Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/eb22fa-fba4-47a9-ab53-363e2d6643f2/1/UNOnjTNHGQg5AQ23-QEO4jlNLXQ.roa
File: UNOnjTNHGQg5AQ23-QEO4jlNLXQ.roa (raw, json)
Hash identifier: b043JkTnIdtFvAosIYKYzsCi5eAqWIQnvpw5QyrVxLM=
Subject key identifier: 50:D3:A7:8D:33:47:19:08:39:01:0D:B7:F9:01:0E:E2:39:4D:2D:74
Certificate issuer: /CN=f3ace3cafb9e26c1a60564f70d2aceb457bf5009
Certificate serial: 0D97EC24
Authority key identifier: F3:AC:E3:CA:FB:9E:26:C1:A6:05:64:F7:0D:2A:CE:B4:57:BF:50:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/86zjyvueJsGmBWT3DSrOtFe_UAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/eb22fa-fba4-47a9-ab53-363e2d6643f2/1/UNOnjTNHGQg5AQ23-QEO4jlNLXQ.roa
Signing time: Sat 01 Jan 2022 03:59:08 +0000
ROA not before: Sat 01 Jan 2022 03:59:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35567
IP address blocks: 91.191.42.0/24 maxlen: 24
91.191.41.0/24 maxlen: 24
91.191.40.0/24 maxlen: 24
91.191.39.0/24 maxlen: 24
91.191.44.0/24 maxlen: 24
91.191.43.0/24 maxlen: 24
91.191.51.0/24 maxlen: 24
91.191.50.0/24 maxlen: 24
91.191.49.0/24 maxlen: 24
91.191.48.0/24 maxlen: 24
91.191.47.0/24 maxlen: 24
91.191.46.0/24 maxlen: 24
91.191.45.0/24 maxlen: 24
91.191.52.0/24 maxlen: 24
91.191.56.0/24 maxlen: 24
91.191.55.0/24 maxlen: 24
185.16.14.0/24 maxlen: 24
91.191.54.0/24 maxlen: 24
91.191.53.0/24 maxlen: 24
185.16.12.0/22 maxlen: 24
91.191.58.0/24 maxlen: 24
91.191.57.0/24 maxlen: 24
91.191.63.0/24 maxlen: 24
91.191.62.0/24 maxlen: 24
91.191.61.0/24 maxlen: 24
91.191.60.0/24 maxlen: 24
91.191.59.0/24 maxlen: 24
91.191.1.0/24 maxlen: 24
91.191.0.0/24 maxlen: 24
91.191.4.0/24 maxlen: 24
91.191.3.0/24 maxlen: 24
91.191.2.0/24 maxlen: 24
91.191.11.0/24 maxlen: 24
91.191.10.0/24 maxlen: 24
91.191.9.0/24 maxlen: 24
91.191.8.0/24 maxlen: 24
91.191.7.0/24 maxlen: 24
91.191.6.0/24 maxlen: 24
91.191.5.0/24 maxlen: 24
91.191.14.0/24 maxlen: 24
91.191.13.0/24 maxlen: 24
91.191.12.0/24 maxlen: 24
91.191.17.0/24 maxlen: 24
91.191.16.0/24 maxlen: 24
91.191.15.0/24 maxlen: 24
91.191.24.0/21 maxlen: 24
91.191.24.0/24 maxlen: 24
91.191.23.0/24 maxlen: 24
91.191.22.0/24 maxlen: 24
91.191.21.0/24 maxlen: 24
91.191.20.0/24 maxlen: 24
91.191.19.0/24 maxlen: 24
91.191.18.0/24 maxlen: 24
91.191.31.0/24 maxlen: 24
91.191.30.0/24 maxlen: 24
91.191.29.0/24 maxlen: 24
91.191.27.0/24 maxlen: 24
91.191.26.0/24 maxlen: 24
91.191.38.0/24 maxlen: 24
91.191.37.0/24 maxlen: 24
91.191.36.0/24 maxlen: 24
91.191.35.0/24 maxlen: 24
91.191.34.0/24 maxlen: 24
91.191.33.0/24 maxlen: 24
91.191.32.0/24 maxlen: 24
213.196.112.0/24 maxlen: 24
213.196.118.0/24 maxlen: 24
213.196.117.0/24 maxlen: 24
213.196.116.0/24 maxlen: 24
213.196.115.0/24 maxlen: 24
213.196.114.0/23 maxlen: 23
213.196.114.0/24 maxlen: 24
213.196.113.0/24 maxlen: 24
213.196.121.0/24 maxlen: 24
87.250.96.0/19 maxlen: 24
87.250.98.0/24 maxlen: 24
213.196.125.0/24 maxlen: 24
213.196.124.0/24 maxlen: 24
87.250.97.0/24 maxlen: 24
87.250.96.0/24 maxlen: 24
213.196.123.0/24 maxlen: 24
213.196.122.0/24 maxlen: 24
213.196.120.0/24 maxlen: 24
213.196.119.0/24 maxlen: 24
87.250.105.0/24 maxlen: 24
87.250.104.0/24 maxlen: 24
87.250.103.0/24 maxlen: 24
87.250.102.0/24 maxlen: 24
87.250.101.0/24 maxlen: 24
213.196.127.0/24 maxlen: 24
213.196.126.0/24 maxlen: 24
87.250.99.0/24 maxlen: 24
87.250.112.0/24 maxlen: 24
87.250.109.0/24 maxlen: 24
87.250.108.0/24 maxlen: 24
87.250.107.0/24 maxlen: 24
87.250.106.0/24 maxlen: 24
87.250.118.0/24 maxlen: 24
87.250.117.0/24 maxlen: 24
87.250.115.0/24 maxlen: 24
87.250.114.0/24 maxlen: 24
87.250.113.0/24 maxlen: 24
87.250.125.0/24 maxlen: 24
87.250.124.0/24 maxlen: 24
87.250.123.0/24 maxlen: 24
87.250.122.0/24 maxlen: 24
87.250.121.0/24 maxlen: 24
87.250.120.0/24 maxlen: 24
87.250.119.0/24 maxlen: 24
87.250.127.0/24 maxlen: 24
2a02:17a8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 228060196 (0xd97ec24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3ace3cafb9e26c1a60564f70d2aceb457bf5009
Validity
Not Before: Jan 1 03:59:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=50d3a78d3347190839010db7f9010ee2394d2d74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:01:f7:fa:80:2d:25:9d:c3:78:75:74:88:d5:
67:19:d6:96:c8:0c:a5:b1:86:a1:35:e8:ec:89:4f:
55:41:c0:e5:02:73:be:5e:c5:2b:4e:fb:1e:53:a2:
70:28:be:3c:69:7d:13:0f:4f:7b:25:47:8e:4a:20:
30:f7:3b:6d:1a:bc:1e:3a:31:b1:97:3a:f0:1f:88:
61:5f:1c:33:91:8b:fe:cb:bb:a2:01:ad:99:b2:4a:
97:ab:3e:bf:94:1a:f9:35:ab:54:28:3a:d1:b7:f6:
3b:f7:4a:fe:00:20:ed:69:ec:f1:34:24:60:d1:9b:
01:df:16:ac:f2:3a:94:2d:85:da:a6:13:5c:68:e9:
a4:07:f4:10:58:35:bc:cb:3a:7d:c6:34:99:9c:4f:
0f:06:3e:29:21:25:d6:24:94:dc:0c:53:6b:e9:22:
cf:a3:6f:01:44:c3:f4:52:8d:78:a4:73:99:a2:f0:
90:d8:f2:15:d7:f1:88:1e:e2:8d:88:9d:8f:80:e2:
a4:7c:1f:e5:cf:3d:28:7e:ee:20:7c:56:c2:b5:17:
23:c2:c0:34:a3:f0:55:d0:0b:c0:4f:58:93:73:16:
49:07:32:39:5a:e2:98:11:27:39:9e:09:ce:86:bf:
f3:15:ca:3c:14:fb:e8:57:af:c3:16:e8:b2:50:b6:
c3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:D3:A7:8D:33:47:19:08:39:01:0D:B7:F9:01:0E:E2:39:4D:2D:74
X509v3 Authority Key Identifier:
keyid:F3:AC:E3:CA:FB:9E:26:C1:A6:05:64:F7:0D:2A:CE:B4:57:BF:50:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/86zjyvueJsGmBWT3DSrOtFe_UAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/eb22fa-fba4-47a9-ab53-363e2d6643f2/1/UNOnjTNHGQg5AQ23-QEO4jlNLXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/eb22fa-fba4-47a9-ab53-363e2d6643f2/1/86zjyvueJsGmBWT3DSrOtFe_UAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.250.96.0/19
91.191.0.0/18
185.16.12.0/22
213.196.112.0/20
IPv6:
2a02:17a8::/32
Signature Algorithm: sha256WithRSAEncryption
a4:24:3a:c7:fc:45:07:6a:1f:2f:c7:72:e0:0c:a2:c2:a3:67:
ca:fb:ca:cc:81:6c:04:0a:e4:73:dd:09:6c:4c:5a:c4:71:01:
06:1e:c8:48:f1:82:bf:67:cc:e5:8b:ea:a8:91:c1:a1:6d:0e:
fe:a7:71:2e:b1:84:d0:0a:77:3e:9a:3b:13:48:f4:80:db:d7:
ed:87:b6:c9:02:69:13:7f:21:93:bf:f5:10:6f:e9:a5:23:f4:
75:cf:99:a8:3c:c2:e8:87:08:b3:24:fc:74:4f:81:10:c8:3d:
4f:a6:e3:eb:90:15:dd:1d:bf:a3:1b:b4:9e:4b:b0:37:58:47:
51:52:54:5f:05:e3:e5:0c:d4:3a:3c:cd:73:72:46:3d:ce:ea:
56:87:48:b5:96:5e:a3:5c:0b:0d:32:b1:8c:70:19:a0:e6:8f:
41:46:70:9e:ed:e3:1b:5a:54:d0:5c:d1:32:35:15:cb:45:e6:
80:cb:19:56:af:ac:e4:54:a4:52:df:3b:25:98:0b:54:50:57:
12:12:4a:9e:e4:59:1f:1a:7d:0d:2e:27:86:d6:6e:ba:eb:cb:
ed:5c:91:f3:23:6f:8b:52:c1:f0:08:04:cb:ba:2e:71:9f:74:
d8:03:23:25:03:59:c0:9b:fc:88:54:d9:15:fa:77:cf:b6:24:
87:35:3a:49
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEDZfsJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
M2FjZTNjYWZiOWUyNmMxYTYwNTY0ZjcwZDJhY2ViNDU3YmY1MDA5MB4XDTIyMDEw
MTAzNTkwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTBkM2E3OGQzMzQ3
MTkwODM5MDEwZGI3ZjkwMTBlZTIzOTRkMmQ3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUB9/qALSWdw3h1dIjVZxnWlsgMpbGGoTXo7IlPVUHA5QJz
vl7FK077HlOicCi+PGl9Ew9PeyVHjkogMPc7bRq8HjoxsZc68B+IYV8cM5GL/su7
ogGtmbJKl6s+v5Qa+TWrVCg60bf2O/dK/gAg7Wns8TQkYNGbAd8WrPI6lC2F2qYT
XGjppAf0EFg1vMs6fcY0mZxPDwY+KSEl1iSU3AxTa+kiz6NvAUTD9FKNeKRzmaLw
kNjyFdfxiB7ijYidj4DipHwf5c89KH7uIHxWwrUXI8LANKPwVdALwE9Yk3MWSQcy
OVrimBEnOZ4Jzoa/8xXKPBT76FevwxboslC2w8sCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRQ06eNM0cZCDkBDbf5AQ7iOU0tdDAfBgNVHSMEGDAWgBTzrOPK+54mwaYF
ZPcNKs60V79QCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzg2emp5dnVlSnNHbUJXVDNEU3JPdEZlX1VBay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvZWIyMmZhLWZiYTQtNDdhOS1hYjUzLTM2M2UyZDY2NDNmMi8x
L1VOT25qVE5IR1FnNUFRMjMtUUVPNGpsTkxYUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
ZWIyMmZhLWZiYTQtNDdhOS1hYjUzLTM2M2UyZDY2NDNmMi8xLzg2emp5dnVlSnNH
bUJXVDNEU3JPdEZlX1VBay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBVf6YAMEBlu/AAMEArkQDAMEBNXE
cDANBAIAAjAHAwUAKgIXqDANBgkqhkiG9w0BAQsFAAOCAQEApCQ6x/xFB2ofL8dy
4AyiwqNnyvvKzIFsBArkc90JbExaxHEBBh7ISPGCv2fM5YvqqJHBoW0O/qdxLrGE
0Ap3Ppo7E0j0gNvX7Ye2yQJpE38hk7/1EG/ppSP0dc+ZqDzC6IcIsyT8dE+BEMg9
T6bj65AV3R2/oxu0nkuwN1hHUVJUXwXj5QzUOjzNc3JGPc7qVodItZZeo1wLDTKx
jHAZoOaPQUZwnu3jG1pU0FzRMjUVy0XmgMsZVq+s5FSkUt87JZgLVFBXEhJKnuRZ
Hxp9DS4nhtZuuuvL7VyR8yNvi1LB8AgEy7oucZ902AMjJQNZwJv8iFTZFfp3z7Yk
hzU6SQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:08 2023 by rpki-client on console-fra.rpki-client.org