Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/2kZT55Rfy1VOmk0xRWqH3AA74eE.roa
File: 2kZT55Rfy1VOmk0xRWqH3AA74eE.roa (raw, json)
Hash identifier: VKcRO59gVoOZJVBnT0c7h8YovLIeT5LCSG+QFJLbEBk=
Subject key identifier: DA:46:53:E7:94:5F:CB:55:4E:9A:4D:31:45:6A:87:DC:00:3B:E1:E1
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505E13061D04F625694A0E667A20D9BD9
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/2kZT55Rfy1VOmk0xRWqH3AA74eE.roa
Signing time: Mon 12 Dec 2022 10:28:42 +0000
ROA not before: Mon 12 Dec 2022 10:28:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41976
IP address blocks: 188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 20
109.74.112.0/21 maxlen: 21
213.168.54.0/24 maxlen: 24
213.168.56.0/21 maxlen: 21
213.168.53.0/24 maxlen: 24
213.168.60.0/24 maxlen: 24
213.168.62.0/24 maxlen: 24
213.168.61.0/24 maxlen: 24
213.168.36.0/24 maxlen: 24
213.168.34.0/24 maxlen: 24
213.168.32.0/21 maxlen: 21
213.168.32.0/19 maxlen: 19
213.168.43.0/24 maxlen: 24
213.168.40.0/21 maxlen: 21
213.168.47.0/24 maxlen: 24
213.168.46.0/24 maxlen: 24
213.168.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:e1:30:61:d0:4f:62:56:94:a0:e6:67:a2:0d:9b:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 10:28:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da4653e7945fcb554e9a4d31456a87dc003be1e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:57:9e:8b:3f:f0:40:d6:96:e6:44:e4:37:a6:
68:af:da:23:27:d6:83:18:2e:1c:fb:2b:80:df:e8:
81:b6:87:97:43:4c:26:da:4b:cd:e0:44:12:79:65:
bf:4b:9f:13:60:02:27:07:0a:39:a2:51:1d:24:78:
95:ac:c4:df:02:44:00:44:d3:f9:1d:2d:48:78:c5:
7f:c5:16:33:91:50:3c:23:1d:78:a2:b9:33:12:8a:
38:87:40:0e:fd:60:00:d7:84:8d:99:da:21:10:d9:
f4:ba:82:e9:e3:e8:68:c1:b8:a5:f7:eb:a2:d7:a3:
91:19:a1:91:a4:c9:98:be:36:64:e5:da:4b:ed:c9:
13:23:1c:d5:8f:cb:1c:ca:0d:95:88:5a:f9:80:90:
1a:17:60:c7:bd:96:30:61:f3:58:46:37:a8:58:2a:
5d:a4:2f:78:b7:09:dd:4c:7d:dc:8b:1c:4f:03:1a:
dd:3a:7b:bb:07:0a:53:04:5b:d2:92:b4:17:3c:21:
71:cf:52:cd:5f:af:bf:a4:cf:4a:06:31:5c:e9:64:
ea:c4:19:83:08:d9:be:b8:fe:2d:1b:8a:64:72:c3:
cb:04:05:7f:98:ec:b1:02:97:2d:75:c7:3c:e5:05:
74:74:d9:c6:3a:ae:15:95:99:2e:9b:d6:e8:4a:f2:
66:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:46:53:E7:94:5F:CB:55:4E:9A:4D:31:45:6A:87:DC:00:3B:E1:E1
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/2kZT55Rfy1VOmk0xRWqH3AA74eE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.74.112.0/20
188.162.0.0/16
213.168.32.0/19
Signature Algorithm: sha256WithRSAEncryption
46:e4:7d:d6:85:83:c2:d1:e5:25:7d:55:d5:06:ba:db:74:8a:
16:bf:b8:21:8d:e8:53:55:dd:88:79:28:b8:ea:72:b5:de:7a:
6a:7c:ae:86:90:f1:a1:7c:9d:b6:60:06:21:11:74:78:c1:07:
d0:00:ed:68:a2:ba:05:e2:9e:29:ee:4e:c6:40:ac:9c:45:ce:
ef:ab:ce:ca:d6:93:70:dc:ca:c0:63:29:f1:e0:2f:86:c0:26:
2b:db:06:9c:e7:43:d2:16:85:06:b4:9f:d1:ba:18:f3:0a:88:
16:dc:b7:71:55:e7:ab:0a:0f:29:05:89:1a:66:07:be:6b:51:
51:44:ca:69:67:30:6f:03:16:41:b9:af:4f:e5:55:9f:5f:9c:
9e:ca:54:18:e3:66:a9:61:dc:c5:a1:b3:2e:ff:52:1f:dd:83:
47:aa:c9:6c:3a:6d:d5:9a:86:74:18:37:ec:01:78:f4:ac:2a:
9c:8e:b9:37:ee:5c:39:ba:09:a0:e8:8e:d1:ab:51:0e:b1:e1:
19:73:60:ff:71:6b:b9:e5:b1:f9:b9:09:5b:9e:ab:ea:f5:e2:
a6:22:7d:08:73:40:7a:8d:84:ba:77:21:79:6f:40:ad:a8:46:
32:63:11:f9:3a:0f:8a:d4:81:b1:c8:51:88:cf:9d:10:96:17:
41:b4:f5:1b
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYUF4TBh0E9iVpSg5meiDZvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTAyODQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTQ2NTNlNzk0NWZjYjU1NGU5YTRkMzE0NTZhODdkYzAwM2JlMWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhleeiz/wQNaW5kTkN6Zor9ojJ9aD
GC4c+yuA3+iBtoeXQ0wm2kvN4EQSeWW/S58TYAInBwo5olEdJHiVrMTfAkQARNP5
HS1IeMV/xRYzkVA8Ix14orkzEoo4h0AO/WAA14SNmdohENn0uoLp4+howbil9+ui
16ORGaGRpMmYvjZk5dpL7ckTIxzVj8scyg2ViFr5gJAaF2DHvZYwYfNYRjeoWCpd
pC94twndTH3cixxPAxrdOnu7BwpTBFvSkrQXPCFxz1LNX6+/pM9KBjFc6WTqxBmD
CNm+uP4tG4pkcsPLBAV/mOyxApctdcc85QV0dNnGOq4VlZkum9boSvJmWwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFNpGU+eUX8tVTppNMUVqh9wAO+HhMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvMmtaVDU1UmZ5MVZPbWsweFJXcUgzQUE3NGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwQEbUpwAwMA
vKIDBAXVqCAwDQYJKoZIhvcNAQELBQADggEBAEbkfdaFg8LR5SV9VdUGutt0iha/
uCGN6FNV3Yh5KLjqcrXeemp8roaQ8aF8nbZgBiERdHjBB9AA7WiiugXininuTsZA
rJxFzu+rzsrWk3DcysBjKfHgL4bAJivbBpznQ9IWhQa0n9G6GPMKiBbct3FV56sK
DykFiRpmB75rUVFEymlnMG8DFkG5r0/lVZ9fnJ7KVBjjZqlh3MWhsy7/Uh/dg0eq
yWw6bdWahnQYN+wBePSsKpyOuTfuXDm6CaDojtGrUQ6x4RlzYP9xa7nlsfm5CVue
q+r14qYifQhzQHqNhLp3IXlvQK2oRjJjEfk6D4rUgbHIUYjPnRCWF0G09Rs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:12 2025 by rpki-client