Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/6Dhdf5WdOnoGNN7SBAvjivirPuE.roa
File: 6Dhdf5WdOnoGNN7SBAvjivirPuE.roa (raw, json)
Hash identifier: yyi8wsi1fZNrkfkbdbNW9V0O88nttSh302ylT8h/Gk4=
Subject key identifier: E8:38:5D:7F:95:9D:3A:7A:06:34:DE:D2:04:0B:E3:8A:F8:AB:3E:E1
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01850571C72886CECFA64F5D33B16C432DEC
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/6Dhdf5WdOnoGNN7SBAvjivirPuE.roa
Signing time: Mon 12 Dec 2022 08:27:00 +0000
ROA not before: Mon 12 Dec 2022 08:27:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20663
IP address blocks: 212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
213.154.187.0/24 maxlen: 24
213.154.190.0/23 maxlen: 23
193.201.228.0/22 maxlen: 24
213.154.189.0/24 maxlen: 24
213.154.188.0/24 maxlen: 24
213.154.160.0/19 maxlen: 24
213.154.167.0/24 maxlen: 24
213.154.171.0/24 maxlen: 24
213.154.172.0/23 maxlen: 23
213.154.169.0/24 maxlen: 24
213.154.168.0/24 maxlen: 24
213.154.176.0/23 maxlen: 23
213.154.179.0/24 maxlen: 24
213.154.174.0/24 maxlen: 24
213.154.178.0/24 maxlen: 24
213.154.178.0/23 maxlen: 23
213.154.186.0/24 maxlen: 24
213.154.181.0/24 maxlen: 24
213.154.185.0/24 maxlen: 24
213.154.180.0/24 maxlen: 24
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
212.119.160.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:71:c7:28:86:ce:cf:a6:4f:5d:33:b1:6c:43:2d:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 08:27:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e8385d7f959d3a7a0634ded2040be38af8ab3ee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:fe:b8:6e:1a:bf:32:cb:e3:84:99:29:f7:ea:
00:0a:51:c6:48:1d:ce:b2:1e:f1:0d:b3:34:19:df:
fe:0b:2b:5b:e2:7a:05:28:48:7d:af:d1:3f:e5:92:
6c:f3:16:bb:2b:7e:96:53:5f:2e:86:83:60:dc:bf:
bc:2b:e8:57:94:93:93:4c:e0:2d:32:97:c7:32:75:
12:d3:12:d5:8a:e9:cf:4c:a6:46:f6:60:ba:05:a2:
4a:86:22:f8:c5:d0:bd:7f:5c:90:18:1c:c4:f2:bb:
e6:1f:79:68:0d:99:5f:73:8c:27:2b:bd:ad:58:21:
7f:1b:89:66:f5:df:56:09:26:ee:6a:d6:8f:11:38:
67:fa:02:20:65:bc:52:f1:54:d3:21:d9:a8:f8:85:
9e:42:1a:ee:a6:30:f3:12:70:55:9b:83:a8:d7:fa:
14:4b:20:2a:45:e0:d6:ff:0a:b6:87:63:fd:cb:9f:
81:ad:9e:94:63:34:f4:76:0c:a9:39:e9:f5:12:c5:
56:1c:cc:54:f0:9c:9a:19:cc:2e:81:5d:33:f0:4d:
e8:6f:38:98:b6:68:97:b6:6f:f4:fd:ab:4d:75:78:
36:6b:a1:8c:59:b3:4a:e8:5c:7e:ed:40:3c:f0:ae:
5d:fa:b5:4d:0b:80:66:67:9c:5d:06:e6:3e:17:af:
7d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:38:5D:7F:95:9D:3A:7A:06:34:DE:D2:04:0B:E3:8A:F8:AB:3E:E1
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/6Dhdf5WdOnoGNN7SBAvjivirPuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
Signature Algorithm: sha256WithRSAEncryption
3c:ce:9b:c0:81:94:99:06:53:68:1f:f6:c6:f1:bb:4f:86:de:
cb:71:55:d7:28:cc:cb:81:b4:87:73:ff:4f:34:4e:20:9d:fb:
08:1c:ef:4f:09:d5:6a:60:cd:fa:b2:c6:fc:8f:f4:14:38:f4:
d7:e6:b3:e7:f2:b5:5f:cd:dc:22:14:f0:ab:64:5f:56:7c:d3:
9b:b0:62:e5:f3:c2:32:98:fa:1d:02:05:f6:27:27:a0:18:1d:
fd:c7:ef:87:8b:9d:84:0a:0d:63:0e:03:f1:7f:19:c5:6f:02:
02:a4:c4:14:25:19:1a:66:b1:62:4d:ee:69:53:dc:30:09:8e:
f8:fa:73:df:90:9b:bd:61:a3:58:c5:cc:12:d3:67:0c:27:b4:
ee:98:66:59:82:76:d9:f2:b7:d9:b9:ed:1f:95:8a:61:15:11:
59:21:b9:5c:d1:cc:30:d2:7f:6c:43:64:ca:f2:92:13:cb:e8:
6d:53:ee:55:e2:da:f6:b7:e0:42:29:c4:8e:46:49:cc:18:94:
28:4b:f8:d6:47:9a:85:4e:08:05:94:f2:0c:da:81:8b:46:d5:
38:ae:05:6a:4a:6c:e5:b0:26:3a:ef:b6:68:65:2e:4b:dc:fc:
d6:ef:b2:c6:f2:b0:75:32:ff:a1:f2:34:70:b8:09:b4:5e:7b:
07:03:ed:8f
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYUFcccohs7Ppk9dM7FsQy3sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDgyNzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODM4NWQ3Zjk1OWQzYTdhMDYzNGRlZDIwNDBiZTM4YWY4YWIzZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3P64bhq/MsvjhJkp9+oAClHGSB3O
sh7xDbM0Gd/+Cytb4noFKEh9r9E/5ZJs8xa7K36WU18uhoNg3L+8K+hXlJOTTOAt
MpfHMnUS0xLViunPTKZG9mC6BaJKhiL4xdC9f1yQGBzE8rvmH3loDZlfc4wnK72t
WCF/G4lm9d9WCSbuataPEThn+gIgZbxS8VTTIdmo+IWeQhrupjDzEnBVm4Oo1/oU
SyAqReDW/wq2h2P9y5+BrZ6UYzT0dgypOen1EsVWHMxU8JyaGcwugV0z8E3obziY
tmiXtm/0/atNdXg2a6GMWbNK6Fx+7UA88K5d+rVNC4BmZ5xdBuY+F6998wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOg4XX+VnTp6BjTe0gQL44r4qz7hMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvNkRoZGY1V2RPbm9HTk43U0JBdmppdmlyUHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzBNBAIAATBHAwMAvKIDBALB
yeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXU
RWADBAXUd6ADBAXVmqAwDQYJKoZIhvcNAQELBQADggEBADzOm8CBlJkGU2gf9sbx
u0+G3stxVdcozMuBtIdz/080TiCd+wgc708J1WpgzfqyxvyP9BQ49Nfms+fytV/N
3CIU8KtkX1Z805uwYuXzwjKY+h0CBfYnJ6AYHf3H74eLnYQKDWMOA/F/GcVvAgKk
xBQlGRpmsWJN7mlT3DAJjvj6c9+Qm71ho1jFzBLTZwwntO6YZlmCdtnyt9m57R+V
imEVEVkhuVzRzDDSf2xDZMrykhPL6G1T7lXi2va34EIpxI5GScwYlChL+NZHmoVO
CAWU8gzagYtG1TiuBWpKbOWwJjrvtmhlLkvc/NbvssbysHUy/6HyNHC4CbReewcD
7Y8=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:28:15 2025 by rpki-client