Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/wTbyIi9dNEabf3mu-kaIjB0kJYo.roa
File: wTbyIi9dNEabf3mu-kaIjB0kJYo.roa (raw, json)
Hash identifier: bNHyMznQy01huoO+JCkCRk3cOZqrwjI08+5CsOAzCK4=
Subject key identifier: C1:36:F2:22:2F:5D:34:46:9B:7F:79:AE:FA:46:88:8C:1D:24:25:8A
Certificate issuer: /CN=0c2625bdffa9437dc2b96d8ae023100bc88e6fe3
Certificate serial: 1415FEC9
Authority key identifier: 0C:26:25:BD:FF:A9:43:7D:C2:B9:6D:8A:E0:23:10:0B:C8:8E:6F:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCYlvf-pQ33CuW2K4CMQC8iOb-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/wTbyIi9dNEabf3mu-kaIjB0kJYo.roa
Signing time: Sat 01 Jan 2022 02:56:03 +0000
ROA not before: Sat 01 Jan 2022 02:56:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8680
IP address blocks: 89.33.15.0/24 maxlen: 24
89.43.49.0/24 maxlen: 24
85.204.192.0/24 maxlen: 24
217.19.128.0/20 maxlen: 24
86.104.64.0/24 maxlen: 24
89.40.64.0/24 maxlen: 24
89.43.172.0/23 maxlen: 24
86.104.12.0/24 maxlen: 24
212.30.4.0/24 maxlen: 24
92.114.55.0/24 maxlen: 24
212.30.0.0/19 maxlen: 24
212.30.9.0/24 maxlen: 24
212.30.8.0/24 maxlen: 24
212.30.16.0/24 maxlen: 24
188.241.17.0/24 maxlen: 24
91.190.160.0/21 maxlen: 24
89.42.115.0/24 maxlen: 24
188.214.59.0/24 maxlen: 24
37.72.152.0/21 maxlen: 24
37.72.158.0/24 maxlen: 24
37.72.156.0/23 maxlen: 23
85.204.135.0/24 maxlen: 24
85.204.144.0/24 maxlen: 24
89.32.207.0/24 maxlen: 24
85.204.71.0/24 maxlen: 24
89.42.174.0/23 maxlen: 24
89.42.179.0/24 maxlen: 24
93.187.144.0/21 maxlen: 24
84.247.1.0/24 maxlen: 24
89.35.82.0/23 maxlen: 24
62.68.160.0/19 maxlen: 24
62.68.160.0/21 maxlen: 21
62.68.168.0/23 maxlen: 23
62.68.170.0/24 maxlen: 24
62.68.172.0/22 maxlen: 22
62.68.178.0/23 maxlen: 23
62.68.176.0/23 maxlen: 23
62.68.185.0/24 maxlen: 24
62.68.184.0/24 maxlen: 24
62.68.181.0/24 maxlen: 24
62.68.183.0/24 maxlen: 24
62.68.182.0/24 maxlen: 24
62.68.180.0/24 maxlen: 24
62.68.188.0/22 maxlen: 22
46.102.107.0/24 maxlen: 24
93.114.188.0/23 maxlen: 24
185.3.100.0/22 maxlen: 24
89.37.59.0/24 maxlen: 24
89.44.107.0/24 maxlen: 24
88.81.128.0/19 maxlen: 24
88.81.157.0/24 maxlen: 24
89.47.253.0/24 maxlen: 24
89.47.248.0/24 maxlen: 24
77.81.75.0/24 maxlen: 24
78.111.192.0/20 maxlen: 24
86.105.10.0/23 maxlen: 24
2a02:7380::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 336985801 (0x1415fec9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c2625bdffa9437dc2b96d8ae023100bc88e6fe3
Validity
Not Before: Jan 1 02:56:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c136f2222f5d34469b7f79aefa46888c1d24258a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:35:35:48:dc:a8:41:71:83:30:aa:c5:c4:45:
4a:8a:c2:0c:41:bf:91:4d:8d:15:79:e5:2d:a6:cc:
62:b5:51:75:83:a3:cf:22:86:4e:6d:b4:a0:5c:70:
ff:ac:dd:3f:73:48:54:60:8b:6b:02:14:08:23:a7:
f7:16:88:95:da:c8:9b:55:c6:8d:1c:48:ac:34:05:
77:13:6c:ec:6f:be:54:5e:6d:2f:04:a7:06:47:aa:
ba:28:8f:32:0a:41:14:92:f2:97:00:0c:1c:4e:6f:
14:e9:85:bd:f5:11:3a:a8:27:e4:5a:a6:5a:0a:2b:
cd:42:3d:59:69:e2:05:b2:20:0a:84:cf:ad:82:19:
70:3f:7c:e5:8a:bc:3b:2d:4b:30:ca:98:28:9d:d4:
4c:01:3e:f2:3e:fc:cc:fc:2b:e3:9a:cb:af:44:41:
5a:b0:68:e8:49:36:4d:f7:9c:1b:3f:5e:97:6f:e8:
3c:71:e8:9e:73:03:3a:4d:3b:12:c2:c5:a0:45:74:
96:84:e8:9a:92:11:d1:fa:ae:8e:73:46:d0:14:77:
84:0d:ec:95:c1:e7:dd:fe:46:d7:61:93:86:aa:8c:
14:4d:bd:19:35:20:b0:11:e5:94:4c:a4:d3:ef:20:
8d:ad:69:58:f8:7d:bd:a0:7c:3b:d0:fa:f3:6a:9d:
7c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:36:F2:22:2F:5D:34:46:9B:7F:79:AE:FA:46:88:8C:1D:24:25:8A
X509v3 Authority Key Identifier:
keyid:0C:26:25:BD:FF:A9:43:7D:C2:B9:6D:8A:E0:23:10:0B:C8:8E:6F:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCYlvf-pQ33CuW2K4CMQC8iOb-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/wTbyIi9dNEabf3mu-kaIjB0kJYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/9c78b9-da39-450f-bb96-07804aff490f/1/DCYlvf-pQ33CuW2K4CMQC8iOb-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.152.0/21
46.102.107.0/24
62.68.160.0/19
77.81.75.0/24
78.111.192.0/20
84.247.1.0/24
85.204.71.0/24
85.204.135.0/24
85.204.144.0/24
85.204.192.0/24
86.104.12.0/24
86.104.64.0/24
86.105.10.0/23
88.81.128.0/19
89.32.207.0/24
89.33.15.0/24
89.35.82.0/23
89.37.59.0/24
89.40.64.0/24
89.42.115.0/24
89.42.174.0/23
89.42.179.0/24
89.43.49.0/24
89.43.172.0/23
89.44.107.0/24
89.47.248.0/24
89.47.253.0/24
91.190.160.0/21
92.114.55.0/24
93.114.188.0/23
93.187.144.0/21
185.3.100.0/22
188.214.59.0/24
188.241.17.0/24
212.30.0.0/19
217.19.128.0/20
IPv6:
2a02:7380::/32
Signature Algorithm: sha256WithRSAEncryption
56:31:20:de:cc:6a:d3:d9:75:6d:49:b0:85:49:e4:38:6a:f9:
5b:83:75:93:79:00:c0:42:23:a8:c8:06:39:9f:3c:48:7c:40:
42:3e:95:81:fb:9b:e6:55:2f:c8:8c:6d:4d:1a:57:b3:ff:ba:
9e:e5:0a:f0:46:40:e8:9c:cc:f2:d0:38:d8:4e:fe:32:55:27:
cb:f3:43:f1:7f:11:5e:d7:a8:6e:09:0a:76:2d:7e:da:2f:7f:
c9:3e:5a:29:dc:1a:d7:75:da:07:9e:40:bf:aa:fb:10:57:72:
79:08:14:e1:76:00:d6:d3:9f:50:3f:cc:b8:e3:2c:f8:13:bb:
08:79:c7:f8:55:1b:d0:e1:2d:11:95:d3:75:f7:60:e7:de:43:
2f:6b:63:a6:a3:8b:1d:44:93:92:21:a9:4f:81:a7:a4:5a:2f:
2f:ad:1f:71:ce:16:07:13:df:ff:df:51:7f:4e:7a:c2:00:d5:
ac:a5:d5:53:26:c0:65:a4:9f:95:c1:7e:8e:b2:42:e2:08:98:
34:17:a9:0b:0b:e1:a5:29:b3:48:92:67:fc:bf:70:06:45:f0:
af:76:3b:df:23:d0:52:fc:b0:90:34:da:2e:7e:8c:ef:58:e4:
b4:c0:de:3a:bc:a9:f3:ac:70:05:50:5f:8f:9b:4d:af:b7:99:
b2:22:3f:59
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIEFBX+yTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YzI2MjViZGZmYTk0MzdkYzJiOTZkOGFlMDIzMTAwYmM4OGU2ZmUzMB4XDTIyMDEw
MTAyNTYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzEzNmYyMjIyZjVk
MzQ0NjliN2Y3OWFlZmE0Njg4OGMxZDI0MjU4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALU1NUjcqEFxgzCqxcRFSorCDEG/kU2NFXnlLabMYrVRdYOj
zyKGTm20oFxw/6zdP3NIVGCLawIUCCOn9xaIldrIm1XGjRxIrDQFdxNs7G++VF5t
LwSnBkequiiPMgpBFJLylwAMHE5vFOmFvfUROqgn5FqmWgorzUI9WWniBbIgCoTP
rYIZcD985Yq8Oy1LMMqYKJ3UTAE+8j78zPwr45rLr0RBWrBo6Ek2TfecGz9el2/o
PHHonnMDOk07EsLFoEV0loTompIR0fqujnNG0BR3hA3slcHn3f5G12GThqqMFE29
GTUgsBHllEyk0+8gja1pWPh9vaB8O9D682qdfCsCAwEAAaOCAvAwggLsMB0GA1Ud
DgQWBBTBNvIiL100Rpt/ea76RoiMHSQlijAfBgNVHSMEGDAWgBQMJiW9/6lDfcK5
bYrgIxALyI5v4zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RDWWx2Zi1wUTMzQ3VXMks0Q01RQzhpT2ItTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvOWM3OGI5LWRhMzktNDUwZi1iYjk2LTA3ODA0YWZmNDkwZi8x
L3dUYnlJaTlkTkVhYmYzbXUta2FJakIwa0pZby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
OWM3OGI5LWRhMzktNDUwZi1iYjk2LTA3ODA0YWZmNDkwZi8xL0RDWWx2Zi1wUTMz
Q3VXMks0Q01RQzhpT2ItTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AQQGCCsGAQUFBwEHAQH/BIH0MIHxMIHfBAIAATCB2AMEAyVImAMEAC5mawMEBT5E
oAMEAE1RSwMEBE5vwAMEAFT3AQMEAFXMRwMEAFXMhwMEAFXMkAMEAFXMwAMEAFZo
DAMEAFZoQAMEAVZpCgMEBVhRgAMEAFkgzwMEAFkhDwMEAVkjUgMEAFklOwMEAFko
QAMEAFkqcwMEAVkqrgMEAFkqswMEAFkrMQMEAVkrrAMEAFksawMEAFkv+AMEAFkv
/QMEA1u+oAMEAFxyNwMEAV1yvAMEA127kAMEArkDZAMEALzWOwMEALzxEQMEBdQe
AAMEBNkTgDANBAIAAjAHAwUAKgJzgDANBgkqhkiG9w0BAQsFAAOCAQEAVjEg3sxq
09l1bUmwhUnkOGr5W4N1k3kAwEIjqMgGOZ88SHxAQj6Vgfub5lUvyIxtTRpXs/+6
nuUK8EZA6JzM8tA42E7+MlUny/ND8X8RXteobgkKdi1+2i9/yT5aKdwa13XaB55A
v6r7EFdyeQgU4XYA1tOfUD/MuOMs+BO7CHnH+FUb0OEtEZXTdfdg595DL2tjpqOL
HUSTkiGpT4GnpFovL60fcc4WBxPf/99Rf056wgDVrKXVUybAZaSflcF+jrJC4giY
NBepCwvhpSmzSJJn/L9wBkXwr3Y73yPQUvywkDTaLn6M71jktMDeOryp86xwBVBf
j5tNr7eZsiI/WQ==
-----END CERTIFICATE-----
Generated at Fri Apr 18 01:30:40 2025 by rpki-client