Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/_2p3HV5Bwdiuarts_qh_DuX7S98.roa
File: _2p3HV5Bwdiuarts_qh_DuX7S98.roa (raw, json)
Hash identifier: HVkYhIv8ZB8Hb3BR5cMNs0+ulJc9JT/cJ3+ZvhREqKM=
Subject key identifier: FF:6A:77:1D:5E:41:C1:D8:AE:6A:BB:6C:FE:A8:7F:0E:E5:FB:4B:DF
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0C54925F
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/_2p3HV5Bwdiuarts_qh_DuX7S98.roa
Signing time: Mon 06 Jun 2022 09:33:20 +0000
ROA not before: Mon 06 Jun 2022 09:33:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 185.87.120.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.35.154.0/24 maxlen: 24
193.35.155.0/24 maxlen: 24
193.35.153.0/24 maxlen: 24
185.86.4.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.86.7.0/24 maxlen: 24
185.86.14.0/24 maxlen: 24
185.86.15.0/24 maxlen: 24
185.86.12.0/24 maxlen: 24
185.86.152.0/24 maxlen: 24
185.86.155.0/24 maxlen: 24
185.184.24.0/24 maxlen: 24
185.184.25.0/24 maxlen: 24
185.184.26.0/24 maxlen: 24
185.184.27.0/24 maxlen: 24
91.194.55.0/24 maxlen: 24
193.160.140.0/24 maxlen: 24
193.160.141.0/24 maxlen: 24
193.160.142.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
185.254.236.0/24 maxlen: 24
185.254.238.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
185.254.237.0/24 maxlen: 24
193.223.104.0/24 maxlen: 24
193.223.105.0/24 maxlen: 24
185.88.172.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
193.223.107.0/24 maxlen: 24
193.223.106.0/24 maxlen: 24
185.88.173.0/24 maxlen: 24
185.88.174.0/24 maxlen: 24
185.243.182.0/24 maxlen: 24
185.243.183.0/24 maxlen: 24
185.243.180.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.254.30.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
185.254.31.0/24 maxlen: 24
185.85.188.0/24 maxlen: 24
185.250.210.0/24 maxlen: 24
194.62.54.0/24 maxlen: 24
194.62.55.0/24 maxlen: 24
194.62.52.0/24 maxlen: 24
194.62.53.0/24 maxlen: 24
93.190.12.0/24 maxlen: 24
93.190.13.0/24 maxlen: 24
160.20.109.0/24 maxlen: 24
160.20.108.0/24 maxlen: 24
109.236.48.0/24 maxlen: 24
109.236.49.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
185.185.232.0/24 maxlen: 24
185.185.233.0/24 maxlen: 24
185.185.234.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
185.249.202.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
185.98.63.0/24 maxlen: 24
185.98.61.0/24 maxlen: 24
185.98.62.0/24 maxlen: 24
2a0b:2780::/29 maxlen: 29
2a05:bf00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 206869087 (0xc54925f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jun 6 09:33:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff6a771d5e41c1d8ae6abb6cfea87f0ee5fb4bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:03:94:11:96:14:e0:1d:70:01:4e:0a:24:24:
e4:bf:c2:79:10:ee:d8:bd:fe:f0:c9:5d:0c:82:9e:
05:26:45:fe:7a:e0:b5:da:ba:39:89:31:89:a2:3e:
03:f5:48:c0:de:bc:53:c8:40:23:e2:20:ab:52:69:
20:cb:f8:a5:5a:6c:81:53:42:f3:05:b9:dd:88:5f:
9c:cc:3e:3b:eb:d0:4d:5b:12:a9:95:a4:2d:bf:11:
a4:eb:c4:7c:d6:bd:f9:72:fd:94:07:a7:6e:59:99:
0d:dd:62:bc:b7:be:df:a9:28:c4:b3:28:6c:92:44:
19:90:f2:99:89:6c:06:0f:25:b5:12:ad:26:06:57:
c0:77:da:5e:94:c9:68:b8:fe:84:b5:7b:82:92:82:
c5:d7:b5:b4:f6:01:ae:ed:19:8c:89:4b:b1:13:e7:
9e:5f:2e:4d:34:7e:6b:25:12:eb:dd:b8:a6:1d:7c:
81:09:f9:96:38:a3:34:05:73:43:a8:82:22:e0:0c:
b1:a5:d3:f5:79:1b:f1:73:a9:b9:c8:10:3f:6e:2d:
74:e0:53:ed:fc:e0:8f:35:2e:da:a2:ef:17:e7:93:
68:b9:25:0f:6a:12:86:3f:a6:c7:eb:c7:46:5a:b3:
fd:a3:08:0f:34:2e:e3:47:4f:6c:c0:ce:1f:35:87:
ee:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:6A:77:1D:5E:41:C1:D8:AE:6A:BB:6C:FE:A8:7F:0E:E5:FB:4B:DF
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/_2p3HV5Bwdiuarts_qh_DuX7S98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.55.0/24
93.190.12.0/23
109.236.48.0/22
160.20.108.0/23
185.85.188.0/24
185.86.4.0/24
185.86.6.0/23
185.86.12.0/24
185.86.14.0/23
185.86.152.0/24
185.86.155.0/24
185.87.120.0/24
185.88.172.0/22
185.98.61.0-185.98.63.255
185.184.24.0/22
185.185.232.0-185.185.234.255
185.243.180.0/22
185.249.200.0/22
185.250.210.0/24
185.254.28.0/22
185.254.236.0/22
193.35.152.0/22
193.160.140.0/22
193.223.104.0/22
194.62.52.0/22
IPv6:
2a05:bf00::/29
2a0b:2780::/29
Signature Algorithm: sha256WithRSAEncryption
14:c4:d7:b5:0e:61:79:84:61:81:bd:2d:7f:91:7b:f2:3e:b2:
14:85:10:49:36:11:4c:6f:87:21:f2:95:4a:d7:5a:b9:44:ae:
d7:88:1d:4c:ca:0d:f2:5c:03:63:83:80:3b:39:d3:bc:3d:3f:
23:bf:83:a6:f1:74:d2:ee:09:78:9a:23:7c:c7:82:f6:b8:7a:
c7:73:e4:95:d7:bb:06:36:f5:ee:7d:87:f5:04:93:01:3e:18:
84:00:08:69:17:8a:09:5e:b1:64:cd:ee:87:ef:5c:2d:b1:0f:
ad:fa:0a:32:4c:1b:43:2c:25:2c:17:d9:19:af:7b:d8:21:fe:
84:af:26:44:be:04:bb:68:53:2b:96:9b:09:7d:45:5d:08:3b:
3d:0c:4a:3b:1b:3b:a8:f4:f2:e9:10:39:54:10:34:04:d1:fe:
41:1e:71:54:63:6b:4b:5e:3e:2b:6a:75:ed:8c:1f:c7:10:58:
ec:04:ac:ba:ef:74:29:19:f3:c1:b2:63:4c:b0:d7:3c:88:1f:
77:3a:29:fb:7c:72:6d:a8:8b:cf:78:50:40:65:19:13:e6:a1:
14:53:5c:63:fb:0b:f3:0d:d1:17:84:77:c9:ae:b7:1f:c3:4e:
c8:ae:7e:9d:55:b0:25:3f:c5:c8:ec:57:e0:6d:98:f1:ab:95:
d1:a4:8c:f6
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIEDFSSXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjE2YzQxOTUxNTJlZmZlZGJmN2IzYWZlZTJhYTcyZTE5MDkwZTRkMB4XDTIyMDYw
NjA5MzMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmY2YTc3MWQ1ZTQx
YzFkOGFlNmFiYjZjZmVhODdmMGVlNWZiNGJkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8DlBGWFOAdcAFOCiQk5L/CeRDu2L3+8MldDIKeBSZF/nrg
tdq6OYkxiaI+A/VIwN68U8hAI+Igq1JpIMv4pVpsgVNC8wW53YhfnMw+O+vQTVsS
qZWkLb8RpOvEfNa9+XL9lAenblmZDd1ivLe+36koxLMobJJEGZDymYlsBg8ltRKt
JgZXwHfaXpTJaLj+hLV7gpKCxde1tPYBru0ZjIlLsRPnnl8uTTR+ayUS6924ph18
gQn5ljijNAVzQ6iCIuAMsaXT9Xkb8XOpucgQP24tdOBT7fzgjzUu2qLvF+eTaLkl
D2oShj+mx+vHRlqz/aMIDzQu40dPbMDOHzWH7kUCAwEAAaOCAsQwggLAMB0GA1Ud
DgQWBBT/ancdXkHB2K5qu2z+qH8O5ftL3zAfBgNVHSMEGDAWgBTGFsQZUVLv/tv3
s6/uKqcuGQkOTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hoYkVHVkZTN183Yjk3T3Y3aXFuTGhrSkRrMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvYWQ2NTIxLWQzYTktNGIxMy1iZTY5LTM5ZmRiOTg2ZjA1OS8x
L18ycDNIVjVCd2RpdWFydHNfcWhfRHVYN1M5OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
YWQ2NTIxLWQzYTktNGIxMy1iZTY5LTM5ZmRiOTg2ZjA1OS8xL3hoYkVHVkZTN183
Yjk3T3Y3aXFuTGhrSkRrMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
2QYIKwYBBQUHAQcBAf8EgckwgcYwga0EAgABMIGmAwQAW8I3AwQBXb4MAwQCbeww
AwQBoBRsAwQAuVW8AwQAuVYEAwQBuVYGAwQAuVYMAwQBuVYOAwQAuVaYAwQAuVab
AwQAuVd4AwQCuVisMAwDBAC5Yj0DBAa5YgADBAK5uBgwDAMEA7m56AMEALm56gME
ArnztAMEArn5yAMEALn60gMEArn+HAMEArn+7AMEAsEjmAMEAsGgjAMEAsHfaAME
AsI+NDAUBAIAAjAOAwUDKgW/AAMFAyoLJ4AwDQYJKoZIhvcNAQELBQADggEBABTE
17UOYXmEYYG9LX+Re/I+shSFEEk2EUxvhyHylUrXWrlErteIHUzKDfJcA2ODgDs5
07w9PyO/g6bxdNLuCXiaI3zHgva4esdz5JXXuwY29e59h/UEkwE+GIQACGkXigle
sWTN7ofvXC2xD636CjJMG0MsJSwX2Rmve9gh/oSvJkS+BLtoUyuWmwl9RV0IOz0M
SjsbO6j08ukQOVQQNATR/kEecVRja0tePitqde2MH8cQWOwErLrvdCkZ88GyY0yw
1zyIH3c6Kft8cm2oi894UEBlGRPmoRRTXGP7C/MN0ReEd8mutx/DTsiufp1VsCU/
xcjsV+BtmPGrldGkjPY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org