Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/OHUK5PdlnKjPlZNIqpvn4fmevXc.roa
File: OHUK5PdlnKjPlZNIqpvn4fmevXc.roa (raw, json)
Hash identifier: FevlIkXgywOLpsmBDNziSllLMfpPFJp475RUzcOxXa4=
Subject key identifier: 38:75:0A:E4:F7:65:9C:A8:CF:95:93:48:AA:9B:E7:E1:F9:9E:BD:77
Certificate issuer: /CN=e0c8a390dde5e1519a4bd3da754a93e988492d67
Certificate serial: 0DAC8296
Authority key identifier: E0:C8:A3:90:DD:E5:E1:51:9A:4B:D3:DA:75:4A:93:E9:88:49:2D:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4MijkN3l4VGaS9PadUqT6YhJLWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/OHUK5PdlnKjPlZNIqpvn4fmevXc.roa
Signing time: Sat 01 Jan 2022 00:50:11 +0000
ROA not before: Sat 01 Jan 2022 00:50:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61323
IP address blocks: 81.201.128.0/20 maxlen: 20
80.66.200.0/22 maxlen: 22
185.241.248.0/22 maxlen: 22
185.241.248.0/24 maxlen: 24
185.241.251.0/24 maxlen: 24
185.241.249.0/24 maxlen: 24
185.241.250.0/24 maxlen: 24
185.221.204.0/22 maxlen: 22
193.39.252.0/22 maxlen: 22
194.39.164.0/22 maxlen: 22
185.160.252.0/23 maxlen: 23
185.160.254.0/24 maxlen: 24
78.137.112.0/20 maxlen: 20
178.238.128.0/20 maxlen: 20
185.181.196.0/22 maxlen: 22
185.210.196.0/22 maxlen: 22
185.207.108.0/22 maxlen: 22
195.69.102.0/24 maxlen: 24
185.234.36.0/22 maxlen: 22
78.109.160.0/20 maxlen: 20
185.197.60.0/22 maxlen: 22
185.160.180.0/22 maxlen: 22
80.244.176.0/20 maxlen: 20
192.166.44.0/24 maxlen: 24
192.166.45.0/24 maxlen: 24
192.166.46.0/23 maxlen: 23
159.253.208.0/21 maxlen: 21
185.226.220.0/22 maxlen: 22
185.162.224.0/22 maxlen: 22
31.193.0.0/20 maxlen: 20
185.217.40.0/22 maxlen: 22
185.220.60.0/22 maxlen: 22
185.156.64.0/24 maxlen: 24
185.156.65.0/24 maxlen: 24
185.156.66.0/23 maxlen: 23
37.220.88.0/21 maxlen: 21
185.55.78.0/23 maxlen: 23
185.55.77.0/24 maxlen: 24
185.166.128.0/22 maxlen: 22
109.108.128.0/19 maxlen: 19
185.216.76.0/22 maxlen: 22
78.24.89.0/24 maxlen: 24
78.24.90.0/23 maxlen: 23
78.24.88.0/24 maxlen: 24
185.182.88.0/22 maxlen: 22
46.37.160.0/19 maxlen: 19
94.229.160.0/20 maxlen: 20
2a02:21a8:5::/48 maxlen: 48
2a02:21a8:6::/48 maxlen: 48
2a02:22d0::/32 maxlen: 32
2a09:b600:5::/48 maxlen: 48
2a02:21a8:2::/48 maxlen: 48
2a09:ba00:4::/48 maxlen: 48
2a02:22d0:c::/48 maxlen: 48
2a09:b200:6::/48 maxlen: 48
2a0c:3dc0::/29 maxlen: 29
2a02:21a8::/48 maxlen: 48
2a02:21a8:1::/48 maxlen: 48
2a02:21a8:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 229409430 (0xdac8296)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0c8a390dde5e1519a4bd3da754a93e988492d67
Validity
Not Before: Jan 1 00:50:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38750ae4f7659ca8cf959348aa9be7e1f99ebd77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:91:e6:e2:61:a6:dc:93:39:ab:a5:25:c6:d5:
3d:51:36:2d:a3:ad:9a:31:91:6f:0b:42:40:57:43:
24:f9:48:41:c1:ac:56:51:ae:08:1b:3e:76:b9:0d:
4f:3b:b4:dc:0b:8f:fd:91:8a:71:d7:06:58:4e:69:
68:f6:f3:b5:7e:bc:2e:f2:ad:e0:58:1c:03:b4:66:
d6:3a:c4:b0:c1:53:67:b5:7e:5b:95:94:18:85:62:
5c:35:36:6b:69:ff:05:c5:9b:1d:45:b6:84:b7:3e:
ea:38:d9:7e:d4:4b:05:cd:c3:68:f0:3d:ca:3c:48:
10:92:b4:0e:16:09:89:be:57:fd:db:a7:00:5a:4d:
2e:8d:fc:9d:23:2f:d0:9b:38:b9:63:8f:f2:98:f1:
32:7d:6c:7a:a2:30:ee:69:34:16:da:59:f9:9f:f9:
52:18:ca:1f:06:6e:23:9e:47:2f:b8:f8:be:46:22:
3c:2b:fd:28:7a:ed:64:ed:f6:7a:ed:27:c4:19:1e:
b9:19:39:bc:dc:3b:14:aa:7a:77:d4:4a:41:93:72:
08:e8:56:71:30:4a:dc:08:a6:e8:43:bb:43:69:62:
fa:b6:25:2b:11:d0:c9:81:51:95:b5:6d:42:ab:20:
db:c9:7a:4b:b6:e9:de:df:78:b3:52:05:65:5d:26:
3b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:75:0A:E4:F7:65:9C:A8:CF:95:93:48:AA:9B:E7:E1:F9:9E:BD:77
X509v3 Authority Key Identifier:
keyid:E0:C8:A3:90:DD:E5:E1:51:9A:4B:D3:DA:75:4A:93:E9:88:49:2D:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MijkN3l4VGaS9PadUqT6YhJLWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/OHUK5PdlnKjPlZNIqpvn4fmevXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/869b30-fcd6-48df-8d25-bef3ba21c715/1/4MijkN3l4VGaS9PadUqT6YhJLWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.0.0/20
37.220.88.0/21
46.37.160.0/19
78.24.88.0/22
78.109.160.0/20
78.137.112.0/20
80.66.200.0/22
80.244.176.0/20
81.201.128.0/20
94.229.160.0/20
109.108.128.0/19
159.253.208.0/21
178.238.128.0/20
185.55.77.0-185.55.79.255
185.156.64.0/22
185.160.180.0/22
185.160.252.0-185.160.254.255
185.162.224.0/22
185.166.128.0/22
185.181.196.0/22
185.182.88.0/22
185.197.60.0/22
185.207.108.0/22
185.210.196.0/22
185.216.76.0/22
185.217.40.0/22
185.220.60.0/22
185.221.204.0/22
185.226.220.0/22
185.234.36.0/22
185.241.248.0/22
192.166.44.0/22
193.39.252.0/22
194.39.164.0/22
195.69.102.0/24
IPv6:
2a02:21a8::-2a02:21a8:2:ffff:ffff:ffff:ffff:ffff
2a02:21a8:4::-2a02:21a8:6:ffff:ffff:ffff:ffff:ffff
2a02:22d0::/32
2a09:b200:6::/48
2a09:b600:5::/48
2a09:ba00:4::/48
2a0c:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
31:9a:f3:14:f3:43:40:ee:9c:b1:a0:df:ec:1a:d3:73:a3:66:
a6:38:53:ce:d4:c8:78:3a:39:9a:4c:5f:db:3e:ba:18:64:7d:
7c:c3:4a:07:df:65:85:74:5b:b5:a7:36:88:c5:40:95:68:59:
74:a8:e2:2f:25:1b:99:41:b7:fd:db:9a:35:f3:0a:e7:81:cd:
f4:f9:a9:9e:19:b8:4f:07:7a:79:da:d0:8c:c5:7f:40:7c:02:
48:74:ec:5f:57:f3:91:db:39:d9:41:9e:6f:b9:6a:fc:1a:3e:
e6:ce:6d:a8:bd:33:45:81:68:82:40:15:78:08:90:95:d7:10:
d7:bd:db:a1:0f:66:77:a4:47:c8:40:a5:8d:53:97:bb:dc:4b:
dc:1d:25:9d:59:8a:12:d1:64:11:19:e5:03:89:03:d8:51:00:
69:d5:4b:a9:27:ea:db:c6:b7:62:d1:25:23:b8:e5:70:39:bc:
78:03:b5:26:2e:f2:ea:83:26:d6:5f:4a:21:2a:12:d1:04:19:
0d:20:fe:64:f3:d7:2d:16:b2:3b:8a:1a:b9:3a:ce:ea:54:c4:
03:ee:24:b7:7c:71:67:81:2d:77:92:19:05:d3:c2:9e:32:d4:
8a:56:43:80:7a:56:ca:20:61:4e:83:01:4e:65:b7:fa:71:88:
25:4e:fb:02
-----BEGIN CERTIFICATE-----
MIIGKjCCBRKgAwIBAgIEDayCljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MGM4YTM5MGRkZTVlMTUxOWE0YmQzZGE3NTRhOTNlOTg4NDkyZDY3MB4XDTIyMDEw
MTAwNTAxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzg3NTBhZTRmNzY1
OWNhOGNmOTU5MzQ4YWE5YmU3ZTFmOTllYmQ3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIqR5uJhptyTOaulJcbVPVE2LaOtmjGRbwtCQFdDJPlIQcGs
VlGuCBs+drkNTzu03AuP/ZGKcdcGWE5paPbztX68LvKt4FgcA7Rm1jrEsMFTZ7V+
W5WUGIViXDU2a2n/BcWbHUW2hLc+6jjZftRLBc3DaPA9yjxIEJK0DhYJib5X/dun
AFpNLo38nSMv0Js4uWOP8pjxMn1seqIw7mk0FtpZ+Z/5UhjKHwZuI55HL7j4vkYi
PCv9KHrtZO32eu0nxBkeuRk5vNw7FKp6d9RKQZNyCOhWcTBK3Aim6EO7Q2li+rYl
KxHQyYFRlbVtQqsg28l6S7bp3t94s1IFZV0mO0kCAwEAAaOCA0QwggNAMB0GA1Ud
DgQWBBQ4dQrk92WcqM+Vk0iqm+fh+Z69dzAfBgNVHSMEGDAWgBTgyKOQ3eXhUZpL
09p1SpPpiEktZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRNaWprTjNsNFZHYVM5UGFkVXFUNlloSkxXYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvODY5YjMwLWZjZDYtNDhkZi04ZDI1LWJlZjNiYTIxYzcxNS8x
L09IVUs1UGRsbktqUGxaTklxcHZuNGZtZXZYYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
ODY5YjMwLWZjZDYtNDhkZi04ZDI1LWJlZjNiYTIxYzcxNS8xLzRNaWprTjNsNFZH
YVM5UGFkVXFUNlloSkxXYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AVgGCCsGAQUFBwEHAQH/BIIBRzCCAUMwgekEAgABMIHiAwQEH8EAAwQDJdxYAwQF
LiWgAwQCThhYAwQETm2gAwQETolwAwQCUELIAwQEUPSwAwQEUcmAAwQEXuWgAwQF
bWyAAwQDn/3QAwQEsu6AMAwDBAC5N00DBAS5N0ADBAK5nEADBAK5oLQwDAMEArmg
/AMEALmg/gMEArmi4AMEArmmgAMEArm1xAMEArm2WAMEArnFPAMEArnPbAMEArnS
xAMEArnYTAMEArnZKAMEArncPAMEArndzAMEArni3AMEArnqJAMEArnx+AMEAsCm
LAMEAsEn/AMEAsInpAMEAMNFZjBVBAIAAjBPMBADBQMqAiGoAwcAKgIhqAACMBID
BwIqAiGoAAQDBwAqAiGoAAYDBQAqAiLQAwcAKgmyAAAGAwcAKgm2AAAFAwcAKgm6
AAAEAwUDKgw9wDANBgkqhkiG9w0BAQsFAAOCAQEAMZrzFPNDQO6csaDf7BrTc6Nm
pjhTztTIeDo5mkxf2z66GGR9fMNKB99lhXRbtac2iMVAlWhZdKjiLyUbmUG3/dua
NfMK54HN9Pmpnhm4Twd6edrQjMV/QHwCSHTsX1fzkds52UGeb7lq/Bo+5s5tqL0z
RYFogkAVeAiQldcQ173boQ9md6RHyECljVOXu9xL3B0lnVmKEtFkERnlA4kD2FEA
adVLqSfq28a3YtElI7jlcDm8eAO1Ji7y6oMm1l9KISoS0QQZDSD+ZPPXLRayO4oa
uTrO6lTEA+4kt3xxZ4Etd5IZBdPCnjLUilZDgHpWyiBhToMBTmW3+nGIJU77Ag==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:50 2023 by rpki-client on console-fra.rpki-client.org