Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/XtxU7c09vP42A7IPExN0-l5RAYo.roa
File: XtxU7c09vP42A7IPExN0-l5RAYo.roa (raw, json)
Hash identifier: tv2Fm8+rs7CDJzFrLsZFxMy3fkxFf7Xc6I9vqeLnmQE=
Subject key identifier: 5E:DC:54:ED:CD:3D:BC:FE:36:03:B2:0F:13:13:74:FA:5E:51:01:8A
Certificate issuer: /CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Certificate serial: 0182168F406FD3495FD64AC4737C2ADE303A
Authority key identifier: 7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/XtxU7c09vP42A7IPExN0-l5RAYo.roa
Signing time: Tue 19 Jul 2022 13:04:23 +0000
ROA not before: Tue 19 Jul 2022 13:04:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2116
IP address blocks: 85.252.0.0/16 maxlen: 16
194.29.200.0/22 maxlen: 22
37.191.128.0/17 maxlen: 17
213.160.224.0/20 maxlen: 20
213.160.240.0/21 maxlen: 21
31.185.24.0/21 maxlen: 21
81.175.0.0/20 maxlen: 20
178.74.0.0/18 maxlen: 18
81.175.24.0/21 maxlen: 22
81.175.20.0/22 maxlen: 22
213.151.128.0/19 maxlen: 19
81.175.32.0/19 maxlen: 19
217.77.32.0/20 maxlen: 20
195.204.0.0/16 maxlen: 16
85.221.0.0/17 maxlen: 17
217.8.128.0/19 maxlen: 19
77.234.48.0/21 maxlen: 21
86.62.128.0/18 maxlen: 18
62.63.0.0/18 maxlen: 18
89.191.0.0/19 maxlen: 19
81.191.0.0/16 maxlen: 16
193.90.0.0/16 maxlen: 16
80.241.80.0/20 maxlen: 20
194.19.0.0/17 maxlen: 17
212.62.224.0/19 maxlen: 19
85.196.64.0/18 maxlen: 18
193.75.0.0/17 maxlen: 17
195.139.0.0/16 maxlen: 16
213.172.192.0/19 maxlen: 19
78.24.144.0/21 maxlen: 21
109.199.192.0/19 maxlen: 19
195.1.0.0/16 maxlen: 16
213.52.0.0/17 maxlen: 17
185.129.156.0/22 maxlen: 22
185.35.80.0/22 maxlen: 22
193.69.0.0/16 maxlen: 16
195.18.128.0/17 maxlen: 17
185.8.16.0/22 maxlen: 22
85.112.128.0/19 maxlen: 19
82.196.192.0/19 maxlen: 19
217.118.32.0/19 maxlen: 19
79.135.0.0/19 maxlen: 19
91.135.32.0/20 maxlen: 20
217.144.224.0/19 maxlen: 19
77.40.128.0/17 maxlen: 17
185.67.116.0/22 maxlen: 24
213.239.64.0/18 maxlen: 18
87.118.0.0/18 maxlen: 18
84.20.96.0/19 maxlen: 19
77.88.64.0/18 maxlen: 18
195.159.0.0/16 maxlen: 16
62.101.192.0/18 maxlen: 18
80.64.192.0/20 maxlen: 20
88.84.160.0/19 maxlen: 19
194.54.96.0/19 maxlen: 19
81.0.128.0/18 maxlen: 18
212.71.64.0/19 maxlen: 19
195.0.128.0/17 maxlen: 17
217.14.0.0/20 maxlen: 20
193.91.128.0/17 maxlen: 17
213.158.224.0/19 maxlen: 19
2a00:c440::/29 maxlen: 29
2a02:270::/32 maxlen: 32
2001:4dd8::/32 maxlen: 32
2001:840::/29 maxlen: 29
2a03:c000::/29 maxlen: 29
2a01:520::/29 maxlen: 29
2a02:270::/29 maxlen: 29
2001:4dd8::/29 maxlen: 29
2001:8c0::/29 maxlen: 29
2a01:520::/32 maxlen: 32
2a04:6340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:16:8f:40:6f:d3:49:5f:d6:4a:c4:73:7c:2a:de:30:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Validity
Not Before: Jul 19 13:04:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5edc54edcd3dbcfe3603b20f131374fa5e51018a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ec:f6:4a:47:62:12:b0:ee:48:9c:9b:ae:99:
ca:ae:25:89:ed:40:99:eb:f4:2a:6c:81:a3:65:ef:
ab:ee:f2:e9:a3:59:74:45:77:6e:a3:2e:a6:83:95:
e8:b1:42:c6:29:f1:44:4a:7a:91:36:10:e5:23:23:
e9:49:49:37:88:39:ee:08:be:ed:9f:b4:01:9f:3d:
62:10:05:fc:97:91:3d:dd:67:76:69:2c:3e:a8:4d:
7c:6b:49:61:79:75:bc:d5:ff:d3:33:ad:32:03:26:
ab:a7:c7:52:57:ed:63:d4:9f:dd:ea:93:e5:05:d8:
f7:55:3b:b9:97:7b:88:e2:16:4a:70:ca:49:67:b2:
14:85:9d:97:ee:60:96:5f:90:b3:bb:46:a6:fa:63:
96:2d:f9:db:aa:55:5d:71:c9:2d:41:5f:ac:06:42:
00:22:ea:ab:ec:5d:d3:51:4c:50:fa:70:8c:a5:fc:
ea:c6:f6:73:6e:4c:6a:de:bb:c9:17:c9:f6:a5:95:
20:f9:55:e2:33:22:8a:11:26:49:46:db:38:56:59:
93:db:4a:1b:68:a7:89:e6:c6:72:a5:14:5c:f2:a3:
a5:26:2a:51:25:1e:07:ed:2a:95:00:45:74:ad:77:
7f:d8:37:8a:87:ed:29:32:08:c7:2b:20:e5:5b:75:
35:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:DC:54:ED:CD:3D:BC:FE:36:03:B2:0F:13:13:74:FA:5E:51:01:8A
X509v3 Authority Key Identifier:
keyid:7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/XtxU7c09vP42A7IPExN0-l5RAYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.24.0/21
37.191.128.0/17
62.63.0.0/18
62.101.192.0/18
77.40.128.0/17
77.88.64.0/18
77.234.48.0/21
78.24.144.0/21
79.135.0.0/19
80.64.192.0/20
80.241.80.0/20
81.0.128.0/18
81.175.0.0/20
81.175.20.0-81.175.63.255
81.191.0.0/16
82.196.192.0/19
84.20.96.0/19
85.112.128.0/19
85.196.64.0/18
85.221.0.0/17
85.252.0.0/16
86.62.128.0/18
87.118.0.0/18
88.84.160.0/19
89.191.0.0/19
91.135.32.0/20
109.199.192.0/19
178.74.0.0/18
185.8.16.0/22
185.35.80.0/22
185.67.116.0/22
185.129.156.0/22
193.69.0.0/16
193.75.0.0/17
193.90.0.0/16
193.91.128.0/17
194.19.0.0/17
194.29.200.0/22
194.54.96.0/19
195.0.128.0-195.1.255.255
195.18.128.0/17
195.139.0.0/16
195.159.0.0/16
195.204.0.0/16
212.62.224.0/19
212.71.64.0/19
213.52.0.0/17
213.151.128.0/19
213.158.224.0/19
213.160.224.0-213.160.247.255
213.172.192.0/19
213.239.64.0/18
217.8.128.0/19
217.14.0.0/20
217.77.32.0/20
217.118.32.0/19
217.144.224.0/19
IPv6:
2001:840::/29
2001:8c0::/29
2001:4dd8::/29
2a00:c440::/29
2a01:520::/29
2a02:270::/29
2a03:c000::/29
2a04:6340::/29
Signature Algorithm: sha256WithRSAEncryption
d2:3e:61:2a:8b:02:7c:fb:0e:bb:39:c7:d6:8e:b7:f6:5a:cc:
0c:de:03:23:66:d3:cd:35:bd:17:03:3b:0a:31:8a:d7:40:86:
77:ea:77:9e:33:80:98:fe:b9:38:0b:79:8c:76:8c:78:9d:1f:
86:3e:83:52:f0:ad:f9:35:5b:80:f1:21:52:70:38:60:3e:84:
2b:e9:80:03:25:29:73:1d:8e:21:ac:42:e7:94:b7:93:6f:52:
85:20:e2:b3:fb:96:c8:7f:c1:5d:db:ce:fe:93:ea:15:c8:9d:
eb:f1:0b:52:e0:55:c3:c5:55:3b:2b:df:3f:f7:07:20:e9:44:
65:85:53:e9:29:eb:e0:d6:94:b7:d4:24:65:37:c4:a5:4b:ab:
17:e0:08:e5:7b:43:d9:c4:b1:4b:2a:b5:76:ec:d5:89:3b:2d:
17:b0:cc:18:97:45:2b:f6:ec:13:69:86:4e:cd:0a:a6:d0:57:
9a:91:be:5f:0b:24:59:5c:51:6f:23:51:42:f4:06:1c:8c:b4:
40:d9:c3:23:91:6a:5e:85:c0:3f:6c:34:8e:ee:44:22:18:56:
b5:5c:09:29:94:a2:33:09:a2:26:18:b7:60:36:87:08:19:57:
d0:ae:02:0e:55:c9:82:0a:64:86:6b:63:d4:fa:57:12:73:5c:
66:5f:4a:e5
-----BEGIN CERTIFICATE-----
MIIGpzCCBY+gAwIBAgISAYIWj0Bv00lf1krEc3wq3jA6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYzRhY2VkY2I4NmNkZGZlZDdmNmRlOGNhZGZjYTAwNDY5
YmJjOGUwHhcNMjIwNzE5MTMwNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWRjNTRlZGNkM2RiY2ZlMzYwM2IyMGYxMzEzNzRmYTVlNTEwMThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+z2SkdiErDuSJybrpnKriWJ7UCZ
6/QqbIGjZe+r7vLpo1l0RXduoy6mg5XosULGKfFESnqRNhDlIyPpSUk3iDnuCL7t
n7QBnz1iEAX8l5E93Wd2aSw+qE18a0lheXW81f/TM60yAyarp8dSV+1j1J/d6pPl
Bdj3VTu5l3uI4hZKcMpJZ7IUhZ2X7mCWX5Czu0am+mOWLfnbqlVdccktQV+sBkIA
Iuqr7F3TUUxQ+nCMpfzqxvZzbkxq3rvJF8n2pZUg+VXiMyKKESZJRts4VlmT20ob
aKeJ5sZypRRc8qOlJipRJR4H7SqVAEV0rXd/2DeKh+0pMgjHKyDlW3U15wIDAQAB
o4IDszCCA68wHQYDVR0OBBYEFF7cVO3NPbz+NgOyDxMTdPpeUQGKMB8GA1UdIwQY
MBaAFH3ErO3Lhs3f7X9t6MrfygBGm7yOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1Nzkt
Mzk0ODAyODVhOTQ4LzEvWHR4VTdjMDl2UDQyQTdJUEV4TjAtbDVSQVlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1NzktMzk0ODAyODVhOTQ4
LzEvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBxwYIKwYBBQUHAQcBAf8EggG2MIIBsjCCAW4EAgABMIIB
ZgMEAx+5GAMEByW/gAMEBj4/AAMEBj5lwAMEB00ogAMEBk1YQAMEA03qMAMEA04Y
kAMEBU+HAAMEBFBAwAMEBFDxUAMEBlEAgAMEBFGvADAMAwQCUa8UAwQGUa8AAwMA
Ub8DBAVSxMADBAVUFGADBAVVcIADBAZVxEADBAdV3QADAwBV/AMEBlY+gAMEBld2
AAMEBVhUoAMEBVm/AAMEBFuHIAMEBW3HwAMEBrJKAAMEArkIEAMEArkjUAMEArlD
dAMEArmBnAMDAMFFAwQHwUsAAwMAwVoDBAfBW4ADBAfCEwADBALCHcgDBAXCNmAw
CwMEB8MAgAMDAcMAAwQHwxKAAwMAw4sDAwDDnwMDAMPMAwQF1D7gAwQF1EdAAwQH
1TQAAwQF1ZeAAwQF1Z7gMAwDBAXVoOADBAPVoPADBAXVrMADBAbV70ADBAXZCIAD
BATZDgADBATZTSADBAXZdiADBAXZkOAwPgQCAAIwOAMFAyABCEADBQMgAQjAAwUD
IAFN2AMFAyoAxEADBQMqAQUgAwUDKgICcAMFAyoDwAADBQMqBGNAMA0GCSqGSIb3
DQEBCwUAA4IBAQDSPmEqiwJ8+w67OcfWjrf2WswM3gMjZtPNNb0XAzsKMYrXQIZ3
6neeM4CY/rk4C3mMdox4nR+GPoNS8K35NVuA8SFScDhgPoQr6YADJSlzHY4hrELn
lLeTb1KFIOKz+5bIf8Fd287+k+oVyJ3r8QtS4FXDxVU7K98/9wcg6URlhVPpKevg
1pS31CRlN8SlS6sX4Ajle0PZxLFLKrV27NWJOy0XsMwYl0Ur9uwTaYZOzQqm0Fea
kb5fCyRZXFFvI1FC9AYcjLRA2cMjkWpehcA/bDSO7kQiGFa1XAkplKIzCaImGLdg
NocIGVfQrgIOVcmCCmSGa2PU+lcSc1xmX0rl
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:49 2023 by rpki-client on console-fra.rpki-client.org