Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/g3hmz9WNFTW27JzugqWBaOwfCA0.roa
File: g3hmz9WNFTW27JzugqWBaOwfCA0.roa (raw, json)
Hash identifier: 9ady130MMVErh+rrYbNWPcdDyINcUu/HRNEgfFNuU4I=
Subject key identifier: 83:78:66:CF:D5:8D:15:35:B6:EC:9C:EE:82:A5:81:68:EC:1F:08:0D
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 37520B42
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/g3hmz9WNFTW27JzugqWBaOwfCA0.roa
Signing time: Wed 08 Jun 2022 10:09:05 +0000
ROA not before: Wed 08 Jun 2022 10:09:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6739
IP address blocks: 81.60.0.0/15 maxlen: 18
62.100.96.0/19 maxlen: 19
2.154.192.0/18 maxlen: 18
84.127.229.0/24 maxlen: 24
81.202.0.0/15 maxlen: 15
212.97.160.0/19 maxlen: 19
213.37.0.0/16 maxlen: 16
5.40.0.0/16 maxlen: 16
82.158.0.0/15 maxlen: 16
62.57.0.0/16 maxlen: 16
89.140.0.0/16 maxlen: 17
95.39.0.0/16 maxlen: 19
212.79.128.0/19 maxlen: 19
80.224.0.0/16 maxlen: 16
83.173.128.0/18 maxlen: 18
85.251.0.0/16 maxlen: 17
212.183.192.0/18 maxlen: 18
84.120.0.0/13 maxlen: 19
194.140.128.0/18 maxlen: 18
2.154.0.0/16 maxlen: 16
81.184.0.0/16 maxlen: 16
213.231.64.0/18 maxlen: 18
80.174.0.0/16 maxlen: 17
62.174.0.0/15 maxlen: 19
213.201.0.0/17 maxlen: 17
62.82.0.0/15 maxlen: 16
80.173.0.0/16 maxlen: 17
212.78.128.0/19 maxlen: 19
194.149.192.0/19 maxlen: 19
194.106.0.0/19 maxlen: 19
213.254.64.0/18 maxlen: 18
62.42.0.0/15 maxlen: 16
212.21.224.0/19 maxlen: 19
82.213.128.0/18 maxlen: 18
213.227.0.0/18 maxlen: 18
85.136.0.0/15 maxlen: 15
212.95.192.0/19 maxlen: 19
79.108.0.0/15 maxlen: 18
85.219.0.0/17 maxlen: 17
85.155.0.0/16 maxlen: 16
62.81.0.0/16 maxlen: 24
85.155.174.0/24 maxlen: 24
212.40.224.0/19 maxlen: 19
212.40.224.0/24 maxlen: 24
2.152.0.0/16 maxlen: 16
217.216.0.0/15 maxlen: 15
185.128.128.0/22 maxlen: 24
2.152.0.0/14 maxlen: 17
62.101.160.0/19 maxlen: 19
2a02:a800::/26 maxlen: 26
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 928123714 (0x37520b42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jun 8 10:09:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=837866cfd58d1535b6ec9cee82a58168ec1f080d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ee:38:b6:5a:e9:a8:c6:0d:6a:63:64:1b:7d:
74:83:ef:19:71:44:82:34:10:43:3e:33:f0:f9:06:
0b:39:95:2e:ec:43:7b:95:45:8f:c7:df:54:f1:0b:
2e:64:79:f5:68:c3:e0:a5:f1:ee:d0:74:b1:15:4d:
0e:63:9c:ae:33:65:19:01:be:ea:41:54:d7:76:6c:
a8:f1:c0:71:dc:78:1d:5c:a6:68:eb:c6:af:f9:e5:
43:cd:85:b5:06:1d:68:04:94:33:ac:0e:f2:41:18:
ad:7a:60:a3:aa:e4:e0:b9:2e:af:af:05:45:50:f9:
31:78:f6:ff:cb:bf:22:63:d7:48:bf:1c:93:48:1f:
19:2e:94:d3:00:40:3c:5b:63:2c:38:84:19:2b:b1:
fb:5b:b1:92:d1:ce:7b:66:ac:4d:1d:dd:fb:2b:dc:
89:3a:5a:15:88:5a:34:11:0c:03:c2:0e:c8:f0:61:
7e:be:e2:27:d3:c4:9f:f2:84:29:32:14:c1:ff:77:
e4:bb:5e:2c:a1:fc:cf:47:17:e6:f1:c7:29:85:98:
35:9c:54:56:d8:bf:cf:05:ce:19:e5:25:52:f3:51:
8c:1e:07:b0:73:c1:b3:43:fe:74:88:06:fb:cd:56:
38:2f:47:13:9c:93:10:22:6f:e0:8e:af:b4:40:12:
5d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:78:66:CF:D5:8D:15:35:B6:EC:9C:EE:82:A5:81:68:EC:1F:08:0D
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/g3hmz9WNFTW27JzugqWBaOwfCA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.152.0.0/14
5.40.0.0/16
62.42.0.0/15
62.57.0.0/16
62.81.0.0-62.83.255.255
62.100.96.0/19
62.101.160.0/19
62.174.0.0/15
79.108.0.0/15
80.173.0.0-80.174.255.255
80.224.0.0/16
81.60.0.0/15
81.184.0.0/16
81.202.0.0/15
82.158.0.0/15
82.213.128.0/18
83.173.128.0/18
84.120.0.0/13
85.136.0.0/15
85.155.0.0/16
85.219.0.0/17
85.251.0.0/16
89.140.0.0/16
95.39.0.0/16
185.128.128.0/22
194.106.0.0/19
194.140.128.0/18
194.149.192.0/19
212.21.224.0/19
212.40.224.0/19
212.78.128.0/19
212.79.128.0/19
212.95.192.0/19
212.97.160.0/19
212.183.192.0/18
213.37.0.0/16
213.201.0.0/17
213.227.0.0/18
213.231.64.0/18
213.254.64.0/18
217.216.0.0/15
IPv6:
2a02:a800::/26
Signature Algorithm: sha256WithRSAEncryption
21:b0:a3:f6:b5:e3:51:16:a4:b9:74:73:48:c2:92:54:0e:16:
5f:ec:c0:d9:a8:cd:2c:61:4b:02:d1:f5:4e:31:4c:9e:e3:b8:
7a:55:75:6b:f7:6a:0e:4e:2b:97:fb:24:d5:54:4a:42:74:b2:
be:e9:f3:25:03:5b:36:bd:77:f8:5d:31:62:ec:86:32:6c:58:
7b:e3:8f:f3:12:a8:c9:da:14:e8:61:c9:bc:76:1c:38:5b:fa:
18:31:83:53:6b:a7:96:67:fb:67:39:87:a2:49:d1:b9:45:7c:
b6:fa:a7:76:fd:8a:56:92:44:0b:90:07:aa:c2:6e:3a:8c:54:
ee:87:47:51:52:34:1a:7e:fc:38:47:a3:f9:b5:71:14:ce:d2:
a7:aa:a8:1f:d6:5d:e7:2f:ea:1f:c9:9e:88:db:b7:24:6a:d2:
a2:79:70:e9:ec:f4:ae:b6:b9:04:c4:5b:84:41:8c:e4:6c:d6:
84:60:13:8f:a8:6a:97:04:5e:db:48:0d:70:e2:f9:55:ad:d9:
2a:6b:72:11:98:8e:50:fe:84:6a:58:6e:db:15:cc:60:c1:39:
15:5d:c4:05:e5:de:ec:ce:00:a3:4a:83:7f:74:bc:5c:fc:d8:
1c:ff:b9:60:e7:46:2d:87:91:f3:a2:b4:8c:08:f4:1f:56:e7:
43:db:40:08
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgIEN1ILQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDM0ZjE2ODYxMDI4NzZjNjIxNmJjZWEyOGE1ZTUwMmVjMGQ3YjZiMB4XDTIyMDYw
ODEwMDkwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODM3ODY2Y2ZkNThk
MTUzNWI2ZWM5Y2VlODJhNTgxNjhlYzFmMDgwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbuOLZa6ajGDWpjZBt9dIPvGXFEgjQQQz4z8PkGCzmVLuxD
e5VFj8ffVPELLmR59WjD4KXx7tB0sRVNDmOcrjNlGQG+6kFU13ZsqPHAcdx4HVym
aOvGr/nlQ82FtQYdaASUM6wO8kEYrXpgo6rk4Lkur68FRVD5MXj2/8u/ImPXSL8c
k0gfGS6U0wBAPFtjLDiEGSux+1uxktHOe2asTR3d+yvciTpaFYhaNBEMA8IOyPBh
fr7iJ9PEn/KEKTIUwf935LteLKH8z0cX5vHHKYWYNZxUVti/zwXOGeUlUvNRjB4H
sHPBs0P+dIgG+81WOC9HE5yTECJv4I6vtEASXUECAwEAAaOCAwkwggMFMB0GA1Ud
DgQWBBSDeGbP1Y0VNbbsnO6CpYFo7B8IDTAfBgNVHSMEGDAWgBTUNPFoYQKHbGIW
vOoopeUC7A17azAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFEVHhhR0VDaDJ4aUZyenFLS1hsQXV3TmUycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvNzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8x
L2czaG16OVdORlRXMjdKenVncVdCYU93ZkNBMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
NzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8xLzFEVHhhR0VDaDJ4
aUZyenFLS1hsQXV3TmUycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AR0GCCsGAQUFBwEHAQH/BIIBDDCCAQgwgfYEAgABMIHvAwMCApgDAwAFKAMDAT4q
AwMAPjkwCgMDAD5RAwMCPlADBAU+ZGADBAU+ZaADAwE+rgMDAU9sMAoDAwBQrQMD
AFCuAwMAUOADAwFRPAMDAFG4AwMBUcoDAwFSngMEBlLVgAMEBlOtgAMDA1R4AwMB
VYgDAwBVmwMEB1XbAAMDAFX7AwMAWYwDAwBfJwMEArmAgAMEBcJqAAMEBsKMgAME
BcKVwAMEBdQV4AMEBdQo4AMEBdROgAMEBdRPgAMEBdRfwAMEBdRhoAMEBtS3wAMD
ANUlAwQH1ckAAwQG1eMAAwQG1edAAwQG1f5AAwMB2dgwDQQCAAIwBwMFBioCqAAw
DQYJKoZIhvcNAQELBQADggEBACGwo/a141EWpLl0c0jCklQOFl/swNmozSxhSwLR
9U4xTJ7juHpVdWv3ag5OK5f7JNVUSkJ0sr7p8yUDWza9d/hdMWLshjJsWHvjj/MS
qMnaFOhhybx2HDhb+hgxg1Nrp5Zn+2c5h6JJ0blFfLb6p3b9ilaSRAuQB6rCbjqM
VO6HR1FSNBp+/DhHo/m1cRTO0qeqqB/WXecv6h/JnojbtyRq0qJ5cOns9K62uQTE
W4RBjORs1oRgE4+oapcEXttIDXDi+VWt2SprchGYjlD+hGpYbtsVzGDBORVdxAXl
3uzOAKNKg390vFz82Bz/uWDnRi2HkfOitIwI9B9W50PbQAg=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:14:42 2025 by rpki-client