Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/2OWKLr8qE7ARd2uNBUrS2AT_D6c.roa
File: 2OWKLr8qE7ARd2uNBUrS2AT_D6c.roa (raw, json)
Hash identifier: g8AecYtpR9sBf03QkcmuRzdvaxZJTcbDG9YTHiMy5ZQ=
Subject key identifier: D8:E5:8A:2E:BF:2A:13:B0:11:77:6B:8D:05:4A:D2:D8:04:FF:0F:A7
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01847659012F1D19F83062E28F6AEC50E1D4
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/2OWKLr8qE7ARd2uNBUrS2AT_D6c.roa
Signing time: Mon 14 Nov 2022 13:34:15 +0000
ROA not before: Mon 14 Nov 2022 13:34:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31088
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
81.24.128.0/20 maxlen: 24
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
109.74.112.0/20 maxlen: 24
46.232.200.0/21 maxlen: 24
78.25.64.0/18 maxlen: 24
62.64.0.0/19 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:59:01:2f:1d:19:f8:30:62:e2:8f:6a:ec:50:e1:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Nov 14 13:34:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8e58a2ebf2a13b011776b8d054ad2d804ff0fa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:53:57:94:20:27:2f:e2:71:16:7f:f3:61:dc:
35:e0:74:d2:ab:28:da:2a:80:12:6a:25:d0:dd:c1:
51:d8:8e:26:c0:28:12:3c:04:58:75:01:de:54:b2:
6f:fb:85:20:7f:d2:77:cd:1f:3a:2e:89:cf:70:ce:
38:e5:98:6f:f4:01:bb:f9:cb:24:79:43:f7:8c:e4:
15:f4:3b:a0:82:56:75:e6:e7:f7:be:53:1d:7a:fd:
a9:18:cd:30:ed:36:67:f6:0e:ad:30:18:b4:c2:d0:
36:57:7d:06:5f:0b:13:1b:5e:96:4a:25:d4:ce:6e:
9f:29:21:fd:37:23:f1:4f:6f:f2:31:5c:d9:42:6f:
f2:b4:71:3b:0d:7b:10:7d:82:ed:4e:31:0e:2d:c0:
53:87:b7:c1:83:ba:95:38:db:be:6d:f7:33:c7:2e:
0f:3b:48:bf:9a:81:ca:43:3e:d0:98:d9:fb:d6:29:
ed:13:b3:55:d7:2e:07:9f:8a:64:56:32:df:24:9e:
d6:9f:cd:05:42:c4:7d:fc:1f:e1:2d:93:30:d9:e3:
67:94:91:7e:e8:1e:42:e1:34:f3:37:9a:93:64:93:
7f:c8:f8:cf:7a:de:2e:60:a2:8e:4a:3d:82:63:7f:
c2:24:a3:0f:c5:80:6f:08:e6:35:8f:8b:a1:07:bc:
67:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E5:8A:2E:BF:2A:13:B0:11:77:6B:8D:05:4A:D2:D8:04:FF:0F:A7
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/2OWKLr8qE7ARd2uNBUrS2AT_D6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.200.0/21
62.64.0.0/19
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
31:fb:16:30:f1:25:d0:4f:f9:3e:f9:0e:c3:78:31:cf:f0:19:
1a:29:c8:51:0e:48:50:23:fc:c2:fa:f9:8d:d1:1d:0b:eb:5b:
06:38:c5:5a:89:8f:47:e3:af:60:40:00:87:c3:5e:17:44:b6:
88:b3:1b:ff:19:2a:ff:fd:31:c2:e8:c4:55:3a:3c:91:8a:66:
68:8c:68:80:e4:f7:b0:77:6f:26:90:5f:9f:fa:59:b8:f2:cd:
dd:f4:80:cc:b8:11:72:b0:e5:8e:16:e6:26:be:fe:c9:80:d9:
97:72:4d:6d:76:1c:84:3e:5d:39:ec:c7:e3:6b:cd:f2:6c:87:
24:1c:a3:7a:ab:df:97:55:46:f3:ad:a2:19:76:a4:49:e1:01:
c4:4d:ff:a6:d8:62:9f:f2:b3:17:a1:9e:0d:b2:76:fc:5f:06:
3f:3f:d3:d3:04:69:b9:3d:63:67:c2:bd:b8:b4:50:83:0a:af:
ff:95:e8:2c:b5:6c:4b:b7:51:bc:7a:4f:16:0d:71:98:e3:62:
e4:1c:c0:cc:ef:31:c2:90:8c:47:fc:7f:d2:b8:c5:99:ee:77:
26:fa:e9:26:8e:55:71:e9:60:9a:15:21:f6:32:0c:70:75:c5:
ee:49:be:f8:9a:b8:91:de:43:05:0c:55:0d:85:d5:fb:9a:64:
c1:36:31:60
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAYR2WQEvHRn4MGLij2rsUOHUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMTE0MTMzNDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGU1OGEyZWJmMmExM2IwMTE3NzZiOGQwNTRhZDJkODA0ZmYwZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlNXlCAnL+JxFn/zYdw14HTSqyja
KoASaiXQ3cFR2I4mwCgSPARYdQHeVLJv+4Ugf9J3zR86LonPcM445Zhv9AG7+csk
eUP3jOQV9DugglZ15uf3vlMdev2pGM0w7TZn9g6tMBi0wtA2V30GXwsTG16WSiXU
zm6fKSH9NyPxT2/yMVzZQm/ytHE7DXsQfYLtTjEOLcBTh7fBg7qVONu+bfczxy4P
O0i/moHKQz7QmNn71intE7NV1y4Hn4pkVjLfJJ7Wn80FQsR9/B/hLZMw2eNnlJF+
6B5C4TTzN5qTZJN/yPjPet4uYKKOSj2CY3/CJKMPxYBvCOY1j4uhB7xnlQIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFNjlii6/KhOwEXdrjQVK0tgE/w+nMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvMk9XS0xyOHFFN0FSZDJ1TkJVclMyQVRfRDZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuAwQD
LujIAwQFPkAAAwQFTemgAwQGThlAAwQCTilkAwQDT6sIAwQEUPewAwQEURiAAwQG
U6nAAwQFU97AAwQHU+WAAwQHVRqAAwQFVm3AAwQCW8HUAwQHXZmAAwQHXhmAAwQH
X4kAAwQEbUpwAwQGbXxAAwMAbbwDBAaAzEADBAOyF5ADBAK5AyADBAK50owDBAO8
XqgDAwC8ogMEAsHJ5AMEBcMFgAMEBcMQYAMEAcNOdAMEAMOVbwMEBcPmQAMEBdQO
oAMEBdQsQAMEBdRFYAMEBdR3oAMEBdWaoAMEBdWoIAMEBtXzQAMEBNlzUDANBgkq
hkiG9w0BAQsFAAOCAQEAMfsWMPEl0E/5PvkOw3gxz/AZGinIUQ5IUCP8wvr5jdEd
C+tbBjjFWomPR+OvYEAAh8NeF0S2iLMb/xkq//0xwujEVTo8kYpmaIxogOT3sHdv
JpBfn/pZuPLN3fSAzLgRcrDljhbmJr7+yYDZl3JNbXYchD5dOezH42vN8myHJByj
eqvfl1VG862iGXakSeEBxE3/pthin/KzF6GeDbJ2/F8GPz/T0wRpuT1jZ8K9uLRQ
gwqv/5XoLLVsS7dRvHpPFg1xmONi5BzAzO8xwpCMR/x/0rjFme53JvrpJo5Vcelg
mhUh9jIMcHXF7km++Jq4kd5DBQxVDYXV+5pkwTYxYA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:33 2024 by rpki-client on console-ams.rpki-client.org