Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/5dKuvdEBFj9dYapAPcnlKpHjD3M.roa
File: 5dKuvdEBFj9dYapAPcnlKpHjD3M.roa (raw, json)
Hash identifier: oQJ0U+ZS9P8SVJPkBWEot0tRBMYrfhylejSuOeqbNJs=
Subject key identifier: E5:D2:AE:BD:D1:01:16:3F:5D:61:AA:40:3D:C9:E5:2A:91:E3:0F:73
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185E3D2C2B7446429E8EDC127020C5EA7E9
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/5dKuvdEBFj9dYapAPcnlKpHjD3M.roa
Signing time: Tue 24 Jan 2023 12:48:38 +0000
ROA not before: Tue 24 Jan 2023 12:48:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20632
IP address blocks: 84.204.230.0/24 maxlen: 24
212.14.160.0/19 maxlen: 19
84.204.160.0/20 maxlen: 20
82.196.64.0/19 maxlen: 19
84.204.176.0/21 maxlen: 21
81.24.128.0/20 maxlen: 20
79.171.8.0/21 maxlen: 21
84.204.188.0/22 maxlen: 22
84.204.192.0/18 maxlen: 18
109.124.108.0/22 maxlen: 22
217.195.64.0/19 maxlen: 19
109.124.64.0/18 maxlen: 18
213.172.0.0/19 maxlen: 19
84.204.0.0/17 maxlen: 17
93.153.128.0/17 maxlen: 17
93.153.144.0/21 maxlen: 21
93.153.158.0/24 maxlen: 24
93.153.162.0/24 maxlen: 24
93.153.161.0/24 maxlen: 24
195.144.224.0/19 maxlen: 19
212.119.160.0/19 maxlen: 19
80.247.176.0/20 maxlen: 20
81.3.128.0/18 maxlen: 18
91.193.212.0/22 maxlen: 22
84.204.132.0/22 maxlen: 22
94.25.248.0/21 maxlen: 21
84.204.139.0/24 maxlen: 24
84.204.138.0/24 maxlen: 24
213.182.160.0/19 maxlen: 19
84.204.136.0/24 maxlen: 24
84.204.140.0/22 maxlen: 22
84.204.144.0/20 maxlen: 20
195.5.128.0/19 maxlen: 19
212.44.64.0/19 maxlen: 19
82.140.64.0/18 maxlen: 18
82.140.93.0/24 maxlen: 24
95.137.0.0/17 maxlen: 17
46.47.192.0/18 maxlen: 18
62.182.128.0/21 maxlen: 21
2a03:d000:9009::/48 maxlen: 48
2a03:d000:9008::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e3:d2:c2:b7:44:64:29:e8:ed:c1:27:02:0c:5e:a7:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 24 12:48:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e5d2aebdd101163f5d61aa403dc9e52a91e30f73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c4:8a:73:2f:14:38:3c:34:2e:04:6b:b1:0f:
f7:45:66:fe:e5:5e:65:14:14:70:f6:12:49:d8:ad:
f8:b9:6f:e3:13:ef:5a:c2:b5:66:73:56:36:82:af:
4d:1c:e7:aa:fd:d3:ed:0a:d4:e3:5e:1e:4f:56:11:
67:e4:2b:a4:9d:3f:25:45:29:40:18:4c:ee:c7:91:
26:39:db:1d:df:9c:40:92:00:8a:ee:7a:6f:49:0c:
28:21:e0:8a:7c:a0:19:90:2c:e6:88:3f:a2:7c:28:
7b:49:0c:fb:31:60:50:2d:73:fd:08:ec:0a:6b:93:
e1:f3:45:ed:c8:37:9d:d9:3c:d0:e5:82:4a:c6:91:
d0:0d:2b:68:87:86:d3:32:82:44:dd:d2:5b:07:f5:
7e:04:93:2c:c2:b7:ca:49:89:f8:4c:22:2a:36:10:
4a:f2:91:3f:fb:36:25:54:b4:f5:cd:63:fa:53:d0:
8c:79:db:7c:47:f7:65:5d:81:52:e5:1c:08:9d:b4:
c2:8f:7b:29:cc:82:a5:0c:f5:c7:29:2d:75:c4:14:
0a:75:2e:a1:60:c9:94:7d:d3:3a:e0:98:1e:b0:d8:
26:44:ea:85:0d:5f:ed:27:99:a1:55:b5:5e:1b:15:
dd:56:02:f2:56:76:42:b9:d7:bf:66:bc:0c:f7:c1:
32:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:D2:AE:BD:D1:01:16:3F:5D:61:AA:40:3D:C9:E5:2A:91:E3:0F:73
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/5dKuvdEBFj9dYapAPcnlKpHjD3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.192.0/18
62.182.128.0/21
79.171.8.0/21
80.247.176.0/20
81.3.128.0/18
81.24.128.0/20
82.140.64.0/18
82.196.64.0/19
84.204.0.0/17
84.204.132.0-84.204.136.255
84.204.138.0-84.204.183.255
84.204.188.0-84.204.255.255
91.193.212.0/22
93.153.128.0/17
94.25.248.0/21
95.137.0.0/17
109.124.64.0/18
195.5.128.0/19
195.144.224.0/19
212.14.160.0/19
212.44.64.0/19
212.119.160.0/19
213.172.0.0/19
213.182.160.0/19
217.195.64.0/19
IPv6:
2a03:d000:9008::/47
Signature Algorithm: sha256WithRSAEncryption
25:df:3d:9b:25:fa:54:1f:5c:d4:f8:a0:1c:89:f3:90:1d:0c:
7c:7f:79:af:c2:92:56:52:fd:07:57:1b:c9:6d:fa:ee:66:b1:
68:b5:d7:52:ab:bc:a4:7e:59:86:54:b9:9e:ef:37:e1:b5:b6:
cd:f3:29:11:ab:56:8c:c0:4a:33:f0:81:49:8a:bb:29:d4:f9:
91:28:05:58:ac:d6:6e:04:a0:66:0e:cb:6b:3f:29:e4:3d:bb:
07:90:d6:f2:b7:73:a3:87:9e:aa:0f:e3:8f:58:d7:7a:94:3e:
50:fc:b3:4e:00:02:69:bd:23:98:82:a8:17:26:92:9b:1b:2f:
45:54:63:95:17:16:87:4c:67:78:2f:a1:41:b2:a3:38:1c:33:
95:06:6a:18:a7:43:b8:69:61:76:d2:76:43:ea:63:56:95:24:
72:92:7d:3b:1e:6e:2a:92:43:93:5f:44:23:cc:80:1e:e5:a0:
fc:fa:ae:83:de:0b:38:86:90:0a:e7:ff:d3:81:2e:54:96:43:
1c:28:d6:df:b9:fe:f4:a6:a3:2b:6c:db:75:5a:fc:90:a2:16:
96:a6:d7:8d:62:81:f6:fc:50:19:e7:64:b7:ac:b3:b7:4d:c2:
e5:62:71:18:91:bc:e1:24:1e:48:fc:ca:83:14:d1:5c:04:d5:
fb:1b:f0:a9
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAYXj0sK3RGQp6O3BJwIMXqfpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTI0MTI0ODM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWQyYWViZGQxMDExNjNmNWQ2MWFhNDAzZGM5ZTUyYTkxZTMwZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8SKcy8UODw0LgRrsQ/3RWb+5V5l
FBRw9hJJ2K34uW/jE+9awrVmc1Y2gq9NHOeq/dPtCtTjXh5PVhFn5CuknT8lRSlA
GEzux5EmOdsd35xAkgCK7npvSQwoIeCKfKAZkCzmiD+ifCh7SQz7MWBQLXP9COwK
a5Ph80XtyDed2TzQ5YJKxpHQDStoh4bTMoJE3dJbB/V+BJMswrfKSYn4TCIqNhBK
8pE/+zYlVLT1zWP6U9CMedt8R/dlXYFS5RwInbTCj3spzIKlDPXHKS11xBQKdS6h
YMmUfdM64JgesNgmROqFDV/tJ5mhVbVeGxXdVgLyVnZCude/ZrwM98EybQIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFOXSrr3RARY/XWGqQD3J5SqR4w9zMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvNWRLdXZkRUJGajlkWWFwQVBjbmxLcEhqRDNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBtAQCAAEwga0DBAYu
L8ADBAM+toADBANPqwgDBARQ97ADBAZRA4ADBARRGIADBAZSjEADBAVSxEADBAdU
zAAwDAMEAlTMhAMEAFTMiDAMAwQBVMyKAwQDVMywMAsDBAJUzLwDAwBUzAMEAlvB
1AMEB12ZgAMEA14Z+AMEB1+JAAMEBm18QAMEBcMFgAMEBcOQ4AMEBdQOoAMEBdQs
QAMEBdR3oAMEBdWsAAMEBdW2oAMEBdnDQDAPBAIAAjAJAwcBKgPQAJAIMA0GCSqG
SIb3DQEBCwUAA4IBAQAl3z2bJfpUH1zU+KAcifOQHQx8f3mvwpJWUv0HVxvJbfru
ZrFotddSq7ykflmGVLme7zfhtbbN8ykRq1aMwEoz8IFJirsp1PmRKAVYrNZuBKBm
DstrPynkPbsHkNbyt3Ojh56qD+OPWNd6lD5Q/LNOAAJpvSOYgqgXJpKbGy9FVGOV
FxaHTGd4L6FBsqM4HDOVBmoYp0O4aWF20nZD6mNWlSRykn07Hm4qkkOTX0QjzIAe
5aD8+q6D3gs4hpAK5//TgS5UlkMcKNbfuf70pqMrbNt1WvyQohaWpteNYoH2/FAZ
52S3rLO3TcLlYnEYkbzhJB5I/MqDFNFcBNX7G/Cp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:16 2025 by rpki-client