Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/rKW2PzrshvDpBIAhAtXHWnr5Biw.roa
File: rKW2PzrshvDpBIAhAtXHWnr5Biw.roa (raw, json)
Hash identifier: DV9PPYZjdT5M6GryT+juhof+O/zqyVhTYqrs6MNch6E=
Subject key identifier: AC:A5:B6:3F:3A:EC:86:F0:E9:04:80:21:02:D5:C7:5A:7A:F9:06:2C
Certificate issuer: /CN=ff40d8a2ea9676369e6e817679490e4e505c89f3
Certificate serial: 0A80FFD9
Authority key identifier: FF:40:D8:A2:EA:96:76:36:9E:6E:81:76:79:49:0E:4E:50:5C:89:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0DYouqWdjaeboF2eUkOTlBcifM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/rKW2PzrshvDpBIAhAtXHWnr5Biw.roa
Signing time: Sat 01 Jan 2022 11:56:58 +0000
ROA not before: Sat 01 Jan 2022 11:56:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35612
IP address blocks: 146.241.240.0/20 maxlen: 20
84.33.64.0/20 maxlen: 20
146.241.176.0/20 maxlen: 20
146.241.192.0/20 maxlen: 20
78.134.0.0/17 maxlen: 17
146.241.208.0/20 maxlen: 20
185.11.20.0/22 maxlen: 22
146.241.224.0/20 maxlen: 20
84.33.128.0/18 maxlen: 18
84.33.128.0/19 maxlen: 20
216.247.128.0/18 maxlen: 18
84.33.160.0/19 maxlen: 20
84.33.64.0/18 maxlen: 20
88.149.128.0/17 maxlen: 17
147.53.128.0/17 maxlen: 17
49.236.0.0/20 maxlen: 20
49.236.0.0/18 maxlen: 18
146.241.16.0/20 maxlen: 20
49.236.16.0/20 maxlen: 20
146.241.32.0/20 maxlen: 20
128.116.128.0/17 maxlen: 17
49.236.32.0/20 maxlen: 20
146.241.48.0/20 maxlen: 20
49.236.48.0/20 maxlen: 20
146.241.64.0/20 maxlen: 20
77.32.0.0/17 maxlen: 17
77.32.0.0/20 maxlen: 20
212.124.160.0/19 maxlen: 19
77.32.16.0/20 maxlen: 20
77.32.32.0/20 maxlen: 20
146.241.0.0/20 maxlen: 20
146.241.0.0/16 maxlen: 16
77.32.48.0/20 maxlen: 20
146.241.128.0/20 maxlen: 20
88.147.64.0/20 maxlen: 20
146.241.144.0/20 maxlen: 20
5.157.96.0/19 maxlen: 19
146.241.160.0/20 maxlen: 20
146.241.80.0/20 maxlen: 20
88.147.0.0/17 maxlen: 17
146.241.96.0/20 maxlen: 20
81.174.0.0/18 maxlen: 18
146.241.112.0/20 maxlen: 20
88.147.32.0/19 maxlen: 20
2001:4c90::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176226265 (0xa80ffd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff40d8a2ea9676369e6e817679490e4e505c89f3
Validity
Not Before: Jan 1 11:56:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aca5b63f3aec86f0e904802102d5c75a7af9062c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c1:39:e8:3e:ac:0c:56:f2:d8:0c:73:e0:33:
f2:36:88:3b:52:7e:f9:76:6e:54:96:a5:6a:9c:ed:
fc:08:bf:7d:a5:cd:74:1d:0f:48:b8:bc:71:5d:81:
4f:64:a6:0b:f1:c7:18:90:f3:b5:a3:8b:59:da:68:
2d:7c:88:ff:b9:5c:9a:0b:91:5e:70:95:99:d8:ba:
dd:2e:c6:3a:3b:71:ef:4e:43:28:aa:d2:e5:55:38:
b8:56:8f:cc:26:f4:ea:18:19:fe:2f:d0:0c:9e:e5:
7c:93:3f:f5:a1:9d:1f:a6:38:8f:86:23:94:bd:be:
90:f4:51:fe:cf:8c:a0:da:3c:4f:a7:2c:7f:fe:90:
22:63:4b:80:b8:d1:9a:11:cc:5c:2a:63:3a:ec:0c:
07:73:c0:1d:f1:eb:1c:80:b7:69:36:3a:bd:86:3a:
16:f9:69:36:56:bc:46:a0:18:01:f3:ac:4e:69:33:
07:a5:63:88:b6:5e:76:5d:df:b1:98:1d:7e:21:d2:
6b:cd:14:4c:bb:c7:8c:e3:c2:e8:e6:48:cc:11:2f:
e7:35:a4:2d:c9:06:d0:63:ff:05:4e:09:2a:ec:0c:
52:67:f5:9c:31:ae:c1:82:fb:22:68:6d:64:0a:89:
30:fe:4e:2e:04:7b:51:25:93:be:8a:7b:20:96:d2:
2e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:A5:B6:3F:3A:EC:86:F0:E9:04:80:21:02:D5:C7:5A:7A:F9:06:2C
X509v3 Authority Key Identifier:
keyid:FF:40:D8:A2:EA:96:76:36:9E:6E:81:76:79:49:0E:4E:50:5C:89:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0DYouqWdjaeboF2eUkOTlBcifM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/rKW2PzrshvDpBIAhAtXHWnr5Biw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/7abf3c-29f3-43c8-978e-b050c1129126/1/_0DYouqWdjaeboF2eUkOTlBcifM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.96.0/19
49.236.0.0/18
77.32.0.0/17
78.134.0.0/17
81.174.0.0/18
84.33.64.0-84.33.191.255
88.147.0.0/17
88.149.128.0/17
128.116.128.0/17
146.241.0.0/16
147.53.128.0/17
185.11.20.0/22
212.124.160.0/19
216.247.128.0/18
IPv6:
2001:4c90::/29
Signature Algorithm: sha256WithRSAEncryption
3a:d3:1c:46:0f:79:c1:c0:14:95:42:76:16:00:4b:60:44:ee:
85:6c:60:db:7d:ac:68:6c:89:44:f9:3a:5a:22:80:83:66:ff:
9b:a6:14:c9:16:7d:94:76:51:ad:4b:db:b5:e6:67:15:c8:df:
1a:15:9f:c3:2e:d2:5c:35:27:89:29:fd:63:cd:b7:3b:c1:83:
89:a4:25:4e:a8:36:f2:22:13:62:f7:a2:af:51:19:1c:e2:ea:
55:22:fc:80:18:75:d4:3d:3c:3f:ec:29:7f:f5:ca:e6:f1:8b:
9f:fe:d1:50:43:b4:21:54:a6:98:7f:1e:4a:88:a9:9c:f8:4b:
64:2a:ff:d9:5d:a0:e6:e2:58:4f:99:88:21:88:3e:0c:31:f0:
25:ef:b7:f6:61:df:97:77:ae:de:93:47:b0:b4:8b:bf:1b:5b:
7d:7b:2d:7c:a3:be:a2:aa:e2:69:59:6a:3b:4e:e1:71:12:91:
7f:f0:61:8b:f7:5d:d4:e8:a1:74:e6:2a:49:01:26:c7:db:bc:
6e:d7:1c:3e:83:a2:25:77:9f:33:ee:66:c4:e3:47:74:a5:83:
9f:98:f5:40:22:43:1e:64:20:50:16:46:f3:9a:53:f0:5c:c4:
3e:cc:a3:e5:74:80:60:6d:01:19:df:fd:28:10:dc:21:25:14:
03:ec:69:ed
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIECoD/2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjQwZDhhMmVhOTY3NjM2OWU2ZTgxNzY3OTQ5MGU0ZTUwNWM4OWYzMB4XDTIyMDEw
MTExNTY1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWNhNWI2M2YzYWVj
ODZmMGU5MDQ4MDIxMDJkNWM3NWE3YWY5MDYyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXBOeg+rAxW8tgMc+Az8jaIO1J++XZuVJalapzt/Ai/faXN
dB0PSLi8cV2BT2SmC/HHGJDztaOLWdpoLXyI/7lcmguRXnCVmdi63S7GOjtx705D
KKrS5VU4uFaPzCb06hgZ/i/QDJ7lfJM/9aGdH6Y4j4YjlL2+kPRR/s+MoNo8T6cs
f/6QImNLgLjRmhHMXCpjOuwMB3PAHfHrHIC3aTY6vYY6FvlpNla8RqAYAfOsTmkz
B6VjiLZedl3fsZgdfiHSa80UTLvHjOPC6OZIzBEv5zWkLckG0GP/BU4JKuwMUmf1
nDGuwYL7ImhtZAqJMP5OLgR7USWTvop7IJbSLusCAwEAAaOCAm4wggJqMB0GA1Ud
DgQWBBSspbY/OuyG8OkEgCEC1cdaevkGLDAfBgNVHSMEGDAWgBT/QNii6pZ2Np5u
gXZ5SQ5OUFyJ8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L18wRFlvdXFXZGphZWJvRjJlVWtPVGxCY2lmTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvN2FiZjNjLTI5ZjMtNDNjOC05NzhlLWIwNTBjMTEyOTEyNi8x
L3JLVzJQenJzaHZEcEJJQWhBdFhIV25yNUJpdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
N2FiZjNjLTI5ZjMtNDNjOC05NzhlLWIwNTBjMTEyOTEyNi8xL18wRFlvdXFXZGph
ZWJvRjJlVWtPVGxCY2lmTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
gwYIKwYBBQUHAQcBAf8EdDByMGEEAgABMFsDBAUFnWADBAYx7AADBAdNIAADBAdO
hgADBAZRrgAwDAMEBlQhQAMEBlQhgAMEB1iTAAMEB1iVgAMEB4B0gAMDAJLxAwQH
kzWAAwQCuQsUAwQF1HygAwQG2PeAMA0EAgACMAcDBQMgAUyQMA0GCSqGSIb3DQEB
CwUAA4IBAQA60xxGD3nBwBSVQnYWAEtgRO6FbGDbfaxobIlE+TpaIoCDZv+bphTJ
Fn2UdlGtS9u15mcVyN8aFZ/DLtJcNSeJKf1jzbc7wYOJpCVOqDbyIhNi96KvURkc
4upVIvyAGHXUPTw/7Cl/9crm8Yuf/tFQQ7QhVKaYfx5KiKmc+EtkKv/ZXaDm4lhP
mYghiD4MMfAl77f2Yd+Xd67ek0ewtIu/G1t9ey18o76iquJpWWo7TuFxEpF/8GGL
913U6KF05ipJASbH27xu1xw+g6Ild58z7mbE40d0pYOfmPVAIkMeZCBQFkbzmlPw
XMQ+zKPldIBgbQEZ3/0oENwhJRQD7Gnt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:29 2024 by rpki-client on console-fra.rpki-client.org