Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/uXXgCerOlO6zidwVCRreNreFxtY.roa
File: uXXgCerOlO6zidwVCRreNreFxtY.roa (raw, json)
Hash identifier: lLmgRYGis/K30rN4pxFHlRhnLFCc2z5brHAF3ECYiCE=
Subject key identifier: B9:75:E0:09:EA:CE:94:EE:B3:89:DC:15:09:1A:DE:36:B7:85:C6:D6
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 018461A2B76A369BC0B01A3F9F57108B01AB
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/uXXgCerOlO6zidwVCRreNreFxtY.roa
Signing time: Thu 10 Nov 2022 13:02:44 +0000
ROA not before: Thu 10 Nov 2022 13:02:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3214
IP address blocks: 80.66.196.0/22 maxlen: 24
92.60.40.0/23 maxlen: 23
92.60.41.0/24 maxlen: 24
92.60.42.0/24 maxlen: 24
92.60.40.0/24 maxlen: 24
185.255.55.0/24 maxlen: 24
185.255.53.0/24 maxlen: 24
185.255.52.0/22 maxlen: 24
45.80.188.0/22 maxlen: 24
62.133.35.0/24 maxlen: 24
62.133.33.0/24 maxlen: 24
62.133.32.0/24 maxlen: 24
62.133.32.0/22 maxlen: 24
45.147.48.0/22 maxlen: 24
45.153.244.0/22 maxlen: 24
95.214.164.0/22 maxlen: 24
185.248.84.0/22 maxlen: 24
185.194.52.0/22 maxlen: 24
91.200.241.0/24 maxlen: 24
45.11.45.0/24 maxlen: 24
141.98.196.0/22 maxlen: 24
147.78.179.0/24 maxlen: 24
147.78.177.0/24 maxlen: 24
147.78.178.0/24 maxlen: 24
147.78.176.0/24 maxlen: 24
147.78.176.0/22 maxlen: 24
185.200.64.0/22 maxlen: 24
45.139.192.0/22 maxlen: 24
185.254.75.0/24 maxlen: 24
45.92.157.0/24 maxlen: 24
185.254.72.0/22 maxlen: 24
185.213.151.0/24 maxlen: 24
185.213.149.0/24 maxlen: 24
185.213.148.0/22 maxlen: 24
185.213.148.0/24 maxlen: 24
194.124.216.0/24 maxlen: 24
45.131.152.0/22 maxlen: 24
194.124.228.0/24 maxlen: 24
194.124.227.0/24 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
194.124.213.0/24 maxlen: 24
193.111.90.0/23 maxlen: 24
193.177.220.0/22 maxlen: 24
194.36.222.0/23 maxlen: 24
94.124.116.0/22 maxlen: 24
45.90.210.0/24 maxlen: 24
193.111.30.0/23 maxlen: 24
195.245.219.0/24 maxlen: 24
185.49.32.0/22 maxlen: 24
45.130.23.0/24 maxlen: 24
45.130.21.0/24 maxlen: 24
79.143.140.0/22 maxlen: 24
45.130.22.0/24 maxlen: 24
45.130.20.0/24 maxlen: 24
45.130.20.0/22 maxlen: 24
194.36.24.0/24 maxlen: 24
194.36.24.0/22 maxlen: 24
45.143.233.0/24 maxlen: 24
194.36.25.0/24 maxlen: 24
45.143.232.0/22 maxlen: 24
45.143.235.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
149.62.44.0/22 maxlen: 24
78.142.192.0/22 maxlen: 24
194.169.180.0/23 maxlen: 24
45.13.199.0/24 maxlen: 24
45.13.198.0/24 maxlen: 24
109.94.168.0/22 maxlen: 24
194.169.54.0/24 maxlen: 24
194.169.54.0/23 maxlen: 24
185.222.216.0/21 maxlen: 24
185.222.216.0/22 maxlen: 24
185.222.220.0/24 maxlen: 24
2a06:4fc0::/29 maxlen: 48
2a07:e900::/29 maxlen: 48
2a09:0:7::/48 maxlen: 48
2a06:57c0::/29 maxlen: 48
2a09:0:4::/48 maxlen: 48
2a09::/29 maxlen: 48
2a0b:4080::/32 maxlen: 48
2a0d:3640::/29 maxlen: 48
2a0c:ed40::/29 maxlen: 48
2a09:0:1::/48 maxlen: 48
2a09:0:1337::/48 maxlen: 64
2a0d:de80::/29 maxlen: 48
2a09:0:6::/48 maxlen: 48
2a09:0:9::/48 maxlen: 48
2a07:fa00::/29 maxlen: 48
2a0d:7540::/29 maxlen: 48
2a03:d9c0::/29 maxlen: 48
2a09:0:3::/48 maxlen: 48
2a10:2600::/29 maxlen: 48
2a0c:59c0::/29 maxlen: 48
2a09:0:11::/48 maxlen: 48
2a0b:89c0::/29 maxlen: 48
2a09:0:8::/48 maxlen: 48
2a0d:4340::/29 maxlen: 48
2a09:0:5::/48 maxlen: 48
2a0e:6200::/29 maxlen: 48
2a07:fe00::/29 maxlen: 48
2a0d:1fc0::/29 maxlen: 48
2a03:d9c0:3000::/48 maxlen: 64
2a03:d9c0:8000::/48 maxlen: 48
2a03:d9c0:c0de::/48 maxlen: 64
2a0d:4bc0::/29 maxlen: 48
2a09:0:2::/48 maxlen: 48
2a10:480::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:61:a2:b7:6a:36:9b:c0:b0:1a:3f:9f:57:10:8b:01:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Nov 10 13:02:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b975e009eace94eeb389dc15091ade36b785c6d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:69:9f:07:26:be:ec:90:8b:9e:e6:54:2c:2b:
94:a4:c9:d4:c3:dd:5a:46:b5:fd:d7:de:26:71:d0:
14:ca:f0:a6:bf:73:d5:36:53:0c:16:1c:fb:28:c8:
13:75:02:c8:68:65:c1:46:64:1f:75:96:75:f1:5a:
69:c7:ec:19:dd:86:9a:39:7f:72:97:36:a5:19:a1:
ad:39:41:7f:20:0b:54:ca:01:9a:31:8c:e8:42:6c:
2d:9f:e8:cf:54:9f:5b:39:2f:63:00:34:da:76:30:
15:93:e5:43:a0:f4:6f:45:fe:fc:67:15:f2:ac:36:
a7:bb:18:e2:0c:6f:c7:10:fa:bf:84:ae:87:b3:1c:
89:fe:01:34:c7:2f:e3:d6:c1:65:4a:71:4b:f4:1b:
6a:31:c1:e9:29:a6:09:63:f3:39:73:07:f6:14:ea:
fd:f8:4f:2a:5d:f3:a8:30:5b:c0:7b:2c:fd:45:2c:
33:e1:6c:b9:22:91:a1:8d:f5:d2:a8:51:6a:1c:01:
72:53:f7:7e:aa:e0:08:d6:47:b0:fd:18:33:b6:a5:
94:26:2d:c9:f3:d3:05:9d:1e:36:65:11:39:ff:8d:
92:b1:f2:09:89:57:3d:5a:01:33:dd:4d:f8:d2:8d:
9d:4b:9a:86:3b:d7:ee:c1:74:17:43:2f:02:35:24:
da:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:75:E0:09:EA:CE:94:EE:B3:89:DC:15:09:1A:DE:36:B7:85:C6:D6
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/uXXgCerOlO6zidwVCRreNreFxtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.45.0/24
45.13.198.0/23
45.80.188.0/22
45.90.210.0/24
45.92.157.0/24
45.130.20.0/22
45.131.152.0/22
45.139.192.0/22
45.143.232.0/22
45.147.48.0/22
45.153.244.0/22
62.133.32.0/22
78.142.192.0/22
79.143.140.0/22
80.66.196.0/22
91.200.241.0/24
92.60.40.0-92.60.42.255
94.124.116.0/22
95.214.164.0/22
109.94.168.0/22
141.98.196.0/22
147.78.176.0/22
149.62.44.0/22
185.49.32.0/22
185.194.52.0/22
185.200.64.0/22
185.213.148.0/22
185.222.216.0/21
185.248.84.0/22
185.254.72.0/22
185.255.52.0/22
193.111.30.0/23
193.111.90.0/23
193.177.220.0/22
194.36.24.0/22
194.36.222.0/23
194.104.152.0/22
194.124.213.0/24
194.124.216.0/24
194.124.227.0-194.124.228.255
194.169.54.0/23
194.169.180.0/23
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a03:d9c0::/29
2a06:4fc0::/29
2a06:57c0::/29
2a07:e900::/29
2a07:fa00::/29
2a07:fe00::/29
2a09::/29
2a0b:4080::/32
2a0b:89c0::/29
2a0c:59c0::/29
2a0c:ed40::/29
2a0d:1fc0::/29
2a0d:3640::/29
2a0d:4340::/29
2a0d:4bc0::/29
2a0d:7540::/29
2a0d:de80::/29
2a0e:6200::/29
2a10:480::/29
2a10:2600::/29
Signature Algorithm: sha256WithRSAEncryption
65:25:30:4d:6d:12:76:4b:2d:86:4e:4c:08:d6:10:e2:cd:db:
13:52:26:71:2a:88:b3:27:22:b4:49:b0:3d:ac:e8:bc:6e:cb:
8b:ab:c3:8c:a7:17:cc:a7:0d:5b:7a:c9:da:c9:15:0a:23:41:
1f:84:7d:56:d1:ae:0f:20:4d:a8:2d:b2:a5:9d:f3:98:14:c6:
b3:b7:6e:1f:d6:c3:49:77:bf:e3:65:1a:72:13:d3:57:04:37:
73:ab:26:27:12:e7:01:9e:96:c7:ad:5e:6d:49:c9:df:3d:f4:
3d:0a:b2:1f:60:4a:b8:2c:54:a9:92:94:b2:44:57:89:e2:9b:
4b:15:be:2a:fb:0c:4d:17:5c:8e:6a:34:1f:da:a0:ca:23:97:
da:f5:3f:70:0b:bd:22:2a:21:7a:09:e6:49:2e:b9:36:44:64:
e3:ca:3d:1b:e3:39:8c:63:fa:96:fc:d0:bf:54:64:d4:b8:d9:
36:74:e7:2a:28:51:ce:d7:9a:d3:8f:a7:79:e0:4b:eb:01:ac:
82:a3:62:41:f9:1d:80:43:44:af:1c:12:bf:46:23:26:b5:81:
48:ec:e7:51:eb:3e:14:69:a3:cf:f6:f7:92:dd:88:d7:0d:79:
17:09:70:dd:8a:4f:c8:dd:e0:52:ff:26:9d:32:d1:83:50:74:
98:49:3c:88
-----BEGIN CERTIFICATE-----
MIIGtzCCBZ+gAwIBAgISAYRhordqNpvAsBo/n1cQiwGrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjIxMTEwMTMwMjQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTc1ZTAwOWVhY2U5NGVlYjM4OWRjMTUwOTFhZGUzNmI3ODVjNmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2mfBya+7JCLnuZULCuUpMnUw91a
RrX9194mcdAUyvCmv3PVNlMMFhz7KMgTdQLIaGXBRmQfdZZ18Vppx+wZ3YaaOX9y
lzalGaGtOUF/IAtUygGaMYzoQmwtn+jPVJ9bOS9jADTadjAVk+VDoPRvRf78ZxXy
rDanuxjiDG/HEPq/hK6HsxyJ/gE0xy/j1sFlSnFL9BtqMcHpKaYJY/M5cwf2FOr9
+E8qXfOoMFvAeyz9RSwz4Wy5IpGhjfXSqFFqHAFyU/d+quAI1kew/RgztqWUJi3J
89MFnR42ZRE5/42SsfIJiVc9WgEz3U340o2dS5qGO9fuwXQXQy8CNSTafwIDAQAB
o4IDwzCCA78wHQYDVR0OBBYEFLl14AnqzpTus4ncFQka3ja3hcbWMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvdVhYZ0Nlck9sTzZ6aWR3VkNScmVOcmVGeHRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB1wYIKwYBBQUHAQcBAf8EggHGMIIBwjCCASgEAgABMIIB
IAMEAC0LLQMEAS0NxgMEAi1QvAMEAC1a0gMEAC1cnQMEAi2CFAMEAi2DmAMEAi2L
wAMEAi2P6AMEAi2TMAMEAi2Z9AMEAj6FIAMEAk6OwAMEAk+PjAMEAlBCxAMEAFvI
8TAMAwQDXDwoAwQAXDwqAwQCXnx0AwQCX9akAwQCbV6oAwQCjWLEAwQCk06wAwQC
lT4sAwQCuTEgAwQCucI0AwQCuchAAwQCudWUAwQDud7YAwQCufhUAwQCuf5IAwQC
uf80AwQBwW8eAwQBwW9aAwQCwbHcAwQCwiQYAwQBwiTeAwQCwmiYAwQAwnzVAwQA
wnzYMAwDBADCfOMDBADCfOQDBAHCqTYDBAHCqbQDBADD9dswDAMEAMP18QMEAMP1
8jCBkwQCAAIwgYwDBQMqA9nAAwUDKgZPwAMFAyoGV8ADBQMqB+kAAwUDKgf6AAMF
AyoH/gADBQMqCQAAAwUAKgtAgAMFAyoLicADBQMqDFnAAwUDKgztQAMFAyoNH8AD
BQMqDTZAAwUDKg1DQAMFAyoNS8ADBQMqDXVAAwUDKg3egAMFAyoOYgADBQMqEASA
AwUDKhAmADANBgkqhkiG9w0BAQsFAAOCAQEAZSUwTW0Sdksthk5MCNYQ4s3bE1Im
cSqIsycitEmwPazovG7Li6vDjKcXzKcNW3rJ2skVCiNBH4R9VtGuDyBNqC2ypZ3z
mBTGs7duH9bDSXe/42UachPTVwQ3c6smJxLnAZ6Wx61ebUnJ3z30PQqyH2BKuCxU
qZKUskRXieKbSxW+KvsMTRdcjmo0H9qgyiOX2vU/cAu9IiohegnmSS65NkRk48o9
G+M5jGP6lvzQv1Rk1LjZNnTnKihRztea04+neeBL6wGsgqNiQfkdgENErxwSv0Yj
JrWBSOznUes+FGmjz/b3kt2I1w15Fwlw3YpPyN3gUv8mnTLRg1B0mEk8iA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:48 2024 by rpki-client on console-fra.rpki-client.org