Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/2H5py0ozIEioDAhPXjxg5ml6Z6E.roa
File: 2H5py0ozIEioDAhPXjxg5ml6Z6E.roa (raw, json)
Hash identifier: pPPaIPIfZc4ldB7EXraGVh5LyWWRlihVmr7KHjUT9Io=
Subject key identifier: D8:7E:69:CB:4A:33:20:48:A8:0C:08:4F:5E:3C:60:E6:69:7A:67:A1
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 385AB8A3
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/2H5py0ozIEioDAhPXjxg5ml6Z6E.roa
Signing time: Wed 06 Apr 2022 17:02:05 +0000
ROA not before: Wed 06 Apr 2022 17:02:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1680
IP address blocks: 212.29.192.0/18 maxlen: 24
176.13.0.0/16 maxlen: 24
212.235.0.0/17 maxlen: 24
89.138.0.0/16 maxlen: 16
207.232.0.0/18 maxlen: 18
212.29.244.0/24 maxlen: 24
82.166.201.128/25 maxlen: 25
212.150.0.0/16 maxlen: 24
176.12.128.0/17 maxlen: 24
194.90.1.0/24 maxlen: 24
194.90.0.0/16 maxlen: 24
62.90.0.0/16 maxlen: 24
46.117.0.0/16 maxlen: 16
212.143.194.0/24 maxlen: 24
46.210.0.0/16 maxlen: 24
93.173.0.0/16 maxlen: 16
199.203.1.0/24 maxlen: 24
89.139.0.0/16 maxlen: 16
199.203.0.0/16 maxlen: 16
82.166.0.0/16 maxlen: 24
199.203.21.0/24 maxlen: 24
85.65.0.0/16 maxlen: 16
46.116.0.0/16 maxlen: 16
212.143.0.0/16 maxlen: 24
199.203.191.0/24 maxlen: 24
80.250.144.0/20 maxlen: 24
95.35.0.0/16 maxlen: 24
93.172.0.0/16 maxlen: 16
109.253.0.0/16 maxlen: 24
85.64.0.0/16 maxlen: 16
62.0.0.0/16 maxlen: 24
217.132.0.0/16 maxlen: 16
85.250.0.0/16 maxlen: 16
109.186.0.0/16 maxlen: 16
2001:4df0::/32 maxlen: 32
2a02:148::/32 maxlen: 32
2a02:149::/32 maxlen: 32
2001:4df2::/32 maxlen: 32
2001:4df3::/32 maxlen: 32
2a02:148::/29 maxlen: 32
2a02:14b::/32 maxlen: 32
2a02:14f::/32 maxlen: 32
2001:4df7::/32 maxlen: 32
2a02:14e::/32 maxlen: 32
2001:4df6::/32 maxlen: 32
2001:4df5::/32 maxlen: 32
2a02:14c::/32 maxlen: 32
2001:4df0::/29 maxlen: 32
2001:4df1::/32 maxlen: 32
2a02:14a::/32 maxlen: 32
2a02:14d::/32 maxlen: 32
2001:4df4::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 945469603 (0x385ab8a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Apr 6 17:02:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d87e69cb4a332048a80c084f5e3c60e6697a67a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:39:e2:11:50:d3:c0:05:c9:2d:af:49:65:38:
01:21:3d:a1:a6:b7:b7:21:f9:57:96:ea:ab:e5:39:
24:57:a2:75:e5:c4:1b:b2:c9:43:34:f6:06:be:58:
3e:8a:85:63:93:35:3a:5a:ce:ad:5e:f2:4f:5b:43:
30:39:9e:8a:2f:c3:df:ae:4c:c4:8e:30:d1:6c:18:
27:4b:05:2f:95:94:4b:f2:19:26:20:14:53:25:85:
83:ec:89:84:f6:d2:52:90:48:46:76:f2:5c:69:13:
3e:34:4b:cc:4f:83:b1:6f:44:24:3b:4c:9d:bd:96:
c3:2b:04:f0:0f:d7:ea:42:7c:98:01:01:d0:9c:59:
7d:ff:0b:61:4f:e6:d4:90:19:21:6e:44:3d:57:8d:
c4:26:7b:de:58:f0:dd:f4:ea:72:19:6f:15:7f:1c:
f6:f1:59:f5:b7:50:ef:fd:7e:c7:45:94:05:0a:d9:
e2:e8:20:80:c2:67:cd:85:ea:1e:93:49:9d:50:ed:
bf:c8:b2:6c:67:71:13:d7:47:ad:c9:13:1e:03:b7:
6c:47:d5:1e:59:70:d3:e9:b2:61:55:56:0a:b9:a3:
f5:9b:a8:f4:6d:ae:12:d9:c6:9c:04:1d:01:a4:5c:
30:1c:ef:c8:fa:25:a0:7c:3e:bf:fb:65:fb:26:a8:
b4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:7E:69:CB:4A:33:20:48:A8:0C:08:4F:5E:3C:60:E6:69:7A:67:A1
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/2H5py0ozIEioDAhPXjxg5ml6Z6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.116.0.0/15
46.210.0.0/16
62.0.0.0/16
62.90.0.0/16
80.250.144.0/20
82.166.0.0/16
85.64.0.0/15
85.250.0.0/16
89.138.0.0/15
93.172.0.0/15
95.35.0.0/16
109.186.0.0/16
109.253.0.0/16
176.12.128.0-176.13.255.255
194.90.0.0/16
199.203.0.0/16
207.232.0.0/18
212.29.192.0/18
212.143.0.0/16
212.150.0.0/16
212.235.0.0/17
217.132.0.0/16
IPv6:
2001:4df0::/29
2a02:148::/29
Signature Algorithm: sha256WithRSAEncryption
6e:35:fe:c1:42:c5:48:fd:58:09:50:49:44:9a:4e:d9:72:0b:
81:6d:e2:f7:52:20:ba:b9:37:a5:d8:bf:b5:99:da:3c:44:29:
d9:be:0b:c9:aa:3c:1f:d7:11:ba:67:14:e0:f8:13:27:78:a9:
7d:b4:63:d2:cb:2c:03:71:81:23:b1:29:cc:25:72:66:58:cd:
a7:3b:bc:36:95:46:7f:d4:2e:69:92:7a:0a:60:c2:2d:b9:61:
c4:34:bc:f6:00:e8:07:7f:c0:83:eb:58:a6:11:c9:d5:21:83:
82:74:e3:b5:41:c0:81:14:92:19:b7:90:4d:10:c6:ac:6a:f0:
05:e9:ff:33:81:23:8c:f4:25:3d:ff:5c:dd:49:be:ff:90:aa:
c6:13:ba:62:f4:b8:f3:8c:fb:23:dc:a1:2e:5a:ce:a1:d2:cb:
47:8a:b9:bd:9e:1e:ee:72:a5:58:1c:1c:05:ad:0f:38:6f:2c:
e0:33:5d:6d:d6:ed:58:0a:92:59:6d:ba:5a:bb:f8:4e:7f:03:
f1:70:00:80:85:27:9c:6c:dc:98:f1:1c:10:20:e9:2f:90:4c:
3e:16:69:f6:a2:53:9d:3d:1f:05:13:71:ef:d9:bf:95:88:10:
f4:cf:29:08:ed:95:52:1e:5c:a8:84:77:d1:99:08:2e:4f:2e:
db:27:f5:56
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgIEOFq4ozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MWJhZDc0ZTdmNmMwOTQ5YTI3MzZhNTc0Nzg0OTZkN2Q4YjQ1MGU2MB4XDTIyMDQw
NjE3MDIwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDg3ZTY5Y2I0YTMz
MjA0OGE4MGMwODRmNWUzYzYwZTY2OTdhNjdhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN454hFQ08AFyS2vSWU4ASE9oaa3tyH5V5bqq+U5JFeideXE
G7LJQzT2Br5YPoqFY5M1OlrOrV7yT1tDMDmeii/D365MxI4w0WwYJ0sFL5WUS/IZ
JiAUUyWFg+yJhPbSUpBIRnbyXGkTPjRLzE+DsW9EJDtMnb2WwysE8A/X6kJ8mAEB
0JxZff8LYU/m1JAZIW5EPVeNxCZ73ljw3fTqchlvFX8c9vFZ9bdQ7/1+x0WUBQrZ
4ugggMJnzYXqHpNJnVDtv8iybGdxE9dHrckTHgO3bEfVHllw0+myYVVWCrmj9Zuo
9G2uEtnGnAQdAaRcMBzvyPoloHw+v/tl+yaotDECAwEAAaOCApcwggKTMB0GA1Ud
DgQWBBTYfmnLSjMgSKgMCE9ePGDmaXpnoTAfBgNVHSMEGDAWgBQhutdOf2wJSaJz
aldHhJbX2LRQ5jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0liclhUbjlzQ1VtaWMycFhSNFNXMTlpMFVPWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvOGRkYzM4LTdhMWEtNDkwNi1hOGVkLTQ0MzMyMjlhODQ3My8x
LzJINXB5MG96SUVpb0RBaFBYanhnNW1sNlo2RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
OGRkYzM4LTdhMWEtNDkwNi1hOGVkLTQ0MzMyMjlhODQ3My8xL0liclhUbjlzQ1Vt
aWMycFhSNFNXMTlpMFVPWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
rAYIKwYBBQUHAQcBAf8EgZwwgZkwgYAEAgABMHoDAwEudAMDAC7SAwMAPgADAwA+
WgMEBFD6kAMDAFKmAwMBVUADAwBV+gMDAVmKAwMBXawDAwBfIwMDAG26AwMAbf0w
CwMEB7AMgAMDAbAMAwMAwloDAwDHywMEBs/oAAMEBtQdwAMDANSPAwMA1JYDBAfU
6wADAwDZhDAUBAIAAjAOAwUDIAFN8AMFAyoCAUgwDQYJKoZIhvcNAQELBQADggEB
AG41/sFCxUj9WAlQSUSaTtlyC4Ft4vdSILq5N6XYv7WZ2jxEKdm+C8mqPB/XEbpn
FOD4Eyd4qX20Y9LLLANxgSOxKcwlcmZYzac7vDaVRn/ULmmSegpgwi25YcQ0vPYA
6Ad/wIPrWKYRydUhg4J047VBwIEUkhm3kE0Qxqxq8AXp/zOBI4z0JT3/XN1Jvv+Q
qsYTumL0uPOM+yPcoS5azqHSy0eKub2eHu5ypVgcHAWtDzhvLOAzXW3W7VgKkllt
ulq7+E5/A/FwAICFJ5xs3JjxHBAg6S+QTD4WafaiU509HwUTce/Zv5WIEPTPKQjt
lVIeXKiEd9GZCC5PLtsn9VY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:38 2023 by rpki-client on console-ams.rpki-client.org