Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/HWptE8qqsrs54ESIeemzudlCMQw.roa
File: HWptE8qqsrs54ESIeemzudlCMQw.roa (raw, json)
Hash identifier: p/q2sUnSyyQuvlxn6JaRYO6ofCzfYfUKte0JNEZeV2Q=
Subject key identifier: 1D:6A:6D:13:CA:AA:B2:BB:39:E0:44:88:79:E9:B3:B9:D9:42:31:0C
Certificate issuer: /CN=71949b47df313cbab9452da98fcc637608a909bd
Certificate serial: 1D69CB95
Authority key identifier: 71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/HWptE8qqsrs54ESIeemzudlCMQw.roa
Signing time: Wed 06 Apr 2022 13:26:11 +0000
ROA not before: Wed 06 Apr 2022 13:26:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13097
IP address blocks: 185.178.14.0/24 maxlen: 24
185.178.15.0/24 maxlen: 24
185.178.13.0/24 maxlen: 24
185.178.12.0/24 maxlen: 24
185.178.12.0/22 maxlen: 22
159.255.156.0/24 maxlen: 24
80.70.116.0/24 maxlen: 24
80.70.117.0/24 maxlen: 24
80.70.118.0/24 maxlen: 24
80.70.116.0/22 maxlen: 22
80.70.119.0/24 maxlen: 24
84.234.100.0/22 maxlen: 22
84.234.103.0/24 maxlen: 24
84.234.101.0/24 maxlen: 24
84.234.102.0/24 maxlen: 24
84.234.100.0/24 maxlen: 24
82.163.32.0/22 maxlen: 22
82.163.35.0/24 maxlen: 24
82.163.33.0/24 maxlen: 24
82.163.34.0/24 maxlen: 24
82.163.32.0/24 maxlen: 24
213.178.192.0/20 maxlen: 20
213.178.192.0/24 maxlen: 24
213.178.199.0/24 maxlen: 24
213.178.197.0/24 maxlen: 24
213.178.198.0/24 maxlen: 24
213.178.195.0/24 maxlen: 24
213.178.196.0/24 maxlen: 24
213.178.194.0/24 maxlen: 24
213.178.193.0/24 maxlen: 24
46.229.84.0/24 maxlen: 24
46.229.85.0/24 maxlen: 24
213.178.202.0/24 maxlen: 24
213.178.203.0/24 maxlen: 24
46.229.83.0/24 maxlen: 24
46.229.81.0/24 maxlen: 24
46.229.82.0/24 maxlen: 24
46.229.80.0/20 maxlen: 20
213.178.201.0/24 maxlen: 24
213.178.205.0/24 maxlen: 24
213.178.206.0/24 maxlen: 24
213.178.204.0/24 maxlen: 24
213.178.200.0/24 maxlen: 24
46.229.80.0/24 maxlen: 24
46.229.91.0/24 maxlen: 24
46.229.90.0/24 maxlen: 24
46.229.88.0/24 maxlen: 24
46.229.89.0/24 maxlen: 24
46.229.86.0/24 maxlen: 24
46.229.87.0/24 maxlen: 24
213.178.207.0/24 maxlen: 24
46.229.95.0/24 maxlen: 24
46.229.93.0/24 maxlen: 24
46.229.94.0/24 maxlen: 24
46.229.92.0/24 maxlen: 24
185.138.37.0/24 maxlen: 24
185.138.38.0/24 maxlen: 24
185.138.36.0/24 maxlen: 24
185.138.36.0/23 maxlen: 23
185.138.36.0/22 maxlen: 22
185.138.39.0/24 maxlen: 24
185.138.38.0/23 maxlen: 23
89.189.32.0/20 maxlen: 20
89.189.38.0/24 maxlen: 24
89.189.36.0/24 maxlen: 24
89.189.37.0/24 maxlen: 24
89.189.34.0/24 maxlen: 24
89.189.35.0/24 maxlen: 24
89.189.32.0/24 maxlen: 24
89.189.33.0/24 maxlen: 24
89.189.44.0/24 maxlen: 24
89.189.43.0/24 maxlen: 24
89.189.41.0/24 maxlen: 24
89.189.42.0/24 maxlen: 24
89.189.39.0/24 maxlen: 24
89.189.40.0/24 maxlen: 24
89.189.46.0/24 maxlen: 24
89.189.47.0/24 maxlen: 24
89.189.45.0/24 maxlen: 24
89.189.56.0/21 maxlen: 21
89.189.56.0/24 maxlen: 24
89.189.58.0/24 maxlen: 24
89.189.57.0/24 maxlen: 24
89.189.62.0/24 maxlen: 24
89.189.63.0/24 maxlen: 24
89.189.60.0/24 maxlen: 24
89.189.61.0/24 maxlen: 24
89.189.59.0/24 maxlen: 24
2a01:7540::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 493472661 (0x1d69cb95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71949b47df313cbab9452da98fcc637608a909bd
Validity
Not Before: Apr 6 13:26:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d6a6d13caaab2bb39e0448879e9b3b9d942310c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c0:5b:4e:27:42:df:4a:55:ef:c5:e8:5c:2e:
78:d3:92:f7:c1:6a:2f:00:d6:fc:41:b5:88:2b:22:
ec:55:ed:72:ff:92:e8:b3:64:66:30:44:09:7e:d7:
2d:92:6a:2c:1d:98:7a:0d:18:99:b9:c8:94:81:97:
20:06:53:78:c9:ad:8f:dd:c5:46:96:48:86:da:a5:
4f:51:e4:6d:9f:1f:7e:36:39:e1:d7:43:9d:7d:93:
3b:13:bb:14:ed:04:fb:73:c8:b5:da:7e:2f:69:be:
a0:c7:6c:71:1b:cd:a4:53:6f:e1:66:1a:b3:39:36:
f2:54:46:98:4f:28:94:52:0b:db:db:96:b9:f0:39:
80:ba:79:70:0f:8c:c8:06:0a:78:3f:61:e8:63:45:
22:a6:0f:6d:8e:92:24:89:0d:e7:dd:a9:fb:6c:ba:
ca:25:d8:ae:77:a8:e3:3c:73:7a:ee:e9:dc:0d:66:
a9:91:1d:9e:59:64:cf:f9:d2:40:b0:3d:83:54:34:
9a:51:e4:4b:88:d2:9e:07:ea:29:7b:b2:45:3b:1a:
bc:70:37:33:08:3f:fa:06:78:a7:76:fa:35:60:a4:
77:c8:a0:9a:e5:1f:f8:cd:04:34:ac:1e:8c:e6:da:
8b:40:38:43:95:a0:f6:ee:a5:6a:7f:66:d8:bd:fd:
70:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:6A:6D:13:CA:AA:B2:BB:39:E0:44:88:79:E9:B3:B9:D9:42:31:0C
X509v3 Authority Key Identifier:
keyid:71:94:9B:47:DF:31:3C:BA:B9:45:2D:A9:8F:CC:63:76:08:A9:09:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZSbR98xPLq5RS2pj8xjdgipCb0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/HWptE8qqsrs54ESIeemzudlCMQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b33a78-a51e-46e4-8648-0066f541faea/1/cZSbR98xPLq5RS2pj8xjdgipCb0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.80.0/20
80.70.116.0/22
82.163.32.0/22
84.234.100.0/22
89.189.32.0/20
89.189.56.0/21
159.255.156.0/24
185.138.36.0/22
185.178.12.0/22
213.178.192.0/20
IPv6:
2a01:7540::/32
Signature Algorithm: sha256WithRSAEncryption
1c:8d:77:57:d8:98:f2:b2:f8:97:e6:6d:64:cd:be:1e:96:9f:
2a:4f:93:58:dd:5e:ab:c9:c0:c6:b0:7f:0d:41:10:e4:97:b2:
f2:e1:4e:32:7b:c0:5e:07:ef:99:e1:9a:3e:8e:04:1e:12:2d:
6b:d1:c1:74:04:8a:78:d8:95:66:9a:3b:a8:18:d5:b0:ae:45:
3b:f0:4f:f8:c4:69:be:b2:a9:92:0d:8c:7c:ed:51:0e:0a:3d:
42:a5:83:1f:b8:ff:3e:88:9c:26:e9:f4:5f:5f:37:0f:aa:01:
2b:5a:a2:4f:d0:bf:cb:fb:52:d7:03:a2:cf:71:09:04:4f:55:
0c:64:c3:fc:5a:8b:5c:fe:fd:49:1b:45:64:75:42:97:e0:1e:
e1:de:9c:3f:5b:d7:a7:31:53:2a:67:a1:bc:e4:60:83:06:c6:
75:57:2b:08:7b:0c:0a:88:11:8c:2f:90:16:54:1f:f1:f6:2e:
ad:91:42:dc:bf:4c:93:95:bc:62:e5:12:69:bd:04:b1:f6:34:
fa:72:1a:ac:80:ee:84:91:e3:53:aa:c9:64:1a:fa:7d:19:39:
e0:60:f9:6e:f0:1a:b0:00:8e:dd:19:40:d7:2a:82:56:f6:66:
9e:fe:d4:53:79:7e:d2:e6:7a:94:20:46:d0:19:8b:ba:d3:02:
76:37:0a:52
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIEHWnLlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MTk0OWI0N2RmMzEzY2JhYjk0NTJkYTk4ZmNjNjM3NjA4YTkwOWJkMB4XDTIyMDQw
NjEzMjYxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQ2YTZkMTNjYWFh
YjJiYjM5ZTA0NDg4NzllOWIzYjlkOTQyMzEwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7AW04nQt9KVe/F6FwueNOS98FqLwDW/EG1iCsi7FXtcv+S
6LNkZjBECX7XLZJqLB2Yeg0YmbnIlIGXIAZTeMmtj93FRpZIhtqlT1HkbZ8ffjY5
4ddDnX2TOxO7FO0E+3PItdp+L2m+oMdscRvNpFNv4WYaszk28lRGmE8olFIL29uW
ufA5gLp5cA+MyAYKeD9h6GNFIqYPbY6SJIkN592p+2y6yiXYrneo4zxzeu7p3A1m
qZEdnllkz/nSQLA9g1Q0mlHkS4jSngfqKXuyRTsavHA3Mwg/+gZ4p3b6NWCkd8ig
muUf+M0ENKwejObai0A4Q5Wg9u6lan9m2L39cGECAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBQdam0TyqqyuzngRIh56bO52UIxDDAfBgNVHSMEGDAWgBRxlJtH3zE8urlF
LamPzGN2CKkJvTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NaU2JSOTh4UExxNVJTMnBqOHhqZGdpcENiMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvYjMzYTc4LWE1MWUtNDZlNC04NjQ4LTAwNjZmNTQxZmFlYS8x
L0hXcHRFOHFxc3JzNTRFU0llZW16dWRsQ01Rdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
YjMzYTc4LWE1MWUtNDZlNC04NjQ4LTAwNjZmNTQxZmFlYS8xL2NaU2JSOTh4UExx
NVJTMnBqOHhqZGdpcENiMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwQgQCAAEwPAMEBC7lUAMEAlBGdAMEAlKjIAMEAlTq
ZAMEBFm9IAMEA1m9OAMEAJ//nAMEArmKJAMEArmyDAMEBNWywDANBAIAAjAHAwUA
KgF1QDANBgkqhkiG9w0BAQsFAAOCAQEAHI13V9iY8rL4l+ZtZM2+HpafKk+TWN1e
q8nAxrB/DUEQ5Jey8uFOMnvAXgfvmeGaPo4EHhIta9HBdASKeNiVZpo7qBjVsK5F
O/BP+MRpvrKpkg2MfO1RDgo9QqWDH7j/PoicJun0X183D6oBK1qiT9C/y/tS1wOi
z3EJBE9VDGTD/FqLXP79SRtFZHVCl+Ae4d6cP1vXpzFTKmehvORggwbGdVcrCHsM
CogRjC+QFlQf8fYurZFC3L9Mk5W8YuUSab0EsfY0+nIarIDuhJHjU6rJZBr6fRk5
4GD5bvAasACO3RlA1yqCVvZmnv7UU3l+0uZ6lCBG0BmLutMCdjcKUg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:02 2023 by rpki-client on console-fra.rpki-client.org