Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/3CNNSqdKIRIeOaNPFNcHfNJRGzk.roa
File: 3CNNSqdKIRIeOaNPFNcHfNJRGzk.roa (raw, json)
Hash identifier: JvSUtM0W7H4NgfqhN6xqiVmEiXN9XP+ELwAMDNFWzog=
Subject key identifier: DC:23:4D:4A:A7:4A:21:12:1E:39:A3:4F:14:D7:07:7C:D2:51:1B:39
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 1BB4417C
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/3CNNSqdKIRIeOaNPFNcHfNJRGzk.roa
Signing time: Tue 03 May 2022 19:16:58 +0000
ROA not before: Tue 03 May 2022 19:16:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25369
IP address blocks: 185.134.20.0/22 maxlen: 22
195.140.212.0/22 maxlen: 22
109.70.144.0/21 maxlen: 21
109.70.145.0/24 maxlen: 24
109.70.149.0/24 maxlen: 24
109.70.148.0/24 maxlen: 24
134.255.243.0/24 maxlen: 24
185.16.204.0/22 maxlen: 22
128.127.148.0/22 maxlen: 22
128.127.149.0/24 maxlen: 24
128.127.150.0/24 maxlen: 24
81.19.208.0/20 maxlen: 20
81.19.208.0/23 maxlen: 23
89.46.223.0/24 maxlen: 24
89.46.222.0/23 maxlen: 23
86.106.112.0/24 maxlen: 24
109.69.104.0/21 maxlen: 21
195.234.124.0/23 maxlen: 24
195.234.124.0/24 maxlen: 24
109.69.110.0/24 maxlen: 24
195.234.127.0/24 maxlen: 24
109.230.203.0/24 maxlen: 24
109.230.209.0/24 maxlen: 24
109.230.218.0/24 maxlen: 24
109.230.215.0/24 maxlen: 24
109.230.220.0/24 maxlen: 24
188.241.120.0/24 maxlen: 24
188.241.144.0/24 maxlen: 24
188.241.156.0/23 maxlen: 23
188.241.157.0/24 maxlen: 24
193.32.208.0/22 maxlen: 22
86.106.158.0/24 maxlen: 24
86.106.157.0/24 maxlen: 24
89.21.65.0/24 maxlen: 24
188.240.58.0/24 maxlen: 24
188.240.56.0/21 maxlen: 21
188.240.56.0/24 maxlen: 24
188.240.57.0/24 maxlen: 24
188.240.71.0/24 maxlen: 24
195.206.165.0/24 maxlen: 24
185.125.204.0/22 maxlen: 22
195.206.166.0/23 maxlen: 23
195.206.169.0/24 maxlen: 24
195.206.170.0/23 maxlen: 23
89.38.68.0/23 maxlen: 23
195.206.180.0/22 maxlen: 22
5.226.136.0/21 maxlen: 21
77.81.191.0/24 maxlen: 24
31.14.102.0/24 maxlen: 24
193.176.31.0/24 maxlen: 24
193.176.28.0/22 maxlen: 22
185.216.144.0/22 maxlen: 22
89.21.64.0/22 maxlen: 22
217.146.80.0/20 maxlen: 20
217.146.87.0/24 maxlen: 24
185.38.148.0/22 maxlen: 22
217.146.92.0/24 maxlen: 24
185.223.232.0/22 maxlen: 22
213.166.84.0/22 maxlen: 24
89.35.28.0/22 maxlen: 22
195.20.108.0/24 maxlen: 24
195.20.108.0/23 maxlen: 23
185.121.136.0/22 maxlen: 22
185.114.224.0/24 maxlen: 24
37.10.113.0/24 maxlen: 24
37.10.114.0/24 maxlen: 24
89.40.212.0/24 maxlen: 24
188.212.154.0/24 maxlen: 24
89.37.64.0/22 maxlen: 22
185.158.241.0/24 maxlen: 24
185.158.242.0/24 maxlen: 24
89.37.173.0/24 maxlen: 24
89.34.96.0/22 maxlen: 22
178.239.160.0/20 maxlen: 20
178.239.165.0/24 maxlen: 24
178.239.167.0/24 maxlen: 24
185.44.76.0/22 maxlen: 22
178.239.173.0/24 maxlen: 24
185.3.236.0/22 maxlen: 22
185.158.240.0/22 maxlen: 24
89.37.172.0/22 maxlen: 22
2a01:4020::/32 maxlen: 32
2a01:4020:34::/48 maxlen: 48
2a01:4020:2::/48 maxlen: 48
2a00:1a30::/32 maxlen: 32
2a01:4020:32::/48 maxlen: 48
2a01:4020:33::/48 maxlen: 48
2a01:4020:30::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 464798076 (0x1bb4417c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: May 3 19:16:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc234d4aa74a21121e39a34f14d7077cd2511b39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f6:b8:22:d1:4f:25:5e:03:21:80:f3:e2:7b:
86:67:38:6b:c8:da:d7:bc:6b:77:21:01:04:af:cf:
81:1e:14:61:27:18:b2:6f:18:04:b1:6a:87:05:4f:
39:07:e5:ba:5d:16:20:1e:34:9c:91:de:63:56:2d:
11:f2:a2:de:2d:e3:56:26:21:a6:a5:57:3b:f8:45:
68:8e:db:81:43:51:a6:71:4a:5b:36:4b:3e:20:b4:
c2:a4:8f:41:9f:98:74:28:37:5d:21:6d:98:f8:5f:
d8:7e:80:22:be:ca:e9:86:a8:75:e4:d2:a8:ce:c6:
3b:c7:bb:8b:f4:68:3e:fe:7d:92:a2:e4:e7:85:29:
12:36:fc:0b:22:98:81:9a:24:53:70:41:f0:be:a2:
b5:b7:a2:15:20:c2:46:a6:3c:1b:4f:e2:90:d1:82:
ac:71:43:f9:06:55:16:a7:f3:0e:32:d1:a4:2d:ad:
bb:8a:77:dc:8f:b4:ac:b0:bc:ad:c7:69:b3:89:c9:
86:08:46:96:7e:f3:ce:3c:a6:aa:af:4f:71:9a:f0:
cf:2f:31:2d:66:92:88:d5:e7:1d:5e:b4:cf:d9:4c:
3b:65:66:9f:91:f3:5d:f7:f2:29:4c:87:05:c7:f4:
45:04:0f:be:8f:29:ed:62:b5:4f:c8:0d:cb:de:b8:
67:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:23:4D:4A:A7:4A:21:12:1E:39:A3:4F:14:D7:07:7C:D2:51:1B:39
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/3CNNSqdKIRIeOaNPFNcHfNJRGzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.136.0/21
31.14.102.0/24
37.10.113.0-37.10.114.255
77.81.191.0/24
81.19.208.0/20
86.106.112.0/24
86.106.157.0-86.106.158.255
89.21.64.0/22
89.34.96.0/22
89.35.28.0/22
89.37.64.0/22
89.37.172.0/22
89.38.68.0/23
89.40.212.0/24
89.46.222.0/23
109.69.104.0/21
109.70.144.0/21
109.230.203.0/24
109.230.209.0/24
109.230.215.0/24
109.230.218.0/24
109.230.220.0/24
128.127.148.0/22
134.255.243.0/24
178.239.160.0/20
185.3.236.0/22
185.16.204.0/22
185.38.148.0/22
185.44.76.0/22
185.114.224.0/24
185.121.136.0/22
185.125.204.0/22
185.134.20.0/22
185.158.240.0/22
185.216.144.0/22
185.223.232.0/22
188.212.154.0/24
188.240.56.0/21
188.240.71.0/24
188.241.120.0/24
188.241.144.0/24
188.241.156.0/23
193.32.208.0/22
193.176.28.0/22
195.20.108.0/23
195.140.212.0/22
195.206.165.0-195.206.167.255
195.206.169.0-195.206.171.255
195.206.180.0/22
195.234.124.0/23
195.234.127.0/24
213.166.84.0/22
217.146.80.0/20
IPv6:
2a00:1a30::/32
2a01:4020::/32
Signature Algorithm: sha256WithRSAEncryption
1f:8c:38:26:6d:11:10:9f:dd:5f:52:6a:1d:dc:9c:7b:c0:98:
d5:23:3c:69:46:03:b3:1d:c7:04:4b:76:32:35:56:cc:76:69:
f1:15:a0:1a:92:39:e1:c4:f0:4c:fe:e2:49:24:fc:16:cb:bf:
97:8a:e2:8c:d9:e7:50:3e:c3:07:88:b5:b9:cd:6a:1a:dd:e8:
19:ef:ea:ec:e9:bf:08:79:23:86:53:1e:e2:23:a9:0c:90:1e:
48:32:c2:9e:71:ae:15:92:91:10:46:18:54:ea:2a:8c:44:f6:
cc:0b:d7:a7:7f:b9:39:20:64:47:70:df:f1:fc:cf:e2:6c:8c:
2b:74:52:be:83:54:56:9a:03:20:cb:86:d3:4d:5a:bc:c2:64:
ea:aa:b6:6c:fc:4d:2e:4b:94:af:c8:b1:80:52:9b:8d:7e:9b:
8c:38:4c:00:3a:e0:16:9c:84:ba:eb:6a:ad:0b:ae:dd:57:7f:
68:6c:0a:31:87:7c:78:ff:04:b6:9e:a5:5b:0e:07:78:1d:d6:
29:34:4c:7a:c9:72:43:06:24:67:63:60:c1:ae:f4:98:66:b8:
87:40:4d:5d:e0:a6:68:41:8b:86:a8:24:4d:b6:b8:98:23:1e:
e6:7c:b9:05:72:6d:d5:80:e0:c4:df:2c:7c:de:b5:e7:0c:4a:
70:82:fb:5d
-----BEGIN CERTIFICATE-----
MIIGZzCCBU+gAwIBAgIEG7RBfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZDM3Y2M4ZjE2YjNjNmNiZDMzNDZhYTNlZDYxNzcxZjNlODNhYzk3MB4XDTIyMDUw
MzE5MTY1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGMyMzRkNGFhNzRh
MjExMjFlMzlhMzRmMTRkNzA3N2NkMjUxMWIzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMb2uCLRTyVeAyGA8+J7hmc4a8ja17xrdyEBBK/PgR4UYScY
sm8YBLFqhwVPOQflul0WIB40nJHeY1YtEfKi3i3jViYhpqVXO/hFaI7bgUNRpnFK
WzZLPiC0wqSPQZ+YdCg3XSFtmPhf2H6AIr7K6YaodeTSqM7GO8e7i/RoPv59kqLk
54UpEjb8CyKYgZokU3BB8L6itbeiFSDCRqY8G0/ikNGCrHFD+QZVFqfzDjLRpC2t
u4p33I+0rLC8rcdps4nJhghGln7zzjymqq9PcZrwzy8xLWaSiNXnHV60z9lMO2Vm
n5HzXffyKUyHBcf0RQQPvo8p7WK1T8gNy964Z7cCAwEAAaOCA4EwggN9MB0GA1Ud
DgQWBBTcI01Kp0ohEh45o08U1wd80lEbOTAfBgNVHSMEGDAWgBT9N8yPFrPGy9M0
aqPtYXcfPoOslzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19UZk1qeGF6eHN2VE5HcWo3V0YzSHo2RHJKYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvMDVlMTdmLWQzMWYtNDMxZi1hOGJjLTdlMDVhYjQxYjZlNC8x
LzNDTk5TcWRLSVJJZU9hTlBGTmNIZk5KUkd6ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
MDVlMTdmLWQzMWYtNDMxZi1hOGJjLTdlMDVhYjQxYjZlNC8xL19UZk1qeGF6eHN2
VE5HcWo3V0YzSHo2RHJKYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AZUGCCsGAQUFBwEHAQH/BIIBhDCCAYAwggFmBAIAATCCAV4DBAMF4ogDBAAfDmYw
DAMEACUKcQMEACUKcgMEAE1RvwMEBFET0AMEAFZqcDAMAwQAVmqdAwQAVmqeAwQC
WRVAAwQCWSJgAwQCWSMcAwQCWSVAAwQCWSWsAwQBWSZEAwQAWSjUAwQBWS7eAwQD
bUVoAwQDbUaQAwQAbebLAwQAbebRAwQAbebXAwQAbebaAwQAbebcAwQCgH+UAwQA
hv/zAwQEsu+gAwQCuQPsAwQCuRDMAwQCuSaUAwQCuSxMAwQAuXLgAwQCuXmIAwQC
uX3MAwQCuYYUAwQCuZ7wAwQCudiQAwQCud/oAwQAvNSaAwQDvPA4AwQAvPBHAwQA
vPF4AwQAvPGQAwQBvPGcAwQCwSDQAwQCwbAcAwQBwxRsAwQCw4zUMAwDBADDzqUD
BAPDzqAwDAMEAMPOqQMEAsPOqAMEAsPOtAMEAcPqfAMEAMPqfwMEAtWmVAMEBNmS
UDAUBAIAAjAOAwUAKgAaMAMFACoBQCAwDQYJKoZIhvcNAQELBQADggEBAB+MOCZt
ERCf3V9Sah3cnHvAmNUjPGlGA7MdxwRLdjI1Vsx2afEVoBqSOeHE8Ez+4kkk/BbL
v5eK4ozZ51A+wweItbnNahrd6Bnv6uzpvwh5I4ZTHuIjqQyQHkgywp5xrhWSkRBG
GFTqKoxE9swL16d/uTkgZEdw3/H8z+JsjCt0Ur6DVFaaAyDLhtNNWrzCZOqqtmz8
TS5LlK/IsYBSm41+m4w4TAA64BachLrraq0Lrt1Xf2hsCjGHfHj/BLaepVsOB3gd
1ik0THrJckMGJGdjYMGu9JhmuIdATV3gpmhBi4aoJE22uJgjHuZ8uQVybdWA4MTf
LHzetecMSnCC+10=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:00 2024 by rpki-client on console-fra.rpki-client.org