Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/2nJH3Gi7wG5BbmEYnPDQpMV8T1U.roa
File: 2nJH3Gi7wG5BbmEYnPDQpMV8T1U.roa (raw, json)
Hash identifier: 5M8mCTFSdsqjRi8ZSwwCWTpeFKOqNoreD6aAssg9wsk=
Subject key identifier: DA:72:47:DC:68:BB:C0:6E:41:6E:61:18:9C:F0:D0:A4:C5:7C:4F:55
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F243CFC92043B35D0840D848B212B227
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/2nJH3Gi7wG5BbmEYnPDQpMV8T1U.roa
Signing time: Thu 08 Dec 2022 15:04:01 +0000
ROA not before: Thu 08 Dec 2022 15:04:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25159
IP address blocks: 195.16.96.0/19 maxlen: 24
193.201.228.0/22 maxlen: 24
109.188.112.0/23 maxlen: 23
109.188.114.0/24 maxlen: 24
85.26.144.0/20 maxlen: 20
109.188.64.0/19 maxlen: 19
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
109.188.96.0/21 maxlen: 21
78.25.119.0/24 maxlen: 24
94.25.131.0/24 maxlen: 24
94.25.144.0/20 maxlen: 20
212.69.96.0/19 maxlen: 24
94.25.164.0/24 maxlen: 24
94.25.160.0/24 maxlen: 24
94.25.172.0/22 maxlen: 22
94.25.168.0/22 maxlen: 22
188.170.25.0/24 maxlen: 24
188.170.32.0/21 maxlen: 21
188.170.40.0/21 maxlen: 21
37.28.176.0/21 maxlen: 21
212.119.160.0/19 maxlen: 24
178.177.0.0/18 maxlen: 18
178.177.3.0/24 maxlen: 24
78.25.112.0/22 maxlen: 22
78.25.116.0/23 maxlen: 23
78.25.118.0/24 maxlen: 24
94.25.176.0/21 maxlen: 21
94.25.184.0/21 maxlen: 21
195.5.128.0/19 maxlen: 24
128.204.78.0/23 maxlen: 23
128.204.76.0/22 maxlen: 22
37.29.32.0/21 maxlen: 21
128.204.76.0/23 maxlen: 23
178.176.52.0/22 maxlen: 22
178.176.72.0/21 maxlen: 21
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
31.173.0.0/21 maxlen: 21
195.149.111.0/24 maxlen: 24
31.173.8.0/21 maxlen: 21
178.176.0.0/19 maxlen: 19
83.229.254.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
178.176.32.0/21 maxlen: 21
178.176.40.0/21 maxlen: 21
31.173.72.0/21 maxlen: 21
31.173.80.0/21 maxlen: 21
31.173.88.0/21 maxlen: 21
188.170.0.0/19 maxlen: 19
188.170.24.0/24 maxlen: 24
31.173.16.0/21 maxlen: 21
31.173.24.0/21 maxlen: 21
31.173.32.0/19 maxlen: 19
31.173.60.0/24 maxlen: 24
31.173.64.0/21 maxlen: 21
188.162.0.0/16 maxlen: 24
62.64.0.0/20 maxlen: 20
213.243.64.0/18 maxlen: 24
83.229.211.0/24 maxlen: 24
217.115.80.0/20 maxlen: 24
46.229.128.0/22 maxlen: 22
212.44.64.0/19 maxlen: 24
83.222.212.0/22 maxlen: 22
83.222.216.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f2:43:cf:c9:20:43:b3:5d:08:40:d8:48:b2:12:b2:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 15:04:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da7247dc68bbc06e416e61189cf0d0a4c57c4f55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:05:1b:01:06:13:e4:90:7e:67:dd:42:f5:53:
00:e6:c6:b5:20:2b:7b:a7:21:e6:9e:84:f2:7d:8e:
0c:77:8b:f2:28:b7:9a:a0:b7:9f:6e:f2:3f:59:75:
0a:ec:0e:98:88:7d:4f:b1:f5:be:3b:90:ed:29:43:
44:ea:4e:60:81:d3:38:f3:50:74:0b:1c:ad:12:77:
6f:02:ee:55:de:cb:41:b1:f7:a2:18:ef:03:c6:47:
72:a3:58:71:ba:7a:e4:49:59:a4:c3:ae:1f:87:0f:
5f:ed:3d:7e:5f:18:c9:93:12:72:4b:d8:46:57:86:
09:1e:05:57:0c:fc:70:2f:5c:b5:fd:38:d6:03:03:
1f:fe:26:5c:ed:42:81:e0:78:62:c0:e8:a8:27:c4:
d2:1d:bb:f5:8f:c5:8e:8d:dc:93:f5:49:55:e0:04:
40:64:3f:1e:bb:6e:ce:3a:5b:45:49:10:17:ae:dc:
aa:46:e5:34:15:3d:17:cb:6e:d1:1b:7a:d1:2b:91:
3e:d1:83:37:a7:74:b8:92:c4:fa:02:32:3b:62:ed:
8b:db:b7:13:aa:29:cb:29:5f:e6:63:fd:74:ca:d8:
05:aa:81:81:cd:4b:a7:8f:a6:00:95:f1:44:e6:53:
93:bb:6b:60:f4:0d:3c:7c:83:8b:b3:04:97:26:9c:
2d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:72:47:DC:68:BB:C0:6E:41:6E:61:18:9C:F0:D0:A4:C5:7C:4F:55
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/2nJH3Gi7wG5BbmEYnPDQpMV8T1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.0.0-31.173.95.255
37.28.176.0/21
37.29.32.0/21
46.229.128.0/22
62.64.0.0/20
78.25.112.0/21
83.222.212.0-83.222.223.255
83.229.211.0/24
83.229.254.0/24
85.26.144.0/20
94.25.131.0/24
94.25.144.0-94.25.160.255
94.25.164.0/24
94.25.168.0-94.25.191.255
109.188.64.0-109.188.103.255
109.188.112.0-109.188.114.255
128.204.76.0/22
178.176.0.0-178.176.47.255
178.176.52.0/22
178.176.72.0/21
178.177.0.0/18
188.162.0.0/16
188.170.0.0-188.170.47.255
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
12:eb:bd:bf:81:51:42:f8:2b:d8:98:65:8d:37:62:64:67:9b:
dd:41:41:8f:42:a3:cf:3a:9d:77:ad:b5:ed:53:3f:9c:f6:3d:
6e:92:7d:0e:39:33:2a:b1:c7:0e:2c:98:33:a4:e3:c4:72:37:
23:06:df:ee:44:c0:39:56:2f:96:f0:db:8c:dd:97:36:c5:9e:
e8:e4:23:03:3e:0a:50:5f:65:76:e4:8a:16:ba:eb:43:8c:b3:
7d:02:43:b0:25:8e:ca:ac:2a:7f:05:60:47:96:05:3a:4b:5b:
8c:b4:91:a9:67:2c:2a:58:54:76:e9:4f:66:a9:c4:7a:5e:aa:
4a:17:a0:32:64:42:1d:30:d7:f3:ce:fe:7f:63:89:ac:5f:02:
48:ca:24:7e:5f:30:fb:a3:91:84:3f:27:00:73:f5:6c:25:26:
a6:0b:14:27:96:77:80:f6:0d:e7:7c:ba:c8:63:6a:62:3e:64:
7a:7d:bb:72:65:96:dd:61:79:62:7f:e5:ae:4f:b7:6f:c8:63:
45:e3:50:3c:8e:d5:cf:d7:4f:3b:1d:f1:91:ed:92:61:2c:09:
5c:13:91:3f:6e:8e:47:46:7f:11:ba:da:ab:11:be:cb:52:d9:
d8:f3:47:66:3f:2b:cb:23:db:ef:fe:1f:03:1e:51:47:0d:3e:
4d:16:7b:d4
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAYTyQ8/JIEOzXQhA2EiyErInMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTUwNDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTcyNDdkYzY4YmJjMDZlNDE2ZTYxMTg5Y2YwZDBhNGM1N2M0ZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogUbAQYT5JB+Z91C9VMA5sa1ICt7
pyHmnoTyfY4Md4vyKLeaoLefbvI/WXUK7A6YiH1PsfW+O5DtKUNE6k5ggdM481B0
CxytEndvAu5V3stBsfeiGO8Dxkdyo1hxunrkSVmkw64fhw9f7T1+XxjJkxJyS9hG
V4YJHgVXDPxwL1y1/TjWAwMf/iZc7UKB4HhiwOioJ8TSHbv1j8WOjdyT9UlV4ARA
ZD8eu27OOltFSRAXrtyqRuU0FT0Xy27RG3rRK5E+0YM3p3S4ksT6AjI7Yu2L27cT
qinLKV/mY/10ytgFqoGBzUunj6YAlfFE5lOTu2tg9A08fIOLswSXJpwtpwIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFNpyR9xou8BuQW5hGJzw0KTFfE9VMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvMm5KSDNHaTd3RzVCYm1FWW5QRFFwTVY4VDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOwYIKwYBBQUHAQcBAf8EggEqMIIBJjCCASIEAgABMIIB
GjALAwMAH60DBAUfrUADBAMlHLADBAMlHSADBAIu5YADBAQ+QAADBANOGXAwDAME
AlPe1AMEBVPewAMEAFPl0wMEAFPl/gMEBFUakAMEAF4ZgzAMAwQEXhmQAwQAXhmg
AwQAXhmkMAwDBANeGagDBAZeGYAwDAMEBm28QAMEA228YDAMAwQEbbxwAwQAbbxy
AwQCgMxMMAsDAwSysAMEBLKwIAMEArKwNAMEA7KwSAMEBrKxAAMDALyiMAsDAwG8
qgMEBLyqIAMEAsHJ5AMEBcMFgAMEBcMQYAMEAcNOdAMEAMOVbwMEBcPmQAMEBdQO
oAMEBdQsQAMEBdRFYAMEBdR3oAMEBdWaoAMEBdWoIAMEBtXzQAMEBNlzUDANBgkq
hkiG9w0BAQsFAAOCAQEAEuu9v4FRQvgr2JhljTdiZGeb3UFBj0Kjzzqdd6217VM/
nPY9bpJ9DjkzKrHHDiyYM6TjxHI3Iwbf7kTAOVYvlvDbjN2XNsWe6OQjAz4KUF9l
duSKFrrrQ4yzfQJDsCWOyqwqfwVgR5YFOktbjLSRqWcsKlhUdulPZqnEel6qSheg
MmRCHTDX887+f2OJrF8CSMokfl8w+6ORhD8nAHP1bCUmpgsUJ5Z3gPYN53y6yGNq
Yj5ken27cmWW3WF5Yn/lrk+3b8hjReNQPI7Vz9dPOx3xke2SYSwJXBORP26OR0Z/
EbraqxG+y1LZ2PNHZj8ryyPb7/4fAx5RRw0+TRZ71A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:14 2025 by rpki-client