Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/qI2xCsmfFS6RbPzflQwnwXK44Mw.roa
File: qI2xCsmfFS6RbPzflQwnwXK44Mw.roa (raw, json)
Hash identifier: LxW8kH+GuaZXuLEAAj0lDEOeLhqRNdZFvsesntPf7KY=
Subject key identifier: A8:8D:B1:0A:C9:9F:15:2E:91:6C:FC:DF:95:0C:27:C1:72:B8:E0:CC
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 061F8253
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/qI2xCsmfFS6RbPzflQwnwXK44Mw.roa
Signing time: Wed 02 Mar 2022 14:32:26 +0000
ROA not before: Wed 02 Mar 2022 14:32:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25211
IP address blocks: 94.26.79.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
91.92.41.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
91.92.47.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
93.152.212.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
94.26.76.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
78.159.156.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102728275 (0x61f8253)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Mar 2 14:32:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a88db10ac99f152e916cfcdf950c27c172b8e0cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:c9:10:8a:9e:f5:95:52:13:f3:c8:c3:d3:a0:
ee:ab:0e:4c:20:7e:2a:73:a5:d3:80:f6:25:47:c3:
ff:23:4f:2a:4e:0a:8d:2b:7d:f7:7f:a5:62:59:fb:
55:bc:03:03:8a:de:28:a7:0d:11:66:25:c8:7d:66:
fd:d8:ae:43:46:b2:18:e4:05:82:3e:d6:95:08:e1:
d5:50:d3:03:66:85:55:9f:81:93:e0:a8:27:64:e6:
11:0e:bf:4d:d4:39:cc:65:e0:8c:e6:73:ff:eb:aa:
54:b6:5e:96:e0:06:68:5a:69:4d:b1:99:18:a0:3b:
50:1e:67:b8:21:2b:1d:76:35:d5:7c:3d:00:4e:20:
1b:76:d7:bb:09:92:cf:4e:5e:e3:50:5d:7a:2d:d6:
e2:72:12:ea:05:44:7c:54:72:b4:48:e0:e9:bd:85:
a3:c1:72:24:ef:ba:c9:c3:23:ae:a0:b3:07:8a:f8:
e5:d0:c8:67:69:cc:e2:7f:05:ab:2a:30:b1:88:a5:
f0:b2:76:3d:e7:10:54:e6:9c:d3:b3:2f:0b:35:36:
d3:dc:8b:1e:02:99:28:34:54:d8:1f:df:23:d9:74:
df:6c:27:ee:bf:5b:6b:f0:91:9d:b5:61:82:66:a7:
ef:78:e4:24:36:d7:04:aa:24:96:60:2f:80:10:d0:
e6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:8D:B1:0A:C9:9F:15:2E:91:6C:FC:DF:95:0C:27:C1:72:B8:E0:CC
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/qI2xCsmfFS6RbPzflQwnwXK44Mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.128.0/23
78.159.131.0/24
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0-78.159.158.255
91.92.33.0/24
91.92.35.0/24
91.92.40.0/21
91.92.50.0-91.92.53.255
93.152.209.0/24
93.152.212.0-93.152.216.255
93.152.220.0/23
93.152.224.0-93.152.226.255
94.26.28.0/23
94.26.76.0/22
185.96.252.0/23
185.96.255.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
89:52:c7:ea:80:18:07:f6:0b:ee:6c:3e:6c:8b:eb:5a:a9:86:
24:3f:39:50:f4:4b:b4:bb:de:0d:2b:06:05:4b:75:1e:72:72:
26:4f:35:82:e7:65:b5:71:f1:4d:d4:ff:1e:dc:fc:79:c0:14:
a3:e3:25:7d:8a:f7:f3:bb:af:37:06:fe:96:6c:a9:5f:84:59:
32:96:3f:f8:59:25:15:ae:05:da:ec:d5:92:60:47:30:9e:e8:
ee:ef:31:b2:c7:3f:75:26:9b:e0:f1:d0:d4:83:d9:91:d9:d1:
9f:8a:92:e0:be:2e:2f:0e:b5:fc:b4:82:8c:70:33:7b:a3:84:
3d:8c:e5:b0:95:d2:05:40:3a:16:c4:95:3c:89:99:43:b5:3e:
8c:6d:1c:54:a2:ba:0b:7a:21:77:44:41:d3:a7:d2:0f:78:37:
76:91:f2:da:f5:25:9e:9c:4a:2a:b1:fc:c0:56:77:ee:69:57:
54:7a:ec:8c:d2:0d:2b:dc:34:e7:91:0f:e0:9a:a4:66:18:4f:
d5:f8:46:30:8b:76:d0:eb:62:cd:8b:90:e2:68:c4:3e:80:42:
cd:c5:a3:9a:10:58:11:79:41:25:34:e7:01:25:e6:fa:41:bc:
8e:75:68:3a:0b:d0:ac:61:04:35:17:f2:1d:ee:7f:4d:66:10:
ab:1e:f5:27
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIEBh+CUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDMw
MjE0MzIyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg4ZGIxMGFjOTlm
MTUyZTkxNmNmY2RmOTUwYzI3YzE3MmI4ZTBjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPXJEIqe9ZVSE/PIw9Og7qsOTCB+KnOl04D2JUfD/yNPKk4K
jSt993+lYln7VbwDA4reKKcNEWYlyH1m/diuQ0ayGOQFgj7WlQjh1VDTA2aFVZ+B
k+CoJ2TmEQ6/TdQ5zGXgjOZz/+uqVLZeluAGaFppTbGZGKA7UB5nuCErHXY11Xw9
AE4gG3bXuwmSz05e41Bdei3W4nIS6gVEfFRytEjg6b2Fo8FyJO+6ycMjrqCzB4r4
5dDIZ2nM4n8FqyowsYil8LJ2PecQVOac07MvCzU209yLHgKZKDRU2B/fI9l032wn
7r9ba/CRnbVhgman73jkJDbXBKoklmAvgBDQ5sUCAwEAAaOCApwwggKYMB0GA1Ud
DgQWBBSojbEKyZ8VLpFs/N+VDCfBcrjgzDAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L3FJMnhDc21mRlM2UmJQemZsUXdud1hLNDRNdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
sQYIKwYBBQUHAQcBAf8EgaEwgZ4wgZsEAgABMIGUAwQBTp+AAwQATp+DAwQCTp+I
MAwDBABOn5UDBABOn5YwDAMEA06fmAMEAE6fngMEAFtcIQMEAFtcIwMEA1tcKDAM
AwQBW1wyAwQBW1w0AwQAXZjRMAwDBAJdmNQDBABdmNgDBAFdmNwwDAMEBV2Y4AME
AF2Y4gMEAV4aHAMEAl4aTAMEAblg/AMEALlg/wMEANRmazANBgkqhkiG9w0BAQsF
AAOCAQEAiVLH6oAYB/YL7mw+bIvrWqmGJD85UPRLtLveDSsGBUt1HnJyJk81gudl
tXHxTdT/Htz8ecAUo+MlfYr387uvNwb+lmypX4RZMpY/+FklFa4F2uzVkmBHMJ7o
7u8xssc/dSab4PHQ1IPZkdnRn4qS4L4uLw61/LSCjHAze6OEPYzlsJXSBUA6FsSV
PImZQ7U+jG0cVKK6C3ohd0RB06fSD3g3dpHy2vUlnpxKKrH8wFZ37mlXVHrsjNIN
K9w055EP4JqkZhhP1fhGMIt20OtizYuQ4mjEPoBCzcWjmhBYEXlBJTTnASXm+kG8
jnVoOgvQrGEENRfyHe5/TWYQqx71Jw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:07 2023 by rpki-client on console-fra.rpki-client.org