Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/dfQ_MPMpXlLD--K7vsOEvQOWK90.roa
File: dfQ_MPMpXlLD--K7vsOEvQOWK90.roa (raw, json)
Hash identifier: 1v1CmM4o0YEpS+hqgPOkV7YGj+bahxYfAOOKbmQTODI=
Subject key identifier: 75:F4:3F:30:F3:29:5E:52:C3:FB:E2:BB:BE:C3:84:BD:03:96:2B:DD
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 1B4FEB35
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/dfQ_MPMpXlLD--K7vsOEvQOWK90.roa
Signing time: Mon 21 Mar 2022 23:34:51 +0000
ROA not before: Mon 21 Mar 2022 23:34:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25369
IP address blocks: 185.134.20.0/22 maxlen: 22
195.140.212.0/22 maxlen: 22
109.70.144.0/21 maxlen: 21
109.70.145.0/24 maxlen: 24
109.70.149.0/24 maxlen: 24
109.70.148.0/24 maxlen: 24
134.255.243.0/24 maxlen: 24
185.16.204.0/22 maxlen: 22
81.19.208.0/20 maxlen: 20
81.19.208.0/23 maxlen: 23
89.46.223.0/24 maxlen: 24
89.46.222.0/23 maxlen: 23
86.106.112.0/24 maxlen: 24
109.69.104.0/21 maxlen: 21
195.234.124.0/24 maxlen: 24
195.234.124.0/23 maxlen: 24
109.69.110.0/24 maxlen: 24
195.234.127.0/24 maxlen: 24
109.230.203.0/24 maxlen: 24
109.230.209.0/24 maxlen: 24
109.230.218.0/24 maxlen: 24
109.230.215.0/24 maxlen: 24
109.230.220.0/24 maxlen: 24
188.241.120.0/24 maxlen: 24
188.241.144.0/24 maxlen: 24
188.241.156.0/23 maxlen: 23
188.241.157.0/24 maxlen: 24
193.32.208.0/22 maxlen: 22
86.106.158.0/24 maxlen: 24
86.106.157.0/24 maxlen: 24
188.240.58.0/24 maxlen: 24
188.240.56.0/21 maxlen: 21
188.240.56.0/24 maxlen: 24
188.240.57.0/24 maxlen: 24
188.240.71.0/24 maxlen: 24
195.206.165.0/24 maxlen: 24
185.125.204.0/22 maxlen: 22
195.206.166.0/23 maxlen: 23
195.206.169.0/24 maxlen: 24
195.206.170.0/23 maxlen: 23
89.38.68.0/23 maxlen: 23
195.206.180.0/22 maxlen: 22
5.226.136.0/21 maxlen: 21
77.81.191.0/24 maxlen: 24
31.14.102.0/24 maxlen: 24
193.176.28.0/22 maxlen: 22
193.176.31.0/24 maxlen: 24
185.216.144.0/22 maxlen: 22
217.146.80.0/20 maxlen: 20
217.146.87.0/24 maxlen: 24
185.38.148.0/22 maxlen: 22
217.146.92.0/24 maxlen: 24
185.223.232.0/22 maxlen: 22
213.166.84.0/22 maxlen: 24
89.35.28.0/22 maxlen: 22
195.20.108.0/24 maxlen: 24
195.20.108.0/23 maxlen: 23
185.121.136.0/22 maxlen: 22
185.114.224.0/24 maxlen: 24
37.10.113.0/24 maxlen: 24
37.10.114.0/24 maxlen: 24
89.40.212.0/24 maxlen: 24
188.212.154.0/24 maxlen: 24
89.37.64.0/22 maxlen: 22
185.158.241.0/24 maxlen: 24
185.158.242.0/24 maxlen: 24
89.37.173.0/24 maxlen: 24
89.34.96.0/22 maxlen: 22
178.239.160.0/20 maxlen: 20
178.239.165.0/24 maxlen: 24
178.239.167.0/24 maxlen: 24
185.44.76.0/22 maxlen: 22
178.239.173.0/24 maxlen: 24
185.3.236.0/22 maxlen: 22
185.158.240.0/22 maxlen: 24
89.37.172.0/22 maxlen: 22
2a01:4020::/32 maxlen: 32
2a01:4020:34::/48 maxlen: 48
2a01:4020:2::/48 maxlen: 48
2a00:1a30::/32 maxlen: 32
2a01:4020:32::/48 maxlen: 48
2a01:4020:30::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 458222389 (0x1b4feb35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Mar 21 23:34:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75f43f30f3295e52c3fbe2bbbec384bd03962bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a7:47:d5:8c:eb:38:90:a8:a1:9d:66:f9:af:
fc:e7:f4:de:a5:d0:8e:0d:50:95:72:61:b4:32:bb:
66:23:66:7a:e2:d3:3e:5b:46:74:07:28:e0:54:23:
42:f9:62:87:24:10:fd:4d:bf:b7:39:bd:03:5e:ed:
7a:5e:a6:5b:1c:ce:5c:25:b2:4e:c9:f6:7e:41:14:
37:3e:8b:02:97:15:74:ee:6b:5d:a2:28:f7:c6:46:
16:7e:be:c5:ac:94:92:59:fd:a6:bf:83:2f:99:ab:
6d:2d:f0:ed:52:6b:31:96:4b:99:1f:57:1d:cf:f1:
0c:08:05:de:fe:cf:5e:3d:1f:6f:61:18:12:89:a9:
61:5e:ac:d1:b0:96:e0:81:8b:d7:a1:c2:1e:5a:54:
14:61:f7:92:8f:44:3f:97:e4:5a:06:35:9e:4f:4c:
bb:8f:65:9a:49:5d:57:df:20:1c:67:c4:51:f2:2b:
fe:81:32:cc:fd:73:37:e4:79:2d:2e:9e:fb:32:d6:
b1:99:7c:e4:f6:2c:ff:81:b0:69:1e:34:0f:8e:bc:
44:35:d9:52:6f:85:aa:21:06:0a:b3:65:53:dd:a8:
f8:5e:38:f3:fe:4c:d4:5f:c3:a5:b2:17:8a:40:92:
0b:c4:a1:fb:28:c7:19:0a:05:4a:0f:da:5e:ce:48:
45:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:F4:3F:30:F3:29:5E:52:C3:FB:E2:BB:BE:C3:84:BD:03:96:2B:DD
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/dfQ_MPMpXlLD--K7vsOEvQOWK90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.136.0/21
31.14.102.0/24
37.10.113.0-37.10.114.255
77.81.191.0/24
81.19.208.0/20
86.106.112.0/24
86.106.157.0-86.106.158.255
89.34.96.0/22
89.35.28.0/22
89.37.64.0/22
89.37.172.0/22
89.38.68.0/23
89.40.212.0/24
89.46.222.0/23
109.69.104.0/21
109.70.144.0/21
109.230.203.0/24
109.230.209.0/24
109.230.215.0/24
109.230.218.0/24
109.230.220.0/24
134.255.243.0/24
178.239.160.0/20
185.3.236.0/22
185.16.204.0/22
185.38.148.0/22
185.44.76.0/22
185.114.224.0/24
185.121.136.0/22
185.125.204.0/22
185.134.20.0/22
185.158.240.0/22
185.216.144.0/22
185.223.232.0/22
188.212.154.0/24
188.240.56.0/21
188.240.71.0/24
188.241.120.0/24
188.241.144.0/24
188.241.156.0/23
193.32.208.0/22
193.176.28.0/22
195.20.108.0/23
195.140.212.0/22
195.206.165.0-195.206.167.255
195.206.169.0-195.206.171.255
195.206.180.0/22
195.234.124.0/23
195.234.127.0/24
213.166.84.0/22
217.146.80.0/20
IPv6:
2a00:1a30::/32
2a01:4020::/32
Signature Algorithm: sha256WithRSAEncryption
6a:c4:46:f5:aa:6e:24:49:a2:69:64:b1:fa:50:48:bd:94:37:
81:e1:c2:fd:3f:04:4e:00:e2:b1:15:5a:77:3d:73:27:6d:09:
2b:cd:b8:e5:23:67:e4:b5:eb:30:9d:3f:4c:86:37:61:67:bf:
84:89:d6:63:7f:0e:46:b6:3a:ab:45:79:70:78:8b:ba:0d:9b:
4e:2f:15:ae:ff:ae:ca:7a:a2:de:f2:35:30:04:a1:d4:4f:c2:
ba:0c:e2:a3:62:d5:27:a2:eb:67:e0:bc:d5:ef:7c:fa:ea:70:
2e:8d:33:24:78:e0:ae:36:31:2a:17:e9:a2:ea:37:5c:33:22:
bc:1d:63:80:00:ec:7b:cf:50:0e:42:86:10:ea:95:82:ae:45:
16:1a:e8:04:66:89:14:e6:df:0c:58:42:8f:40:0c:86:90:d7:
8e:30:94:bc:3f:2d:22:a8:8d:ad:10:67:d2:6d:90:91:ad:af:
05:06:a7:79:58:bb:62:d3:5c:a7:0a:92:67:63:21:1f:11:04:
f7:7a:3c:ec:e8:fd:7c:9b:9e:85:b4:20:6a:cb:1f:b1:01:89:
12:0c:38:1a:6e:61:96:5b:8a:3c:36:ce:df:d6:7f:94:26:49:
ce:72:cd:d3:79:39:4e:7c:c3:c4:bc:68:1f:f0:26:4d:4a:97:
6e:86:ab:62
-----BEGIN CERTIFICATE-----
MIIGWzCCBUOgAwIBAgIEG0/rNTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZDM3Y2M4ZjE2YjNjNmNiZDMzNDZhYTNlZDYxNzcxZjNlODNhYzk3MB4XDTIyMDMy
MTIzMzQ1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzVmNDNmMzBmMzI5
NWU1MmMzZmJlMmJiYmVjMzg0YmQwMzk2MmJkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6nR9WM6ziQqKGdZvmv/Of03qXQjg1QlXJhtDK7ZiNmeuLT
PltGdAco4FQjQvlihyQQ/U2/tzm9A17tel6mWxzOXCWyTsn2fkEUNz6LApcVdO5r
XaIo98ZGFn6+xayUkln9pr+DL5mrbS3w7VJrMZZLmR9XHc/xDAgF3v7PXj0fb2EY
EompYV6s0bCW4IGL16HCHlpUFGH3ko9EP5fkWgY1nk9Mu49lmkldV98gHGfEUfIr
/oEyzP1zN+R5LS6e+zLWsZl85PYs/4GwaR40D468RDXZUm+FqiEGCrNlU92o+F44
8/5M1F/DpbIXikCSC8Sh+yjHGQoFSg/aXs5IRdkCAwEAAaOCA3UwggNxMB0GA1Ud
DgQWBBR19D8w8yleUsP74ru+w4S9A5Yr3TAfBgNVHSMEGDAWgBT9N8yPFrPGy9M0
aqPtYXcfPoOslzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19UZk1qeGF6eHN2VE5HcWo3V0YzSHo2RHJKYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvMDVlMTdmLWQzMWYtNDMxZi1hOGJjLTdlMDVhYjQxYjZlNC8x
L2RmUV9NUE1wWGxMRC0tSzd2c09FdlFPV0s5MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
MDVlMTdmLWQzMWYtNDMxZi1hOGJjLTdlMDVhYjQxYjZlNC8xL19UZk1qeGF6eHN2
VE5HcWo3V0YzSHo2RHJKYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AYkGCCsGAQUFBwEHAQH/BIIBeDCCAXQwggFaBAIAATCCAVIDBAMF4ogDBAAfDmYw
DAMEACUKcQMEACUKcgMEAE1RvwMEBFET0AMEAFZqcDAMAwQAVmqdAwQAVmqeAwQC
WSJgAwQCWSMcAwQCWSVAAwQCWSWsAwQBWSZEAwQAWSjUAwQBWS7eAwQDbUVoAwQD
bUaQAwQAbebLAwQAbebRAwQAbebXAwQAbebaAwQAbebcAwQAhv/zAwQEsu+gAwQC
uQPsAwQCuRDMAwQCuSaUAwQCuSxMAwQAuXLgAwQCuXmIAwQCuX3MAwQCuYYUAwQC
uZ7wAwQCudiQAwQCud/oAwQAvNSaAwQDvPA4AwQAvPBHAwQAvPF4AwQAvPGQAwQB
vPGcAwQCwSDQAwQCwbAcAwQBwxRsAwQCw4zUMAwDBADDzqUDBAPDzqAwDAMEAMPO
qQMEAsPOqAMEAsPOtAMEAcPqfAMEAMPqfwMEAtWmVAMEBNmSUDAUBAIAAjAOAwUA
KgAaMAMFACoBQCAwDQYJKoZIhvcNAQELBQADggEBAGrERvWqbiRJomlksfpQSL2U
N4Hhwv0/BE4A4rEVWnc9cydtCSvNuOUjZ+S16zCdP0yGN2Fnv4SJ1mN/Dka2OqtF
eXB4i7oNm04vFa7/rsp6ot7yNTAEodRPwroM4qNi1Sei62fgvNXvfPrqcC6NMyR4
4K42MSoX6aLqN1wzIrwdY4AA7HvPUA5ChhDqlYKuRRYa6ARmiRTm3wxYQo9ADIaQ
144wlLw/LSKoja0QZ9JtkJGtrwUGp3lYu2LTXKcKkmdjIR8RBPd6POzo/XybnoW0
IGrLH7EBiRIMOBpuYZZbijw2zt/Wf5QmSc5yzdN5OU58w8S8aB/wJk1Kl26Gq2I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:00 2024 by rpki-client on console-fra.rpki-client.org