Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/2vlqQ8Zrj-u29ZBHGRaEMKlfB5s.roa
File: 2vlqQ8Zrj-u29ZBHGRaEMKlfB5s.roa (raw, json)
Hash identifier: +8pvBRb5Fn+edVoQedpbHf1P3GedCh4PZaNpL3kvgtA=
Subject key identifier: DA:F9:6A:43:C6:6B:8F:EB:B6:F5:90:47:19:16:84:30:A9:5F:07:9B
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 0806449B
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/2vlqQ8Zrj-u29ZBHGRaEMKlfB5s.roa
Signing time: Sat 01 Jan 2022 11:54:13 +0000
ROA not before: Sat 01 Jan 2022 11:54:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13194
IP address blocks: 89.117.69.0/24 maxlen: 24
86.38.73.0/24 maxlen: 24
86.38.74.0/24 maxlen: 24
86.38.72.0/24 maxlen: 24
86.38.75.0/24 maxlen: 24
89.117.14.0/24 maxlen: 24
82.140.177.0/24 maxlen: 24
82.140.180.0/24 maxlen: 24
185.189.154.0/24 maxlen: 24
86.38.152.0/24 maxlen: 24
84.15.0.0/16 maxlen: 16
86.38.153.0/24 maxlen: 24
89.117.223.0/24 maxlen: 24
89.117.125.0/24 maxlen: 24
89.117.127.0/24 maxlen: 24
84.46.204.0/24 maxlen: 24
89.117.138.0/24 maxlen: 24
84.46.207.0/24 maxlen: 24
89.117.141.0/24 maxlen: 24
89.117.165.0/24 maxlen: 24
213.252.223.0/24 maxlen: 24
213.252.224.0/20 maxlen: 20
89.116.124.0/24 maxlen: 24
89.116.129.0/24 maxlen: 24
213.252.252.0/24 maxlen: 24
89.116.143.0/24 maxlen: 24
213.252.254.0/24 maxlen: 24
89.116.151.0/24 maxlen: 24
89.116.155.0/24 maxlen: 24
213.252.192.0/20 maxlen: 20
86.38.215.0/24 maxlen: 24
89.117.255.0/24 maxlen: 24
86.38.230.0/24 maxlen: 24
89.116.232.0/24 maxlen: 24
89.116.235.0/24 maxlen: 24
82.140.130.0/24 maxlen: 24
82.140.128.0/24 maxlen: 24
82.140.129.0/24 maxlen: 24
213.226.128.0/18 maxlen: 18
82.140.159.0/24 maxlen: 24
89.117.10.0/24 maxlen: 24
89.116.162.0/24 maxlen: 24
89.116.160.0/24 maxlen: 24
89.116.176.0/24 maxlen: 24
89.116.174.0/24 maxlen: 24
89.116.178.0/24 maxlen: 24
2a00:f500::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134628507 (0x806449b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Jan 1 11:54:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=daf96a43c66b8febb6f5904719168430a95f079b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b9:34:c0:c8:74:fe:0e:35:96:07:5f:0b:c2:
fd:d9:b0:03:0c:49:fa:12:23:fd:41:73:50:c7:fc:
bf:9d:ab:49:ce:57:e7:43:65:c9:6e:a3:db:23:b2:
cc:fb:8e:73:59:d1:f1:94:80:43:d9:1a:15:8d:e6:
03:fa:c8:60:8d:78:46:78:85:7e:64:c4:d9:e8:1e:
ad:a7:27:48:16:28:1e:e6:ad:37:1e:6c:8b:6f:e6:
fe:40:1c:9f:b9:66:c9:a9:0b:22:9a:37:4f:f3:4e:
35:16:fb:81:7d:e1:9c:14:fd:0f:c9:76:4d:dc:c6:
e6:84:e4:40:81:35:3e:be:ec:ac:a3:d4:21:56:05:
02:e9:21:f1:be:72:36:31:91:50:ad:1d:9e:99:6e:
5b:7b:0d:09:70:2e:9e:45:87:03:3d:85:9e:cb:00:
5b:3b:4e:a9:da:f7:61:16:6a:c8:a5:ca:fe:49:7e:
2e:68:f6:0c:e6:5b:81:c8:03:dd:02:bd:64:ad:b0:
c7:76:47:05:b6:f6:6e:d2:50:fb:8b:84:bd:72:58:
bc:86:1c:9a:ba:1a:b2:ae:5c:53:b4:b3:d5:f2:ec:
f1:94:57:4c:b9:19:94:56:6c:b9:bc:58:db:07:fe:
33:dd:ad:5f:1d:9c:9d:1a:e2:37:69:0c:6b:e1:89:
ce:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:F9:6A:43:C6:6B:8F:EB:B6:F5:90:47:19:16:84:30:A9:5F:07:9B
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/2vlqQ8Zrj-u29ZBHGRaEMKlfB5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.128.0-82.140.130.255
82.140.159.0/24
82.140.177.0/24
82.140.180.0/24
84.15.0.0/16
84.46.204.0/24
84.46.207.0/24
86.38.72.0/22
86.38.152.0/23
86.38.215.0/24
86.38.230.0/24
89.116.124.0/24
89.116.129.0/24
89.116.143.0/24
89.116.151.0/24
89.116.155.0/24
89.116.160.0/24
89.116.162.0/24
89.116.174.0/24
89.116.176.0/24
89.116.178.0/24
89.116.232.0/24
89.116.235.0/24
89.117.10.0/24
89.117.14.0/24
89.117.69.0/24
89.117.125.0/24
89.117.127.0/24
89.117.138.0/24
89.117.141.0/24
89.117.165.0/24
89.117.223.0/24
89.117.255.0/24
185.189.154.0/24
213.226.128.0/18
213.252.192.0/20
213.252.223.0-213.252.239.255
213.252.252.0/24
213.252.254.0/24
IPv6:
2a00:f500::/29
Signature Algorithm: sha256WithRSAEncryption
35:eb:d4:94:b0:3e:e2:ed:a8:b2:6b:56:60:4f:34:83:9b:2f:
f4:10:11:25:a9:2d:33:e4:9d:3f:58:2c:14:0c:1f:2a:af:bd:
66:52:f7:73:00:12:4d:53:bf:1c:8f:b8:ef:26:8e:3e:ad:0c:
47:1f:37:24:c4:11:8b:55:b3:27:ef:93:ec:27:04:03:83:3e:
b5:f8:34:96:8e:e2:a1:48:73:1f:8e:71:19:35:ff:1a:15:ca:
8d:57:a7:e5:03:85:06:df:8a:43:e5:ae:24:d4:1f:0c:2b:9e:
6b:87:a5:e0:df:b6:35:82:f5:ce:e7:df:33:0f:fb:c3:dc:3e:
37:9a:4b:c6:21:83:95:1d:08:d4:a3:f7:f5:b6:77:2f:74:9e:
43:67:88:c7:65:89:27:4e:fe:5e:37:77:6d:25:84:dd:63:91:
9f:39:13:22:9d:60:fb:ee:db:9b:06:c7:97:e7:69:80:34:52:
31:09:87:69:b7:8b:3d:23:21:c1:bb:61:6b:5f:b9:1f:48:b5:
dc:eb:18:68:51:09:2b:1c:af:0d:fa:0d:39:49:78:68:8c:29:
8f:3b:e0:70:d9:06:a8:f0:2b:50:e1:10:eb:be:3a:2d:50:d2:
d9:a1:0d:74:f8:2e:2c:f1:f0:ed:11:7b:ff:59:30:a8:90:87:
fa:49:00:c1
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIECAZEmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MGRkODFhODMzZDliMDQzYzdmZmQ2MzVhNTk4N2Y1MzY5NzExODBkMB4XDTIyMDEw
MTExNTQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFmOTZhNDNjNjZi
OGZlYmI2ZjU5MDQ3MTkxNjg0MzBhOTVmMDc5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIa5NMDIdP4ONZYHXwvC/dmwAwxJ+hIj/UFzUMf8v52rSc5X
50NlyW6j2yOyzPuOc1nR8ZSAQ9kaFY3mA/rIYI14RniFfmTE2egeracnSBYoHuat
Nx5si2/m/kAcn7lmyakLIpo3T/NONRb7gX3hnBT9D8l2TdzG5oTkQIE1Pr7srKPU
IVYFAukh8b5yNjGRUK0dnpluW3sNCXAunkWHAz2FnssAWztOqdr3YRZqyKXK/kl+
Lmj2DOZbgcgD3QK9ZK2wx3ZHBbb2btJQ+4uEvXJYvIYcmroasq5cU7Sz1fLs8ZRX
TLkZlFZsubxY2wf+M92tXx2cnRriN2kMa+GJzp8CAwEAAaOCAxQwggMQMB0GA1Ud
DgQWBBTa+WpDxmuP67b1kEcZFoQwqV8HmzAfBgNVHSMEGDAWgBTw3YGoM9mwQ8f/
1jWlmH9TaXEYDTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhOMkJxRFBac0VQSF85WTFwWmhfVTJseEdBMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvYThlYmU0LWQwYjMtNGU3ZC1hZjI1LTA0NjgwNDI0ODZkYy8x
LzJ2bHFROFpyai11MjlaQkhHUmFFTUtsZkI1cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
YThlYmU0LWQwYjMtNGU3ZC1hZjI1LTA0NjgwNDI0ODZkYy8xLzhOMkJxRFBac0VQ
SF85WTFwWmhfVTJseEdBMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ASgGCCsGAQUFBwEHAQH/BIIBFzCCARMwggEABAIAATCB+TAMAwQHUoyAAwQAUoyC
AwQAUoyfAwQAUoyxAwQAUoy0AwMAVA8DBABULswDBABULs8DBAJWJkgDBAFWJpgD
BABWJtcDBABWJuYDBABZdHwDBABZdIEDBABZdI8DBABZdJcDBABZdJsDBABZdKAD
BABZdKIDBABZdK4DBABZdLADBABZdLIDBABZdOgDBABZdOsDBABZdQoDBABZdQ4D
BABZdUUDBABZdX0DBABZdX8DBABZdYoDBABZdY0DBABZdaUDBABZdd8DBABZdf8D
BAC5vZoDBAbV4oADBATV/MAwDAMEANX83wMEBNX84AMEANX8/AMEANX8/jANBAIA
AjAHAwUDKgD1ADANBgkqhkiG9w0BAQsFAAOCAQEANevUlLA+4u2osmtWYE80g5sv
9BARJaktM+SdP1gsFAwfKq+9ZlL3cwASTVO/HI+47yaOPq0MRx83JMQRi1WzJ++T
7CcEA4M+tfg0lo7ioUhzH45xGTX/GhXKjVen5QOFBt+KQ+WuJNQfDCuea4el4N+2
NYL1zuffMw/7w9w+N5pLxiGDlR0I1KP39bZ3L3SeQ2eIx2WJJ07+Xjd3bSWE3WOR
nzkTIp1g++7bmwbHl+dpgDRSMQmHabeLPSMhwbtha1+5H0i13OsYaFEJKxyvDfoN
OUl4aIwpjzvgcNkGqPArUOEQ6746LVDS2aENdPguLPHw7RF7/1kwqJCH+kkAwQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:26 2023 by rpki-client on console-fra.rpki-client.org