Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/Hu8nk-vdUBEkbCxQoaOK1HBPiMg.roa
File: Hu8nk-vdUBEkbCxQoaOK1HBPiMg.roa (raw, json)
Hash identifier: cAdRYcBtAA41C0pTOrjIMzvwYZ2hVcXq09VqqcIVGF0=
Subject key identifier: 1E:EF:27:93:EB:DD:50:11:24:6C:2C:50:A1:A3:8A:D4:70:4F:88:C8
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 018451E0FFFF8D7FAAE30991069F50A00C72
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/Hu8nk-vdUBEkbCxQoaOK1HBPiMg.roa
Signing time: Mon 07 Nov 2022 11:36:50 +0000
ROA not before: Mon 07 Nov 2022 11:36:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51490
IP address blocks: 89.39.215.0/24 maxlen: 24
89.36.138.0/24 maxlen: 24
89.36.139.0/24 maxlen: 24
89.36.141.0/24 maxlen: 24
89.33.134.0/24 maxlen: 24
86.107.193.0/24 maxlen: 24
86.104.2.0/24 maxlen: 24
91.235.130.0/23 maxlen: 23
193.32.67.0/24 maxlen: 24
193.32.66.0/24 maxlen: 24
86.106.110.0/23 maxlen: 23
89.32.170.0/24 maxlen: 24
94.177.126.0/24 maxlen: 24
89.36.38.0/24 maxlen: 24
89.36.39.0/24 maxlen: 24
176.126.194.0/24 maxlen: 24
176.223.116.0/23 maxlen: 23
176.223.118.0/24 maxlen: 24
86.105.242.0/24 maxlen: 24
89.35.54.0/24 maxlen: 24
89.45.82.0/24 maxlen: 24
193.254.48.0/21 maxlen: 24
188.213.206.0/24 maxlen: 24
93.119.124.0/24 maxlen: 24
193.254.56.0/21 maxlen: 24
188.213.207.0/24 maxlen: 24
188.213.214.0/24 maxlen: 24
188.213.215.0/24 maxlen: 24
86.106.13.0/24 maxlen: 24
89.35.89.0/24 maxlen: 24
86.105.178.0/24 maxlen: 24
86.105.185.0/24 maxlen: 24
37.156.64.0/24 maxlen: 24
37.156.65.0/24 maxlen: 24
176.223.161.0/24 maxlen: 24
89.37.94.0/24 maxlen: 24
89.33.255.0/24 maxlen: 24
89.37.92.0/23 maxlen: 23
188.208.222.0/23 maxlen: 23
89.33.206.0/24 maxlen: 24
89.40.140.0/24 maxlen: 24
89.40.141.0/24 maxlen: 24
188.209.124.0/23 maxlen: 23
188.209.122.0/23 maxlen: 23
188.209.126.0/23 maxlen: 23
193.30.254.0/24 maxlen: 24
89.34.104.0/24 maxlen: 24
89.34.105.0/24 maxlen: 24
89.41.49.0/24 maxlen: 24
89.37.129.0/24 maxlen: 24
77.81.84.0/23 maxlen: 23
2a05:7b85::/32 maxlen: 32
2a05:7b81::/32 maxlen: 32
2a05:76c0::/29 maxlen: 29
2a05:7b87::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:51:e0:ff:ff:8d:7f:aa:e3:09:91:06:9f:50:a0:0c:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Nov 7 11:36:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1eef2793ebdd5011246c2c50a1a38ad4704f88c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4b:97:a1:95:b2:9c:0e:d7:2a:50:8f:dd:e0:
df:f0:a2:e8:23:38:c6:42:8b:50:8e:02:fa:68:02:
58:91:42:ce:81:27:ba:db:18:64:63:89:a0:fa:47:
4d:ac:0c:84:2d:d3:95:e1:62:4d:7b:a1:e6:05:2a:
5f:d8:2f:00:1f:d5:5a:68:07:aa:ba:cc:4d:bf:97:
8a:11:66:4a:01:c9:a4:a6:17:af:f1:48:b0:d8:52:
f2:0d:df:21:58:c9:6b:10:9b:a6:60:f9:1c:cc:22:
78:55:e1:a9:18:ff:75:c5:14:47:a6:67:6f:ad:c9:
4f:3a:79:80:f4:47:7a:d2:db:b4:13:19:f6:b0:09:
ac:c0:9f:36:ca:d3:6e:b0:f5:49:51:52:76:39:b8:
8a:a8:60:0f:74:50:64:80:87:11:d2:c9:a7:e4:8e:
5c:a3:b9:29:ba:70:19:1a:32:5c:34:53:e8:14:0a:
e8:e7:2d:92:32:49:3a:81:69:73:d4:b4:b7:c8:28:
68:42:63:bf:b1:6f:6e:cb:fa:e6:62:86:83:e1:a4:
88:97:e4:63:71:8f:a8:e2:0f:e8:fa:7b:13:a3:d7:
ea:6a:37:bb:4b:35:b5:f6:0f:f5:c3:77:c9:69:62:
c0:75:e5:79:bd:22:76:c0:e0:16:f6:a8:5c:9b:d8:
fb:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:EF:27:93:EB:DD:50:11:24:6C:2C:50:A1:A3:8A:D4:70:4F:88:C8
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/Hu8nk-vdUBEkbCxQoaOK1HBPiMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.64.0/23
77.81.84.0/23
86.104.2.0/24
86.105.178.0/24
86.105.185.0/24
86.105.242.0/24
86.106.13.0/24
86.106.110.0/23
86.107.193.0/24
89.32.170.0/24
89.33.134.0/24
89.33.206.0/24
89.33.255.0/24
89.34.104.0/23
89.35.54.0/24
89.35.89.0/24
89.36.38.0/23
89.36.138.0/23
89.36.141.0/24
89.37.92.0-89.37.94.255
89.37.129.0/24
89.39.215.0/24
89.40.140.0/23
89.41.49.0/24
89.45.82.0/24
91.235.130.0/23
93.119.124.0/24
94.177.126.0/24
176.126.194.0/24
176.223.116.0-176.223.118.255
176.223.161.0/24
188.208.222.0/23
188.209.122.0-188.209.127.255
188.213.206.0/23
188.213.214.0/23
193.30.254.0/24
193.32.66.0/23
193.254.48.0/20
IPv6:
2a05:76c0::/29
2a05:7b81::/32
2a05:7b85::/32
2a05:7b87::/32
Signature Algorithm: sha256WithRSAEncryption
33:2d:54:47:32:6a:7c:95:8f:e5:d8:c8:57:6f:2c:53:b5:e3:
6e:da:5d:e9:80:b2:c8:8f:4e:04:a5:cf:c3:2f:b2:6b:c2:bf:
db:4a:17:08:ca:bb:1e:c2:39:38:86:5a:4d:31:3a:8f:68:c4:
c0:3b:0e:6c:79:fe:ab:e3:01:5f:61:2e:c3:81:ac:c6:fc:e7:
1f:0b:0a:c8:27:78:30:c9:d1:a6:66:8c:fa:43:ae:5c:d3:c9:
f5:4d:10:b2:cc:1e:24:94:f0:37:1c:a8:f8:a7:55:27:8c:a4:
e2:26:ed:7b:b0:b4:06:16:b7:31:17:50:58:9d:a5:9d:81:33:
12:cd:00:a1:c2:5e:17:27:3e:11:84:9e:41:0b:1f:f0:be:e1:
08:71:04:d5:b1:c5:e7:ed:91:d2:55:94:6b:83:ae:20:55:e8:
1b:35:c7:f0:33:fd:f2:05:e3:60:9e:b7:20:05:97:6d:95:e7:
97:78:9e:1c:06:7f:5e:b3:d0:57:52:32:7e:bc:3f:6e:26:48:
4a:7a:63:89:45:3b:51:a7:e5:1d:03:c8:47:fb:67:c2:96:cd:
00:04:b3:0b:39:5c:a2:0a:ab:57:32:27:73:0f:9a:0c:8f:54:
cb:c4:1e:ef:f8:2c:a4:31:59:24:dc:ad:50:dd:3d:d3:a5:3c:
46:ee:fd:99
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgISAYRR4P//jX+q4wmRBp9QoAxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjIxMTA3MTEzNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWVmMjc5M2ViZGQ1MDExMjQ2YzJjNTBhMWEzOGFkNDcwNGY4OGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0uXoZWynA7XKlCP3eDf8KLoIzjG
QotQjgL6aAJYkULOgSe62xhkY4mg+kdNrAyELdOV4WJNe6HmBSpf2C8AH9VaaAeq
usxNv5eKEWZKAcmkphev8Uiw2FLyDd8hWMlrEJumYPkczCJ4VeGpGP91xRRHpmdv
rclPOnmA9Ed60tu0Exn2sAmswJ82ytNusPVJUVJ2ObiKqGAPdFBkgIcR0smn5I5c
o7kpunAZGjJcNFPoFAro5y2SMkk6gWlz1LS3yChoQmO/sW9uy/rmYoaD4aSIl+Rj
cY+o4g/o+nsTo9fqaje7SzW19g/1w3fJaWLAdeV5vSJ2wOAW9qhcm9j73QIDAQAB
o4IDLDCCAygwHQYDVR0OBBYEFB7vJ5Pr3VARJGwsUKGjitRwT4jIMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvSHU4bmstdmRVQkVrYkN4UW9hT0sxSEJQaU1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQAYIKwYBBQUHAQcBAf8EggEvMIIBKzCCAQMEAgABMIH8
AwQBJZxAAwQBTVFUAwQAVmgCAwQAVmmyAwQAVmm5AwQAVmnyAwQAVmoNAwQBVmpu
AwQAVmvBAwQAWSCqAwQAWSGGAwQAWSHOAwQAWSH/AwQBWSJoAwQAWSM2AwQAWSNZ
AwQBWSQmAwQBWSSKAwQAWSSNMAwDBAJZJVwDBABZJV4DBABZJYEDBABZJ9cDBAFZ
KIwDBABZKTEDBABZLVIDBAFb64IDBABdd3wDBABesX4DBACwfsIwDAMEArDfdAME
ALDfdgMEALDfoQMEAbzQ3jAMAwQBvNF6AwQHvNEAAwQBvNXOAwQBvNXWAwQAwR7+
AwQBwSBCAwQEwf4wMCIEAgACMBwDBQMqBXbAAwUAKgV7gQMFACoFe4UDBQAqBXuH
MA0GCSqGSIb3DQEBCwUAA4IBAQAzLVRHMmp8lY/l2MhXbyxTteNu2l3pgLLIj04E
pc/DL7Jrwr/bShcIyrsewjk4hlpNMTqPaMTAOw5sef6r4wFfYS7DgazG/OcfCwrI
J3gwydGmZoz6Q65c08n1TRCyzB4klPA3HKj4p1UnjKTiJu17sLQGFrcxF1BYnaWd
gTMSzQChwl4XJz4RhJ5BCx/wvuEIcQTVscXn7ZHSVZRrg64gVegbNcfwM/3yBeNg
nrcgBZdtleeXeJ4cBn9es9BXUjJ+vD9uJkhKemOJRTtRp+UdA8hH+2fCls0ABLML
OVyiCqtXMidzD5oMj1TLxB7v+CykMVkk3K1Q3T3TpTxG7v2Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:58 2024 by rpki-client on console-ams.rpki-client.org