Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/7U8VT9q3vYH0uzQPJ2jmQYh-fro.roa
File: 7U8VT9q3vYH0uzQPJ2jmQYh-fro.roa (raw, json)
Hash identifier: XfHoppfxP/ULUwY+3NB++G1BF8BG625dX63JbzfSmPY=
Subject key identifier: ED:4F:15:4F:DA:B7:BD:81:F4:BB:34:0F:27:68:E6:41:88:7E:7E:BA
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184191E1F69F1105A2E71666387AAEF74A7
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/7U8VT9q3vYH0uzQPJ2jmQYh-fro.roa
Signing time: Thu 27 Oct 2022 11:05:15 +0000
ROA not before: Thu 27 Oct 2022 11:05:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31208
IP address blocks: 109.188.0.0/16 maxlen: 24
46.29.192.0/21 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
37.29.0.0/17 maxlen: 24
37.28.160.0/19 maxlen: 24
78.25.64.0/18 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
81.24.128.0/20 maxlen: 24
83.149.41.0/24 maxlen: 24
83.149.44.0/23 maxlen: 23
83.149.40.0/24 maxlen: 24
83.149.42.0/23 maxlen: 23
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 24
83.149.46.0/23 maxlen: 23
83.169.192.0/18 maxlen: 24
188.94.168.0/21 maxlen: 24
109.74.112.0/20 maxlen: 24
188.162.0.0/16 maxlen: 24
46.232.200.0/21 maxlen: 24
62.64.0.0/19 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
212.44.64.0/19 maxlen: 24
46.229.128.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:19:1e:1f:69:f1:10:5a:2e:71:66:63:87:aa:ef:74:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 27 11:05:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed4f154fdab7bd81f4bb340f2768e641887e7eba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:eb:96:0a:5e:f5:84:16:18:8b:bd:8a:c6:d2:
e8:a3:8e:c5:20:0e:10:b7:4a:1a:65:b3:5a:5a:ae:
b6:da:7b:7e:3c:41:82:fb:d3:f6:0b:d8:9d:5f:c9:
41:c5:12:75:2f:a6:b4:4c:69:3a:ab:8b:01:96:b5:
57:00:38:4a:4f:52:31:bb:fa:43:7f:88:5e:46:b8:
06:08:2a:c0:3d:d5:7d:14:c5:53:ae:d1:07:25:af:
cd:99:24:a4:71:8b:09:2d:50:4c:10:56:83:75:85:
9c:d5:e2:15:0e:fa:0e:95:98:e1:66:92:a2:bb:93:
fa:b7:6e:bb:06:b8:3c:93:94:32:bb:5e:37:6f:34:
d7:20:b0:e9:2c:a0:8a:13:70:53:f1:c4:af:78:f9:
c7:99:f7:a1:d5:45:5f:48:e1:d8:62:67:32:82:28:
98:4f:dc:fa:b4:c8:19:e6:28:f5:76:d8:80:8e:4e:
51:a1:ae:ba:18:e6:55:2d:8e:b4:78:85:f5:26:fe:
45:70:fa:8a:95:00:23:65:73:ce:b9:ab:9b:76:04:
d6:fd:32:e9:49:ac:33:31:4d:0e:d1:f0:c6:d4:a3:
3a:c4:d7:86:cf:3f:d1:31:76:dc:cf:ba:f3:bd:ff:
eb:6d:3f:23:9a:1a:95:07:67:bc:df:a8:74:2c:22:
ae:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:4F:15:4F:DA:B7:BD:81:F4:BB:34:0F:27:68:E6:41:88:7E:7E:BA
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/7U8VT9q3vYH0uzQPJ2jmQYh-fro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/19
37.29.0.0/17
46.29.192.0/21
46.229.128.0/20
46.232.200.0/21
62.64.0.0/19
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.149.40.0/21
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
2a:8a:c9:8e:8b:81:db:ba:16:bb:6d:09:06:94:fe:32:91:b9:
fd:1d:16:7b:b6:da:95:39:44:79:96:70:15:45:d5:93:20:39:
4c:0f:33:f7:6e:58:9a:cf:aa:83:90:12:6c:98:2f:17:97:b6:
4e:a8:6f:d6:11:a5:68:cf:c5:e2:2a:e7:5d:5d:b7:ed:6d:67:
fa:01:9d:89:98:06:f5:58:3b:c4:51:c5:d0:de:b1:5c:c6:7e:
fc:7f:e5:ca:0a:50:62:47:97:34:0f:5d:55:c4:dd:74:61:fe:
91:f1:e4:f5:4d:b3:ca:61:ea:86:f7:70:1d:f6:a1:c5:71:a8:
cc:34:12:c8:f1:d6:9e:b2:8a:c7:b6:aa:d7:68:b2:c2:71:3b:
cf:7c:3c:10:d8:c5:3e:df:af:e1:87:a4:c0:a8:44:dd:c7:72:
cb:44:eb:f9:ee:11:a6:36:53:f6:dd:e9:9c:90:2a:29:92:75:
9d:f6:78:bb:93:d5:73:ab:23:ba:65:34:21:79:75:c2:58:e6:
21:74:65:60:75:7a:a8:4f:55:ee:47:ff:87:95:3c:7c:97:60:
09:d0:94:16:42:85:1c:30:42:a8:42:36:80:aa:6c:3b:90:a1:
d4:6d:6d:4d:2a:ca:25:48:e3:31:3f:ad:88:50:1f:55:87:1b:
0c:8f:b2:93
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAYQZHh9p8RBaLnFmY4eq73SnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMDI3MTEwNTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDRmMTU0ZmRhYjdiZDgxZjRiYjM0MGYyNzY4ZTY0MTg4N2U3ZWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOuWCl71hBYYi72KxtLoo47FIA4Q
t0oaZbNaWq622nt+PEGC+9P2C9idX8lBxRJ1L6a0TGk6q4sBlrVXADhKT1Ixu/pD
f4heRrgGCCrAPdV9FMVTrtEHJa/NmSSkcYsJLVBMEFaDdYWc1eIVDvoOlZjhZpKi
u5P6t267Brg8k5Qyu143bzTXILDpLKCKE3BT8cSvePnHmfeh1UVfSOHYYmcygiiY
T9z6tMgZ5ij1dtiAjk5Roa66GOZVLY60eIX1Jv5FcPqKlQAjZXPOuaubdgTW/TLp
SawzMU0O0fDG1KM6xNeGzz/RMXbcz7rzvf/rbT8jmhqVB2e836h0LCKuAwIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFO1PFU/at72B9Ls0Dydo5kGIfn66MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvN1U4VlQ5cTN2WUgwdXpRUEoyam1RWWgtZnJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCARQEAgABMIIB
DAMEBSUcoAMEByUdAAMEAy4dwAMEBC7lgAMEAy7oyAMEBT5AAAMEBU3poAMEBk4Z
QAMEAk4pZAMEA0+rCAMEBFD3sAMEBFEYgAMEA1OVKAMEBlOpwAMEBVPewAMEB1Pl
gAMEB1UagAMEBVZtwAMEAlvB1AMEB12ZgAMEB14ZgAMEB1+JAAMEBG1KcAMEBm18
QAMDAG28AwQGgMxAAwQDsheQAwQCuQMgAwQCudKMAwQDvF6oAwMAvKIDBALByeQD
BAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXURWAD
BAXUd6ADBAXVmqADBAXVqCADBAbV80ADBATZc1AwDQYJKoZIhvcNAQELBQADggEB
ACqKyY6Lgdu6FrttCQaU/jKRuf0dFnu22pU5RHmWcBVF1ZMgOUwPM/duWJrPqoOQ
EmyYLxeXtk6ob9YRpWjPxeIq511dt+1tZ/oBnYmYBvVYO8RRxdDesVzGfvx/5coK
UGJHlzQPXVXE3XRh/pHx5PVNs8ph6ob3cB32ocVxqMw0Esjx1p6yise2qtdossJx
O898PBDYxT7fr+GHpMCoRN3HcstE6/nuEaY2U/bd6ZyQKimSdZ32eLuT1XOrI7pl
NCF5dcJY5iF0ZWB1eqhPVe5H/4eVPHyXYAnQlBZChRwwQqhCNoCqbDuQodRtbU0q
yiVI4zE/rYhQH1WHGwyPspM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:48 2025 by rpki-client