Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/84XwzWZ6DkrwGDnv5lRiAe79JOw.roa
File: 84XwzWZ6DkrwGDnv5lRiAe79JOw.roa (raw, json)
Hash identifier: abq6OJQzK5z3OfI3aHr7Cxkqt3FycSnswxAD3A1sBY0=
Subject key identifier: F3:85:F0:CD:66:7A:0E:4A:F0:18:39:EF:E6:54:62:01:EE:FD:24:EC
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F146366883998DD884DC11ED83A916CE
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/84XwzWZ6DkrwGDnv5lRiAe79JOw.roa
Signing time: Thu 08 Dec 2022 10:27:00 +0000
ROA not before: Thu 08 Dec 2022 10:27:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20632
IP address blocks: 109.188.0.0/16 maxlen: 24
84.204.230.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
84.204.160.0/20 maxlen: 20
84.204.176.0/21 maxlen: 21
79.171.8.0/21 maxlen: 21
84.204.188.0/22 maxlen: 22
84.204.192.0/18 maxlen: 18
193.201.228.0/22 maxlen: 24
217.195.64.0/19 maxlen: 19
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
84.204.0.0/17 maxlen: 17
93.153.128.0/17 maxlen: 17
93.153.144.0/21 maxlen: 21
212.69.96.0/19 maxlen: 24
93.153.158.0/24 maxlen: 24
93.153.162.0/24 maxlen: 24
93.153.161.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 20
84.204.132.0/22 maxlen: 22
94.25.248.0/21 maxlen: 21
84.204.139.0/24 maxlen: 24
84.204.138.0/24 maxlen: 24
84.204.136.0/24 maxlen: 24
84.204.140.0/22 maxlen: 22
84.204.144.0/20 maxlen: 20
195.5.128.0/19 maxlen: 24
82.140.64.0/18 maxlen: 18
128.204.64.0/18 maxlen: 24
82.140.93.0/24 maxlen: 24
95.137.0.0/17 maxlen: 17
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
82.196.64.0/19 maxlen: 19
81.24.128.0/20 maxlen: 20
195.78.116.0/23 maxlen: 24
213.172.0.0/19 maxlen: 19
109.74.112.0/20 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
195.144.224.0/19 maxlen: 19
81.3.128.0/18 maxlen: 18
213.182.160.0/19 maxlen: 19
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
46.47.192.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:46:36:68:83:99:8d:d8:84:dc:11:ed:83:a9:16:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 10:27:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f385f0cd667a0e4af01839efe6546201eefd24ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:52:77:50:d7:e7:71:74:ea:21:ba:6a:e8:28:
b3:80:a1:9f:28:2b:96:2f:1b:cb:81:71:89:d1:f6:
fd:0f:91:36:b1:be:51:28:14:d7:83:d5:0d:ca:38:
b5:63:db:80:3d:30:da:9a:03:94:4f:2e:53:52:ca:
0c:69:a8:de:d6:b9:d1:b4:f5:cc:9a:de:b3:62:31:
a3:a6:bd:ad:1c:93:f8:37:37:d4:4a:eb:23:72:e9:
3e:05:ee:a3:80:d5:74:09:66:09:51:22:c2:05:c9:
33:0b:32:99:0a:f2:90:ca:47:be:8e:31:df:4c:c3:
68:19:59:f0:79:f5:31:ff:4a:39:df:b5:46:bb:00:
81:d6:55:01:4d:6f:d9:4d:77:f4:a1:9a:3b:47:fa:
f2:2a:3f:ee:9c:ef:83:79:f3:cf:9a:63:c0:b3:a8:
4a:40:09:90:2f:72:f5:2a:5d:62:80:8b:32:4f:9b:
8a:6b:94:4c:5d:bd:0b:df:a7:8e:6d:51:bb:56:d6:
17:12:dd:0c:7e:d2:91:e9:14:1f:f3:0f:9e:a0:01:
97:b0:16:9d:c0:ea:be:4f:05:4e:15:73:ba:ab:f1:
e4:fb:88:f6:ea:cb:bf:f9:89:a0:ad:c9:4f:b1:ae:
a8:eb:30:b7:98:98:1b:7d:5b:68:dd:eb:92:b1:88:
f0:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:85:F0:CD:66:7A:0E:4A:F0:18:39:EF:E6:54:62:01:EE:FD:24:EC
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/84XwzWZ6DkrwGDnv5lRiAe79JOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.192.0/18
79.171.8.0/21
80.247.176.0/20
81.3.128.0/18
81.24.128.0/20
82.140.64.0/18
82.196.64.0/19
84.204.0.0/17
84.204.132.0-84.204.136.255
84.204.138.0-84.204.183.255
84.204.188.0-84.204.255.255
93.153.128.0/17
94.25.248.0/21
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.144.224.0/19
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.172.0.0/19
213.182.160.0/19
213.243.64.0/18
217.115.80.0/20
217.195.64.0/19
Signature Algorithm: sha256WithRSAEncryption
6d:11:80:2d:bb:64:a4:78:a6:72:12:a1:26:2d:ca:1a:e4:16:
63:fe:33:cd:6d:42:e3:a7:b1:ea:a7:2d:42:74:1c:81:40:1b:
03:87:a2:0b:ae:d5:a6:20:ab:ea:6d:fa:c2:b2:bc:45:2e:cd:
91:8f:7c:3f:b6:f0:a2:3e:08:57:82:09:e9:57:d6:a8:e2:40:
6a:7e:c3:e2:21:5d:6a:4d:89:dd:53:48:04:d7:1b:5d:9b:1d:
76:e9:f7:fb:23:77:ca:55:13:21:e6:0c:9c:67:f7:7d:d6:c8:
d6:ba:59:97:c8:22:87:69:b5:3c:ef:38:a1:54:ca:f7:ca:37:
a4:f5:5c:9a:52:1d:1e:ba:c6:d4:cb:66:3e:5c:65:7c:29:58:
0f:73:ce:6f:65:3e:ff:ce:ae:6a:19:ce:dc:9d:a0:c0:f1:e5:
44:11:c8:2d:21:7f:64:fe:49:7c:72:e8:43:18:1d:c1:91:54:
c2:7b:79:a5:ca:36:ba:b5:ad:d8:a0:b4:43:c2:60:46:d7:6a:
21:42:30:5f:16:f4:f7:73:4e:4d:a9:9b:60:98:87:bb:e0:54:
5d:ab:10:bd:d8:b7:e0:6b:1e:50:06:dd:ce:bb:96:2a:69:1b:
cc:f8:73:36:a5:59:b6:39:6b:eb:94:e7:32:fd:9b:3d:97:ae:
5a:f3:3d:f2
-----BEGIN CERTIFICATE-----
MIIGDDCCBPSgAwIBAgISAYTxRjZog5mN2ITcEe2DqRbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTAyNzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzg1ZjBjZDY2N2EwZTRhZjAxODM5ZWZlNjU0NjIwMWVlZmQyNGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1J3UNfncXTqIbpq6CizgKGfKCuW
LxvLgXGJ0fb9D5E2sb5RKBTXg9UNyji1Y9uAPTDamgOUTy5TUsoMaaje1rnRtPXM
mt6zYjGjpr2tHJP4NzfUSusjcuk+Be6jgNV0CWYJUSLCBckzCzKZCvKQyke+jjHf
TMNoGVnwefUx/0o537VGuwCB1lUBTW/ZTXf0oZo7R/ryKj/unO+DefPPmmPAs6hK
QAmQL3L1Kl1igIsyT5uKa5RMXb0L36eObVG7VtYXEt0MftKR6RQf8w+eoAGXsBad
wOq+TwVOFXO6q/Hk+4j26su/+YmgrclPsa6o6zC3mJgbfVto3euSsYjw4QIDAQAB
o4IDGDCCAxQwHQYDVR0OBBYEFPOF8M1meg5K8Bg57+ZUYgHu/STsMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvODRYd3pXWjZEa3J3R0RudjVsUmlBZTc5Sk93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLAYIKwYBBQUHAQcBAf8EggEbMIIBFzCCARMEAgABMIIB
CwMEBi4vwAMEA0+rCAMEBFD3sAMEBlEDgAMEBFEYgAMEBlKMQAMEBVLEQAMEB1TM
ADAMAwQCVMyEAwQAVMyIMAwDBAFUzIoDBANUzLAwCwMEAlTMvAMDAFTMAwQHXZmA
AwQDXhn4AwQHX4kAAwQEbUpwAwQGbXxAAwMAbbwDBAaAzEADBAOyF5ADBAK5AyAD
BAK50owDBAO8XqgDAwC8ogMEAsHJ5AMEBcMFgAMEBcMQYAMEAcNOdAMEBcOQ4AME
AMOVbwMEBcPmQAMEBdQOoAMEBdQsQAMEBdRFYAMEBdR3oAMEBdWaoAMEBdWoIAME
BdWsAAMEBdW2oAMEBtXzQAMEBNlzUAMEBdnDQDANBgkqhkiG9w0BAQsFAAOCAQEA
bRGALbtkpHimchKhJi3KGuQWY/4zzW1C46ex6qctQnQcgUAbA4eiC67VpiCr6m36
wrK8RS7NkY98P7bwoj4IV4IJ6VfWqOJAan7D4iFdak2J3VNIBNcbXZsddun3+yN3
ylUTIeYMnGf3fdbI1rpZl8gih2m1PO84oVTK98o3pPVcmlIdHrrG1MtmPlxlfClY
D3POb2U+/86uahnO3J2gwPHlRBHILSF/ZP5JfHLoQxgdwZFUwnt5pco2urWt2KC0
Q8JgRtdqIUIwXxb093NOTambYJiHu+BUXasQvdi34GseUAbdzruWKmkbzPhzNqVZ
tjlr65TnMv2bPZeuWvM98g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:24 2024 by rpki-client on console-fra.rpki-client.org