Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/APPLVBH5I3v_pDTLEV2uDCMKZZo.roa
File: APPLVBH5I3v_pDTLEV2uDCMKZZo.roa (raw, json)
Hash identifier: 0KxFkoJAZvS+DycdU2uXYT7nzJ86YyCC5VeWncQvVU4=
Subject key identifier: 00:F3:CB:54:11:F9:23:7B:FF:A4:34:CB:11:5D:AE:0C:23:0A:65:9A
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 018ACC32D306A84ACDE308FD55029C3CBE5B
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/APPLVBH5I3v_pDTLEV2uDCMKZZo.roa
Signing time: Mon 25 Sep 2023 11:56:37 +0000
ROA not before: Mon 25 Sep 2023 11:56:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 95.174.160.0/19 maxlen: 24
87.255.128.0/19 maxlen: 24
217.19.192.0/20 maxlen: 24
159.20.8.0/21 maxlen: 24
213.222.64.0/18 maxlen: 24
95.168.0.0/19 maxlen: 24
79.80.0.0/12 maxlen: 24
185.147.204.0/22 maxlen: 24
79.174.192.0/18 maxlen: 24
185.147.232.0/22 maxlen: 24
85.168.0.0/14 maxlen: 24
194.6.128.0/19 maxlen: 24
195.146.192.0/19 maxlen: 24
62.39.0.0/16 maxlen: 24
77.140.0.0/14 maxlen: 24
62.106.128.0/17 maxlen: 24
217.112.224.0/20 maxlen: 24
194.153.89.0/24 maxlen: 24
194.153.90.0/24 maxlen: 24
194.153.88.0/23 maxlen: 24
194.153.97.0/24 maxlen: 24
194.153.92.0/24 maxlen: 24
178.18.176.0/20 maxlen: 24
87.100.0.0/17 maxlen: 24
212.39.128.0/19 maxlen: 24
62.241.64.0/18 maxlen: 24
178.19.0.0/20 maxlen: 24
81.220.0.0/16 maxlen: 24
77.233.96.0/19 maxlen: 24
78.112.0.0/12 maxlen: 24
62.85.128.0/19 maxlen: 24
37.64.0.0/13 maxlen: 24
46.165.64.0/18 maxlen: 24
89.185.160.0/19 maxlen: 24
84.205.128.0/19 maxlen: 24
212.23.160.0/19 maxlen: 24
212.30.96.0/19 maxlen: 24
91.91.0.0/16 maxlen: 24
88.219.0.0/16 maxlen: 24
81.64.0.0/14 maxlen: 24
80.118.0.0/15 maxlen: 24
195.132.0.0/16 maxlen: 24
195.98.96.0/19 maxlen: 24
78.159.0.0/19 maxlen: 24
84.4.0.0/14 maxlen: 24
85.192.192.0/18 maxlen: 24
79.132.32.0/19 maxlen: 24
77.192.0.0/12 maxlen: 24
86.64.0.0/12 maxlen: 24
80.70.32.0/20 maxlen: 24
80.124.0.0/15 maxlen: 24
82.151.0.0/19 maxlen: 24
95.157.192.0/18 maxlen: 24
95.157.128.0/18 maxlen: 24
212.198.0.0/16 maxlen: 24
93.191.80.0/21 maxlen: 24
77.84.0.0/16 maxlen: 24
91.151.112.0/20 maxlen: 24
86.63.224.0/19 maxlen: 24
213.144.192.0/19 maxlen: 24
77.144.0.0/12 maxlen: 24
217.70.80.0/20 maxlen: 24
85.117.128.0/19 maxlen: 24
195.3.0.0/18 maxlen: 24
77.137.196.0/22 maxlen: 24
77.137.200.0/21 maxlen: 24
95.171.128.0/19 maxlen: 24
77.137.208.0/20 maxlen: 24
81.185.0.0/16 maxlen: 24
80.185.0.0/16 maxlen: 24
77.137.224.0/19 maxlen: 24
84.96.0.0/13 maxlen: 24
87.231.0.0/16 maxlen: 24
62.62.169.0/24 maxlen: 24
89.2.0.0/15 maxlen: 24
188.224.0.0/17 maxlen: 24
95.136.128.0/17 maxlen: 24
194.183.192.0/19 maxlen: 24
62.62.128.0/17 maxlen: 24
89.157.88.0/21 maxlen: 24
89.157.96.0/19 maxlen: 24
141.170.216.0/21 maxlen: 24
213.245.0.0/16 maxlen: 24
185.150.120.0/22 maxlen: 24
213.203.64.0/18 maxlen: 24
89.156.0.0/14 maxlen: 24
213.169.160.0/19 maxlen: 24
109.0.0.0/11 maxlen: 24
93.0.0.0/11 maxlen: 24
93.182.192.0/18 maxlen: 24
81.1.0.0/18 maxlen: 24
88.136.0.0/13 maxlen: 24
213.176.192.0/19 maxlen: 24
84.55.128.0/18 maxlen: 24
89.170.0.0/16 maxlen: 24
62.129.160.0/19 maxlen: 24
62.8.0.0/19 maxlen: 24
77.136.0.0/16 maxlen: 24
46.35.0.0/19 maxlen: 24
80.236.0.0/17 maxlen: 24
77.128.0.0/13 maxlen: 24
188.7.0.0/16 maxlen: 24
212.94.160.0/19 maxlen: 24
130.0.96.0/19 maxlen: 24
188.141.128.0/17 maxlen: 24
83.141.128.0/17 maxlen: 24
213.128.32.0/19 maxlen: 24
194.242.176.0/20 maxlen: 24
195.7.96.0/19 maxlen: 24
92.88.0.0/13 maxlen: 24
85.68.0.0/15 maxlen: 24
213.223.0.0/16 maxlen: 24
91.68.0.0/14 maxlen: 24
91.88.0.0/16 maxlen: 24
82.216.0.0/16 maxlen: 24
95.175.160.0/19 maxlen: 24
195.115.0.0/16 maxlen: 24
78.155.128.0/19 maxlen: 24
2a00:8d80::/32 maxlen: 48
2a00:ec80::/32 maxlen: 48
2a00:5e80::/32 maxlen: 48
2a00:ec81::/32 maxlen: 48
2a00:6200::/29 maxlen: 48
2a00:8380::/32 maxlen: 48
2a00:7180::/32 maxlen: 48
2a02:8400::/25 maxlen: 48
2a00:ec80::/29 maxlen: 48
2a00:9380::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cc:32:d3:06:a8:4a:cd:e3:08:fd:55:02:9c:3c:be:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Sep 25 11:56:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00f3cb5411f9237bffa434cb115dae0c230a659a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8e:b0:a4:ff:ce:9e:df:5c:89:89:31:24:de:
87:79:d6:7f:20:a3:8d:5e:6d:37:95:94:6d:a9:7f:
7c:01:6a:cd:aa:c9:64:68:8e:16:0b:4b:b2:11:19:
26:86:6d:bc:e6:13:a3:03:07:a2:e4:82:39:5c:e0:
6e:3f:ad:4a:7c:d2:ac:fa:5a:87:cf:b7:c2:f5:1a:
66:69:68:78:75:16:5a:b8:84:ea:13:6e:27:fe:b6:
69:67:96:4a:da:6d:ab:79:87:9b:29:82:31:21:ae:
c0:e3:31:68:77:09:ab:15:e7:c1:6d:85:82:b2:ce:
6e:3d:12:26:d6:c5:f1:4b:d3:43:76:33:7b:27:9a:
c2:08:cd:ac:27:7d:6d:4c:b5:54:a4:e9:4e:b7:da:
67:fd:df:83:e3:4c:ff:b0:8d:56:45:34:ef:78:8a:
cd:00:4f:53:a3:fa:28:33:84:77:03:84:db:67:7e:
5e:f6:c0:b9:90:c7:5f:18:9d:18:30:00:42:ae:58:
75:5b:f6:36:1f:d2:f4:1c:d0:15:60:dc:67:99:25:
ac:78:b1:d4:25:53:fb:a1:b3:b5:6f:86:c3:fc:a3:
d5:2b:55:aa:cb:d7:c5:37:b6:59:72:24:0c:c8:9b:
0f:eb:85:92:28:95:7a:db:24:e3:04:31:d9:8c:c3:
e1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:F3:CB:54:11:F9:23:7B:FF:A4:34:CB:11:5D:AE:0C:23:0A:65:9A
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/APPLVBH5I3v_pDTLEV2uDCMKZZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.64.0.0/13
46.35.0.0/19
46.165.64.0/18
62.8.0.0/19
62.39.0.0/16
62.62.128.0/17
62.85.128.0/19
62.106.128.0/17
62.129.160.0/19
62.241.64.0/18
77.84.0.0/16
77.128.0.0-77.136.255.255
77.137.196.0-77.137.255.255
77.140.0.0-77.159.255.255
77.192.0.0/12
77.233.96.0/19
78.112.0.0/12
78.155.128.0/19
78.159.0.0/19
79.80.0.0/12
79.132.32.0/19
79.174.192.0/18
80.70.32.0/20
80.118.0.0/15
80.124.0.0/15
80.185.0.0/16
80.236.0.0/17
81.1.0.0/18
81.64.0.0/14
81.185.0.0/16
81.220.0.0/16
82.151.0.0/19
82.216.0.0/16
83.141.128.0/17
84.4.0.0/14
84.55.128.0/18
84.96.0.0/13
84.205.128.0/19
85.68.0.0/15
85.117.128.0/19
85.168.0.0/14
85.192.192.0/18
86.63.224.0-86.79.255.255
87.100.0.0/17
87.231.0.0/16
87.255.128.0/19
88.136.0.0/13
88.219.0.0/16
89.2.0.0/15
89.156.0.0/14
89.170.0.0/16
89.185.160.0/19
91.68.0.0/14
91.88.0.0/16
91.91.0.0/16
91.151.112.0/20
92.88.0.0/13
93.0.0.0/11
93.182.192.0/18
93.191.80.0/21
95.136.128.0/17
95.157.128.0/17
95.168.0.0/19
95.171.128.0/19
95.174.160.0/19
95.175.160.0/19
109.0.0.0/11
130.0.96.0/19
141.170.216.0/21
159.20.8.0/21
178.18.176.0/20
178.19.0.0/20
185.147.204.0/22
185.147.232.0/22
185.150.120.0/22
188.7.0.0/16
188.141.128.0/17
188.224.0.0/17
194.6.128.0/19
194.153.88.0-194.153.90.255
194.153.92.0/24
194.153.97.0/24
194.183.192.0/19
194.242.176.0/20
195.3.0.0/18
195.7.96.0/19
195.98.96.0/19
195.115.0.0/16
195.132.0.0/16
195.146.192.0/19
212.23.160.0/19
212.30.96.0/19
212.39.128.0/19
212.94.160.0/19
212.198.0.0/16
213.128.32.0/19
213.144.192.0/19
213.169.160.0/19
213.176.192.0/19
213.203.64.0/18
213.222.64.0/18
213.223.0.0/16
213.245.0.0/16
217.19.192.0/20
217.70.80.0/20
217.112.224.0/20
IPv6:
2a00:5e80::/32
2a00:6200::/29
2a00:7180::/32
2a00:8380::/32
2a00:8d80::/32
2a00:9380::/32
2a00:ec80::/29
2a02:8400::/25
Signature Algorithm: sha256WithRSAEncryption
3d:57:cc:de:2d:7a:60:88:f1:62:3c:29:74:19:27:b0:c7:4f:
ac:fb:e0:48:d3:fc:74:36:b2:06:cc:4b:55:ab:32:d6:88:53:
ad:f5:fa:bf:b3:33:d1:08:a6:ed:2b:d7:2f:fe:23:00:be:99:
ef:fa:5b:d0:d3:75:cf:79:81:c7:6b:4b:46:3f:83:84:3b:a6:
8d:97:88:64:10:a5:33:a5:5f:7f:12:8d:07:80:10:0f:38:a9:
b2:f3:af:8f:69:87:ee:da:60:a2:a0:36:aa:a7:6a:c1:59:dd:
49:24:ef:12:15:87:45:15:78:be:23:db:41:34:79:b0:ed:a7:
2c:63:51:1b:f4:e2:5a:f8:ff:78:5e:a9:03:30:93:4c:b4:39:
63:19:61:b8:c4:b3:50:44:cd:e9:61:87:76:7b:d2:83:93:0e:
0f:4f:5c:91:38:41:12:19:20:2e:e1:db:d8:f9:15:a6:63:56:
85:a2:93:96:59:55:86:39:8e:c5:55:85:bc:80:ad:b7:e1:21:
6f:14:0f:35:1b:b1:00:d1:fa:39:e2:a8:aa:1f:93:f8:78:2e:
d6:ba:96:2b:6b:2d:ee:43:17:88:2a:ae:d1:54:42:e0:b9:08:
32:a4:2d:d6:c7:91:22:6e:1d:46:77:eb:04:de:55:2c:49:0c:
cb:a0:25:57
-----BEGIN CERTIFICATE-----
MIIHvDCCBqSgAwIBAgISAYrMMtMGqErN4wj9VQKcPL5bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjMwOTI1MTE1NjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGYzY2I1NDExZjkyMzdiZmZhNDM0Y2IxMTVkYWUwYzIzMGE2NTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn46wpP/Ont9ciYkxJN6HedZ/IKON
Xm03lZRtqX98AWrNqslkaI4WC0uyERkmhm285hOjAwei5II5XOBuP61KfNKs+lqH
z7fC9RpmaWh4dRZauITqE24n/rZpZ5ZK2m2reYebKYIxIa7A4zFodwmrFefBbYWC
ss5uPRIm1sXxS9NDdjN7J5rCCM2sJ31tTLVUpOlOt9pn/d+D40z/sI1WRTTveIrN
AE9To/ooM4R3A4TbZ35e9sC5kMdfGJ0YMABCrlh1W/Y2H9L0HNAVYNxnmSWseLHU
JVP7obO1b4bD/KPVK1Wqy9fFN7ZZciQMyJsP64WSKJV62yTjBDHZjMPhkQIDAQAB
o4IEyDCCBMQwHQYDVR0OBBYEFADzy1QR+SN7/6Q0yxFdrgwjCmWaMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvQVBQTFZCSDVJM3ZfcERUTEVWMnVEQ01LWlpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIC3AYIKwYBBQUHAQcBAf8EggLLMIICxzCCAoMEAgABMIIC
ewMDAyVAAwQFLiMAAwQGLqVAAwQFPggAAwMAPicDBAc+PoADBAU+VYADBAc+aoAD
BAU+gaADBAY+8UADAwBNVDAKAwMHTYADAwBNiDALAwQCTYnEAwMBTYgwCgMDAk2M
AwMFTYADAwRNwAMEBU3pYAMDBE5wAwQFTpuAAwQFTp8AAwMET1ADBAVPhCADBAZP
rsADBARQRiADAwFQdgMDAVB8AwMAULkDBAdQ7AADBAZRAQADAwJRQAMDAFG5AwMA
UdwDBAVSlwADAwBS2AMEB1ONgAMDAlQEAwQGVDeAAwMDVGADBAVUzYADAwFVRAME
BVV1gAMDAlWoAwQGVcDAMAsDBAVWP+ADAwRWQAMEB1dkAAMDAFfnAwQFV/+AAwMD
WIgDAwBY2wMDAVkCAwMCWZwDAwBZqgMEBVm5oAMDAltEAwMAW1gDAwBbWwMEBFuX
cAMDA1xYAwMFXQADBAZdtsADBANdv1ADBAdfiIADBAdfnYADBAVfqAADBAVfq4AD
BAVfrqADBAVfr6ADAwVtAAMEBYIAYAMEA42q2AMEA58UCAMEBLISsAMEBLITAAME
ArmTzAMEArmT6AMEArmWeAMDALwHAwQHvI2AAwQHvOAAAwQFwgaAMAwDBAPCmVgD
BADCmVoDBADCmVwDBADCmWEDBAXCt8ADBATC8rADBAbDAwADBAXDB2ADBAXDYmAD
AwDDcwMDAMOEAwQFw5LAAwQF1BegAwQF1B5gAwQF1CeAAwQF1F6gAwMA1MYDBAXV
gCADBAXVkMADBAXVqaADBAXVsMADBAbVy0ADBAbV3kADAwDV3wMDANX1AwQE2RPA
AwQE2UZQAwQE2XDgMD4EAgACMDgDBQAqAF6AAwUDKgBiAAMFACoAcYADBQAqAIOA
AwUAKgCNgAMFACoAk4ADBQMqAOyAAwUHKgKEADANBgkqhkiG9w0BAQsFAAOCAQEA
PVfM3i16YIjxYjwpdBknsMdPrPvgSNP8dDayBsxLVasy1ohTrfX6v7Mz0Qim7SvX
L/4jAL6Z7/pb0NN1z3mBx2tLRj+DhDumjZeIZBClM6VffxKNB4AQDzipsvOvj2mH
7tpgoqA2qqdqwVndSSTvEhWHRRV4viPbQTR5sO2nLGNRG/TiWvj/eF6pAzCTTLQ5
YxlhuMSzUETN6WGHdnvSg5MOD09ckThBEhkgLuHb2PkVpmNWhaKTlllVhjmOxVWF
vICtt+EhbxQPNRuxANH6OeKoqh+T+Hgu1rqWK2st7kMXiCqu0VRC4LkIMqQt1seR
Im4dRnfrBN5VLEkMy6AlVw==
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:53:04 2025 by rpki-client