47.145.255
84.47.147.0-84.47.153.255
84.47.156.0-84.47.165.255
84.47.168.0-84.47.178.255
84.47.181.0-84.47.183.255
84.47.186.0/23
84.47.190.0/23
85.91.96.0/21
85.91.112.0/22
85.91.118.0-85.91.122.255
185.106.107.0/24
213.135.64.0/22
213.135.69.0-213.135.73.255
213.135.77.0/24
213.135.79.0-213.135.91.255
213.208.160.0-213.208.170.255
213.208.172.0-213.208.184.255
213.208.186.0-213.208.191.255
IPv6:
2a02:bc8::/29
Signature Algorithm: sha256WithRSAEncryption
41:b1:cb:f5:1d:fb:d7:8d:d4:5a:c5:99:1e:12:3c:83:ef:06:
2a:ec:8e:ae:65:ca:b9:2f:61:d0:fd:93:b4:40:f9:5f:32:c0:
52:b4:0b:19:c6:ce:ad:32:24:f5:7a:b7:de:83:69:b7:dd:25:
3a:36:d6:c1:07:b0:1c:f6:96:38:f2:2a:99:59:cb:8c:d5:07:
40:43:4f:36:7b:9f:b1:f8:44:ad:36:8f:7e:82:05:74:2a:43:
8c:d4:c1:11:6d:36:a6:a1:15:22:77:41:f1:65:bb:b4:96:ff:
ff:99:ee:b2:22:5b:59:07:f3:bb:0d:61:a8:ef:ab:c1:6a:fb:
3b:9c:07:58:33:5c:d8:93:2d:97:85:54:e7:e7:82:1f:bb:fb:
c1:70:b0:01:f1:90:6f:49:d8:3e:76:52:5a:bc:cc:51:30:07:
36:7c:d3:7f:07:01:9e:9b:ed:ab:85:52:c3:bf:33:31:6a:78:
56:45:19:13:0d:7d:cc:80:e3:d2:8e:83:cf:8b:d5:99:07:c5:
cb:d5:53:5e:ab:67:ea:1b:d4:22:33:1b:e8:4c:53:83:ed:0f:
19:cd:a6:11:92:07:49:81:2e:93:89:a5:80:b7:a6:1f:6c:9c:
58:3b:10:cd:dc:9a:c6:42:6a:3f:8f:36:34:9f:c6:40:14:39:
68:9b:c4:63
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAYUWHYz5RNJ6DvxERHsGQOpnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjIxMjE1MTQwODMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDk5YzY2MGUwMjYxYWViNjZhZjgwYzc1ZTIzNGJlNGRhYTBhZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjs1LYWezItg0R24+rzcT6IGAsM6S
HYspiKmoiTdwOhgffxxW0/N7L2EjTBorMEnEUTgfrhqXvGS7BTlHMvMWS9Wjzfgk
9OCb5i6aDkj8M+TpnpN+CtsxEWsLI97Ip4KgpBLSBs1Wy3VeijT7aXPfT5t1/gV4
Avx4NOr+PFZ6rfWxyjWxgvtUJzcOfZeeD2QoI6Mn3cdjh3EUGnIKo0wcZGHgkl6A
AfCNOcLMbp+FsYCw46KbNVXBLqI81oN85w8/IMtIyQUj7UbzHnGCkQl0GjmmasM3
onffEI64mc7hAYDxe5m9H8FR4ZRPnKToQ0dROENgi25bgnJhDEOOO/ShpQIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFK2ZxmDgJhrrZq+Ax14jS+TaoK5sMB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvclpuR1lPQW1HdXRtcjRESFhpTkw1TnFncm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCB8wQCAAEwgewD
BAVNXqAwDAMEBFEakAMEAlEamAMEAlQvgDAMAwQBVC+GAwQAVC+IMAwDBAJUL4wD
BAFUL5AwDAMEAFQvkwMEAVQvmDAMAwQCVC+cAwQBVC+kMAwDBANUL6gDBABUL7Iw
DAMEAFQvtQMEA1QvsAMEAVQvugMEAVQvvgMEA1VbYAMEAlVbcDAMAwQBVVt2AwQA
VVt6AwQAuWprAwQC1YdAMAwDBADVh0UDBAHVh0gDBADVh00wDAMEANWHTwMEAtWH
WDAMAwQF1dCgAwQA1dCqMAwDBALV0KwDBADV0LgwDAMEAdXQugMEBtXQgDANBAIA
AjAHAwUDKgILyDANBgkqhkiG9w0BAQsFAAOCAQEAQbHL9R37143UWsWZHhI8g+8G
KuyOrmXKuS9h0P2TtED5XzLAUrQLGcbOrTIk9Xq33oNpt90lOjbWwQewHPaWOPIq
mVnLjNUHQENPNnufsfhErTaPfoIFdCpDjNTBEW02pqEVIndB8WW7tJb//5nusiJb
WQfzuw1hqO+rwWr7O5wHWDNc2JMtl4VU5+eCH7v7wXCwAfGQb0nYPnZSWrzMUTAH
NnzTfwcBnpvtq4VSw78zMWp4VkUZEw19zIDj0o6Dz4vVmQfFy9VTXqtn6hvUIjMb
6ExTg+0PGc2mEZIHSYEuk4mlgLemH2ycWDsQzdyaxkJqP482NJ/GQBQ5aJvEYw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:21 2023 by rpki-client on console-fra.rpki-client.org