Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/3a_1K-xRZItLI2yC_oA-f1ZmTMM.roa
File: 3a_1K-xRZItLI2yC_oA-f1ZmTMM.roa (raw, json)
Hash identifier: iyRhmat956oGn1m5R3L7jVg4UgNvyVwOBuwzXcgnHCc=
Subject key identifier: DD:AF:F5:2B:EC:51:64:8B:4B:23:6C:82:FE:80:3E:7F:56:66:4C:C3
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 0182CE8986E75D3FC27D7DFCCE273E89E17F
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/3a_1K-xRZItLI2yC_oA-f1ZmTMM.roa
Signing time: Wed 24 Aug 2022 06:28:15 +0000
ROA not before: Wed 24 Aug 2022 06:28:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1680
IP address blocks: 212.29.192.0/18 maxlen: 24
176.13.0.0/16 maxlen: 24
212.235.0.0/17 maxlen: 24
89.138.0.0/16 maxlen: 16
207.232.0.0/18 maxlen: 18
212.29.244.0/24 maxlen: 24
147.234.84.0/24 maxlen: 24
147.234.83.0/24 maxlen: 24
147.234.86.0/24 maxlen: 24
147.234.26.0/24 maxlen: 24
147.234.28.0/24 maxlen: 24
147.234.27.0/24 maxlen: 24
147.234.27.0/25 maxlen: 25
147.234.27.128/25 maxlen: 25
82.166.201.128/25 maxlen: 25
147.234.43.0/24 maxlen: 24
212.150.0.0/16 maxlen: 24
176.12.128.0/17 maxlen: 24
194.90.1.0/24 maxlen: 24
62.90.0.0/16 maxlen: 24
194.90.0.0/16 maxlen: 24
46.117.0.0/16 maxlen: 16
212.143.194.0/24 maxlen: 24
46.210.0.0/16 maxlen: 24
93.173.0.0/16 maxlen: 16
199.203.1.0/24 maxlen: 24
199.203.0.0/16 maxlen: 16
89.139.0.0/16 maxlen: 16
82.166.0.0/16 maxlen: 24
199.203.21.0/24 maxlen: 24
85.65.0.0/16 maxlen: 16
46.116.0.0/16 maxlen: 16
212.143.0.0/16 maxlen: 24
147.234.17.0/24 maxlen: 24
199.203.191.0/24 maxlen: 24
147.234.22.0/24 maxlen: 24
80.250.144.0/20 maxlen: 24
95.35.0.0/16 maxlen: 24
82.166.100.0/22 maxlen: 24
82.166.112.0/21 maxlen: 24
192.118.30.0/23 maxlen: 23
192.118.28.0/22 maxlen: 22
192.118.28.0/23 maxlen: 23
93.172.0.0/16 maxlen: 16
62.0.88.0/22 maxlen: 24
62.0.87.0/24 maxlen: 24
62.0.94.0/24 maxlen: 24
62.0.92.0/23 maxlen: 24
109.253.0.0/16 maxlen: 24
62.0.0.0/16 maxlen: 24
85.64.0.0/16 maxlen: 16
217.132.0.0/16 maxlen: 16
109.186.0.0/16 maxlen: 16
85.250.0.0/16 maxlen: 16
62.0.116.0/22 maxlen: 24
62.0.114.0/23 maxlen: 24
62.0.120.0/21 maxlen: 24
62.0.128.0/23 maxlen: 24
2001:4df0::/32 maxlen: 32
2a02:148::/32 maxlen: 32
2a02:149::/32 maxlen: 32
2001:4df2::/32 maxlen: 32
2001:4df3::/32 maxlen: 32
2a02:148::/29 maxlen: 32
2a02:14b::/32 maxlen: 32
2a02:14f::/32 maxlen: 32
2001:4df7::/32 maxlen: 32
2a02:14e::/32 maxlen: 32
2001:4df6::/32 maxlen: 32
2001:4df5::/32 maxlen: 32
2a02:14c::/32 maxlen: 32
2001:4df0::/29 maxlen: 32
2001:4df1::/32 maxlen: 32
2a02:14a::/32 maxlen: 32
2001:4df4::/32 maxlen: 32
2a02:14d::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ce:89:86:e7:5d:3f:c2:7d:7d:fc:ce:27:3e:89:e1:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Aug 24 06:28:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddaff52bec51648b4b236c82fe803e7f56664cc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:3c:3f:a6:bc:fb:c4:c4:fd:77:d9:12:aa:58:
bd:48:f5:ec:d0:c3:92:d4:e6:bc:3e:55:ab:77:20:
82:54:27:b4:84:83:20:ae:7c:c4:cf:4a:36:bd:4c:
fe:ba:dc:52:97:01:c2:a7:de:ac:0b:d8:60:7a:3e:
55:7b:7c:67:4f:3c:e0:65:19:94:3c:e7:7a:36:73:
30:38:5b:0f:f5:f3:f4:c4:a0:2c:9c:e3:74:2e:09:
8d:ac:53:92:65:af:39:b9:11:6c:68:79:87:df:2b:
74:c9:6c:5a:2b:41:2c:86:b5:ab:05:52:09:28:de:
68:af:4a:b0:6a:18:10:ff:eb:ec:05:d3:dc:63:7e:
e2:3c:90:f8:9e:95:40:ad:dc:21:af:f4:54:7f:0d:
a4:07:ab:09:b4:af:bd:70:df:06:fd:cd:62:9b:bd:
e1:ee:aa:1b:e7:ab:ac:63:cd:99:7e:23:36:a7:c7:
3b:c7:18:d4:ec:ff:4a:ba:1d:b5:ba:86:b0:3e:91:
62:a2:8b:23:ae:6a:1b:cc:a2:5b:b9:33:b6:92:72:
20:bc:a4:f1:b2:3d:6d:a0:fc:1b:6f:66:72:09:77:
f3:6e:d4:bd:d4:be:86:f3:1f:45:36:52:e1:bd:48:
94:77:53:e0:24:e4:fa:1d:c3:41:bb:88:6c:65:6b:
98:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:AF:F5:2B:EC:51:64:8B:4B:23:6C:82:FE:80:3E:7F:56:66:4C:C3
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/3a_1K-xRZItLI2yC_oA-f1ZmTMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.116.0.0/15
46.210.0.0/16
62.0.0.0/16
62.90.0.0/16
80.250.144.0/20
82.166.0.0/16
85.64.0.0/15
85.250.0.0/16
89.138.0.0/15
93.172.0.0/15
95.35.0.0/16
109.186.0.0/16
109.253.0.0/16
147.234.17.0/24
147.234.22.0/24
147.234.26.0-147.234.28.255
147.234.43.0/24
147.234.83.0-147.234.84.255
147.234.86.0/24
176.12.128.0-176.13.255.255
192.118.28.0/22
194.90.0.0/16
199.203.0.0/16
207.232.0.0/18
212.29.192.0/18
212.143.0.0/16
212.150.0.0/16
212.235.0.0/17
217.132.0.0/16
IPv6:
2001:4df0::/29
2a02:148::/29
Signature Algorithm: sha256WithRSAEncryption
5d:76:c0:85:da:2c:28:32:c4:c2:00:06:f9:ba:d6:97:cb:db:
c4:77:69:06:43:6d:d4:4b:ec:c6:d4:4c:65:94:13:14:ba:97:
44:8d:1e:ac:5b:da:8c:4f:60:bb:20:82:bd:c6:5d:3d:bb:f2:
00:d6:03:8e:e5:e0:6a:bc:ba:3f:70:db:cd:8c:b3:fc:32:7c:
9e:1b:b4:01:f6:a9:0a:08:04:28:d3:97:4e:85:7a:63:03:80:
9f:41:99:31:24:12:b5:03:d1:87:5f:7f:63:15:8a:7a:92:48:
7d:9d:7d:fb:4c:5f:60:f2:39:f1:e4:e7:9d:91:c7:d4:be:e0:
f9:91:2f:6b:49:1d:54:4a:ce:06:75:1b:2b:c2:dd:0c:95:42:
90:dd:09:8e:37:66:8f:3a:24:8c:8c:b5:7a:10:ff:31:3b:7c:
12:e7:3b:34:03:46:43:70:24:d3:e0:f7:0d:fb:86:7b:3f:73:
55:34:41:da:b8:7e:12:f9:b0:6b:1f:80:c6:71:42:ac:fc:18:
84:64:8c:b1:ef:3e:4d:e7:e8:13:09:b2:44:61:86:cc:fe:31:
36:94:1b:3c:a9:5a:44:a5:98:5c:ff:23:4e:99:fa:29:6e:97:
e1:1d:01:7e:cd:fc:f0:ea:24:39:62:58:74:d9:8f:d5:f0:8b:
0d:ef:44:2b
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAYLOiYbnXT/CfX38zic+ieF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjIwODI0MDYyODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGFmZjUyYmVjNTE2NDhiNGIyMzZjODJmZTgwM2U3ZjU2NjY0Y2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzw/prz7xMT9d9kSqli9SPXs0MOS
1Oa8PlWrdyCCVCe0hIMgrnzEz0o2vUz+utxSlwHCp96sC9hgej5Ve3xnTzzgZRmU
POd6NnMwOFsP9fP0xKAsnON0LgmNrFOSZa85uRFsaHmH3yt0yWxaK0EshrWrBVIJ
KN5or0qwahgQ/+vsBdPcY37iPJD4npVArdwhr/RUfw2kB6sJtK+9cN8G/c1im73h
7qob56usY82ZfiM2p8c7xxjU7P9Kuh21uoawPpFioosjrmobzKJbuTO2knIgvKTx
sj1toPwbb2ZyCXfzbtS91L6G8x9FNlLhvUiUd1PgJOT6HcNBu4hsZWuYnwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFN2v9SvsUWSLSyNsgv6APn9WZkzDMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvM2FfMUsteFJaSXRMSTJ5Q19vQS1mMVptVE1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCBuwQCAAEwgbQDAwEu
dAMDAC7SAwMAPgADAwA+WgMEBFD6kAMDAFKmAwMBVUADAwBV+gMDAVmKAwMBXawD
AwBfIwMDAG26AwMAbf0DBACT6hEDBACT6hYwDAMEAZPqGgMEAJPqHAMEAJPqKzAM
AwQAk+pTAwQAk+pUAwQAk+pWMAsDBAewDIADAwGwDAMEAsB2HAMDAMJaAwMAx8sD
BAbP6AADBAbUHcADAwDUjwMDANSWAwQH1OsAAwMA2YQwFAQCAAIwDgMFAyABTfAD
BQMqAgFIMA0GCSqGSIb3DQEBCwUAA4IBAQBddsCF2iwoMsTCAAb5utaXy9vEd2kG
Q23US+zG1ExllBMUupdEjR6sW9qMT2C7IIK9xl09u/IA1gOO5eBqvLo/cNvNjLP8
MnyeG7QB9qkKCAQo05dOhXpjA4CfQZkxJBK1A9GHX39jFYp6kkh9nX37TF9g8jnx
5OedkcfUvuD5kS9rSR1USs4GdRsrwt0MlUKQ3QmON2aPOiSMjLV6EP8xO3wS5zs0
A0ZDcCTT4PcN+4Z7P3NVNEHauH4S+bBrH4DGcUKs/BiEZIyx7z5N5+gTCbJEYYbM
/jE2lBs8qVpEpZhc/yNOmfopbpfhHQF+zfzw6iQ5Ylh02Y/V8IsN70Qr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:56 2023 by rpki-client on console-fra.rpki-client.org