Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/fXAxXzyI3yCGCiEk-1pdNxXBEHg.roa
File: fXAxXzyI3yCGCiEk-1pdNxXBEHg.roa (raw, json)
Hash identifier: l7bOqbQ9e01sFeStKTkoC4q3J8T11Ju0kwuOwx9GKG8=
Subject key identifier: 7D:70:31:5F:3C:88:DF:20:86:0A:21:24:FB:5A:5D:37:15:C1:10:78
Certificate issuer: /CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Certificate serial: 56ED5B
Authority key identifier: D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/fXAxXzyI3yCGCiEk-1pdNxXBEHg.roa
Signing time: Mon 25 Apr 2022 07:04:55 +0000
ROA not before: Mon 25 Apr 2022 07:04:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16371
IP address blocks: 109.70.32.0/21 maxlen: 21
109.70.32.0/24 maxlen: 24
109.70.32.0/22 maxlen: 22
109.70.36.0/22 maxlen: 22
45.6.48.0/22 maxlen: 23
93.90.28.0/22 maxlen: 22
93.90.28.0/23 maxlen: 23
93.90.30.0/23 maxlen: 23
87.238.88.0/21 maxlen: 22
85.187.56.0/23 maxlen: 23
85.187.56.0/22 maxlen: 22
85.187.58.0/23 maxlen: 23
86.109.124.0/22 maxlen: 22
86.109.124.0/23 maxlen: 23
213.149.232.0/21 maxlen: 21
86.109.126.0/23 maxlen: 23
213.149.240.0/21 maxlen: 21
213.149.240.0/20 maxlen: 20
213.149.248.0/21 maxlen: 21
213.149.248.0/24 maxlen: 24
82.194.80.0/20 maxlen: 20
93.90.16.0/20 maxlen: 20
93.90.16.0/21 maxlen: 21
93.90.24.0/21 maxlen: 21
194.116.184.0/24 maxlen: 24
194.116.184.0/23 maxlen: 23
194.116.185.0/24 maxlen: 24
82.194.64.0/24 maxlen: 24
82.194.64.0/19 maxlen: 19
82.194.64.0/20 maxlen: 20
185.2.68.0/22 maxlen: 22
185.2.68.0/24 maxlen: 24
185.2.69.0/24 maxlen: 24
185.2.70.0/23 maxlen: 23
89.17.192.0/20 maxlen: 20
89.17.192.0/21 maxlen: 21
89.17.200.0/21 maxlen: 21
89.17.208.0/20 maxlen: 20
89.17.208.0/21 maxlen: 21
89.17.216.0/21 maxlen: 21
217.116.0.0/24 maxlen: 24
217.116.2.0/24 maxlen: 24
217.116.0.0/21 maxlen: 21
217.116.0.0/20 maxlen: 20
217.116.8.0/21 maxlen: 21
176.28.112.0/20 maxlen: 20
217.116.16.0/21 maxlen: 21
217.116.16.0/20 maxlen: 20
217.116.15.0/24 maxlen: 24
217.116.24.0/21 maxlen: 21
217.116.18.0/24 maxlen: 24
176.28.126.0/24 maxlen: 24
176.28.126.0/23 maxlen: 23
176.28.127.0/24 maxlen: 24
217.116.28.0/24 maxlen: 24
86.109.97.0/24 maxlen: 24
86.109.96.0/19 maxlen: 19
86.109.96.0/20 maxlen: 20
217.116.27.0/24 maxlen: 24
213.149.224.0/20 maxlen: 20
213.149.224.0/21 maxlen: 21
86.109.112.0/20 maxlen: 20
77.240.112.0/20 maxlen: 20
77.240.112.0/21 maxlen: 21
77.240.120.0/21 maxlen: 21
77.240.124.0/24 maxlen: 24
77.240.124.0/23 maxlen: 23
77.240.125.0/24 maxlen: 24
77.240.126.0/24 maxlen: 24
79.139.120.0/22 maxlen: 22
79.139.124.0/22 maxlen: 22
79.139.120.0/21 maxlen: 21
176.28.96.0/19 maxlen: 19
176.28.96.0/20 maxlen: 20
176.28.97.0/24 maxlen: 24
176.28.103.0/24 maxlen: 24
89.37.224.0/23 maxlen: 23
89.37.224.0/24 maxlen: 24
89.37.225.0/24 maxlen: 24
185.78.24.0/22 maxlen: 23
2a02:3b8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5696859 (0x56ed5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Validity
Not Before: Apr 25 07:04:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d70315f3c88df20860a2124fb5a5d3715c11078
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b1:5c:8e:86:72:8e:78:70:06:6d:f9:96:39:
ee:cb:97:63:95:7d:7f:19:89:bc:b4:e1:1c:ca:2b:
80:d2:43:33:35:a4:f7:15:8c:3a:22:7a:b0:76:6f:
b9:04:5e:f5:8e:5d:eb:47:5d:5a:b0:6c:36:51:ff:
9b:6c:84:b4:c8:8d:cb:14:ef:5f:d9:ba:7d:c6:f6:
d8:0b:a3:c4:05:bf:3b:55:c0:60:33:7c:fd:a2:5e:
f7:37:8a:56:af:14:c8:fa:d1:5d:66:9f:d4:81:07:
7e:96:86:fe:ee:ea:da:5b:fe:0a:f8:06:09:7d:e4:
c7:a6:69:a3:6a:50:3d:ae:00:eb:c3:9e:4a:f9:d2:
fe:2c:23:78:02:a5:43:f8:18:11:4d:ee:2f:1d:63:
8f:b8:93:4d:3f:eb:e1:ca:67:43:96:ce:23:b8:58:
a7:08:22:f7:40:a9:fb:29:c9:de:2d:0a:66:8e:80:
b9:90:81:3a:86:9b:7b:7a:8f:b0:1f:61:bb:f6:82:
f4:50:34:be:d8:78:eb:bd:ce:9b:3c:ac:9e:fa:de:
a5:31:30:d4:8e:8f:af:4e:87:0d:26:88:ab:40:4d:
aa:d9:24:5b:be:3b:74:d5:d6:ab:84:e6:b5:08:a3:
f7:8b:09:ed:cc:8e:73:09:e5:d0:fb:b7:c4:a1:f2:
30:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:70:31:5F:3C:88:DF:20:86:0A:21:24:FB:5A:5D:37:15:C1:10:78
X509v3 Authority Key Identifier:
keyid:D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/fXAxXzyI3yCGCiEk-1pdNxXBEHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/2P9x8rGo1ir0Rqkror3qM_m2ndw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.6.48.0/22
77.240.112.0/20
79.139.120.0/21
82.194.64.0/19
85.187.56.0/22
86.109.96.0/19
87.238.88.0/21
89.17.192.0/19
89.37.224.0/23
93.90.16.0/20
109.70.32.0/21
176.28.96.0/19
185.2.68.0/22
185.78.24.0/22
194.116.184.0/23
213.149.224.0/19
217.116.0.0/19
IPv6:
2a02:3b8::/32
Signature Algorithm: sha256WithRSAEncryption
a3:25:18:d2:85:51:92:0a:a6:69:c6:71:64:a4:31:64:2c:60:
53:b0:1c:3c:b3:7f:6c:27:f9:40:d3:5e:d4:86:cf:39:2a:49:
d0:a0:fa:60:64:ed:45:ba:45:89:83:73:2e:03:06:9c:a9:04:
a6:79:9c:52:27:90:d1:16:26:fb:7e:a6:02:18:cb:77:a2:b3:
ba:2a:22:b3:7e:cb:d7:a5:09:ca:55:0f:ab:f8:77:b3:a9:30:
2e:54:22:f7:48:89:ff:4a:53:a9:b6:5c:22:6d:34:d8:97:07:
9f:51:e9:eb:32:57:84:8a:ff:fd:1c:d5:9e:34:5f:f8:db:3e:
49:ae:ac:52:93:55:26:5c:18:4a:d5:77:30:94:56:01:4e:96:
62:bb:92:b2:5f:19:93:ff:23:56:9c:33:42:1e:8a:dc:b2:d2:
dd:0c:a1:85:5d:11:f3:ff:3d:0a:63:d9:98:e6:53:ef:de:c2:
d6:0d:46:3d:4e:65:61:40:1e:15:df:b0:cd:5c:e0:65:d9:2a:
95:17:b5:c3:a8:a7:7f:d9:98:2b:57:be:45:2c:1d:4d:9c:3d:
55:2a:54:57:13:6d:7c:b9:07:3f:04:cf:5c:1a:04:9e:c2:b0:
96:8e:f7:66:42:fd:e3:9b:f8:bb:ca:d5:29:74:9a:2f:6a:bb:
b6:91:0d:90
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIDVu1bMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ4
ZmY3MWYyYjFhOGQ2MmFmNDQ2YTkyYmEyYmRlYTMzZjliNjlkZGMwHhcNMjIwNDI1
MDcwNDU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3ZDcwMzE1ZjNjODhk
ZjIwODYwYTIxMjRmYjVhNWQzNzE1YzExMDc4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuLFcjoZyjnhwBm35ljnuy5djlX1/GYm8tOEcyiuA0kMzNaT3
FYw6Inqwdm+5BF71jl3rR11asGw2Uf+bbIS0yI3LFO9f2bp9xvbYC6PEBb87VcBg
M3z9ol73N4pWrxTI+tFdZp/UgQd+lob+7uraW/4K+AYJfeTHpmmjalA9rgDrw55K
+dL+LCN4AqVD+BgRTe4vHWOPuJNNP+vhymdDls4juFinCCL3QKn7KcneLQpmjoC5
kIE6hpt7eo+wH2G79oL0UDS+2Hjrvc6bPKye+t6lMTDUjo+vTocNJoirQE2q2SRb
vjt01darhOa1CKP3iwntzI5zCeXQ+7fEofIwyQIDAQABo4ICeTCCAnUwHQYDVR0O
BBYEFH1wMV88iN8ghgohJPtaXTcVwRB4MB8GA1UdIwQYMBaAFNj/cfKxqNYq9Eap
K6K96jP5tp3cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MlA5eDhyR28xaXIwUnFrcm9yM3FNX20ybmR3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mZi9lYTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNhLzEv
ZlhBeFh6eUkzeUNHQ2lFay0xcGROeFhCRUhnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9l
YTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNhLzEvMlA5eDhyR28xaXIw
UnFrcm9yM3FNX20ybmR3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIGO
BggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAi0GMAMEBE3wcAMEA0+LeAMEBVLC
QAMEAlW7OAMEBVZtYAMEA1fuWAMEBVkRwAMEAVkl4AMEBF1aEAMEA21GIAMEBbAc
YAMEArkCRAMEArlOGAMEAcJ0uAMEBdWV4AMEBdl0ADANBAIAAjAHAwUAKgIDuDAN
BgkqhkiG9w0BAQsFAAOCAQEAoyUY0oVRkgqmacZxZKQxZCxgU7AcPLN/bCf5QNNe
1IbPOSpJ0KD6YGTtRbpFiYNzLgMGnKkEpnmcUieQ0RYm+36mAhjLd6Kzuiois37L
16UJylUPq/h3s6kwLlQi90iJ/0pTqbZcIm002JcHn1Hp6zJXhIr//RzVnjRf+Ns+
Sa6sUpNVJlwYStV3MJRWAU6WYruSsl8Zk/8jVpwzQh6K3LLS3QyhhV0R8/89CmPZ
mOZT797C1g1GPU5lYUAeFd+wzVzgZdkqlRe1w6inf9mYK1e+RSwdTZw9VSpUVxNt
fLkHPwTPXBoEnsKwlo73ZkL945v4u8rVKXSaL2q7tpENkA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:18 2024 by rpki-client on console-fra.rpki-client.org