Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/63cRQ8Gzelp9bSkyaF9odYOWPrs.roa
File: 63cRQ8Gzelp9bSkyaF9odYOWPrs.roa (raw, json)
Hash identifier: o5Cb4yW0Y5vc19e2npBEqjlwjPdUFA0HzPceHZxaS3c=
Subject key identifier: EB:77:11:43:C1:B3:7A:5A:7D:6D:29:32:68:5F:68:75:83:96:3E:BB
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184C7D3E264967A06C91925421592E825A4
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/63cRQ8Gzelp9bSkyaF9odYOWPrs.roa
Signing time: Wed 30 Nov 2022 09:17:42 +0000
ROA not before: Wed 30 Nov 2022 09:17:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31088
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
81.24.128.0/20 maxlen: 24
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
109.74.112.0/20 maxlen: 24
78.25.64.0/18 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c7:d3:e2:64:96:7a:06:c9:19:25:42:15:92:e8:25:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Nov 30 09:17:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eb771143c1b37a5a7d6d2932685f687583963ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:94:13:28:87:63:8a:4a:55:3f:c2:a9:82:9d:
23:1d:49:a5:6d:a0:da:0a:59:9f:e3:25:e5:64:d8:
92:c9:a3:06:8a:86:f9:c9:d9:94:13:3f:17:70:fc:
09:d7:71:64:6c:d9:1e:ee:fd:ce:4b:fb:5f:64:f0:
29:73:c0:37:c6:60:78:fb:78:0c:a2:cd:38:15:ef:
1e:13:97:32:bc:ec:cb:85:b5:f9:d3:09:fb:4a:d3:
48:59:bd:21:e8:ab:c5:aa:06:5d:90:3f:1e:68:8d:
53:0e:ec:62:fb:76:f6:c8:b5:2f:d9:7c:f9:fa:4d:
0f:af:20:13:09:d1:09:df:af:79:d6:c4:91:93:de:
87:85:77:50:7e:f3:d6:ad:87:f8:aa:d6:4d:3c:bf:
3b:42:55:65:3b:03:17:a6:15:3a:cf:f3:e9:23:62:
92:d9:09:97:8e:f6:5b:15:6f:b9:1b:87:aa:63:8c:
22:63:f0:46:b8:84:e6:69:d8:6e:b6:94:f6:d8:20:
bc:29:8e:25:39:e7:1e:e2:2d:6a:ce:92:ac:f8:94:
67:db:af:d2:cc:b1:93:b7:11:d6:00:35:cb:8a:da:
82:52:45:a0:ee:f5:71:a8:37:9f:bd:3e:02:7a:87:
64:0a:ab:f9:c5:a5:33:0a:4b:b1:0f:b7:28:fd:85:
fe:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:77:11:43:C1:B3:7A:5A:7D:6D:29:32:68:5F:68:75:83:96:3E:BB
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/63cRQ8Gzelp9bSkyaF9odYOWPrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
58:b3:ee:e0:a9:1e:22:f9:ff:84:41:c6:38:9a:b5:08:08:88:
98:1b:e4:81:8c:8a:7c:5d:b9:5d:97:67:af:c1:fd:f2:dd:75:
4d:79:f0:61:35:ab:7a:ca:12:8b:82:b9:da:cc:17:44:b2:bd:
3e:19:04:30:8b:a3:63:93:34:79:55:cb:fc:be:be:60:c7:de:
c6:35:a2:bc:56:94:00:f9:a6:6a:aa:24:9c:3e:e4:fa:f0:ec:
15:85:9f:7e:b0:5e:76:8e:2b:6a:6d:3c:8a:e2:75:96:98:7b:
fa:b0:2c:7f:83:08:da:3b:1b:e5:90:6e:e3:21:dd:47:a4:2f:
6e:ba:3d:f6:e5:ee:f0:78:9e:b1:40:21:06:7c:5b:bf:3d:d5:
96:3f:5e:f0:c6:ed:f7:b2:f8:77:6d:d5:31:af:33:f0:5e:22:
99:65:a4:ba:c5:69:fa:d2:3a:42:e8:dd:01:fb:12:1b:72:a2:
67:69:ff:6f:5f:3f:77:b5:ed:de:e8:df:09:e8:eb:7a:2b:d1:
47:dd:2f:d2:ae:38:3a:00:ea:fb:dd:27:37:ff:20:1d:fa:03:
fb:72:bc:00:08:04:07:d0:5c:fc:ad:74:54:bf:49:36:ff:e8:
03:07:43:23:e5:68:12:bb:78:69:3d:e6:4d:ce:f9:29:97:a7:
cd:4b:cd:4d
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAYTH0+JklnoGyRklQhWS6CWkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMTMwMDkxNzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjc3MTE0M2MxYjM3YTVhN2Q2ZDI5MzI2ODVmNjg3NTgzOTYzZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JQTKIdjikpVP8Kpgp0jHUmlbaDa
Clmf4yXlZNiSyaMGiob5ydmUEz8XcPwJ13FkbNke7v3OS/tfZPApc8A3xmB4+3gM
os04Fe8eE5cyvOzLhbX50wn7StNIWb0h6KvFqgZdkD8eaI1TDuxi+3b2yLUv2Xz5
+k0PryATCdEJ36951sSRk96HhXdQfvPWrYf4qtZNPL87QlVlOwMXphU6z/PpI2KS
2QmXjvZbFW+5G4eqY4wiY/BGuITmadhutpT22CC8KY4lOece4i1qzpKs+JRn26/S
zLGTtxHWADXLitqCUkWg7vVxqDefvT4CeodkCqv5xaUzCkuxD7co/YX+YQIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFOt3EUPBs3pafW0pMmhfaHWDlj67MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvNjNjUlE4R3plbHA5YlNreWFGOW9kWU9XUHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwDBAZO
GUADBAJOKWQDBANPqwgDBARQ97ADBARRGIADBAZTqcADBAVT3sADBAdT5YADBAdV
GoADBAVWbcADBAJbwdQDBAddmYADBAdeGYADBAdfiQADBARtSnADBAZtfEADAwBt
vAMEBoDMQAMEA7IXkAMEArkDIAMEArnSjAMEA7xeqAMDALyiAwQCwcnkAwQFwwWA
AwQFwxBgAwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1Heg
AwQF1ZqgAwQF1aggAwQG1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IBAQBYs+7g
qR4i+f+EQcY4mrUICIiYG+SBjIp8Xbldl2evwf3y3XVNefBhNat6yhKLgrnazBdE
sr0+GQQwi6NjkzR5Vcv8vr5gx97GNaK8VpQA+aZqqiScPuT68OwVhZ9+sF52jitq
bTyK4nWWmHv6sCx/gwjaOxvlkG7jId1HpC9uuj325e7weJ6xQCEGfFu/PdWWP17w
xu33svh3bdUxrzPwXiKZZaS6xWn60jpC6N0B+xIbcqJnaf9vXz93te3e6N8J6Ot6
K9FH3S/Srjg6AOr73Sc3/yAd+gP7crwACAQH0Fz8rXRUv0k2/+gDB0Mj5WgSu3hp
PeZNzvkpl6fNS81N
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:33 2024 by rpki-client on console-ams.rpki-client.org