Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/dbXJep2-2HbF_wMTW7PA0CHfKvQ.roa
File: dbXJep2-2HbF_wMTW7PA0CHfKvQ.roa (raw, json)
Hash identifier: MEbXQdfjnB00YVBPmcpiVloyw9m37oicy1IP6M9sotQ=
Subject key identifier: 75:B5:C9:7A:9D:BE:D8:76:C5:FF:03:13:5B:B3:C0:D0:21:DF:2A:F4
Certificate issuer: /CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Certificate serial: 4AA74C
Authority key identifier: D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/dbXJep2-2HbF_wMTW7PA0CHfKvQ.roa
Signing time: Wed 20 Apr 2022 08:13:08 +0000
ROA not before: Wed 20 Apr 2022 08:13:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16371
IP address blocks: 109.70.32.0/21 maxlen: 21
109.70.32.0/24 maxlen: 24
109.70.32.0/22 maxlen: 22
109.70.36.0/22 maxlen: 22
45.6.48.0/22 maxlen: 23
93.90.28.0/22 maxlen: 22
93.90.28.0/23 maxlen: 23
93.90.30.0/23 maxlen: 23
87.238.88.0/21 maxlen: 22
85.187.56.0/23 maxlen: 23
85.187.56.0/22 maxlen: 22
85.187.58.0/23 maxlen: 23
86.109.124.0/22 maxlen: 22
86.109.124.0/23 maxlen: 23
213.149.232.0/21 maxlen: 21
86.109.126.0/23 maxlen: 23
213.149.240.0/21 maxlen: 21
213.149.240.0/20 maxlen: 20
213.149.248.0/21 maxlen: 21
213.149.248.0/24 maxlen: 24
93.90.16.0/20 maxlen: 20
93.90.16.0/21 maxlen: 21
93.90.24.0/21 maxlen: 21
194.116.184.0/24 maxlen: 24
194.116.184.0/23 maxlen: 23
194.116.185.0/24 maxlen: 24
185.2.68.0/22 maxlen: 22
185.2.68.0/24 maxlen: 24
185.2.69.0/24 maxlen: 24
185.2.70.0/23 maxlen: 23
176.28.112.0/20 maxlen: 20
176.28.126.0/24 maxlen: 24
176.28.126.0/23 maxlen: 23
176.28.127.0/24 maxlen: 24
86.109.97.0/24 maxlen: 24
86.109.96.0/19 maxlen: 19
86.109.96.0/20 maxlen: 20
213.149.224.0/20 maxlen: 20
213.149.224.0/21 maxlen: 21
86.109.112.0/20 maxlen: 20
77.240.112.0/20 maxlen: 20
77.240.112.0/21 maxlen: 21
77.240.120.0/21 maxlen: 21
77.240.124.0/24 maxlen: 24
77.240.124.0/23 maxlen: 23
77.240.125.0/24 maxlen: 24
77.240.126.0/24 maxlen: 24
79.139.120.0/22 maxlen: 22
79.139.124.0/22 maxlen: 22
79.139.120.0/21 maxlen: 21
176.28.96.0/19 maxlen: 19
176.28.96.0/20 maxlen: 20
176.28.97.0/24 maxlen: 24
176.28.103.0/24 maxlen: 24
89.37.224.0/23 maxlen: 23
89.37.224.0/24 maxlen: 24
89.37.225.0/24 maxlen: 24
185.78.24.0/22 maxlen: 23
2a02:3b8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4892492 (0x4aa74c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Validity
Not Before: Apr 20 08:13:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75b5c97a9dbed876c5ff03135bb3c0d021df2af4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:08:bc:63:16:90:bb:54:67:57:d7:4c:5b:0c:
af:af:80:7e:c3:2b:b7:68:9f:28:7d:82:68:7c:3f:
2b:e1:92:fe:58:18:df:40:b7:ab:bc:7f:15:f8:a3:
84:00:78:1f:2e:39:94:b8:27:20:e0:39:83:41:c6:
b1:47:d1:37:57:81:b8:41:e0:77:aa:7a:8f:4c:75:
4f:f2:74:ef:34:1f:4d:77:6e:e9:06:72:7c:0f:e8:
fb:ef:89:c1:30:27:25:66:75:ae:ca:80:71:a8:0c:
ae:ea:4a:4e:30:b7:ae:d0:84:54:9b:a0:2b:ec:cf:
56:41:00:d2:42:74:9b:23:25:41:15:2f:19:7a:5f:
69:5b:82:89:f4:69:79:97:4c:47:25:9f:91:3b:64:
10:da:f2:e6:06:d8:cc:03:37:40:7c:15:27:40:0e:
70:6a:d2:b1:75:89:46:aa:e9:01:84:cd:c8:ab:ec:
31:eb:3d:52:4c:73:ae:a6:2d:86:69:86:b4:30:a0:
00:e8:f1:d5:60:3e:4c:b5:0f:10:d6:44:e6:27:91:
ec:ec:e4:7b:8a:b9:8a:b4:4b:2f:59:50:17:cf:67:
e2:b7:d8:f9:14:ce:06:5d:74:63:bf:aa:3d:17:53:
f5:95:a9:49:b4:aa:50:26:db:39:1e:8c:73:9e:72:
3f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B5:C9:7A:9D:BE:D8:76:C5:FF:03:13:5B:B3:C0:D0:21:DF:2A:F4
X509v3 Authority Key Identifier:
keyid:D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/dbXJep2-2HbF_wMTW7PA0CHfKvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/2P9x8rGo1ir0Rqkror3qM_m2ndw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.6.48.0/22
77.240.112.0/20
79.139.120.0/21
85.187.56.0/22
86.109.96.0/19
87.238.88.0/21
89.37.224.0/23
93.90.16.0/20
109.70.32.0/21
176.28.96.0/19
185.2.68.0/22
185.78.24.0/22
194.116.184.0/23
213.149.224.0/19
IPv6:
2a02:3b8::/32
Signature Algorithm: sha256WithRSAEncryption
44:fc:b0:5b:e0:64:fc:41:e3:01:89:49:d2:bc:8b:16:ed:3f:
11:cc:68:1c:65:fb:34:51:36:82:eb:b5:08:45:e9:5d:c7:2e:
0a:de:76:eb:04:ef:14:b8:6d:ae:5e:d1:d0:c9:bb:d9:90:20:
09:61:d5:1d:e9:5f:89:81:50:c7:c3:1c:e2:c5:88:08:6a:d8:
cc:a4:03:f7:d7:e9:2f:c9:42:55:1c:2e:32:00:05:d9:b5:ec:
c2:89:54:16:00:0c:b1:99:3a:04:92:aa:76:a1:59:85:bf:21:
3e:20:f9:43:a6:6e:4d:53:03:da:45:d9:2f:da:d6:5f:9d:d0:
a1:6f:1b:33:21:06:dc:74:84:64:ad:d6:3b:fe:d7:93:af:05:
2b:8e:26:38:08:6f:c9:a0:31:2a:b6:d0:e6:62:de:d2:66:5e:
89:e6:2f:32:a3:14:49:e0:c3:54:5b:75:b7:4a:ee:be:23:00:
5e:28:56:21:b0:ce:14:a2:92:88:0d:a2:79:3f:fc:bd:e4:3a:
e9:92:c9:b2:02:89:a0:8f:55:97:5d:8e:df:bc:57:7d:91:2d:
5b:bc:59:a8:7d:77:dd:74:be:b5:65:80:0b:54:fa:2f:04:54:
1d:05:f9:79:3d:be:35:af:0b:24:52:1e:78:a7:55:c2:39:3c:
6c:25:6e:0b
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIDSqdMMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ4
ZmY3MWYyYjFhOGQ2MmFmNDQ2YTkyYmEyYmRlYTMzZjliNjlkZGMwHhcNMjIwNDIw
MDgxMzA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3NWI1Yzk3YTlkYmVk
ODc2YzVmZjAzMTM1YmIzYzBkMDIxZGYyYWY0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApgi8YxaQu1RnV9dMWwyvr4B+wyu3aJ8ofYJofD8r4ZL+WBjf
QLervH8V+KOEAHgfLjmUuCcg4DmDQcaxR9E3V4G4QeB3qnqPTHVP8nTvNB9Nd27p
BnJ8D+j774nBMCclZnWuyoBxqAyu6kpOMLeu0IRUm6Ar7M9WQQDSQnSbIyVBFS8Z
el9pW4KJ9Gl5l0xHJZ+RO2QQ2vLmBtjMAzdAfBUnQA5watKxdYlGqukBhM3Iq+wx
6z1STHOupi2GaYa0MKAA6PHVYD5MtQ8Q1kTmJ5Hs7OR7irmKtEsvWVAXz2fit9j5
FM4GXXRjv6o9F1P1lalJtKpQJts5HoxznnI/kwIDAQABo4ICZjCCAmIwHQYDVR0O
BBYEFHW1yXqdvth2xf8DE1uzwNAh3yr0MB8GA1UdIwQYMBaAFNj/cfKxqNYq9Eap
K6K96jP5tp3cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MlA5eDhyR28xaXIwUnFrcm9yM3FNX20ybmR3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mZi9lYTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNhLzEv
ZGJYSmVwMi0ySGJGX3dNVFc3UEEwQ0hmS3ZRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9l
YTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNhLzEvMlA5eDhyR28xaXIw
UnFrcm9yM3FNX20ybmR3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMHwG
CCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQCLQYwAwQETfBwAwQDT4t4AwQCVbs4
AwQFVm1gAwQDV+5YAwQBWSXgAwQEXVoQAwQDbUYgAwQFsBxgAwQCuQJEAwQCuU4Y
AwQBwnS4AwQF1ZXgMA0EAgACMAcDBQAqAgO4MA0GCSqGSIb3DQEBCwUAA4IBAQBE
/LBb4GT8QeMBiUnSvIsW7T8RzGgcZfs0UTaC67UIReldxy4K3nbrBO8UuG2uXtHQ
ybvZkCAJYdUd6V+JgVDHwxzixYgIatjMpAP31+kvyUJVHC4yAAXZtezCiVQWAAyx
mToEkqp2oVmFvyE+IPlDpm5NUwPaRdkv2tZfndChbxszIQbcdIRkrdY7/teTrwUr
jiY4CG/JoDEqttDmYt7SZl6J5i8yoxRJ4MNUW3W3Su6+IwBeKFYhsM4UopKIDaJ5
P/y95DrpksmyAomgj1WXXY7fvFd9kS1bvFmofXfddL61ZYALVPovBFQdBfl5Pb41
rwskUh54p1XCOTxsJW4L
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:54 2024 by rpki-client on console-ams.rpki-client.org