Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/AafQdTEbatrRY7L3jKt04EeawRY.roa
File: AafQdTEbatrRY7L3jKt04EeawRY.roa (raw, json)
Hash identifier: c5uftz861iL8MZ6Emov4M3I1c8Mi5S9CgZ0fHZNuHBA=
Subject key identifier: 01:A7:D0:75:31:1B:6A:DA:D1:63:B2:F7:8C:AB:74:E0:47:9A:C1:16
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01849EBFBC4609DC1C8B059D39E5938DDB1A
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/AafQdTEbatrRY7L3jKt04EeawRY.roa
Signing time: Tue 22 Nov 2022 09:51:16 +0000
ROA not before: Tue 22 Nov 2022 09:51:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200845
IP address blocks: 185.134.40.0/22 maxlen: 24
188.208.21.0/24 maxlen: 24
188.208.20.0/22 maxlen: 24
193.32.236.0/22 maxlen: 24
185.94.48.0/22 maxlen: 24
185.93.232.0/22 maxlen: 24
93.92.224.0/22 maxlen: 24
188.241.96.0/21 maxlen: 24
185.234.184.0/24 maxlen: 24
185.234.186.0/23 maxlen: 23
185.234.185.0/24 maxlen: 24
185.44.233.0/24 maxlen: 24
185.44.234.0/23 maxlen: 24
185.51.108.0/22 maxlen: 24
86.105.234.0/24 maxlen: 24
212.104.160.0/19 maxlen: 24
5.226.16.0/20 maxlen: 24
85.117.245.0/24 maxlen: 24
85.117.244.0/22 maxlen: 24
193.91.0.0/24 maxlen: 24
193.91.10.0/24 maxlen: 24
185.43.252.0/22 maxlen: 24
88.98.98.0/24 maxlen: 24
88.98.96.0/20 maxlen: 24
88.98.96.0/23 maxlen: 23
88.98.104.0/23 maxlen: 24
88.98.100.0/22 maxlen: 24
88.98.99.0/24 maxlen: 24
88.98.111.0/24 maxlen: 24
88.98.110.0/24 maxlen: 24
88.98.108.0/23 maxlen: 24
88.98.108.0/22 maxlen: 24
88.98.106.0/23 maxlen: 24
88.98.112.0/20 maxlen: 24
141.98.52.0/22 maxlen: 24
212.63.118.0/24 maxlen: 24
212.63.117.0/24 maxlen: 24
212.63.116.0/24 maxlen: 24
212.63.116.0/22 maxlen: 24
212.63.121.0/24 maxlen: 24
212.63.119.0/24 maxlen: 24
212.63.123.0/24 maxlen: 24
212.63.122.0/24 maxlen: 24
185.83.104.0/22 maxlen: 24
45.144.12.0/22 maxlen: 24
45.90.52.0/22 maxlen: 24
91.245.200.0/21 maxlen: 24
185.131.13.0/24 maxlen: 24
185.131.12.0/22 maxlen: 24
85.217.132.0/24 maxlen: 24
85.217.129.0/24 maxlen: 24
85.217.139.0/24 maxlen: 24
85.217.138.0/24 maxlen: 24
85.217.137.0/24 maxlen: 24
85.217.136.0/24 maxlen: 24
85.217.135.0/24 maxlen: 24
85.217.134.0/24 maxlen: 24
85.217.133.0/24 maxlen: 24
85.217.141.0/24 maxlen: 24
85.217.143.0/24 maxlen: 24
85.217.142.0/24 maxlen: 24
85.217.152.0/24 maxlen: 24
85.217.151.0/24 maxlen: 24
85.217.150.0/24 maxlen: 24
85.217.147.0/24 maxlen: 24
85.217.146.0/24 maxlen: 24
85.217.155.0/24 maxlen: 24
85.217.154.0/24 maxlen: 24
85.217.153.0/24 maxlen: 24
85.217.159.0/24 maxlen: 24
85.217.158.0/24 maxlen: 24
85.217.157.0/24 maxlen: 24
85.217.156.0/24 maxlen: 24
185.130.24.0/23 maxlen: 24
194.49.0.0/22 maxlen: 24
185.130.26.0/23 maxlen: 24
45.157.56.0/22 maxlen: 24
185.176.84.0/22 maxlen: 24
185.210.16.0/22 maxlen: 24
79.142.184.0/22 maxlen: 24
185.162.172.0/23 maxlen: 24
185.162.175.0/24 maxlen: 24
185.162.174.0/24 maxlen: 24
195.82.105.0/24 maxlen: 24
195.82.104.0/24 maxlen: 24
195.82.106.0/24 maxlen: 24
195.82.124.0/24 maxlen: 24
185.216.216.0/22 maxlen: 22
185.216.218.0/23 maxlen: 23
185.216.217.0/24 maxlen: 24
139.28.76.0/22 maxlen: 22
185.196.203.0/24 maxlen: 24
185.196.202.0/24 maxlen: 24
185.196.200.0/23 maxlen: 24
91.242.144.0/22 maxlen: 24
185.202.188.0/22 maxlen: 24
2a06:8840::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9e:bf:bc:46:09:dc:1c:8b:05:9d:39:e5:93:8d:db:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Nov 22 09:51:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=01a7d075311b6adad163b2f78cab74e0479ac116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:55:01:16:2e:a9:7a:d5:20:d9:69:0f:2f:d8:
4b:43:ad:8b:ea:c1:be:29:63:03:63:5f:a8:27:86:
8d:bc:4e:68:a0:73:29:da:e4:12:67:6a:e9:3e:61:
7a:3c:0d:fa:d1:f8:ca:92:bd:55:58:72:d8:3e:b8:
6a:2d:e3:80:d8:d2:9c:b7:48:ab:5f:34:e7:59:17:
b2:f0:e1:1b:1a:85:a8:00:70:d8:cf:53:ae:40:a4:
0f:8f:18:6a:6d:ec:f8:d4:0d:67:79:3b:32:57:66:
47:a2:da:4c:1f:9f:a1:97:4b:c2:e0:83:e4:a1:a0:
8d:e5:cb:19:82:d7:9a:74:d1:c6:f7:a1:1f:c6:b1:
d7:fb:b2:b0:95:d5:9b:db:51:3f:1a:45:e0:f7:0f:
22:dc:95:4c:3f:90:9e:83:d9:0d:67:14:1e:c5:d0:
12:2d:b3:a3:0c:62:ac:9c:6c:be:bf:53:da:bc:08:
ba:f5:02:13:e4:e7:5b:c7:63:3b:63:12:9e:9f:75:
04:b8:82:e6:70:62:dc:4b:2b:d6:0d:76:69:54:b2:
fb:4b:e5:07:78:4f:98:f5:4b:aa:6d:94:87:38:91:
91:85:0d:e3:82:ca:58:4c:ce:86:15:e6:36:94:48:
54:8f:e5:83:b2:c1:c5:3f:9a:1b:92:0d:e8:65:ce:
68:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A7:D0:75:31:1B:6A:DA:D1:63:B2:F7:8C:AB:74:E0:47:9A:C1:16
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/AafQdTEbatrRY7L3jKt04EeawRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.16.0/20
45.90.52.0/22
45.144.12.0/22
45.157.56.0/22
79.142.184.0/22
85.117.244.0/22
85.217.129.0/24
85.217.132.0-85.217.139.255
85.217.141.0-85.217.143.255
85.217.146.0/23
85.217.150.0-85.217.159.255
86.105.234.0/24
88.98.96.0/19
91.242.144.0/22
91.245.200.0/21
93.92.224.0/22
139.28.76.0/22
141.98.52.0/22
185.43.252.0/22
185.44.233.0-185.44.235.255
185.51.108.0/22
185.83.104.0/22
185.93.232.0/22
185.94.48.0/22
185.130.24.0/22
185.131.12.0/22
185.134.40.0/22
185.162.172.0/22
185.176.84.0/22
185.196.200.0/22
185.202.188.0/22
185.210.16.0/22
185.216.216.0/22
185.234.184.0/22
188.208.20.0/22
188.241.96.0/21
193.32.236.0/22
193.91.0.0/24
193.91.10.0/24
194.49.0.0/22
195.82.104.0-195.82.106.255
195.82.124.0/24
212.63.116.0/22
212.63.121.0-212.63.123.255
212.104.160.0/19
IPv6:
2a06:8840::/29
Signature Algorithm: sha256WithRSAEncryption
95:71:a1:3c:c5:c6:a4:84:f1:4e:a1:21:7f:a4:4e:94:1b:b5:
60:84:5f:b5:db:a3:16:c0:b4:0a:57:55:86:1d:e5:77:01:c0:
d4:23:b2:76:1b:03:0e:87:6f:e8:e5:36:7c:6d:48:ee:43:a1:
f0:3d:84:e6:79:8b:24:80:0a:11:e8:6e:ee:d4:0a:a6:4e:4e:
ac:9c:34:69:1f:8b:ca:07:2c:2b:df:e3:3b:11:67:fd:6e:69:
74:fa:16:d1:38:b3:32:2d:95:76:b7:a1:aa:73:dd:a0:d2:19:
7e:bc:20:76:b9:99:0e:6a:65:9f:68:9e:52:9e:ca:76:45:cd:
a7:bc:c0:96:20:af:75:5a:68:d2:4c:4f:1e:79:3c:87:9e:75:
fc:68:0e:6c:54:c1:3a:40:c2:d3:78:2c:af:1f:d8:00:4a:94:
96:c9:42:9b:bc:5b:8b:24:cd:b4:24:70:53:92:46:6d:b6:f8:
c8:13:3c:45:7e:08:bc:ea:e5:72:2e:4e:c2:e3:71:b6:c0:f4:
0c:00:cd:11:6d:cd:c5:10:9d:5e:cc:86:37:22:48:bf:51:04:
f6:4a:bf:06:84:b6:3d:67:a3:7e:0f:88:f4:e1:83:c2:c4:56:
64:29:60:ec:33:a9:87:72:c9:1c:84:c5:03:00:f2:30:5d:71:
d9:8c:31:72
-----BEGIN CERTIFICATE-----
MIIGTjCCBTagAwIBAgISAYSev7xGCdwciwWdOeWTjdsaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMTIyMDk1MTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWE3ZDA3NTMxMWI2YWRhZDE2M2IyZjc4Y2FiNzRlMDQ3OWFjMTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFUBFi6petUg2WkPL9hLQ62L6sG+
KWMDY1+oJ4aNvE5ooHMp2uQSZ2rpPmF6PA360fjKkr1VWHLYPrhqLeOA2NKct0ir
XzTnWRey8OEbGoWoAHDYz1OuQKQPjxhqbez41A1neTsyV2ZHotpMH5+hl0vC4IPk
oaCN5csZgteadNHG96EfxrHX+7KwldWb21E/GkXg9w8i3JVMP5Ceg9kNZxQexdAS
LbOjDGKsnGy+v1PavAi69QIT5Odbx2M7YxKen3UEuILmcGLcSyvWDXZpVLL7S+UH
eE+Y9UuqbZSHOJGRhQ3jgspYTM6GFeY2lEhUj+WDssHFP5obkg3oZc5ofwIDAQAB
o4IDWjCCA1YwHQYDVR0OBBYEFAGn0HUxG2ra0WOy94yrdOBHmsEWMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvQWFmUWRURWJhdHJSWTdMM2pLdDA0RWVhd1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbgYIKwYBBQUHAQcBAf8EggFdMIIBWTCCAUYEAgABMIIB
PgMEBAXiEAMEAi1aNAMEAi2QDAMEAi2dOAMEAk+OuAMEAlV19AMEAFXZgTAMAwQC
VdmEAwQCVdmIMAwDBABV2Y0DBARV2YADBAFV2ZIwDAMEAVXZlgMEBVXZgAMEAFZp
6gMEBVhiYAMEAlvykAMEA1v1yAMEAl1c4AMEAoscTAMEAo1iNAMEArkr/DAMAwQA
uSzpAwQCuSzoAwQCuTNsAwQCuVNoAwQCuV3oAwQCuV4wAwQCuYIYAwQCuYMMAwQC
uYYoAwQCuaKsAwQCubBUAwQCucTIAwQCucq8AwQCudIQAwQCudjYAwQCueq4AwQC
vNAUAwQDvPFgAwQCwSDsAwQAwVsAAwQAwVsKAwQCwjEAMAwDBAPDUmgDBADDUmoD
BADDUnwDBALUP3QwDAMEANQ/eQMEAtQ/eAMEBdRooDANBAIAAjAHAwUDKgaIQDAN
BgkqhkiG9w0BAQsFAAOCAQEAlXGhPMXGpITxTqEhf6ROlBu1YIRftdujFsC0CldV
hh3ldwHA1COydhsDDodv6OU2fG1I7kOh8D2E5nmLJIAKEehu7tQKpk5OrJw0aR+L
ygcsK9/jOxFn/W5pdPoW0TizMi2VdrehqnPdoNIZfrwgdrmZDmpln2ieUp7KdkXN
p7zAliCvdVpo0kxPHnk8h551/GgObFTBOkDC03gsrx/YAEqUlslCm7xbiyTNtCRw
U5JGbbb4yBM8RX4IvOrlci5OwuNxtsD0DADNEW3NxRCdXsyGNyJIv1EE9kq/BoS2
PWejfg+I9OGDwsRWZClg7DOph3LJHITFAwDyMF1x2Ywxcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org