Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/5A2BTaWtJiUx29GWctXmgT_ahH0.roa
File: 5A2BTaWtJiUx29GWctXmgT_ahH0.roa (raw, json)
Hash identifier: M8F7jreDe2zeTNqj+ZgTS82CmIFNyomBfHy45gD+4iY=
Subject key identifier: E4:0D:81:4D:A5:AD:26:25:31:DB:D1:96:72:D5:E6:81:3F:DA:84:7D
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F176C0ACC7974580B212EEE6A6FE83E9
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/5A2BTaWtJiUx29GWctXmgT_ahH0.roa
Signing time: Thu 08 Dec 2022 11:20:02 +0000
ROA not before: Thu 08 Dec 2022 11:20:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31205
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.16.96.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
188.170.247.0/24 maxlen: 24
83.149.50.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
83.149.49.0/24 maxlen: 24
83.149.48.0/24 maxlen: 24
83.149.51.0/24 maxlen: 24
178.176.48.0/24 maxlen: 24
193.201.228.0/22 maxlen: 24
83.169.252.0/22 maxlen: 22
83.169.248.0/22 maxlen: 22
85.26.226.0/24 maxlen: 24
85.26.224.0/24 maxlen: 24
85.26.230.0/24 maxlen: 24
85.26.229.0/24 maxlen: 24
85.26.228.0/24 maxlen: 24
85.26.231.0/24 maxlen: 24
85.26.227.0/24 maxlen: 24
178.23.144.0/21 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
46.232.202.0/23 maxlen: 23
46.232.200.0/23 maxlen: 23
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
178.176.240.0/22 maxlen: 22
178.176.244.0/22 maxlen: 22
78.25.92.0/23 maxlen: 23
78.25.94.0/23 maxlen: 23
37.29.86.0/23 maxlen: 23
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
188.170.240.0/22 maxlen: 22
31.173.240.0/23 maxlen: 23
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
31.173.242.0/23 maxlen: 23
128.204.64.0/18 maxlen: 24
31.173.244.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:76:c0:ac:c7:97:45:80:b2:12:ee:e6:a6:fe:83:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 11:20:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e40d814da5ad262531dbd19672d5e6813fda847d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:42:79:b3:12:7b:19:a9:a0:53:a8:db:f3:4a:
65:79:36:38:3b:70:bf:62:a3:29:7b:ca:5d:cf:36:
a3:9e:38:58:42:b1:fd:d3:b9:fd:64:db:ad:d0:84:
4d:f8:9d:15:d2:3e:7d:ec:b0:70:71:3b:78:d3:0c:
7d:60:c4:ce:21:e4:13:d4:f4:85:b9:09:2a:3e:34:
0c:f3:e1:98:c2:e6:f0:11:14:cd:f6:a8:2f:a6:f6:
00:b4:a6:1d:0c:a3:9d:23:2a:18:b7:3c:03:5a:42:
11:07:2b:fd:41:97:3a:1f:32:e3:53:0a:18:15:14:
c5:40:aa:59:11:58:45:b1:e7:5a:3b:43:5e:db:97:
f4:d5:01:67:23:98:58:eb:c3:c7:df:cc:45:a3:64:
29:f2:cf:80:ae:aa:68:8a:33:18:7d:54:02:b7:fc:
6d:25:85:07:2c:14:d6:8c:d7:db:a8:fe:a7:8f:c1:
2a:04:b5:d0:2e:c4:35:57:06:c9:eb:23:4b:c8:78:
70:e9:91:63:19:7e:4f:fa:bf:15:13:d0:79:50:56:
9f:54:6a:74:d7:c0:07:9b:cb:1b:fc:f7:3d:81:31:
00:ec:23:7b:4b:b9:02:37:e8:57:96:91:ef:af:4e:
49:4e:b3:9b:be:f3:dc:94:33:d7:c9:f0:65:d6:c2:
43:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:0D:81:4D:A5:AD:26:25:31:DB:D1:96:72:D5:E6:81:3F:DA:84:7D
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/5A2BTaWtJiUx29GWctXmgT_ahH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.240.0/21
37.29.86.0/23
46.232.200.0/22
78.25.92.0/22
83.149.48.0/22
83.169.248.0/21
85.26.224.0/24
85.26.226.0-85.26.231.255
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.48.0/24
178.176.240.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
188.170.240.0/22
188.170.247.0/24
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
6d:bc:64:56:9f:a6:9b:f6:a0:5b:83:81:d7:f8:a9:65:5d:d1:
a9:fb:23:75:08:15:00:14:21:7a:36:72:d7:02:ba:75:77:b2:
08:cc:13:db:fb:93:47:7b:bf:9c:88:c8:96:bc:f1:6e:6c:1b:
63:ff:11:49:05:e7:2a:8a:75:e0:76:cc:b3:8c:dc:08:db:bf:
26:56:a6:a6:4d:70:0d:5d:80:d5:5e:f4:27:b4:55:95:cc:6c:
37:21:32:e9:48:40:23:ad:46:e9:b8:2c:5d:93:9e:88:5a:94:
87:92:d9:d4:62:a2:59:27:f5:68:61:1e:00:34:3b:83:5d:38:
85:81:2c:cf:6c:4f:b1:13:5d:22:8a:93:5d:1e:24:dd:5c:32:
99:d1:89:4e:e3:8b:89:bf:71:cc:e2:70:31:60:2f:4d:a4:cc:
95:d7:c3:a6:49:5a:35:65:64:b6:f7:34:04:12:0a:38:5f:2b:
7c:6a:ad:77:82:f9:b5:17:d8:89:8f:82:60:ae:a6:08:ce:a5:
b9:ed:47:2c:71:29:bb:d5:d1:7a:4c:c1:ca:81:a0:a0:e3:36:
11:06:5c:89:c3:89:11:84:db:cd:f3:27:ea:8b:8b:8c:fb:d2:
90:5e:f4:59:09:cd:0e:6e:70:4d:57:1b:37:92:d1:62:02:da:
08:59:ae:27
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAYTxdsCsx5dFgLIS7uam/oPpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTEyMDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDBkODE0ZGE1YWQyNjI1MzFkYmQxOTY3MmQ1ZTY4MTNmZGE4NDdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0J5sxJ7GamgU6jb80pleTY4O3C/
YqMpe8pdzzajnjhYQrH907n9ZNut0IRN+J0V0j597LBwcTt40wx9YMTOIeQT1PSF
uQkqPjQM8+GYwubwERTN9qgvpvYAtKYdDKOdIyoYtzwDWkIRByv9QZc6HzLjUwoY
FRTFQKpZEVhFsedaO0Ne25f01QFnI5hY68PH38xFo2Qp8s+ArqpoijMYfVQCt/xt
JYUHLBTWjNfbqP6nj8EqBLXQLsQ1VwbJ6yNLyHhw6ZFjGX5P+r8VE9B5UFafVGp0
18AHm8sb/Pc9gTEA7CN7S7kCN+hXlpHvr05JTrObvvPclDPXyfBl1sJDXwIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFOQNgU2lrSYlMdvRlnLV5oE/2oR9MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvNUEyQlRhV3RKaVV4MjlHV2N0WG1nVF9haEgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwDBAMf
rfADBAElHVYDBAIu6MgDBAJOGVwDBAJTlTADBANTqfgDBABVGuAwDAMEAVUa4gME
A1Ua4AMDAG28AwQGgMxAAwQDsheQAwQAsrAwAwQDsrDwAwQCuQMgAwQCudKMAwQD
vF6oAwMAvKIDBAK8qvADBAC8qvcDBALByeQDBAXDBYADBAXDEGADBAHDTnQDBADD
lW8DBAXD5kADBAXUDqADBAXULEADBAXURWADBAXUd6ADBAXVmqADBAXVqCADBAbV
80ADBATZc1AwDQYJKoZIhvcNAQELBQADggEBAG28ZFafppv2oFuDgdf4qWVd0an7
I3UIFQAUIXo2ctcCunV3sgjME9v7k0d7v5yIyJa88W5sG2P/EUkF5yqKdeB2zLOM
3AjbvyZWpqZNcA1dgNVe9Ce0VZXMbDchMulIQCOtRum4LF2TnohalIeS2dRiolkn
9WhhHgA0O4NdOIWBLM9sT7ETXSKKk10eJN1cMpnRiU7ji4m/cczicDFgL02kzJXX
w6ZJWjVlZLb3NAQSCjhfK3xqrXeC+bUX2ImPgmCupgjOpbntRyxxKbvV0XpMwcqB
oKDjNhEGXInDiRGE283zJ+qLi4z70pBe9FkJzQ5ucE1XGzeS0WIC2ghZric=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:24 2024 by rpki-client on console-fra.rpki-client.org