Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/5kbzlCMoXHeFBNkGYf1Gn4xx44w.roa
File: 5kbzlCMoXHeFBNkGYf1Gn4xx44w.roa (raw, json)
Hash identifier: 7Wk/7W17BqPYi+0oe2AIQqKzbQ9+/SD+ZWMSig3uNGw=
Subject key identifier: E6:46:F3:94:23:28:5C:77:85:04:D9:06:61:FD:46:9F:8C:71:E3:8C
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185056156CADC233F97369E74A2037BBFCB
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/5kbzlCMoXHeFBNkGYf1Gn4xx44w.roa
Signing time: Mon 12 Dec 2022 08:09:03 +0000
ROA not before: Mon 12 Dec 2022 08:09:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31224
IP address blocks: 212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
178.176.104.0/21 maxlen: 21
83.149.32.0/22 maxlen: 22
83.149.36.0/22 maxlen: 22
83.149.34.0/24 maxlen: 24
83.149.37.0/24 maxlen: 24
83.149.39.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
85.26.192.0/22 maxlen: 22
193.201.228.0/22 maxlen: 24
178.178.88.0/22 maxlen: 22
178.178.92.0/22 maxlen: 22
31.173.96.0/24 maxlen: 24
31.173.97.0/24 maxlen: 24
31.173.102.0/24 maxlen: 24
31.173.99.0/24 maxlen: 24
31.173.103.0/24 maxlen: 24
31.173.100.0/24 maxlen: 24
31.173.100.0/23 maxlen: 23
31.173.101.0/24 maxlen: 24
178.176.112.0/24 maxlen: 24
178.176.113.0/24 maxlen: 24
213.154.160.0/19 maxlen: 24
83.169.216.0/24 maxlen: 24
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
31.173.123.0/24 maxlen: 24
31.173.122.0/24 maxlen: 24
31.173.121.0/24 maxlen: 24
31.173.125.0/24 maxlen: 24
31.173.120.0/24 maxlen: 24
31.173.124.0/24 maxlen: 24
31.173.127.0/24 maxlen: 24
31.173.126.0/24 maxlen: 24
212.119.160.0/19 maxlen: 24
78.25.88.0/22 maxlen: 22
46.229.132.0/22 maxlen: 22
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
128.204.68.0/24 maxlen: 24
128.204.69.0/24 maxlen: 24
37.29.44.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:61:56:ca:dc:23:3f:97:36:9e:74:a2:03:7b:bf:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 08:09:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e646f39423285c778504d90661fd469f8c71e38c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ab:e3:b2:5b:c0:10:52:7e:20:e8:0d:0c:7b:
0d:b0:9b:92:42:1b:c3:1e:de:4b:70:ff:e3:f6:a1:
34:30:65:cb:96:aa:5f:63:bb:56:b8:48:a7:ab:e4:
31:17:98:15:c5:92:51:35:3e:0e:89:4b:22:2d:6f:
37:bf:3e:4b:ad:8e:9b:ae:1d:b1:38:f5:c7:c3:69:
83:09:ed:d8:45:2f:e0:3e:c1:c5:0a:06:59:82:8d:
df:ed:5d:b2:40:a2:b8:ca:77:8c:59:a6:5e:e1:57:
fa:ef:38:d0:f1:26:59:8d:7a:08:be:96:28:d7:12:
85:87:4e:b2:d1:4c:9d:ef:cc:dc:8c:fb:56:da:73:
21:82:4f:ca:b8:4d:39:7b:6e:d5:67:73:35:9a:97:
17:af:46:6d:8b:b3:6a:41:13:e0:23:86:cc:f8:b4:
4b:ac:22:fe:37:39:8b:21:70:31:91:d7:f1:15:ea:
f1:72:cf:f0:6c:bc:d4:77:9d:98:30:91:00:d6:83:
49:77:7f:ec:a0:08:ec:c8:fe:45:ce:89:c8:06:a8:
4c:1a:49:33:0f:53:d3:2a:b9:d2:ea:86:92:ec:14:
f0:af:62:54:33:ca:ee:ad:01:13:a6:62:14:2d:50:
f0:47:99:49:57:6e:10:5d:38:5f:e5:4f:dd:42:79:
29:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:46:F3:94:23:28:5C:77:85:04:D9:06:61:FD:46:9F:8C:71:E3:8C
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/5kbzlCMoXHeFBNkGYf1Gn4xx44w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.96.0/23
31.173.99.0-31.173.103.255
31.173.120.0/21
37.29.44.0/22
46.229.132.0/22
78.25.88.0/22
83.149.32.0/21
83.169.216.0/24
85.26.192.0/22
128.204.68.0/23
178.176.104.0-178.176.113.255
178.178.88.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
Signature Algorithm: sha256WithRSAEncryption
85:cf:1d:24:97:14:55:78:39:49:32:9d:44:7d:c3:71:52:37:
0e:2a:5e:5d:ba:4e:8e:40:54:73:85:bc:c6:d6:b6:4d:1c:c6:
9c:a4:9a:9f:be:76:76:b8:9c:a4:17:62:13:1e:d2:c1:98:16:
67:95:d7:b5:27:9a:ba:6d:d2:a4:40:8f:95:aa:57:64:f0:88:
2e:39:90:86:b7:46:43:55:4e:4d:09:39:a6:39:24:0e:5e:52:
19:6c:96:83:ef:46:a1:54:57:9a:fd:e6:69:28:53:89:62:33:
e1:4a:6f:96:e3:c9:90:44:de:70:b4:dc:47:eb:5a:64:83:47:
fe:47:15:01:c8:44:92:b1:23:8e:c7:fd:fd:a4:36:a6:72:3e:
82:31:48:4c:61:13:1b:c7:a1:2d:b9:5c:3b:f1:41:ac:c9:2d:
e8:67:59:d4:80:c6:09:28:35:3a:43:ff:38:f1:90:54:4d:74:
22:33:ab:a3:c2:1c:f8:83:cb:7c:73:d7:81:25:c7:64:98:56:
78:33:80:5a:e6:e1:41:ba:ac:ac:33:fc:b4:a6:60:08:96:06:
0b:cc:58:97:36:45:b4:8f:e3:38:b3:cf:bb:58:3e:e0:41:77:
4d:20:c4:a8:3b:23:6b:a6:73:da:22:80:93:52:b3:6b:3c:4f:
9b:67:46:44
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAYUFYVbK3CM/lzaedKIDe7/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDgwOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQ2ZjM5NDIzMjg1Yzc3ODUwNGQ5MDY2MWZkNDY5ZjhjNzFlMzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKvjslvAEFJ+IOgNDHsNsJuSQhvD
Ht5LcP/j9qE0MGXLlqpfY7tWuEinq+QxF5gVxZJRNT4OiUsiLW83vz5LrY6brh2x
OPXHw2mDCe3YRS/gPsHFCgZZgo3f7V2yQKK4yneMWaZe4Vf67zjQ8SZZjXoIvpYo
1xKFh06y0Uyd78zcjPtW2nMhgk/KuE05e27VZ3M1mpcXr0Zti7NqQRPgI4bM+LRL
rCL+NzmLIXAxkdfxFerxcs/wbLzUd52YMJEA1oNJd3/soAjsyP5FzonIBqhMGkkz
D1PTKrnS6oaS7BTwr2JUM8rurQETpmIULVDwR5lJV24QXThf5U/dQnkpXwIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFOZG85QjKFx3hQTZBmH9Rp+MceOMMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvNWtiemxDTW9YSGVGQk5rR1lmMUduNHh4NDR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBpgQCAAEwgZ8DBAEf
rWAwDAMEAB+tYwMEAx+tYAMEAx+teAMEAiUdLAMEAi7lhAMEAk4ZWAMEA1OVIAME
AFOp2AMEAlUawAMEAYDMRDAMAwQDsrBoAwQBsrBwAwQDsrJYAwMAvKIDBALByeQD
BAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXURWAD
BAXUd6ADBAXVmqAwDQYJKoZIhvcNAQELBQADggEBAIXPHSSXFFV4OUkynUR9w3FS
Nw4qXl26To5AVHOFvMbWtk0cxpykmp++dna4nKQXYhMe0sGYFmeV17Unmrpt0qRA
j5WqV2TwiC45kIa3RkNVTk0JOaY5JA5eUhlsloPvRqFUV5r95mkoU4liM+FKb5bj
yZBE3nC03EfrWmSDR/5HFQHIRJKxI47H/f2kNqZyPoIxSExhExvHoS25XDvxQazJ
LehnWdSAxgkoNTpD/zjxkFRNdCIzq6PCHPiDy3xz14Elx2SYVngzgFrm4UG6rKwz
/LSmYAiWBgvMWJc2RbSP4zizz7tYPuBBd00gxKg7I2umc9oigJNSs2s8T5tnRkQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:22:05 2025 by rpki-client