Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/3iCbBXzGzc-gWkKNScMLVNfXYqc.roa
File: 3iCbBXzGzc-gWkKNScMLVNfXYqc.roa (raw, json)
Hash identifier: /NKgX53DYBAXf4N3tNiF+MVTbaWYLzk11EFATcjY52E=
Subject key identifier: DE:20:9B:05:7C:C6:CD:CF:A0:5A:42:8D:49:C3:0B:54:D7:D7:62:A7
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184D20D58A5C09DF70798D7799BE00325B7
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/3iCbBXzGzc-gWkKNScMLVNfXYqc.roa
Signing time: Fri 02 Dec 2022 08:56:40 +0000
ROA not before: Fri 02 Dec 2022 08:56:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25159
IP address blocks: 109.188.0.0/16 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
78.25.64.0/18 maxlen: 24
188.170.25.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
188.170.32.0/21 maxlen: 21
188.170.40.0/21 maxlen: 21
37.28.176.0/21 maxlen: 21
212.119.160.0/19 maxlen: 24
194.247.168.0/23 maxlen: 23
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
178.177.0.0/18 maxlen: 18
178.177.3.0/24 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
37.29.32.0/21 maxlen: 21
95.137.0.0/17 maxlen: 24
178.176.52.0/22 maxlen: 22
178.176.72.0/21 maxlen: 21
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
31.173.0.0/21 maxlen: 21
31.173.8.0/21 maxlen: 21
178.176.0.0/19 maxlen: 19
81.24.128.0/20 maxlen: 24
195.78.116.0/23 maxlen: 24
178.176.32.0/21 maxlen: 21
78.41.100.0/22 maxlen: 24
178.176.40.0/21 maxlen: 21
31.173.72.0/21 maxlen: 21
31.173.80.0/21 maxlen: 21
31.173.88.0/21 maxlen: 21
188.170.0.0/19 maxlen: 19
188.170.24.0/24 maxlen: 24
31.173.16.0/21 maxlen: 21
31.173.24.0/21 maxlen: 21
31.173.32.0/19 maxlen: 19
83.169.192.0/18 maxlen: 24
195.8.34.0/23 maxlen: 23
31.173.60.0/24 maxlen: 24
31.173.64.0/21 maxlen: 21
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
109.74.112.0/20 maxlen: 24
62.64.0.0/20 maxlen: 20
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
46.229.128.0/22 maxlen: 22
212.44.64.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
2a03:d004::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:0d:58:a5:c0:9d:f7:07:98:d7:79:9b:e0:03:25:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 2 08:56:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de209b057cc6cdcfa05a428d49c30b54d7d762a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:17:bd:cf:c1:9c:69:bd:e7:13:b5:7a:65:21:
b8:d5:b9:aa:3e:6a:59:51:a3:7c:57:15:ab:55:df:
f1:f8:5d:5d:83:98:6b:d8:69:f6:f8:05:e9:ae:8a:
52:22:8b:d7:21:66:28:7f:c8:08:1f:c1:69:83:c7:
de:9e:c4:55:3f:37:3e:90:d7:37:ef:1c:52:01:20:
aa:d2:ad:b8:b7:e5:f0:de:89:c2:bf:58:4f:c8:69:
f3:a1:ef:e4:d6:79:7b:90:02:0e:59:cb:1a:aa:93:
bc:1f:76:f0:83:09:4a:c6:d3:8b:fe:49:01:19:ac:
8b:63:cb:84:d6:1e:3e:75:7b:3f:b2:78:fe:26:b4:
42:0b:88:dd:f8:3f:04:0f:17:fc:6e:d3:d8:1c:a8:
f0:2b:16:56:e7:dc:4c:a2:fb:e8:d3:9d:e0:11:e1:
6e:55:b9:68:83:29:87:6c:ee:9e:38:ea:03:9c:3c:
9c:0a:76:ff:e9:0e:5c:a3:84:c8:2c:2e:e8:19:06:
db:3f:82:8e:9c:0f:75:cc:6a:62:df:89:aa:9f:93:
22:12:24:0a:95:bc:b5:f2:0c:fb:91:20:cb:4b:9c:
27:01:f0:fc:fe:16:00:c3:db:cd:9a:3e:52:16:f1:
c6:94:98:28:fc:b2:4c:d0:47:38:13:72:6e:ee:08:
4b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:20:9B:05:7C:C6:CD:CF:A0:5A:42:8D:49:C3:0B:54:D7:D7:62:A7
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/3iCbBXzGzc-gWkKNScMLVNfXYqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.0.0-31.173.95.255
37.28.176.0/21
37.29.32.0/21
46.229.128.0/22
62.64.0.0/20
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.0.0-178.176.47.255
178.176.52.0/22
178.176.72.0/21
178.177.0.0/18
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
188.170.0.0-188.170.47.255
193.201.228.0/22
194.247.168.0/23
195.5.128.0/19
195.8.34.0/23
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
IPv6:
2a03:d004::/36
Signature Algorithm: sha256WithRSAEncryption
68:e2:18:5b:f3:b3:b9:7c:bb:75:bc:b7:f2:ab:2f:18:97:d2:
40:36:80:70:9c:0e:8f:5a:5b:11:88:20:de:b6:28:9b:78:0c:
a8:a9:ba:61:b5:d0:d9:9a:a9:89:06:e6:6b:bd:85:51:3f:73:
43:0f:61:c8:c7:00:d6:8e:38:fd:4d:55:44:f1:f8:2c:e7:c5:
d0:a1:61:c1:b7:2a:05:27:6f:9f:16:7b:28:4d:90:d5:09:a5:
8c:91:a4:99:f9:02:95:a0:10:09:00:cb:a6:7b:10:1a:15:20:
28:9e:e7:64:3a:08:3e:5a:f2:ed:68:74:e9:07:fb:a7:a4:c3:
67:c0:3f:ea:da:82:16:7b:e4:75:c9:a8:32:07:3c:ac:a4:b4:
d5:00:fe:84:68:36:8c:10:90:18:13:25:6a:16:e0:31:49:79:
d2:94:49:ba:9c:e7:3c:80:38:f6:55:ef:0d:0a:48:09:f2:a6:
69:ba:86:0e:89:7b:4e:aa:d7:b6:67:df:8f:da:1b:8a:7f:f2:
da:d7:e4:58:bc:44:59:5e:40:df:53:5b:03:67:7b:8c:95:9e:
56:38:93:47:3d:67:86:39:bb:f2:07:af:70:cf:f9:47:35:52:
7e:b1:7e:1e:b0:c8:fb:9b:f3:ba:9d:4d:50:00:b4:e3:53:2c:
2a:c3:f8:27
-----BEGIN CERTIFICATE-----
MIIGSjCCBTKgAwIBAgISAYTSDVilwJ33B5jXeZvgAyW3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjAyMDg1NjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTIwOWIwNTdjYzZjZGNmYTA1YTQyOGQ0OWMzMGI1NGQ3ZDc2MmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhe9z8Gcab3nE7V6ZSG41bmqPmpZ
UaN8VxWrVd/x+F1dg5hr2Gn2+AXpropSIovXIWYof8gIH8Fpg8fensRVPzc+kNc3
7xxSASCq0q24t+Xw3onCv1hPyGnzoe/k1nl7kAIOWcsaqpO8H3bwgwlKxtOL/kkB
GayLY8uE1h4+dXs/snj+JrRCC4jd+D8EDxf8btPYHKjwKxZW59xMovvo053gEeFu
VblogymHbO6eOOoDnDycCnb/6Q5co4TILC7oGQbbP4KOnA91zGpi34mqn5MiEiQK
lby18gz7kSDLS5wnAfD8/hYAw9vNmj5SFvHGlJgo/LJM0Ec4E3Ju7ghLvwIDAQAB
o4IDVjCCA1IwHQYDVR0OBBYEFN4gmwV8xs3PoFpCjUnDC1TX12KnMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvM2lDYkJYekd6Yy1nV2tLTlNjTUxWTmZYWXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBagYIKwYBBQUHAQcBAf8EggFZMIIBVTCCAUEEAgABMIIB
OTALAwMAH60DBAUfrUADBAMlHLADBAMlHSADBAIu5YADBAQ+QAADBAZOGUADBAJO
KWQDBANPqwgDBARQ97ADBARRGIADBAZTqcADBAVT3sADBAdT5YADBAdVGoADBAVW
bcADBAJbwdQDBAddmYADBAdeGYADBAdfiQADBARtSnADBAZtfEADAwBtvAMEBoDM
QAMEA7IXkDALAwMEsrADBASysCADBAKysDQDBAOysEgDBAaysQADBAK5AyADBAK5
0owDBAO8XqgDAwC8ojALAwMBvKoDBAS8qiADBALByeQDBAHC96gDBAXDBYADBAHD
CCIDBAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXURWADBAXU
d6ADBAXVmqADBAXVqCADBAbV80ADBATZc1AwDgQCAAIwCAMGBCoD0AQAMA0GCSqG
SIb3DQEBCwUAA4IBAQBo4hhb87O5fLt1vLfyqy8Yl9JANoBwnA6PWlsRiCDetiib
eAyoqbphtdDZmqmJBuZrvYVRP3NDD2HIxwDWjjj9TVVE8fgs58XQoWHBtyoFJ2+f
FnsoTZDVCaWMkaSZ+QKVoBAJAMumexAaFSAonudkOgg+WvLtaHTpB/unpMNnwD/q
2oIWe+R1yagyBzyspLTVAP6EaDaMEJAYEyVqFuAxSXnSlEm6nOc8gDj2Ve8NCkgJ
8qZpuoYOiXtOqte2Z9+P2huKf/La1+RYvERZXkDfU1sDZ3uMlZ5WOJNHPWeGObvy
B69wz/lHNVJ+sX4esMj7m/O6nU1QALTjUywqw/gn
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:03 2025 by rpki-client