Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/1glVkUzxkwRS6NuGY_hPc4hJar8.roa
File: 1glVkUzxkwRS6NuGY_hPc4hJar8.roa (raw, json)
Hash identifier: w5a/soVn87UsuEPNOduMROnM28MXuiEHQIfJGyk4Vm4=
Subject key identifier: D6:09:55:91:4C:F1:93:04:52:E8:DB:86:63:F8:4F:73:88:49:6A:BF
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505A42DAFEEA483461770D16EBB7F6623
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/1glVkUzxkwRS6NuGY_hPc4hJar8.roa
Signing time: Mon 12 Dec 2022 09:22:03 +0000
ROA not before: Mon 12 Dec 2022 09:22:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47395
IP address blocks: 193.201.228.0/22 maxlen: 24
109.188.0.0/17 maxlen: 17
94.25.128.0/18 maxlen: 18
188.162.0.0/16 maxlen: 24
195.16.96.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:a4:2d:af:ee:a4:83:46:17:70:d1:6e:bb:7f:66:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:22:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d60955914cf1930452e8db8663f84f7388496abf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:f1:27:1c:dd:1a:e9:9e:31:9a:3e:cf:4f:6b:
cb:f0:df:d4:16:cf:05:ea:18:3e:a4:00:4c:6b:7a:
cf:27:95:77:e0:60:c5:83:99:e8:c3:f0:2c:82:6e:
cb:c3:26:e6:49:7f:ad:61:fb:0a:6e:9f:85:49:24:
3d:07:b0:83:06:cb:42:87:af:9f:13:6f:eb:2f:40:
80:ab:28:23:a3:42:ee:aa:0a:36:a4:d0:c1:8c:66:
91:6d:75:7b:27:34:3d:bc:20:4d:cc:ea:f7:85:bc:
4a:08:97:15:5d:e7:ff:a2:35:00:88:1f:52:ed:ed:
bb:22:f7:9d:aa:14:45:cb:74:92:1c:9b:62:b4:22:
40:84:0e:ec:36:f3:c9:e6:9e:39:7a:ac:ca:f9:65:
95:49:9c:e1:73:c8:4c:42:10:8d:b3:59:e3:f2:93:
69:b4:a9:fe:1d:b0:72:e6:7e:27:e5:8d:ea:b3:1f:
c3:b1:e4:d9:a7:d6:29:6d:bb:c1:fd:b3:82:70:a1:
5f:e0:db:42:d2:b4:60:6c:eb:d7:62:5f:da:91:99:
a9:c9:dc:6f:e5:f2:b0:3a:be:ae:e5:9c:cf:38:53:
99:8b:f3:00:03:11:97:dd:56:f8:f3:b2:9d:4c:f2:
aa:09:51:16:6b:4b:71:38:0a:40:ac:c1:6a:1a:0c:
a3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:09:55:91:4C:F1:93:04:52:E8:DB:86:63:F8:4F:73:88:49:6A:BF
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/1glVkUzxkwRS6NuGY_hPc4hJar8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.25.128.0/18
109.188.0.0/17
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:bb:41:a7:d0:1f:24:dd:d0:b3:97:41:7a:eb:3f:09:d9:7a:
68:41:af:7f:38:b4:7c:13:81:41:e7:26:74:d5:6d:2a:4b:fd:
3f:2c:f9:63:85:d4:40:cf:6d:ea:f2:d7:13:9a:d6:aa:e4:67:
13:7e:56:ab:26:25:71:b4:d8:4f:c1:db:f9:81:5f:43:31:6e:
03:11:fb:9d:15:50:72:05:e8:21:60:55:d9:2e:18:cb:8b:95:
d4:62:0d:ab:0f:3c:fa:76:17:be:85:61:1b:68:73:b1:c8:db:
b0:90:cb:f9:1c:2f:7f:7d:bc:aa:46:b1:fc:b9:a9:4e:30:d2:
b8:cc:de:55:f5:77:2b:dd:62:73:f7:31:ad:7d:0a:15:84:82:
30:fa:8d:9d:dc:e9:f0:42:7c:55:c0:42:fe:d3:1d:c4:e7:9b:
ab:6b:43:21:5b:1e:80:0d:01:cd:18:45:6d:ad:05:a1:70:68:
52:d7:34:22:c7:e4:fa:03:60:bd:72:8e:0a:65:0d:83:df:69:
ab:9d:0a:de:b8:82:e7:0c:79:2f:08:4c:ae:a7:b0:75:f1:72:
16:ee:71:db:6c:bb:0a:83:93:07:43:b7:aa:15:1a:bd:cf:6e:
85:1f:71:6f:87:6d:7c:2f:69:07:5b:21:31:de:a7:e2:08:42:
2b:32:7d:fc
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYUFpC2v7qSDRhdw0W67f2YjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkyMjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjA5NTU5MTRjZjE5MzA0NTJlOGRiODY2M2Y4NGY3Mzg4NDk2YWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7/EnHN0a6Z4xmj7PT2vL8N/UFs8F
6hg+pABMa3rPJ5V34GDFg5now/Asgm7LwybmSX+tYfsKbp+FSSQ9B7CDBstCh6+f
E2/rL0CAqygjo0Luqgo2pNDBjGaRbXV7JzQ9vCBNzOr3hbxKCJcVXef/ojUAiB9S
7e27IvedqhRFy3SSHJtitCJAhA7sNvPJ5p45eqzK+WWVSZzhc8hMQhCNs1nj8pNp
tKn+HbBy5n4n5Y3qsx/DseTZp9YpbbvB/bOCcKFf4NtC0rRgbOvXYl/akZmpydxv
5fKwOr6u5ZzPOFOZi/MAAxGX3Vb487KdTPKqCVEWa0txOApArMFqGgyjeQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFNYJVZFM8ZMEUujbhmP4T3OISWq/MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvMWdsVmtVenhrd1JTNk51R1lfaFBjNGhKYXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAvBAIAATApAwQGXhmAAwQH
bbwAAwMAvKIDBALByeQDBAXDBYADBAXDEGADBAHDTnQwDQYJKoZIhvcNAQELBQAD
ggEBAEy7QafQHyTd0LOXQXrrPwnZemhBr384tHwTgUHnJnTVbSpL/T8s+WOF1EDP
bery1xOa1qrkZxN+VqsmJXG02E/B2/mBX0MxbgMR+50VUHIF6CFgVdkuGMuLldRi
DasPPPp2F76FYRtoc7HI27CQy/kcL399vKpGsfy5qU4w0rjM3lX1dyvdYnP3Ma19
ChWEgjD6jZ3c6fBCfFXAQv7THcTnm6trQyFbHoANAc0YRW2tBaFwaFLXNCLH5PoD
YL1yjgplDYPfaaudCt64gucMeS8ITK6nsHXxchbucdtsuwqDkwdDt6oVGr3PboUf
cW+HbXwvaQdbITHep+IIQisyffw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:03 2025 by rpki-client