Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/pvcdG7Kb3FP98efC6kCM28rk1cQ.roa
File: pvcdG7Kb3FP98efC6kCM28rk1cQ.roa (raw, json)
Hash identifier: RE4Lwjp0qcJIn93hCMo9Ka8NV1bfdvO/1yki3BM+ltI=
Subject key identifier: A6:F7:1D:1B:B2:9B:DC:53:FD:F1:E7:C2:EA:40:8C:DB:CA:E4:D5:C4
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 01823BB301153AF09DA5D817BB3D7BC2D7A8
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/pvcdG7Kb3FP98efC6kCM28rk1cQ.roa
Signing time: Tue 26 Jul 2022 18:09:23 +0000
ROA not before: Tue 26 Jul 2022 18:09:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51490
IP address blocks: 89.39.212.0/24 maxlen: 24
89.39.215.0/24 maxlen: 24
188.211.167.0/24 maxlen: 24
89.36.138.0/24 maxlen: 24
89.36.139.0/24 maxlen: 24
89.36.141.0/24 maxlen: 24
89.33.47.0/24 maxlen: 24
89.33.46.0/24 maxlen: 24
89.39.241.0/24 maxlen: 24
188.241.211.0/24 maxlen: 24
89.33.134.0/24 maxlen: 24
86.107.193.0/24 maxlen: 24
86.104.2.0/24 maxlen: 24
86.104.0.0/23 maxlen: 24
91.235.130.0/23 maxlen: 23
89.33.116.0/24 maxlen: 24
86.106.94.0/24 maxlen: 24
193.32.67.0/24 maxlen: 24
86.106.95.0/24 maxlen: 24
193.32.66.0/24 maxlen: 24
86.106.110.0/23 maxlen: 23
86.106.118.0/24 maxlen: 24
86.106.116.0/23 maxlen: 23
37.156.173.0/24 maxlen: 24
89.32.170.0/24 maxlen: 24
94.177.126.0/24 maxlen: 24
89.36.38.0/24 maxlen: 24
89.36.39.0/24 maxlen: 24
176.126.194.0/24 maxlen: 24
89.42.152.0/23 maxlen: 24
89.42.154.0/24 maxlen: 24
176.223.116.0/23 maxlen: 23
176.223.118.0/24 maxlen: 24
89.35.54.0/24 maxlen: 24
86.105.242.0/24 maxlen: 24
86.105.243.0/24 maxlen: 24
89.45.82.0/24 maxlen: 24
193.254.48.0/21 maxlen: 24
93.119.125.0/24 maxlen: 24
188.213.206.0/24 maxlen: 24
193.254.56.0/21 maxlen: 24
93.119.124.0/24 maxlen: 24
89.42.10.0/24 maxlen: 24
188.213.207.0/24 maxlen: 24
46.102.179.0/24 maxlen: 24
46.102.177.0/24 maxlen: 24
46.102.178.0/24 maxlen: 24
188.213.214.0/24 maxlen: 24
188.213.215.0/24 maxlen: 24
86.106.13.0/24 maxlen: 24
89.35.89.0/24 maxlen: 24
86.105.178.0/24 maxlen: 24
86.105.185.0/24 maxlen: 24
37.156.64.0/24 maxlen: 24
37.156.65.0/24 maxlen: 24
176.223.160.0/24 maxlen: 24
176.223.161.0/24 maxlen: 24
89.41.189.0/24 maxlen: 24
89.33.255.0/24 maxlen: 24
89.37.94.0/24 maxlen: 24
89.37.92.0/23 maxlen: 23
86.104.213.0/24 maxlen: 24
89.40.209.0/24 maxlen: 24
188.208.220.0/23 maxlen: 23
188.208.222.0/23 maxlen: 23
89.33.198.0/23 maxlen: 24
89.33.200.0/23 maxlen: 24
89.33.206.0/24 maxlen: 24
89.40.140.0/24 maxlen: 24
89.40.141.0/24 maxlen: 24
188.209.124.0/23 maxlen: 23
188.209.122.0/23 maxlen: 23
188.209.126.0/23 maxlen: 23
89.41.27.0/24 maxlen: 24
89.41.28.0/23 maxlen: 24
193.30.255.0/24 maxlen: 24
193.30.254.0/24 maxlen: 24
89.34.104.0/24 maxlen: 24
89.34.105.0/24 maxlen: 24
89.41.49.0/24 maxlen: 24
188.212.254.0/24 maxlen: 24
31.14.66.0/24 maxlen: 24
31.14.67.0/24 maxlen: 24
89.37.132.0/23 maxlen: 23
89.37.129.0/24 maxlen: 24
77.81.84.0/23 maxlen: 23
2a05:7b85::/32 maxlen: 32
2a05:7b81::/32 maxlen: 32
2a05:76c0::/29 maxlen: 29
2a05:7b87::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3b:b3:01:15:3a:f0:9d:a5:d8:17:bb:3d:7b:c2:d7:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Jul 26 18:09:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6f71d1bb29bdc53fdf1e7c2ea408cdbcae4d5c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:50:f0:d5:be:03:72:fe:e2:93:63:3e:ec:4e:
79:72:47:a0:e3:14:03:dd:97:f9:83:30:f0:74:a3:
b6:ab:6f:3a:29:ec:e0:5f:f8:08:71:3c:b5:21:7e:
11:60:3d:37:e8:b2:96:fb:9f:f5:f9:de:38:de:d0:
79:62:7f:65:90:8f:07:83:e0:cc:21:4d:66:73:b3:
68:8e:fc:0e:ed:a5:1a:bd:32:66:b4:11:7a:ea:e3:
18:5e:28:82:81:b2:a6:3e:66:75:fa:64:ec:08:e3:
69:53:92:1c:6f:42:76:2b:19:1a:09:92:a8:fb:00:
80:37:91:99:e3:83:cc:75:23:bf:f7:b8:1e:a9:d5:
ff:bf:29:3e:dc:fb:b4:99:59:5f:52:90:37:32:9d:
3e:9b:37:4b:aa:a1:75:09:9d:c3:27:35:60:5c:97:
60:94:2d:18:93:e0:d0:08:1e:5a:dd:82:4a:21:f6:
86:c6:b3:8a:95:95:b5:7a:df:75:4e:07:31:63:da:
6c:c2:c8:fc:aa:37:96:af:6c:4b:19:22:88:fb:2f:
a4:24:20:c6:21:37:37:96:45:27:8a:d0:74:ad:c5:
d7:4b:75:7a:d9:25:39:f0:19:13:42:df:d9:68:88:
ea:2b:7c:eb:17:28:00:1b:ba:52:07:65:e0:87:58:
d5:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:F7:1D:1B:B2:9B:DC:53:FD:F1:E7:C2:EA:40:8C:DB:CA:E4:D5:C4
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/pvcdG7Kb3FP98efC6kCM28rk1cQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.66.0/23
37.156.64.0/23
37.156.173.0/24
46.102.177.0-46.102.179.255
77.81.84.0/23
86.104.0.0-86.104.2.255
86.104.213.0/24
86.105.178.0/24
86.105.185.0/24
86.105.242.0/23
86.106.13.0/24
86.106.94.0/23
86.106.110.0/23
86.106.116.0-86.106.118.255
86.107.193.0/24
89.32.170.0/24
89.33.46.0/23
89.33.116.0/24
89.33.134.0/24
89.33.198.0-89.33.201.255
89.33.206.0/24
89.33.255.0/24
89.34.104.0/23
89.35.54.0/24
89.35.89.0/24
89.36.38.0/23
89.36.138.0/23
89.36.141.0/24
89.37.92.0-89.37.94.255
89.37.129.0/24
89.37.132.0/23
89.39.212.0/24
89.39.215.0/24
89.39.241.0/24
89.40.140.0/23
89.40.209.0/24
89.41.27.0-89.41.29.255
89.41.49.0/24
89.41.189.0/24
89.42.10.0/24
89.42.152.0-89.42.154.255
89.45.82.0/24
91.235.130.0/23
93.119.124.0/23
94.177.126.0/24
176.126.194.0/24
176.223.116.0-176.223.118.255
176.223.160.0/23
188.208.220.0/22
188.209.122.0-188.209.127.255
188.211.167.0/24
188.212.254.0/24
188.213.206.0/23
188.213.214.0/23
188.241.211.0/24
193.30.254.0/23
193.32.66.0/23
193.254.48.0/20
IPv6:
2a05:76c0::/29
2a05:7b81::/32
2a05:7b85::/32
2a05:7b87::/32
Signature Algorithm: sha256WithRSAEncryption
87:f5:ad:af:8f:9f:f1:05:1b:78:6a:17:66:01:f6:49:90:1f:
46:fb:3e:11:35:96:ca:58:03:af:cb:2c:a4:4c:69:e8:fb:35:
c8:74:26:fc:c2:22:0d:42:23:3c:b7:5e:34:a7:5c:d6:08:1f:
ab:f8:ed:cf:b8:fa:bc:fd:77:62:3a:6b:c7:df:25:2a:2c:f6:
6e:f3:6c:71:8a:5a:59:87:0c:54:50:56:50:80:a9:bf:7c:29:
31:69:76:91:ac:79:97:97:f2:d3:aa:09:6d:a7:f5:9b:f5:96:
ce:46:9c:2c:a5:fe:ad:eb:bf:39:1c:38:25:d6:8d:12:8d:64:
4e:1c:27:4b:46:a0:6e:7e:47:e4:d8:94:a4:ce:30:52:92:cb:
e9:1a:f3:e3:3d:b6:61:c6:f3:28:90:f6:ad:d4:10:69:4d:bd:
a4:d9:39:76:be:79:6c:bb:1f:1a:66:fc:e9:85:15:60:e1:d8:
dc:13:52:a1:5e:70:8f:bd:71:30:2c:4a:9e:93:5d:03:0d:3d:
fe:e9:f0:50:07:ad:50:77:cc:8e:09:9c:19:68:a6:c8:bf:ff:
59:ad:6a:52:3c:80:75:8e:0c:58:d5:22:e6:0b:c9:c9:f9:59:
a7:ab:82:98:bf:4d:6a:db:60:a2:b9:97:ce:06:67:e3:d7:06:
5c:58:4e:26
-----BEGIN CERTIFICATE-----
MIIGyDCCBbCgAwIBAgISAYI7swEVOvCdpdgXuz17wteoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjIwNzI2MTgwOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmY3MWQxYmIyOWJkYzUzZmRmMWU3YzJlYTQwOGNkYmNhZTRkNWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFDw1b4Dcv7ik2M+7E55ckeg4xQD
3Zf5gzDwdKO2q286KezgX/gIcTy1IX4RYD036LKW+5/1+d443tB5Yn9lkI8Hg+DM
IU1mc7NojvwO7aUavTJmtBF66uMYXiiCgbKmPmZ1+mTsCONpU5Icb0J2KxkaCZKo
+wCAN5GZ44PMdSO/97geqdX/vyk+3Pu0mVlfUpA3Mp0+mzdLqqF1CZ3DJzVgXJdg
lC0Yk+DQCB5a3YJKIfaGxrOKlZW1et91TgcxY9pswsj8qjeWr2xLGSKI+y+kJCDG
ITc3lkUnitB0rcXXS3V62SU58BkTQt/ZaIjqK3zrFygAG7pSB2Xgh1jVZQIDAQAB
o4ID1DCCA9AwHQYDVR0OBBYEFKb3HRuym9xT/fHnwupAjNvK5NXEMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvcHZjZEc3S2IzRlA5OGVmQzZrQ00yOHJrMWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB6AYIKwYBBQUHAQcBAf8EggHXMIIB0zCCAasEAgABMIIB
owMEAR8OQgMEASWcQAMEACWcrTAMAwQALmaxAwQCLmawAwQBTVFUMAsDAwNWaAME
AFZoAgMEAFZo1QMEAFZpsgMEAFZpuQMEAVZp8gMEAFZqDQMEAVZqXgMEAVZqbjAM
AwQCVmp0AwQAVmp2AwQAVmvBAwQAWSCqAwQBWSEuAwQAWSF0AwQAWSGGMAwDBAFZ
IcYDBAFZIcgDBABZIc4DBABZIf8DBAFZImgDBABZIzYDBABZI1kDBAFZJCYDBAFZ
JIoDBABZJI0wDAMEAlklXAMEAFklXgMEAFklgQMEAVklhAMEAFkn1AMEAFkn1wME
AFkn8QMEAVkojAMEAFko0TAMAwQAWSkbAwQBWSkcAwQAWSkxAwQAWSm9AwQAWSoK
MAwDBANZKpgDBABZKpoDBABZLVIDBAFb64IDBAFdd3wDBABesX4DBACwfsIwDAME
ArDfdAMEALDfdgMEAbDfoAMEArzQ3DAMAwQBvNF6AwQHvNEAAwQAvNOnAwQAvNT+
AwQBvNXOAwQBvNXWAwQAvPHTAwQBwR7+AwQBwSBCAwQEwf4wMCIEAgACMBwDBQMq
BXbAAwUAKgV7gQMFACoFe4UDBQAqBXuHMA0GCSqGSIb3DQEBCwUAA4IBAQCH9a2v
j5/xBRt4ahdmAfZJkB9G+z4RNZbKWAOvyyykTGno+zXIdCb8wiINQiM8t140p1zW
CB+r+O3PuPq8/XdiOmvH3yUqLPZu82xxilpZhwxUUFZQgKm/fCkxaXaRrHmXl/LT
qgltp/Wb9ZbORpwspf6t6785HDgl1o0SjWROHCdLRqBufkfk2JSkzjBSksvpGvPj
PbZhxvMokPat1BBpTb2k2Tl2vnlsux8aZvzphRVg4djcE1KhXnCPvXEwLEqek10D
DT3+6fBQB61Qd8yOCZwZaKbIv/9ZrWpSPIB1jgxY1SLmC8nJ+Vmnq4KYv01q22Ci
uZfOBmfj1wZcWE4m
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:35 2023 by rpki-client on console-fra.rpki-client.org