Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/_DOEnOLUkC2mgg7YL-xK53kQlPU.roa
File: _DOEnOLUkC2mgg7YL-xK53kQlPU.roa (raw, json)
Hash identifier: kSbCy4hDDmYm9Xq3QChswcf2Do+qzmzd4e2LOw8RwvE=
Subject key identifier: FC:33:84:9C:E2:D4:90:2D:A6:82:0E:D8:2F:EC:4A:E7:79:10:94:F5
Certificate issuer: /CN=e833461e9d2bdafcc29ad9189fb0acf1f33960a9
Certificate serial: 056F053F
Authority key identifier: E8:33:46:1E:9D:2B:DA:FC:C2:9A:D9:18:9F:B0:AC:F1:F3:39:60:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/_DOEnOLUkC2mgg7YL-xK53kQlPU.roa
Signing time: Sat 01 Jan 2022 05:56:36 +0000
ROA not before: Sat 01 Jan 2022 05:56:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205275
IP address blocks: 89.33.24.0/24 maxlen: 24
188.215.2.0/24 maxlen: 24
89.33.27.0/24 maxlen: 24
89.33.25.0/24 maxlen: 24
89.33.26.0/24 maxlen: 24
89.33.44.0/24 maxlen: 24
89.39.246.0/24 maxlen: 24
188.214.210.0/24 maxlen: 24
188.214.211.0/24 maxlen: 24
188.214.215.0/24 maxlen: 24
86.107.23.0/24 maxlen: 24
89.40.72.0/24 maxlen: 24
86.107.169.0/24 maxlen: 24
86.104.13.0/24 maxlen: 24
85.204.19.0/24 maxlen: 24
86.106.30.0/24 maxlen: 24
188.241.142.0/24 maxlen: 24
188.241.152.0/24 maxlen: 24
89.42.219.0/24 maxlen: 24
89.42.217.0/24 maxlen: 24
89.42.218.0/24 maxlen: 24
89.42.216.0/24 maxlen: 24
89.42.221.0/24 maxlen: 24
89.42.222.0/24 maxlen: 24
89.42.220.0/24 maxlen: 24
89.42.223.0/24 maxlen: 24
89.39.83.0/24 maxlen: 24
188.240.20.0/24 maxlen: 24
188.240.21.0/24 maxlen: 24
188.240.22.0/24 maxlen: 24
188.240.23.0/24 maxlen: 24
188.209.214.0/24 maxlen: 24
89.45.83.0/24 maxlen: 24
188.213.205.0/24 maxlen: 24
89.45.15.0/24 maxlen: 24
86.105.214.0/24 maxlen: 24
89.47.53.0/24 maxlen: 24
89.34.92.0/24 maxlen: 24
93.115.53.0/24 maxlen: 24
89.41.37.0/24 maxlen: 24
89.41.38.0/24 maxlen: 24
89.41.36.0/24 maxlen: 24
89.41.39.0/24 maxlen: 24
89.44.137.0/24 maxlen: 24
89.37.213.0/24 maxlen: 24
89.47.240.0/24 maxlen: 24
89.37.212.0/24 maxlen: 24
89.47.241.0/24 maxlen: 24
89.37.214.0/24 maxlen: 24
89.47.242.0/24 maxlen: 24
89.37.215.0/24 maxlen: 24
89.47.243.0/24 maxlen: 24
185.162.64.0/24 maxlen: 24
185.162.65.0/24 maxlen: 24
185.162.66.0/24 maxlen: 24
185.162.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91161919 (0x56f053f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e833461e9d2bdafcc29ad9189fb0acf1f33960a9
Validity
Not Before: Jan 1 05:56:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc33849ce2d4902da6820ed82fec4ae7791094f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ca:7c:5c:11:99:74:ca:fe:c6:92:7a:ca:e8:
a6:ad:3b:1f:57:a5:c3:4b:3e:7e:04:12:62:20:7d:
0e:77:9e:42:9b:38:62:b2:db:67:f7:0a:21:8b:aa:
d6:de:44:3d:1b:f9:13:19:b2:3d:8f:be:5b:b4:65:
4f:69:ab:85:99:0e:1a:2d:7d:f5:bd:ae:dd:6e:98:
0b:76:72:f9:29:2f:b9:0d:7e:6c:31:22:6a:bc:5a:
e5:80:38:6c:9a:9d:e8:b8:a5:ab:70:33:25:bd:38:
36:6f:82:10:df:02:cf:be:a5:54:2b:99:86:98:ba:
89:5b:29:64:e7:e8:56:51:ef:63:6c:86:00:8c:20:
c7:a7:b0:f7:12:c9:2c:22:46:5a:cd:76:c7:93:f2:
cc:6c:14:c2:3f:73:ea:e6:39:6e:f9:76:12:8f:12:
6d:bf:07:84:3f:3b:ba:e9:a2:17:4b:21:f7:a2:75:
59:aa:31:16:72:99:32:ac:f6:08:c4:d4:01:43:b8:
f4:b2:16:a3:c6:17:d3:0c:99:74:21:4c:24:b4:4b:
b3:a0:a8:4a:ad:96:1e:ee:63:97:2b:eb:be:05:7f:
bc:e1:bb:78:04:b5:33:0c:41:e9:b4:5b:99:59:56:
f4:d3:e3:21:47:3b:e8:13:5e:59:f5:4a:86:8d:37:
12:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:33:84:9C:E2:D4:90:2D:A6:82:0E:D8:2F:EC:4A:E7:79:10:94:F5
X509v3 Authority Key Identifier:
keyid:E8:33:46:1E:9D:2B:DA:FC:C2:9A:D9:18:9F:B0:AC:F1:F3:39:60:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/_DOEnOLUkC2mgg7YL-xK53kQlPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/671194-51c8-4bcf-bd83-aefe8d178e6a/1/6DNGHp0r2vzCmtkYn7Cs8fM5YKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.19.0/24
86.104.13.0/24
86.105.214.0/24
86.106.30.0/24
86.107.23.0/24
86.107.169.0/24
89.33.24.0/22
89.33.44.0/24
89.34.92.0/24
89.37.212.0/22
89.39.83.0/24
89.39.246.0/24
89.40.72.0/24
89.41.36.0/22
89.42.216.0/21
89.44.137.0/24
89.45.15.0/24
89.45.83.0/24
89.47.53.0/24
89.47.240.0/22
93.115.53.0/24
185.162.64.0/22
188.209.214.0/24
188.213.205.0/24
188.214.210.0/23
188.214.215.0/24
188.215.2.0/24
188.240.20.0/22
188.241.142.0/24
188.241.152.0/24
Signature Algorithm: sha256WithRSAEncryption
71:94:5a:f2:73:d5:74:a8:b0:c3:62:bd:d3:89:86:17:a7:9a:
22:2e:b5:51:c4:a1:9b:d5:c4:7c:65:3c:65:2c:a8:34:fd:38:
45:b9:3f:fc:d9:a2:35:94:97:04:04:07:d4:d5:9e:89:34:1c:
3f:c5:b4:bf:ce:e5:d3:ea:db:c4:ad:d9:58:f1:bf:d9:d5:be:
44:7d:30:62:a6:8c:5b:ed:7e:b2:7b:c6:38:0e:ea:c8:49:51:
57:53:56:0f:d7:2c:42:c2:dc:87:ce:f4:e8:79:de:e0:71:d5:
35:f6:68:e5:1b:23:71:8b:3e:e1:fc:d8:55:78:9f:66:e9:1c:
c3:f4:d4:5a:76:e5:26:8a:96:dd:33:2b:1f:f6:ae:f5:e8:ab:
cb:40:c2:83:45:5d:50:68:cb:ef:0e:bf:79:7c:b7:a5:7d:fa:
3d:fe:27:3f:7f:d8:eb:cf:f9:59:bb:34:89:a2:31:88:af:b6:
78:34:38:84:ab:29:f1:77:8c:e3:01:4b:2f:b2:e6:1b:3e:c3:
8a:db:27:74:7e:53:fe:d2:ab:b8:78:91:bc:69:1a:bb:ad:1d:
ab:b3:ef:22:de:a9:cb:c5:a3:61:06:b3:b9:5e:80:5d:55:68:
eb:54:47:3f:42:32:89:2d:ea:f7:12:c8:7e:f2:52:8b:b7:7e:
e8:fa:7a:59
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgIEBW8FPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODMzNDYxZTlkMmJkYWZjYzI5YWQ5MTg5ZmIwYWNmMWYzMzk2MGE5MB4XDTIyMDEw
MTA1NTYzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmMzMzg0OWNlMmQ0
OTAyZGE2ODIwZWQ4MmZlYzRhZTc3OTEwOTRmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN3KfFwRmXTK/saSesropq07H1elw0s+fgQSYiB9DneeQps4
YrLbZ/cKIYuq1t5EPRv5ExmyPY++W7RlT2mrhZkOGi199b2u3W6YC3Zy+SkvuQ1+
bDEiarxa5YA4bJqd6Lilq3AzJb04Nm+CEN8Cz76lVCuZhpi6iVspZOfoVlHvY2yG
AIwgx6ew9xLJLCJGWs12x5PyzGwUwj9z6uY5bvl2Eo8Sbb8HhD87uumiF0sh96J1
WaoxFnKZMqz2CMTUAUO49LIWo8YX0wyZdCFMJLRLs6CoSq2WHu5jlyvrvgV/vOG7
eAS1MwxB6bRbmVlW9NPjIUc76BNeWfVKho03EgECAwEAAaOCArwwggK4MB0GA1Ud
DgQWBBT8M4Sc4tSQLaaCDtgv7ErneRCU9TAfBgNVHSMEGDAWgBToM0YenSva/MKa
2RifsKzx8zlgqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZETkdIcDByMnZ6Q210a1luN0NzOGZNNVlLay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvNjcxMTk0LTUxYzgtNGJjZi1iZDgzLWFlZmU4ZDE3OGU2YS8x
L19ET0VuT0xVa0MybWdnN1lMLXhLNTNrUWxQVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
NjcxMTk0LTUxYzgtNGJjZi1iZDgzLWFlZmU4ZDE3OGU2YS8xLzZETkdIcDByMnZ6
Q210a1luN0NzOGZNNVlLay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
0QYIKwYBBQUHAQcBAf8EgcEwgb4wgbsEAgABMIG0AwQAVcwTAwQAVmgNAwQAVmnW
AwQAVmoeAwQAVmsXAwQAVmupAwQCWSEYAwQAWSEsAwQAWSJcAwQCWSXUAwQAWSdT
AwQAWSf2AwQAWShIAwQCWSkkAwQDWSrYAwQAWSyJAwQAWS0PAwQAWS1TAwQAWS81
AwQCWS/wAwQAXXM1AwQCuaJAAwQAvNHWAwQAvNXNAwQBvNbSAwQAvNbXAwQAvNcC
AwQCvPAUAwQAvPGOAwQAvPGYMA0GCSqGSIb3DQEBCwUAA4IBAQBxlFryc9V0qLDD
Yr3TiYYXp5oiLrVRxKGb1cR8ZTxlLKg0/ThFuT/82aI1lJcEBAfU1Z6JNBw/xbS/
zuXT6tvErdlY8b/Z1b5EfTBipoxb7X6ye8Y4DurISVFXU1YP1yxCwtyHzvToed7g
cdU19mjlGyNxiz7h/NhVeJ9m6RzD9NRaduUmipbdMysf9q716KvLQMKDRV1QaMvv
Dr95fLelffo9/ic/f9jrz/lZuzSJojGIr7Z4NDiEqynxd4zjAUsvsuYbPsOK2yd0
flP+0qu4eJG8aRq7rR2rs+8i3qnLxaNhBrO5XoBdVWjrVEc/QjKJLer3Esh+8lKL
t37o+npZ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:38:30 2025 by rpki-client