Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/0Jrt8M08VEqTUp4rv4scb9mEPgw.roa
File: 0Jrt8M08VEqTUp4rv4scb9mEPgw.roa (raw, json)
Hash identifier: lf6vgpxLSnr/yiBSVMG4uEMwYzWsWpEQHPiaoRPRLHw=
Subject key identifier: D0:9A:ED:F0:CD:3C:54:4A:93:52:9E:2B:BF:8B:1C:6F:D9:84:3E:0C
Certificate issuer: /CN=bdd244214d76468d3fb72abad1892ef23dede978
Certificate serial: 33C3763C
Authority key identifier: BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/0Jrt8M08VEqTUp4rv4scb9mEPgw.roa
Signing time: Sat 01 Jan 2022 13:06:28 +0000
ROA not before: Sat 01 Jan 2022 13:06:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6830
IP address blocks: 84.20.32.0/21 maxlen: 21
84.20.32.0/20 maxlen: 20
84.74.0.0/15 maxlen: 15
84.20.40.0/21 maxlen: 21
84.20.48.0/21 maxlen: 21
84.20.48.0/22 maxlen: 22
217.168.32.0/20 maxlen: 20
217.168.32.0/19 maxlen: 19
217.168.48.0/20 maxlen: 20
46.140.0.0/17 maxlen: 17
46.140.0.0/16 maxlen: 16
62.2.0.0/17 maxlen: 17
62.2.0.0/16 maxlen: 16
194.29.0.0/20 maxlen: 20
194.29.0.0/19 maxlen: 19
46.140.128.0/17 maxlen: 17
46.127.0.0/16 maxlen: 16
80.218.0.0/16 maxlen: 16
80.218.0.0/15 maxlen: 15
62.2.128.0/17 maxlen: 17
194.29.16.0/20 maxlen: 20
77.56.0.0/15 maxlen: 15
178.83.0.0/16 maxlen: 16
77.56.0.0/14 maxlen: 14
81.7.224.0/19 maxlen: 19
81.7.224.0/20 maxlen: 20
178.82.0.0/16 maxlen: 16
178.82.0.0/15 maxlen: 15
81.7.240.0/20 maxlen: 20
213.193.64.0/19 maxlen: 19
213.193.64.0/18 maxlen: 18
84.72.0.0/15 maxlen: 15
84.72.0.0/14 maxlen: 14
213.193.96.0/19 maxlen: 19
46.126.0.0/16 maxlen: 16
46.126.0.0/15 maxlen: 15
217.162.0.0/17 maxlen: 17
217.162.0.0/16 maxlen: 16
31.10.128.0/17 maxlen: 17
31.10.128.0/18 maxlen: 18
84.20.52.0/22 maxlen: 22
80.219.0.0/16 maxlen: 16
195.202.192.0/19 maxlen: 19
31.10.192.0/18 maxlen: 18
195.202.192.0/18 maxlen: 18
195.202.224.0/19 maxlen: 19
77.58.0.0/15 maxlen: 15
217.162.128.0/17 maxlen: 17
212.47.160.0/19 maxlen: 19
212.47.160.0/20 maxlen: 20
212.47.176.0/20 maxlen: 20
2a02:aa00::/27 maxlen: 27
2a02:aa00::/28 maxlen: 28
2a00:e2c0::/32 maxlen: 32
2a00:e2c0::/33 maxlen: 33
2a00:e2c0:8000::/33 maxlen: 33
2a02:aa10::/28 maxlen: 28
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 868447804 (0x33c3763c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdd244214d76468d3fb72abad1892ef23dede978
Validity
Not Before: Jan 1 13:06:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d09aedf0cd3c544a93529e2bbf8b1c6fd9843e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0d:4a:d7:d3:4a:ea:e7:c1:dc:d4:d8:af:c7:
56:ab:05:1d:57:4d:91:c1:9f:d2:c7:ad:c5:32:7a:
e7:65:61:73:76:e3:bf:a3:e4:75:73:75:90:a7:04:
5d:49:4f:e2:9b:a6:8a:a0:ee:05:b0:cf:c9:e7:d4:
c5:d0:d1:df:e2:57:1a:33:ed:ae:45:aa:59:ad:e2:
fc:5b:62:a3:da:9c:b5:e7:e1:c1:8a:f7:5c:53:f3:
e6:59:1b:f4:92:06:d0:cd:c7:8f:9f:0f:c1:2b:5a:
fe:5b:33:dd:48:75:4d:b6:31:9f:76:41:34:65:14:
bd:c9:7d:db:92:46:90:a3:df:40:14:f8:bf:2b:c6:
fc:41:6b:54:ac:ee:ab:73:e8:1c:f9:7b:25:bc:f4:
ca:1f:e2:90:fe:8b:c7:b3:62:b2:4a:f1:54:cc:e6:
a1:a9:5e:a8:20:45:bc:85:97:a5:94:a7:ab:fb:1a:
70:3a:f3:91:6b:a7:1b:7c:92:c1:3d:c0:8e:56:ac:
1e:27:5f:7f:52:b9:32:98:d0:81:5c:53:0a:70:ec:
4a:6a:7a:e6:68:35:a9:37:1a:15:5a:58:31:59:23:
9b:93:eb:89:d0:2f:d7:78:eb:01:64:ba:2b:7e:41:
8a:5f:31:8d:0b:b2:07:17:69:c7:75:6b:20:f5:6c:
a4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:9A:ED:F0:CD:3C:54:4A:93:52:9E:2B:BF:8B:1C:6F:D9:84:3E:0C
X509v3 Authority Key Identifier:
keyid:BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/0Jrt8M08VEqTUp4rv4scb9mEPgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.128.0/17
46.126.0.0/15
46.140.0.0/16
62.2.0.0/16
77.56.0.0/14
80.218.0.0/15
81.7.224.0/19
84.20.32.0-84.20.55.255
84.72.0.0/14
178.82.0.0/15
194.29.0.0/19
195.202.192.0/18
212.47.160.0/19
213.193.64.0/18
217.162.0.0/16
217.168.32.0/19
IPv6:
2a00:e2c0::/32
2a02:aa00::/27
Signature Algorithm: sha256WithRSAEncryption
73:18:d0:f1:b3:55:aa:c0:fc:c7:c5:5c:b9:94:2a:95:36:db:
27:d3:cb:b4:82:71:16:fe:f2:78:e5:d3:f1:c3:d5:a1:54:5f:
73:46:40:c6:13:6d:cd:1a:01:ad:d4:ac:41:14:fa:da:d9:50:
cb:65:f6:ad:2b:b9:4b:47:cc:0b:6f:81:de:a6:53:e1:62:38:
92:33:b4:f6:e7:4b:0e:e9:a4:c2:5d:32:cd:b3:5b:50:24:f7:
64:d4:c2:0a:a5:0d:0c:e6:ad:9d:a9:8c:2b:ec:6b:cc:52:a0:
67:87:13:a2:20:b8:ca:3e:4a:23:5b:23:b5:e9:9b:86:3b:04:
ad:dc:53:72:13:56:a0:95:f7:91:38:9e:f0:00:16:21:33:62:
4a:9f:7c:2b:5c:33:1f:df:87:df:03:1a:ba:48:09:d6:b4:72:
49:da:41:ae:1f:d4:36:a7:13:57:5d:42:8f:6e:85:1e:4a:55:
5f:b1:2e:5b:40:63:01:fa:f4:7b:bd:f7:f8:85:d2:70:53:60:
73:98:25:b4:59:6a:fd:71:96:aa:a4:9b:ac:22:8b:fd:ee:7f:
7a:12:5e:50:6e:70:c8:62:ae:4c:11:46:a5:18:91:39:53:78:
99:7b:87:02:b8:4b:65:e7:b8:f2:fa:f3:4d:02:83:93:fb:6f:
f9:4d:ff:bd
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIEM8N2PDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZGQyNDQyMTRkNzY0NjhkM2ZiNzJhYmFkMTg5MmVmMjNkZWRlOTc4MB4XDTIyMDEw
MTEzMDYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDA5YWVkZjBjZDNj
NTQ0YTkzNTI5ZTJiYmY4YjFjNmZkOTg0M2UwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALgNStfTSurnwdzU2K/HVqsFHVdNkcGf0setxTJ652Vhc3bj
v6PkdXN1kKcEXUlP4pumiqDuBbDPyefUxdDR3+JXGjPtrkWqWa3i/Ftio9qctefh
wYr3XFPz5lkb9JIG0M3Hj58PwSta/lsz3Uh1TbYxn3ZBNGUUvcl925JGkKPfQBT4
vyvG/EFrVKzuq3PoHPl7Jbz0yh/ikP6Lx7NiskrxVMzmoaleqCBFvIWXpZSnq/sa
cDrzkWunG3ySwT3AjlasHidff1K5MpjQgVxTCnDsSmp65mg1qTcaFVpYMVkjm5Pr
idAv13jrAWS6K35Bil8xjQuyBxdpx3VrIPVspP8CAwEAAaOCAnswggJ3MB0GA1Ud
DgQWBBTQmu3wzTxUSpNSniu/ixxv2YQ+DDAfBgNVHSMEGDAWgBS90kQhTXZGjT+3
KrrRiS7yPe3peDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZkSkVJVTEyUm8wX3R5cTYwWWt1OGozdDZYZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvNzU2ZWVmLTY2MjktNDYzYS05OWZmLTQ2YTQzZWYwMjIxYi8x
LzBKcnQ4TTA4VkVxVFVwNHJ2NHNjYjltRVBndy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
NzU2ZWVmLTY2MjktNDYzYS05OWZmLTQ2YTQzZWYwMjIxYi8xL3ZkSkVJVTEyUm8w
X3R5cTYwWWt1OGozdDZYZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
kAYIKwYBBQUHAQcBAf8EgYAwfjBmBAIAATBgAwQHHwqAAwMBLn4DAwAujAMDAD4C
AwMCTTgDAwFQ2gMEBVEH4DAMAwQFVBQgAwQDVBQwAwMCVEgDAwGyUgMEBcIdAAME
BsPKwAMEBdQvoAMEBtXBQAMDANmiAwQF2aggMBQEAgACMA4DBQAqAOLAAwUFKgKq
ADANBgkqhkiG9w0BAQsFAAOCAQEAcxjQ8bNVqsD8x8VcuZQqlTbbJ9PLtIJxFv7y
eOXT8cPVoVRfc0ZAxhNtzRoBrdSsQRT62tlQy2X2rSu5S0fMC2+B3qZT4WI4kjO0
9udLDumkwl0yzbNbUCT3ZNTCCqUNDOatnamMK+xrzFKgZ4cToiC4yj5KI1sjtemb
hjsErdxTchNWoJX3kTie8AAWITNiSp98K1wzH9+H3wMaukgJ1rRySdpBrh/UNqcT
V11Cj26FHkpVX7EuW0BjAfr0e733+IXScFNgc5gltFlq/XGWqqSbrCKL/e5/ehJe
UG5wyGKuTBFGpRiROVN4mXuHArhLZee48vrzTQKDk/tv+U3/vQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:19 2024 by rpki-client on console-fra.rpki-client.org