Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/buzDIMHmroQK3MYDFZbw2Fili2M.roa
File: buzDIMHmroQK3MYDFZbw2Fili2M.roa (raw, json)
Hash identifier: 5nup65EEexOdgTYz0TIJNqFS5GWaM7cfH5BHZtuczes=
Subject key identifier: 6E:EC:C3:20:C1:E6:AE:84:0A:DC:C6:03:15:96:F0:D8:58:A5:8B:63
Certificate issuer: /CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Certificate serial: 4D6521
Authority key identifier: D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/buzDIMHmroQK3MYDFZbw2Fili2M.roa
Signing time: Thu 21 Apr 2022 07:57:02 +0000
ROA not before: Thu 21 Apr 2022 07:57:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16371
IP address blocks: 109.70.32.0/21 maxlen: 21
109.70.32.0/24 maxlen: 24
109.70.32.0/22 maxlen: 22
109.70.36.0/22 maxlen: 22
45.6.48.0/22 maxlen: 23
93.90.28.0/22 maxlen: 22
93.90.28.0/23 maxlen: 23
93.90.30.0/23 maxlen: 23
87.238.88.0/21 maxlen: 22
85.187.56.0/23 maxlen: 23
85.187.56.0/22 maxlen: 22
85.187.58.0/23 maxlen: 23
86.109.124.0/22 maxlen: 22
86.109.124.0/23 maxlen: 23
213.149.232.0/21 maxlen: 21
86.109.126.0/23 maxlen: 23
213.149.240.0/20 maxlen: 20
213.149.240.0/21 maxlen: 21
213.149.248.0/21 maxlen: 21
213.149.248.0/24 maxlen: 24
82.194.80.0/20 maxlen: 20
93.90.16.0/21 maxlen: 21
93.90.16.0/20 maxlen: 20
93.90.24.0/21 maxlen: 21
194.116.184.0/24 maxlen: 24
194.116.184.0/23 maxlen: 23
194.116.185.0/24 maxlen: 24
82.194.64.0/24 maxlen: 24
82.194.64.0/19 maxlen: 19
82.194.64.0/20 maxlen: 20
185.2.68.0/22 maxlen: 22
185.2.68.0/24 maxlen: 24
185.2.69.0/24 maxlen: 24
185.2.70.0/23 maxlen: 23
89.17.192.0/20 maxlen: 20
89.17.192.0/21 maxlen: 21
89.17.200.0/21 maxlen: 21
89.17.208.0/20 maxlen: 20
89.17.208.0/21 maxlen: 21
89.17.216.0/21 maxlen: 21
176.28.112.0/20 maxlen: 20
176.28.126.0/24 maxlen: 24
176.28.126.0/23 maxlen: 23
176.28.127.0/24 maxlen: 24
86.109.97.0/24 maxlen: 24
86.109.96.0/19 maxlen: 19
86.109.96.0/20 maxlen: 20
213.149.224.0/20 maxlen: 20
213.149.224.0/21 maxlen: 21
86.109.112.0/20 maxlen: 20
77.240.112.0/20 maxlen: 20
77.240.112.0/21 maxlen: 21
77.240.120.0/21 maxlen: 21
77.240.124.0/24 maxlen: 24
77.240.124.0/23 maxlen: 23
77.240.125.0/24 maxlen: 24
77.240.126.0/24 maxlen: 24
79.139.120.0/22 maxlen: 22
79.139.124.0/22 maxlen: 22
79.139.120.0/21 maxlen: 21
176.28.96.0/19 maxlen: 19
176.28.96.0/20 maxlen: 20
176.28.97.0/24 maxlen: 24
176.28.103.0/24 maxlen: 24
89.37.224.0/23 maxlen: 23
89.37.224.0/24 maxlen: 24
89.37.225.0/24 maxlen: 24
185.78.24.0/22 maxlen: 23
2a02:3b8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5072161 (0x4d6521)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Validity
Not Before: Apr 21 07:57:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6eecc320c1e6ae840adcc6031596f0d858a58b63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6a:b1:ef:47:85:c4:84:32:f9:b5:4a:b8:d0:
10:30:8d:e5:3c:da:53:22:18:00:2d:27:57:19:ca:
c2:90:e3:6e:c4:a0:6d:21:88:49:0c:eb:ff:5d:d3:
f3:37:67:9e:77:f1:87:c6:06:f7:13:f4:3a:7c:1f:
76:45:9c:00:8d:df:e1:ed:e9:08:4f:f6:ea:19:14:
ce:c7:26:ec:0b:11:1a:91:53:13:ba:30:a0:9e:59:
d7:a0:ed:b3:26:18:c2:eb:91:5a:dc:ee:65:ec:91:
9a:2c:34:08:b0:ba:73:8f:0b:37:ce:c2:c6:2e:f4:
b1:05:75:3f:ac:7c:f7:41:7f:60:84:9e:bb:ff:25:
a7:20:e7:2a:3f:63:ea:f6:72:d4:b9:6d:84:6b:c3:
23:e0:06:f7:d7:db:62:d8:18:37:8b:ce:a4:de:c8:
ab:b6:aa:3f:c7:c8:39:89:c2:f0:a6:d7:f0:33:ff:
f7:43:23:ee:db:29:ce:81:60:07:4d:2e:4a:20:25:
f4:03:1c:f1:50:a3:c5:aa:c9:a2:88:5f:91:4f:8b:
b9:7d:66:16:c7:a2:91:25:1d:d0:f8:7d:e7:e8:97:
4b:71:67:90:51:3d:16:66:e1:85:a6:6f:ff:f3:14:
2d:75:13:83:67:dd:9b:26:85:b3:a5:ee:d3:3c:cc:
ee:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:EC:C3:20:C1:E6:AE:84:0A:DC:C6:03:15:96:F0:D8:58:A5:8B:63
X509v3 Authority Key Identifier:
keyid:D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/buzDIMHmroQK3MYDFZbw2Fili2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/2P9x8rGo1ir0Rqkror3qM_m2ndw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.6.48.0/22
77.240.112.0/20
79.139.120.0/21
82.194.64.0/19
85.187.56.0/22
86.109.96.0/19
87.238.88.0/21
89.17.192.0/19
89.37.224.0/23
93.90.16.0/20
109.70.32.0/21
176.28.96.0/19
185.2.68.0/22
185.78.24.0/22
194.116.184.0/23
213.149.224.0/19
IPv6:
2a02:3b8::/32
Signature Algorithm: sha256WithRSAEncryption
3e:de:91:63:a2:f1:1b:d9:98:9a:f8:32:69:81:b9:6e:e6:48:
a6:d2:2e:1d:ad:6b:cd:05:7a:bc:f5:87:88:01:c9:ad:81:28:
4b:59:a8:17:f3:1f:04:85:af:fc:e4:48:94:01:47:0a:f0:b7:
52:6d:59:de:cf:4e:09:10:09:32:46:17:a4:f8:27:85:f4:29:
32:5b:a0:3e:69:0b:15:69:11:60:4b:cc:67:be:69:d0:f0:26:
54:28:b5:01:fc:3e:dc:32:1b:90:16:54:49:e0:91:a7:42:1e:
a0:83:c3:2b:78:8e:ee:a3:a2:8a:91:e8:25:58:6d:46:22:d4:
aa:f1:7a:63:5f:84:40:28:20:fb:75:73:6c:06:fa:e1:82:50:
b3:d0:72:e3:0e:3a:52:59:91:a0:47:8b:99:1a:fc:5a:7a:5f:
68:35:2a:ea:93:10:5f:c7:7a:5d:bb:49:3c:dc:81:e1:c4:f0:
cb:69:c7:b2:93:f4:90:44:39:7f:3e:be:25:8c:1e:84:51:6e:
d6:0c:68:09:ff:29:00:66:42:d2:b0:3f:75:24:4c:d2:70:fa:
18:4d:f8:64:40:23:21:c9:67:b2:75:6f:59:3a:5d:35:de:d6:
f2:b9:68:19:66:e5:31:f3:c7:29:9f:04:c0:f7:05:fd:1c:e7:
ab:75:43:d1
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIDTWUhMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ4
ZmY3MWYyYjFhOGQ2MmFmNDQ2YTkyYmEyYmRlYTMzZjliNjlkZGMwHhcNMjIwNDIx
MDc1NzAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2ZWVjYzMyMGMxZTZh
ZTg0MGFkY2M2MDMxNTk2ZjBkODU4YTU4YjYzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAymqx70eFxIQy+bVKuNAQMI3lPNpTIhgALSdXGcrCkONuxKBt
IYhJDOv/XdPzN2eed/GHxgb3E/Q6fB92RZwAjd/h7ekIT/bqGRTOxybsCxEakVMT
ujCgnlnXoO2zJhjC65Fa3O5l7JGaLDQIsLpzjws3zsLGLvSxBXU/rHz3QX9ghJ67
/yWnIOcqP2Pq9nLUuW2Ea8Mj4Ab319ti2Bg3i86k3sirtqo/x8g5icLwptfwM//3
QyPu2ynOgWAHTS5KICX0AxzxUKPFqsmiiF+RT4u5fWYWx6KRJR3Q+H3n6JdLcWeQ
UT0WZuGFpm//8xQtdRODZ92bJoWzpe7TPMzutQIDAQABo4ICczCCAm8wHQYDVR0O
BBYEFG7swyDB5q6ECtzGAxWW8NhYpYtjMB8GA1UdIwQYMBaAFNj/cfKxqNYq9Eap
K6K96jP5tp3cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MlA5eDhyR28xaXIwUnFrcm9yM3FNX20ybmR3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mZi9lYTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNhLzEv
YnV6RElNSG1yb1FLM01ZREZaYncyRmlsaTJNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9l
YTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNhLzEvMlA5eDhyR28xaXIw
UnFrcm9yM3FNX20ybmR3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGI
BggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAi0GMAMEBE3wcAMEA0+LeAMEBVLC
QAMEAlW7OAMEBVZtYAMEA1fuWAMEBVkRwAMEAVkl4AMEBF1aEAMEA21GIAMEBbAc
YAMEArkCRAMEArlOGAMEAcJ0uAMEBdWV4DANBAIAAjAHAwUAKgIDuDANBgkqhkiG
9w0BAQsFAAOCAQEAPt6RY6LxG9mYmvgyaYG5buZIptIuHa1rzQV6vPWHiAHJrYEo
S1moF/MfBIWv/ORIlAFHCvC3Um1Z3s9OCRAJMkYXpPgnhfQpMlugPmkLFWkRYEvM
Z75p0PAmVCi1Afw+3DIbkBZUSeCRp0IeoIPDK3iO7qOiipHoJVhtRiLUqvF6Y1+E
QCgg+3VzbAb64YJQs9By4w46UlmRoEeLmRr8WnpfaDUq6pMQX8d6XbtJPNyB4cTw
y2nHspP0kEQ5fz6+JYwehFFu1gxoCf8pAGZC0rA/dSRM0nD6GE34ZEAjIclnsnVv
WTpdNd7W8rloGWblMfPHKZ8EwPcF/Rznq3VD0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:54 2024 by rpki-client on console-ams.rpki-client.org