Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/ab62e7-7367-4bde-934a-b42522d05895/1/hmD4oDE5avR9psfrwd2cgtEjAXg.roa
File: hmD4oDE5avR9psfrwd2cgtEjAXg.roa (raw, json)
Hash identifier: S6JBTPfR5beG4WdNdJe+iBeLjEmgcJBk2TlX6Zge+Fo=
Subject key identifier: 86:60:F8:A0:31:39:6A:F4:7D:A6:C7:EB:C1:DD:9C:82:D1:23:01:78
Certificate issuer: /CN=24350aa8a94af666099fd073ec621cd15d04b316
Certificate serial: 2892E218
Authority key identifier: 24:35:0A:A8:A9:4A:F6:66:09:9F:D0:73:EC:62:1C:D1:5D:04:B3:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JDUKqKlK9mYJn9Bz7GIc0V0EsxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/ab62e7-7367-4bde-934a-b42522d05895/1/hmD4oDE5avR9psfrwd2cgtEjAXg.roa
Signing time: Sat 01 Jan 2022 02:01:34 +0000
ROA not before: Sat 01 Jan 2022 02:01:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5603
IP address blocks: 193.77.0.0/18 maxlen: 18
193.77.0.0/16 maxlen: 16
188.198.0.0/16 maxlen: 16
188.198.0.0/15 maxlen: 15
193.77.64.0/18 maxlen: 18
193.138.9.0/24 maxlen: 24
212.30.64.0/20 maxlen: 20
212.30.64.0/19 maxlen: 19
195.210.192.0/20 maxlen: 20
195.210.192.0/18 maxlen: 18
149.126.144.0/20 maxlen: 20
89.143.128.0/18 maxlen: 18
89.143.64.0/18 maxlen: 18
185.59.24.0/22 maxlen: 22
185.59.24.0/23 maxlen: 23
185.59.26.0/23 maxlen: 23
149.126.128.0/20 maxlen: 20
149.126.128.0/19 maxlen: 19
89.143.192.0/18 maxlen: 18
193.189.176.0/20 maxlen: 20
178.58.128.0/17 maxlen: 17
213.250.32.0/19 maxlen: 19
193.189.160.0/19 maxlen: 19
193.189.160.0/20 maxlen: 20
89.142.128.0/18 maxlen: 18
195.250.192.0/21 maxlen: 21
195.250.192.0/20 maxlen: 20
89.143.0.0/18 maxlen: 18
195.250.200.0/21 maxlen: 21
195.250.212.0/22 maxlen: 22
193.95.224.0/19 maxlen: 19
89.143.0.0/16 maxlen: 16
195.250.208.0/21 maxlen: 21
95.176.192.0/18 maxlen: 18
188.197.0.0/16 maxlen: 16
89.142.192.0/18 maxlen: 18
95.176.128.0/17 maxlen: 17
95.176.128.0/18 maxlen: 18
95.159.192.0/20 maxlen: 20
193.95.192.0/19 maxlen: 19
95.159.192.0/18 maxlen: 18
193.95.192.0/18 maxlen: 18
91.195.146.0/23 maxlen: 23
193.77.192.0/18 maxlen: 18
188.199.0.0/16 maxlen: 16
194.165.96.0/19 maxlen: 19
194.165.96.0/20 maxlen: 20
86.61.0.0/17 maxlen: 17
86.61.0.0/18 maxlen: 18
212.30.80.0/20 maxlen: 20
193.77.128.0/18 maxlen: 18
109.182.0.0/17 maxlen: 17
109.182.0.0/16 maxlen: 16
86.61.64.0/18 maxlen: 18
188.196.0.0/16 maxlen: 16
188.196.0.0/15 maxlen: 15
213.229.192.0/20 maxlen: 20
213.229.192.0/19 maxlen: 19
213.229.192.0/18 maxlen: 18
213.250.0.0/18 maxlen: 18
213.250.0.0/19 maxlen: 19
188.196.0.0/14 maxlen: 14
195.88.82.0/23 maxlen: 23
178.58.0.0/17 maxlen: 17
178.58.0.0/16 maxlen: 16
89.142.64.0/18 maxlen: 18
213.229.224.0/19 maxlen: 19
89.142.0.0/18 maxlen: 18
89.142.0.0/16 maxlen: 16
185.57.226.0/23 maxlen: 23
109.182.128.0/17 maxlen: 17
2a00:ee5::/32 maxlen: 32
2a00:ee4::/32 maxlen: 32
2a00:ee7::/32 maxlen: 32
2a00:ee0::/29 maxlen: 29
2a00:ee3::/32 maxlen: 32
2a00:ee0::/32 maxlen: 32
2a00:ee6::/32 maxlen: 32
2a02:e20::/29 maxlen: 29
2a00:ee1::/32 maxlen: 32
2a00:ee2::/32 maxlen: 32
2a02:e20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 680714776 (0x2892e218)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24350aa8a94af666099fd073ec621cd15d04b316
Validity
Not Before: Jan 1 02:01:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8660f8a031396af47da6c7ebc1dd9c82d1230178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:1e:2f:3b:3f:10:c4:13:5c:78:6b:39:d7:d5:
74:12:8f:b2:84:9a:1c:c1:2b:7c:0b:41:2b:0f:10:
3c:55:0f:31:36:2a:ea:4c:ac:e3:ed:a1:cb:13:28:
ef:1f:9d:4b:b1:c1:86:2f:83:54:67:58:fa:7c:34:
f7:83:13:01:53:a9:10:11:e3:22:39:83:7c:e5:f6:
f7:0d:43:4a:57:4d:09:ec:e8:33:0b:4b:6b:8d:88:
7b:b3:d5:a9:cd:7b:5b:1a:d5:d3:f1:c5:c6:7c:34:
c1:5f:39:8e:6b:e8:43:c0:a6:08:96:3d:61:d5:93:
f0:65:bb:84:53:ef:b6:02:21:9f:12:d9:27:b5:24:
c0:9b:01:f8:a5:78:5d:d4:ed:c2:6c:9a:cc:7b:7c:
2f:cd:9d:1e:cd:91:45:28:8f:1a:73:d2:ac:1e:02:
61:bc:cb:0a:40:ec:b1:b8:9f:77:6c:43:f9:67:a2:
b9:46:da:38:18:ec:75:50:f9:b0:7e:c2:67:6c:e2:
ce:ed:d7:3e:65:c1:54:d9:9b:f0:7a:9e:b7:0e:e9:
db:8a:2b:02:20:c4:15:7a:58:8f:77:af:6f:8d:bc:
fa:83:30:aa:59:e4:a1:b7:3f:da:a8:4a:50:52:7a:
26:55:db:d5:42:cb:a0:c5:ab:84:2e:4a:62:57:25:
c5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:60:F8:A0:31:39:6A:F4:7D:A6:C7:EB:C1:DD:9C:82:D1:23:01:78
X509v3 Authority Key Identifier:
keyid:24:35:0A:A8:A9:4A:F6:66:09:9F:D0:73:EC:62:1C:D1:5D:04:B3:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JDUKqKlK9mYJn9Bz7GIc0V0EsxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/ab62e7-7367-4bde-934a-b42522d05895/1/hmD4oDE5avR9psfrwd2cgtEjAXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/ab62e7-7367-4bde-934a-b42522d05895/1/JDUKqKlK9mYJn9Bz7GIc0V0EsxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.61.0.0/17
89.142.0.0/15
91.195.146.0/23
95.159.192.0/18
95.176.128.0/17
109.182.0.0/16
149.126.128.0/19
178.58.0.0/16
185.57.226.0/23
185.59.24.0/22
188.196.0.0/14
193.77.0.0/16
193.95.192.0/18
193.138.9.0/24
193.189.160.0/19
194.165.96.0/19
195.88.82.0/23
195.210.192.0/18
195.250.192.0-195.250.215.255
212.30.64.0/19
213.229.192.0/18
213.250.0.0/18
IPv6:
2a00:ee0::/29
2a02:e20::/29
Signature Algorithm: sha256WithRSAEncryption
05:57:90:03:72:18:4e:75:30:6c:91:ba:5d:32:80:74:34:24:
e1:cf:73:f5:cd:65:ac:62:c1:8f:37:c3:49:c9:61:6c:14:19:
40:22:2b:34:cd:f7:c3:b6:13:e6:69:5c:2b:e3:d9:0f:5a:30:
cb:65:a7:46:aa:54:64:15:b5:da:69:1d:b6:f9:a0:fa:4a:59:
00:5b:6f:9b:8c:ee:0b:5c:ef:0f:47:cc:26:1e:e3:3a:13:61:
df:2f:c1:de:20:47:99:fd:88:38:2e:a8:cd:2d:58:04:ba:ef:
5e:c0:9d:8e:22:31:24:6b:3d:62:80:dc:a1:ac:49:9e:29:87:
c5:5b:c5:69:a7:ae:7f:10:16:13:73:39:68:06:1c:23:69:34:
e1:0e:34:1a:a1:b8:80:b1:a4:f3:18:de:ab:0d:f3:61:9d:05:
bc:35:68:f9:bb:8b:87:05:13:ff:fa:6d:20:cd:7f:c6:85:c9:
c2:00:00:f3:a4:b6:79:80:de:33:7d:6b:c3:07:19:3c:26:80:
58:81:e6:83:c2:a9:b0:40:fa:f3:10:b3:22:33:b3:05:c1:29:
6b:2e:e0:7c:8c:e6:d0:dd:61:a7:12:3e:c6:13:41:d6:f0:89:
6f:66:2c:df:81:1c:9c:7b:8e:5c:6e:c4:aa:af:2b:5c:3f:92:
f2:73:3d:23
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgIEKJLiGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NDM1MGFhOGE5NGFmNjY2MDk5ZmQwNzNlYzYyMWNkMTVkMDRiMzE2MB4XDTIyMDEw
MTAyMDEzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODY2MGY4YTAzMTM5
NmFmNDdkYTZjN2ViYzFkZDljODJkMTIzMDE3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANAeLzs/EMQTXHhrOdfVdBKPsoSaHMErfAtBKw8QPFUPMTYq
6kys4+2hyxMo7x+dS7HBhi+DVGdY+nw094MTAVOpEBHjIjmDfOX29w1DSldNCezo
MwtLa42Ie7PVqc17WxrV0/HFxnw0wV85jmvoQ8CmCJY9YdWT8GW7hFPvtgIhnxLZ
J7UkwJsB+KV4XdTtwmyazHt8L82dHs2RRSiPGnPSrB4CYbzLCkDssbifd2xD+Wei
uUbaOBjsdVD5sH7CZ2zizu3XPmXBVNmb8Hqetw7p24orAiDEFXpYj3evb428+oMw
qlnkobc/2qhKUFJ6JlXb1ULLoMWrhC5KYlclxQMCAwEAAaOCAqUwggKhMB0GA1Ud
DgQWBBSGYPigMTlq9H2mx+vB3ZyC0SMBeDAfBgNVHSMEGDAWgBQkNQqoqUr2Zgmf
0HPsYhzRXQSzFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pEVUtxS2xLOW1ZSm45Qno3R0ljMFYwRXN4WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvYWI2MmU3LTczNjctNGJkZS05MzRhLWI0MjUyMmQwNTg5NS8x
L2htRDRvREU1YXZSOXBzZnJ3ZDJjZ3RFakFYZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
YWI2MmU3LTczNjctNGJkZS05MzRhLWI0MjUyMmQwNTg5NS8xL0pEVUtxS2xLOW1Z
Sm45Qno3R0ljMFYwRXN4WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
ugYIKwYBBQUHAQcBAf8EgaowgacwgY4EAgABMIGHAwQHVj0AAwMBWY4DBAFbw5ID
BAZfn8ADBAdfsIADAwBttgMEBZV+gAMDALI6AwQBuTniAwQCuTsYAwMCvMQDAwDB
TQMEBsFfwAMEAMGKCQMEBcG9oAMEBcKlYAMEAcNYUgMEBsPSwDAMAwQGw/rAAwQD
w/rQAwQF1B5AAwQG1eXAAwQG1foAMBQEAgACMA4DBQMqAA7gAwUDKgIOIDANBgkq
hkiG9w0BAQsFAAOCAQEABVeQA3IYTnUwbJG6XTKAdDQk4c9z9c1lrGLBjzfDSclh
bBQZQCIrNM33w7YT5mlcK+PZD1owy2WnRqpUZBW12mkdtvmg+kpZAFtvm4zuC1zv
D0fMJh7jOhNh3y/B3iBHmf2IOC6ozS1YBLrvXsCdjiIxJGs9YoDcoaxJnimHxVvF
aaeufxAWE3M5aAYcI2k04Q40GqG4gLGk8xjeqw3zYZ0FvDVo+buLhwUT//ptIM1/
xoXJwgAA86S2eYDeM31rwwcZPCaAWIHmg8KpsED68xCzIjOzBcEpay7gfIzm0N1h
pxI+xhNB1vCJb2Ys34EcnHuOXG7Eqq8rXD+S8nM9Iw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:13 2024 by rpki-client on console-ams.rpki-client.org