Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/6o40M6M8adAsUr5Rk7426SXAOws.roa
File: 6o40M6M8adAsUr5Rk7426SXAOws.roa (raw, json)
Hash identifier: 3RrKmcM6dDyjk7Bbj0gk3pmUe3MeqjB7Cd3MhyvQxak=
Subject key identifier: EA:8E:34:33:A3:3C:69:D0:2C:52:BE:51:93:BE:36:E9:25:C0:3B:0B
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F127206E05C774A888C700B9F64022F1
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/6o40M6M8adAsUr5Rk7426SXAOws.roa
Signing time: Thu 08 Dec 2022 09:53:03 +0000
ROA not before: Thu 08 Dec 2022 09:53:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31205
IP address blocks: 109.188.0.0/16 maxlen: 24
195.16.96.0/19 maxlen: 24
188.170.247.0/24 maxlen: 24
193.201.228.0/22 maxlen: 24
85.26.226.0/24 maxlen: 24
85.26.224.0/24 maxlen: 24
85.26.229.0/24 maxlen: 24
85.26.227.0/24 maxlen: 24
85.26.230.0/24 maxlen: 24
85.26.228.0/24 maxlen: 24
85.26.231.0/24 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
94.25.128.0/17 maxlen: 24
212.69.96.0/19 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
178.176.240.0/22 maxlen: 22
78.25.92.0/23 maxlen: 23
78.25.94.0/23 maxlen: 23
178.176.244.0/22 maxlen: 22
37.29.86.0/23 maxlen: 23
188.170.240.0/22 maxlen: 22
31.173.240.0/23 maxlen: 23
195.5.128.0/19 maxlen: 24
31.173.242.0/23 maxlen: 23
128.204.64.0/18 maxlen: 24
31.173.244.0/22 maxlen: 22
95.137.0.0/17 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
83.149.50.0/24 maxlen: 24
83.149.48.0/24 maxlen: 24
83.149.51.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
83.149.49.0/24 maxlen: 24
178.176.48.0/24 maxlen: 24
83.169.252.0/22 maxlen: 22
83.169.248.0/22 maxlen: 22
109.74.112.0/20 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
46.232.202.0/23 maxlen: 23
46.232.200.0/23 maxlen: 23
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:27:20:6e:05:c7:74:a8:88:c7:00:b9:f6:40:22:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 09:53:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ea8e3433a33c69d02c52be5193be36e925c03b0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:3a:0c:db:51:96:1c:17:a4:93:0d:25:6a:5c:
03:ad:ee:4d:61:1a:79:40:16:38:6d:87:fb:5e:22:
47:ab:bc:70:3d:74:1f:c6:db:de:e5:44:f5:b7:ba:
95:5b:76:d3:e6:fe:6e:fc:00:f0:7a:4a:64:c7:4b:
fd:b4:6c:5c:f6:19:22:88:e4:72:b2:3e:11:65:1b:
22:91:60:82:71:89:8c:d8:18:e1:22:53:c5:dd:20:
f1:48:79:62:25:14:69:4d:c4:a5:50:17:74:be:81:
7d:47:d4:f9:f4:8c:62:5f:0b:d2:4f:1b:0a:0e:62:
56:40:26:59:89:66:25:c5:9a:2c:35:0e:cd:85:18:
c3:98:52:95:13:2f:7a:e1:38:d1:e9:40:86:c9:98:
4d:2a:56:24:f1:ef:b5:21:69:8a:16:32:f0:34:80:
28:b2:e2:ac:02:86:f2:7e:e4:df:2f:ed:2c:5b:9f:
83:3a:72:47:b1:c4:9e:91:b4:1f:f8:f5:59:3c:b0:
a5:28:b5:de:57:f8:ff:dc:a6:f1:eb:6f:da:0f:01:
9c:3c:5a:27:ff:3f:d9:7b:3e:96:e9:62:b7:17:ce:
0e:d9:ce:20:54:ca:b0:a1:d9:94:7f:6b:94:b3:d1:
30:aa:03:85:39:83:10:f6:28:58:2f:49:51:a8:cb:
73:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:8E:34:33:A3:3C:69:D0:2C:52:BE:51:93:BE:36:E9:25:C0:3B:0B
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/6o40M6M8adAsUr5Rk7426SXAOws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.240.0/21
37.29.86.0/23
46.232.200.0/22
78.25.92.0/22
83.149.48.0/22
83.169.248.0/21
85.26.224.0/24
85.26.226.0-85.26.231.255
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.48.0/24
178.176.240.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
188.170.240.0/22
188.170.247.0/24
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
2e:24:c4:57:20:e0:fb:20:01:6c:32:29:e9:a1:1c:4e:54:73:
2d:1a:4e:dd:38:fd:45:ab:67:50:3e:8b:6a:4b:a4:e9:37:c9:
5c:5a:e7:2c:e0:b3:72:a8:0e:09:8f:eb:91:f1:cd:f0:5e:0f:
e3:ca:95:ae:8b:cf:35:c0:2e:4b:43:7f:3a:17:0c:34:c5:44:
53:b6:01:e6:db:b7:30:02:ef:d6:8d:dc:26:62:a7:c3:c5:76:
26:b6:c9:ef:ad:29:74:e8:fd:07:0f:29:94:06:31:fa:2a:44:
c5:61:62:55:79:0c:11:ed:fb:c6:f7:b0:97:2f:af:bf:0a:2d:
15:96:e0:de:79:1e:5c:ee:3e:4f:91:38:2f:c2:f9:bb:31:e2:
4c:d7:c4:35:da:95:54:ca:c5:50:f2:94:23:f3:ea:e9:60:16:
b0:e4:f6:70:e4:da:5e:7f:a2:97:27:78:f9:9a:c0:c5:7d:86:
a3:61:7f:73:e8:a8:a7:67:49:ce:46:22:1d:5b:fe:44:47:88:
92:b3:e9:a0:4e:17:1f:e4:bc:44:63:ea:a5:85:4b:5f:03:30:
43:5d:3d:82:5a:4d:bf:39:d6:28:63:12:9b:b2:a2:39:c9:93:
60:99:79:5f:8a:c7:8b:d5:5e:92:6a:d9:49:08:15:69:8f:ba:
82:97:b3:5c
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAYTxJyBuBcd0qIjHALn2QCLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MDk1MzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYThlMzQzM2EzM2M2OWQwMmM1MmJlNTE5M2JlMzZlOTI1YzAzYjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjoM21GWHBekkw0lalwDre5NYRp5
QBY4bYf7XiJHq7xwPXQfxtve5UT1t7qVW3bT5v5u/ADwekpkx0v9tGxc9hkiiORy
sj4RZRsikWCCcYmM2BjhIlPF3SDxSHliJRRpTcSlUBd0voF9R9T59IxiXwvSTxsK
DmJWQCZZiWYlxZosNQ7NhRjDmFKVEy964TjR6UCGyZhNKlYk8e+1IWmKFjLwNIAo
suKsAobyfuTfL+0sW5+DOnJHscSekbQf+PVZPLClKLXeV/j/3Kbx62/aDwGcPFon
/z/Zez6W6WK3F84O2c4gVMqwodmUf2uUs9EwqgOFOYMQ9ihYL0lRqMtzVwIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFOqONDOjPGnQLFK+UZO+NuklwDsLMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvNm80ME02TThhZEFzVXI1Ums3NDI2U1hBT3dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwQD
H63wAwQBJR1WAwQCLujIAwQCThlcAwQCU5UwAwQDU6n4AwQAVRrgMAwDBAFVGuID
BANVGuADBAdeGYADBAdfiQADBARtSnADBAZtfEADAwBtvAMEBoDMQAMEA7IXkAME
ALKwMAMEA7Kw8AMEArkDIAMEArnSjAMEA7xeqAMDALyiAwQCvKrwAwQAvKr3AwQC
wcnkAwQFwwWAAwQFwxBgAwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF
1EVgAwQF1HegAwQF1ZqgAwQF1aggAwQG1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUA
A4IBAQAuJMRXIOD7IAFsMinpoRxOVHMtGk7dOP1Fq2dQPotqS6TpN8lcWucs4LNy
qA4Jj+uR8c3wXg/jypWui881wC5LQ386Fww0xURTtgHm27cwAu/WjdwmYqfDxXYm
tsnvrSl06P0HDymUBjH6KkTFYWJVeQwR7fvG97CXL6+/Ci0VluDeeR5c7j5PkTgv
wvm7MeJM18Q12pVUysVQ8pQj8+rpYBaw5PZw5Npef6KXJ3j5msDFfYajYX9z6Kin
Z0nORiIdW/5ER4iSs+mgThcf5LxEY+qlhUtfAzBDXT2CWk2/OdYoYxKbsqI5yZNg
mXlfiseL1V6SatlJCBVpj7qCl7Nc
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:58:32 2025 by rpki-client