Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/Nv-AUul0jyrEaDm-tC6snXGE3Gw.roa
File: Nv-AUul0jyrEaDm-tC6snXGE3Gw.roa (raw, json)
Hash identifier: JsvCSdn9zwlUGgxuIsexgUrj2Y6zq+Qh4w4UDJ5/nqg=
Subject key identifier: 36:FF:80:52:E9:74:8F:2A:C4:68:39:BE:B4:2E:AC:9D:71:84:DC:6C
Certificate issuer: /CN=3a5dc2ba5942e04fdd8ba99516a1b93b1e4f9624
Certificate serial: 018B70357FA4417EC7CD8F38030C44F1B2E9
Authority key identifier: 3A:5D:C2:BA:59:42:E0:4F:DD:8B:A9:95:16:A1:B9:3B:1E:4F:96:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ol3CullC4E_di6mVFqG5Ox5PliQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/Nv-AUul0jyrEaDm-tC6snXGE3Gw.roa
Signing time: Fri 27 Oct 2023 08:17:16 +0000
ROA not before: Fri 27 Oct 2023 08:17:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48503
IP address blocks: 89.208.123.0/24 maxlen: 24
185.234.60.0/22 maxlen: 22
79.133.184.0/22 maxlen: 22
79.133.188.0/22 maxlen: 22
91.234.208.0/24 maxlen: 24
91.234.209.0/24 maxlen: 24
85.193.120.0/21 maxlen: 21
185.234.24.0/22 maxlen: 22
85.193.96.0/21 maxlen: 21
85.193.104.0/21 maxlen: 21
85.193.112.0/21 maxlen: 21
188.124.232.0/22 maxlen: 22
188.124.236.0/22 maxlen: 22
188.124.244.0/23 maxlen: 23
188.124.246.0/23 maxlen: 23
176.64.0.0/21 maxlen: 21
176.64.8.0/21 maxlen: 21
176.64.16.0/21 maxlen: 21
176.64.24.0/21 maxlen: 21
176.64.32.0/24 maxlen: 24
176.64.34.0/24 maxlen: 24
176.64.33.0/24 maxlen: 24
176.64.35.0/24 maxlen: 24
185.212.246.0/24 maxlen: 24
185.212.245.0/24 maxlen: 24
185.212.244.0/24 maxlen: 24
81.91.180.0/22 maxlen: 22
185.212.247.0/24 maxlen: 24
81.91.184.0/22 maxlen: 22
185.44.84.0/23 maxlen: 23
185.44.86.0/23 maxlen: 23
93.157.176.0/23 maxlen: 23
81.211.150.0/24 maxlen: 24
93.157.178.0/23 maxlen: 23
93.157.181.0/24 maxlen: 24
93.157.180.0/24 maxlen: 24
93.157.183.0/24 maxlen: 24
93.157.182.0/24 maxlen: 24
81.211.172.0/24 maxlen: 24
81.211.196.0/24 maxlen: 24
81.211.195.0/24 maxlen: 24
79.137.171.0/24 maxlen: 24
81.211.198.0/24 maxlen: 24
79.137.170.0/24 maxlen: 24
81.211.197.0/24 maxlen: 24
81.211.199.0/24 maxlen: 24
81.211.194.0/24 maxlen: 24
81.211.193.0/24 maxlen: 24
81.211.130.0/24 maxlen: 24
81.211.133.0/24 maxlen: 24
31.10.3.0/24 maxlen: 24
81.211.201.0/24 maxlen: 24
81.211.203.0/24 maxlen: 24
79.137.176.0/23 maxlen: 23
81.211.202.0/24 maxlen: 24
81.211.204.0/24 maxlen: 24
81.211.206.0/24 maxlen: 24
79.137.178.0/23 maxlen: 23
81.211.208.0/24 maxlen: 24
81.211.207.0/24 maxlen: 24
217.171.144.0/24 maxlen: 24
81.211.251.0/24 maxlen: 24
81.211.253.0/24 maxlen: 24
81.211.250.0/24 maxlen: 24
212.96.64.0/24 maxlen: 24
212.96.67.0/24 maxlen: 24
212.96.66.0/24 maxlen: 24
212.96.68.0/24 maxlen: 24
212.96.70.0/23 maxlen: 23
212.96.69.0/24 maxlen: 24
212.96.65.0/24 maxlen: 24
212.96.72.0/23 maxlen: 23
212.96.74.0/23 maxlen: 23
212.96.77.0/24 maxlen: 24
212.96.76.0/24 maxlen: 24
212.96.78.0/24 maxlen: 24
212.96.80.0/23 maxlen: 23
212.96.82.0/24 maxlen: 24
212.96.84.0/24 maxlen: 24
212.96.83.0/24 maxlen: 24
212.96.85.0/24 maxlen: 24
212.96.79.0/24 maxlen: 24
212.96.86.0/23 maxlen: 23
212.96.88.0/24 maxlen: 24
212.96.91.0/24 maxlen: 24
212.96.90.0/24 maxlen: 24
212.96.95.0/24 maxlen: 24
212.96.94.0/24 maxlen: 24
212.96.93.0/24 maxlen: 24
212.96.92.0/24 maxlen: 24
95.163.145.0/24 maxlen: 24
91.103.104.0/24 maxlen: 24
91.103.105.0/24 maxlen: 24
193.41.131.0/24 maxlen: 24
193.41.130.0/24 maxlen: 24
89.223.112.0/22 maxlen: 22
89.223.116.0/22 maxlen: 22
62.122.104.0/23 maxlen: 23
62.122.106.0/23 maxlen: 23
62.122.108.0/24 maxlen: 24
62.122.109.0/24 maxlen: 24
185.250.30.0/23 maxlen: 23
185.250.28.0/23 maxlen: 23
194.0.244.0/24 maxlen: 24
194.0.245.0/24 maxlen: 24
185.223.188.0/22 maxlen: 22
185.229.84.0/22 maxlen: 22
62.122.4.0/22 maxlen: 22
62.122.0.0/22 maxlen: 22
194.0.188.0/24 maxlen: 24
194.0.189.0/24 maxlen: 24
185.229.121.0/24 maxlen: 24
185.229.120.0/24 maxlen: 24
195.189.48.0/23 maxlen: 23
195.189.51.0/24 maxlen: 24
195.189.50.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:70:35:7f:a4:41:7e:c7:cd:8f:38:03:0c:44:f1:b2:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a5dc2ba5942e04fdd8ba99516a1b93b1e4f9624
Validity
Not Before: Oct 27 08:17:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=36ff8052e9748f2ac46839beb42eac9d7184dc6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:21:c6:cc:39:98:39:ff:66:50:86:8d:c4:13:
cc:10:98:2e:15:58:7d:ed:02:68:4e:83:5d:28:b3:
df:b2:27:ed:4a:46:ba:6c:65:e4:e8:89:2d:b3:68:
2a:48:d3:a0:a5:1b:fe:29:b3:fd:a1:6c:44:75:75:
f1:10:c0:7b:4d:3a:34:52:0e:4a:78:8f:56:9d:84:
4c:c9:1a:81:dc:62:58:ee:bd:a2:6a:f6:5f:0e:d8:
9e:01:4a:fd:3c:c6:2c:e7:58:f5:bc:8b:ac:5e:fd:
eb:be:eb:73:c4:b3:a4:3c:96:6b:4b:a2:1a:93:9f:
b6:0d:1d:3b:88:b8:b4:73:06:31:1d:b5:93:e1:09:
8e:c0:a1:03:f3:66:b6:71:bd:ae:c4:12:50:df:01:
97:34:e1:7f:75:83:bb:50:58:cd:7a:7d:15:be:a5:
d4:cc:2b:e3:4f:42:01:7f:90:92:52:69:eb:1f:43:
08:8a:7d:8e:77:e8:0a:22:8d:03:f9:b8:e9:4c:c1:
69:b2:80:39:f2:ce:86:0e:41:ca:5f:43:7b:84:22:
6e:f1:fc:a9:03:2e:95:83:58:d5:ad:41:fc:59:d7:
f5:3b:72:4c:b5:33:90:3c:2f:4e:fd:72:58:28:ef:
d3:73:11:58:2f:dc:a7:f8:21:0b:96:b1:74:42:34:
b4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:FF:80:52:E9:74:8F:2A:C4:68:39:BE:B4:2E:AC:9D:71:84:DC:6C
X509v3 Authority Key Identifier:
keyid:3A:5D:C2:BA:59:42:E0:4F:DD:8B:A9:95:16:A1:B9:3B:1E:4F:96:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ol3CullC4E_di6mVFqG5Ox5PliQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/Nv-AUul0jyrEaDm-tC6snXGE3Gw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/Ol3CullC4E_di6mVFqG5Ox5PliQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.3.0/24
62.122.0.0/21
62.122.104.0-62.122.109.255
79.133.184.0/21
79.137.170.0/23
79.137.176.0/22
81.91.180.0-81.91.187.255
81.211.130.0/24
81.211.133.0/24
81.211.150.0/24
81.211.172.0/24
81.211.193.0-81.211.199.255
81.211.201.0-81.211.204.255
81.211.206.0-81.211.208.255
81.211.250.0/23
81.211.253.0/24
85.193.96.0/19
89.208.123.0/24
89.223.112.0/21
91.103.104.0/23
91.234.208.0/23
93.157.176.0/21
95.163.145.0/24
176.64.0.0-176.64.35.255
185.44.84.0/22
185.212.244.0/22
185.223.188.0/22
185.229.84.0/22
185.229.120.0/23
185.234.24.0/22
185.234.60.0/22
185.250.28.0/22
188.124.232.0/21
188.124.244.0/22
193.41.130.0/23
194.0.188.0/23
194.0.244.0/23
195.189.48.0/22
212.96.64.0-212.96.88.255
212.96.90.0-212.96.95.255
217.171.144.0/24
Signature Algorithm: sha256WithRSAEncryption
23:47:35:7b:9c:88:97:b7:ab:e3:f6:d3:75:2f:9b:a1:a3:34:
2c:45:40:81:15:51:62:f9:92:3f:f0:20:70:64:19:85:8b:a0:
03:45:1d:62:ec:68:f9:81:45:b7:3e:73:b2:4d:ec:df:9b:b0:
e2:95:a8:12:11:bb:5b:0a:73:35:c1:fa:9e:7d:a8:d3:ad:e0:
87:4c:4c:d4:14:c9:7e:8b:c9:b1:a8:77:5c:e3:8d:53:0a:55:
8d:c9:30:79:22:b2:f3:38:c8:d5:ef:0c:62:b0:89:ce:46:8b:
91:5d:e9:90:a7:eb:8c:55:92:d0:53:f2:c2:57:f0:4d:f8:38:
fb:54:2f:ad:19:d0:72:14:9e:02:9c:8d:30:b3:00:df:71:1a:
0a:f0:12:2d:9a:8f:82:31:b7:a3:52:f3:7c:9e:df:16:7e:0c:
15:9c:38:05:40:b8:97:5a:b7:12:1b:e8:a1:53:5d:40:c8:55:
5a:9f:26:25:0c:a2:9c:00:45:a0:f8:1a:fc:40:d1:9f:8e:93:
b4:92:00:f3:3e:e4:db:ff:8f:56:7f:51:da:fa:79:3f:65:90:
9b:d8:20:24:7d:96:92:ec:61:2f:39:94:6b:c7:3d:f2:6e:55:
f9:64:fe:df:3e:41:4d:1c:23:ca:b0:e9:90:2f:c8:f2:9a:c3:
25:ff:79:b9
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgISAYtwNX+kQX7HzY84AwxE8bLpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNWRjMmJhNTk0MmUwNGZkZDhiYTk5NTE2YTFiOTNiMWU0
Zjk2MjQwHhcNMjMxMDI3MDgxNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmZmODA1MmU5NzQ4ZjJhYzQ2ODM5YmViNDJlYWM5ZDcxODRkYzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSHGzDmYOf9mUIaNxBPMEJguFVh9
7QJoToNdKLPfsiftSka6bGXk6Ikts2gqSNOgpRv+KbP9oWxEdXXxEMB7TTo0Ug5K
eI9WnYRMyRqB3GJY7r2iavZfDtieAUr9PMYs51j1vIusXv3rvutzxLOkPJZrS6Ia
k5+2DR07iLi0cwYxHbWT4QmOwKED82a2cb2uxBJQ3wGXNOF/dYO7UFjNen0VvqXU
zCvjT0IBf5CSUmnrH0MIin2Od+gKIo0D+bjpTMFpsoA58s6GDkHKX0N7hCJu8fyp
Ay6Vg1jVrUH8Wdf1O3JMtTOQPC9O/XJYKO/TcxFYL9yn+CELlrF0QjS0jwIDAQAB
o4IDQjCCAz4wHQYDVR0OBBYEFDb/gFLpdI8qxGg5vrQurJ1xhNxsMB8GA1UdIwQY
MBaAFDpdwrpZQuBP3YuplRahuTseT5YkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2wzQ3VsbEM0RV9kaTZtVkZxRzVPeDVQbGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC83MTRmNTQtZmE3NS00MDkxLThjMGIt
OWMxNWZiZDVlZTVlLzEvTnYtQVV1bDBqeXJFYURtLXRDNnNuWEdFM0d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC83MTRmNTQtZmE3NS00MDkxLThjMGItOWMxNWZiZDVlZTVl
LzEvT2wzQ3VsbEM0RV9kaTZtVkZxRzVPeDVQbGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVgYIKwYBBQUHAQcBAf8EggFFMIIBQTCCAT0EAgABMIIB
NQMEAB8KAwMEAz56ADAMAwQDPnpoAwQBPnpsAwQDT4W4AwQBT4mqAwQCT4mwMAwD
BAJRW7QDBAJRW7gDBABR04IDBABR04UDBABR05YDBABR06wwDAMEAFHTwQMEA1HT
wDAMAwQAUdPJAwQAUdPMMAwDBAFR084DBABR09ADBAFR0/oDBABR0/0DBAVVwWAD
BABZ0HsDBANZ33ADBAFbZ2gDBAFb6tADBANdnbADBABfo5EwCwMDBrBAAwQCsEAg
AwQCuSxUAwQCudT0AwQCud+8AwQCueVUAwQBueV4AwQCueoYAwQCueo8AwQCufoc
AwQDvHzoAwQCvHz0AwQBwSmCAwQBwgC8AwQBwgD0AwQCw70wMAwDBAbUYEADBADU
YFgwDAMEAdRgWgMEBdRgQAMEANmrkDANBgkqhkiG9w0BAQsFAAOCAQEAI0c1e5yI
l7er4/bTdS+boaM0LEVAgRVRYvmSP/AgcGQZhYugA0UdYuxo+YFFtz5zsk3s35uw
4pWoEhG7WwpzNcH6nn2o063gh0xM1BTJfovJsah3XOONUwpVjckweSKy8zjI1e8M
YrCJzkaLkV3pkKfrjFWS0FPywlfwTfg4+1QvrRnQchSeApyNMLMA33EaCvASLZqP
gjG3o1LzfJ7fFn4MFZw4BUC4l1q3EhvooVNdQMhVWp8mJQyinABFoPga/EDRn46T
tJIA8z7k2/+PVn9R2vp5P2WQm9ggJH2WkuxhLzmUa8c98m5V+WT+3z5BTRwjyrDp
kC/I8prDJf95uQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:10 2025 by rpki-client