Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cuhUfx15mNxTIugcdfWcpvlSc-4.roa
File: cuhUfx15mNxTIugcdfWcpvlSc-4.roa (raw, json)
Hash identifier: zwRZhc6C69t3K5oV3SXoSG2gMOPo10zmywJz6vXKsno=
Subject key identifier: 72:E8:54:7F:1D:79:98:DC:53:22:E8:1C:75:F5:9C:A6:F9:52:73:EE
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189DB1908E9C06E2E58979ADA346A645B54
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cuhUfx15mNxTIugcdfWcpvlSc-4.roa
Signing time: Wed 09 Aug 2023 16:19:58 +0000
ROA not before: Wed 09 Aug 2023 16:19:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 81.168.41.0/24 maxlen: 24
82.153.137.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.140.0/24 maxlen: 24
109.176.214.0/24 maxlen: 24
109.176.215.0/24 maxlen: 24
109.176.216.0/24 maxlen: 24
109.176.217.0/24 maxlen: 24
109.176.218.0/24 maxlen: 24
109.176.219.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
109.176.221.0/24 maxlen: 24
109.176.222.0/24 maxlen: 24
109.176.223.0/24 maxlen: 24
109.176.220.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
109.176.240.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
109.176.243.0/24 maxlen: 24
109.176.245.0/24 maxlen: 24
109.176.246.0/24 maxlen: 24
109.176.249.0/24 maxlen: 24
109.176.250.0/24 maxlen: 24
109.176.248.0/24 maxlen: 24
82.153.227.0/24 maxlen: 24
185.49.125.0/24 maxlen: 24
82.153.240.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
82.153.249.0/24 maxlen: 24
81.5.156.0/24 maxlen: 24
82.153.221.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
82.153.225.0/24 maxlen: 24
82.152.111.0/24 maxlen: 24
89.213.41.0/24 maxlen: 24
89.213.42.0/24 maxlen: 24
89.213.44.0/24 maxlen: 24
89.213.47.0/24 maxlen: 24
89.213.46.0/24 maxlen: 24
89.213.173.0/24 maxlen: 24
89.213.174.0/24 maxlen: 24
89.213.175.0/24 maxlen: 24
89.213.179.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.177.0/24 maxlen: 24
89.213.180.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.182.0/24 maxlen: 24
89.213.186.0/24 maxlen: 24
89.213.184.0/24 maxlen: 24
89.213.185.0/24 maxlen: 24
89.213.187.0/24 maxlen: 24
89.213.188.0/24 maxlen: 24
89.213.189.0/24 maxlen: 24
109.176.211.0/24 maxlen: 24
109.176.212.0/24 maxlen: 24
109.176.213.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
89.213.141.0/24 maxlen: 24
89.213.140.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.151.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.148.0/24 maxlen: 24
89.213.149.0/24 maxlen: 24
89.213.150.0/24 maxlen: 24
82.152.253.0/24 maxlen: 24
82.152.252.0/24 maxlen: 24
89.213.153.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.158.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
82.152.255.0/24 maxlen: 24
82.153.1.0/24 maxlen: 24
89.213.160.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.163.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.168.0/24 maxlen: 24
81.168.116.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
81.168.119.0/24 maxlen: 24
213.152.61.0/24 maxlen: 24
89.213.5.0/24 maxlen: 24
213.152.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:db:19:08:e9:c0:6e:2e:58:97:9a:da:34:6a:64:5b:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 9 16:19:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72e8547f1d7998dc5322e81c75f59ca6f95273ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:79:04:2d:93:e9:4e:e8:08:57:7f:82:fa:07:
1b:12:52:64:2d:99:f7:c1:12:fe:f5:c8:76:5c:41:
d3:3f:9b:c4:32:33:3d:60:88:d5:29:cf:e3:fe:cb:
b5:e3:bb:2b:13:a4:27:28:13:a4:e1:5f:f3:dc:02:
9b:d4:f9:3e:a7:58:da:1b:b7:26:4b:70:53:29:11:
5c:23:54:47:d3:8e:fc:f9:cd:89:79:9a:49:74:88:
a0:1f:2a:d3:5c:e9:f2:22:46:a9:2a:61:ce:05:b2:
03:89:f6:49:55:9f:d5:6d:1c:c5:70:86:c3:25:75:
f8:cc:19:c9:2e:f3:14:f6:df:ef:7f:1c:6e:58:50:
7c:72:03:30:28:b0:bb:21:4b:42:40:14:b0:7d:d0:
fe:f6:5e:a2:89:ba:12:0b:a6:29:6e:10:c5:fd:d4:
a3:8e:72:c9:f8:bc:86:ac:ec:27:b1:55:47:c6:ae:
80:bf:dc:ec:c5:d2:95:3e:64:5b:c6:5a:5b:ec:f3:
74:03:26:30:e6:ed:21:98:1c:c6:ea:0b:54:02:82:
18:cf:32:cf:87:cb:6e:eb:a7:7c:0d:9e:87:17:e7:
6b:5b:ee:d0:d5:55:75:1f:6b:de:20:d0:0e:3f:16:
07:5b:22:02:1a:90:73:1e:c5:4e:7f:1d:5b:3f:c2:
14:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:E8:54:7F:1D:79:98:DC:53:22:E8:1C:75:F5:9C:A6:F9:52:73:EE
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cuhUfx15mNxTIugcdfWcpvlSc-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.41.0/24
81.168.116.0/24
81.168.119.0/24
81.168.123.0/24
82.152.111.0/24
82.152.252.0/23
82.152.255.0/24
82.153.1.0/24
82.153.73.0/24
82.153.78.0/24
82.153.136.0-82.153.140.255
82.153.221.0/24
82.153.223.0/24
82.153.225.0/24
82.153.227.0/24
82.153.240.0/24
82.153.249.0/24
89.213.5.0/24
89.213.41.0-89.213.42.255
89.213.44.0/24
89.213.46.0/23
89.213.136.0/24
89.213.139.0-89.213.141.255
89.213.146.0/24
89.213.148.0-89.213.155.255
89.213.157.0-89.213.158.255
89.213.160.0/24
89.213.162.0-89.213.164.255
89.213.168.0/23
89.213.173.0-89.213.177.255
89.213.179.0-89.213.182.255
89.213.184.0-89.213.189.255
109.176.211.0-109.176.223.255
109.176.240.0/24
109.176.242.0/23
109.176.245.0-109.176.246.255
109.176.248.0-109.176.250.255
185.49.125.0-185.49.127.255
213.152.42.0/24
213.152.61.0/24
Signature Algorithm: sha256WithRSAEncryption
57:f8:8f:e3:50:63:df:e9:17:57:86:a7:39:7c:76:e7:1c:64:
2d:68:4b:15:90:06:8a:4e:52:87:24:bf:93:bb:61:77:68:37:
1a:79:d1:94:cf:29:12:42:ff:e5:be:69:d0:b4:7a:b0:72:88:
f9:a3:3d:9a:42:a4:c8:31:0b:3c:0d:03:5a:01:6a:22:d3:2e:
14:98:94:e2:43:30:9d:cb:b5:28:b5:92:bb:e7:57:5a:ea:14:
be:21:af:0f:0b:e1:b7:1a:4c:60:14:55:8e:d9:d3:ba:c0:d7:
a7:0b:63:8f:35:0b:57:a9:21:5f:4e:ff:db:db:27:5d:29:f1:
6a:b1:f4:9d:5a:82:3d:8f:d1:59:c2:48:f4:9f:b4:95:6d:99:
b2:5a:8d:c9:4a:05:3b:30:67:85:49:c8:0a:1c:3a:b1:1e:d7:
58:fb:7e:96:7d:8f:af:a8:03:76:b7:ef:06:c2:ea:79:40:95:
15:21:86:0c:21:34:6c:ea:7a:2d:8f:e8:5f:ac:79:24:ac:5c:
89:7b:d6:71:b3:d6:a6:06:84:aa:e5:84:ad:cf:41:ca:82:02:
0c:65:f2:18:99:db:a2:3b:b2:b6:82:53:af:0b:94:db:8b:39:
ba:7b:c0:94:41:06:6f:c4:c9:3d:e8:a8:fe:fc:0b:4d:b0:69:
d3:1a:2a:f4
-----BEGIN CERTIFICATE-----
MIIGXzCCBUegAwIBAgISAYnbGQjpwG4uWJea2jRqZFtUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA5MTYxOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmU4NTQ3ZjFkNzk5OGRjNTMyMmU4MWM3NWY1OWNhNmY5NTI3M2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHkELZPpTugIV3+C+gcbElJkLZn3
wRL+9ch2XEHTP5vEMjM9YIjVKc/j/su147srE6QnKBOk4V/z3AKb1Pk+p1jaG7cm
S3BTKRFcI1RH0478+c2JeZpJdIigHyrTXOnyIkapKmHOBbIDifZJVZ/VbRzFcIbD
JXX4zBnJLvMU9t/vfxxuWFB8cgMwKLC7IUtCQBSwfdD+9l6iiboSC6YpbhDF/dSj
jnLJ+LyGrOwnsVVHxq6Av9zsxdKVPmRbxlpb7PN0AyYw5u0hmBzG6gtUAoIYzzLP
h8tu66d8DZ6HF+drW+7Q1VV1H2veINAOPxYHWyICGpBzHsVOfx1bP8IUmQIDAQAB
o4IDazCCA2cwHQYDVR0OBBYEFHLoVH8deZjcUyLoHHX1nKb5UnPuMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvY3VoVWZ4MTVtTnhUSXVnY2RmV2NwdmxTYy00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBfwYIKwYBBQUHAQcBAf8EggFuMIIBajCCAWYEAgABMIIB
XgMEAFEFnAMEAFGoKQMEAFGodAMEAFGodwMEAFGoewMEAFKYbwMEAVKY/AMEAFKY
/wMEAFKZAQMEAFKZSQMEAFKZTjAMAwQDUpmIAwQAUpmMAwQAUpndAwQAUpnfAwQA
UpnhAwQAUpnjAwQAUpnwAwQAUpn5AwQAWdUFMAwDBABZ1SkDBABZ1SoDBABZ1SwD
BAFZ1S4DBABZ1YgwDAMEAFnViwMEAVnVjAMEAFnVkjAMAwQCWdWUAwQCWdWYMAwD
BABZ1Z0DBABZ1Z4DBABZ1aAwDAMEAVnVogMEAFnVpAMEAVnVqDAMAwQAWdWtAwQB
WdWwMAwDBABZ1bMDBABZ1bYwDAMEA1nVuAMEAVnVvDAMAwQAbbDTAwQFbbDAAwQA
bbDwAwQBbbDyMAwDBABtsPUDBABtsPYwDAMEA22w+AMEAG2w+jAMAwQAuTF9AwQH
uTEAAwQA1ZgqAwQA1Zg9MA0GCSqGSIb3DQEBCwUAA4IBAQBX+I/jUGPf6RdXhqc5
fHbnHGQtaEsVkAaKTlKHJL+Tu2F3aDcaedGUzykSQv/lvmnQtHqwcoj5oz2aQqTI
MQs8DQNaAWoi0y4UmJTiQzCdy7UotZK751da6hS+Ia8PC+G3GkxgFFWO2dO6wNen
C2OPNQtXqSFfTv/b2yddKfFqsfSdWoI9j9FZwkj0n7SVbZmyWo3JSgU7MGeFScgK
HDqxHtdY+36WfY+vqAN2t+8Gwup5QJUVIYYMITRs6notj+hfrHkkrFyJe9Zxs9am
BoSq5YStz0HKggIMZfIYmduiO7K2glOvC5Tbizm6e8CUQQZvxMk96Kj+/AtNsGnT
Gir0
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:04:30 2025 by rpki-client