Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/84jh0IIAfg57P3EbRzVeaI9DJM4.roa
File: 84jh0IIAfg57P3EbRzVeaI9DJM4.roa (raw, json)
Hash identifier: z507K6MbcMS3ULJWXTeCcxw8WUr3Dm5IwXb0jPRpA4Y=
Subject key identifier: F3:88:E1:D0:82:00:7E:0E:7B:3F:71:1B:47:35:5E:68:8F:43:24:CE
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505AE40E541369F92FAE7A5BAAE66117E
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/84jh0IIAfg57P3EbRzVeaI9DJM4.roa
Signing time: Mon 12 Dec 2022 09:33:04 +0000
ROA not before: Mon 12 Dec 2022 09:33:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50928
IP address blocks: 46.29.192.0/21 maxlen: 21
46.29.199.0/24 maxlen: 24
46.29.194.0/24 maxlen: 24
46.29.196.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
188.170.244.0/23 maxlen: 23
188.170.244.0/24 maxlen: 24
188.170.245.0/24 maxlen: 24
188.170.250.0/24 maxlen: 24
188.170.251.0/24 maxlen: 24
188.170.252.0/24 maxlen: 24
188.170.248.0/24 maxlen: 24
188.170.249.0/24 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 21
188.162.0.0/16 maxlen: 24
178.23.149.0/24 maxlen: 24
178.23.148.0/24 maxlen: 24
178.23.151.0/24 maxlen: 24
178.23.150.0/24 maxlen: 24
178.176.250.0/24 maxlen: 24
178.176.251.0/24 maxlen: 24
178.176.252.0/24 maxlen: 24
178.176.248.0/24 maxlen: 24
178.176.253.0/24 maxlen: 24
178.176.249.0/24 maxlen: 24
37.29.81.0/24 maxlen: 24
37.29.80.0/24 maxlen: 24
37.29.83.0/24 maxlen: 24
37.29.80.0/22 maxlen: 22
37.29.82.0/24 maxlen: 24
195.5.128.0/19 maxlen: 24
31.173.248.0/21 maxlen: 21
31.173.248.0/24 maxlen: 24
31.173.252.0/24 maxlen: 24
31.173.253.0/24 maxlen: 24
31.173.249.0/24 maxlen: 24
31.173.250.0/24 maxlen: 24
31.173.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:ae:40:e5:41:36:9f:92:fa:e7:a5:ba:ae:66:11:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:33:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f388e1d082007e0e7b3f711b47355e688f4324ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:27:4d:a4:e5:09:52:64:5b:cb:43:6a:d5:d9:
99:65:a6:cf:f8:97:98:88:91:e7:08:bb:99:48:59:
92:81:54:05:3e:c5:50:c7:1d:e6:be:0e:48:3f:e7:
73:91:b0:46:46:c3:04:20:6d:0e:1e:eb:7d:46:87:
1a:fd:58:ce:2e:5d:57:55:1e:1e:04:65:dd:e6:ee:
20:fa:8c:09:73:70:f1:e8:b7:f8:97:21:c6:d9:5c:
93:e1:15:26:d3:a0:db:dd:32:54:f6:a8:e9:b4:d1:
87:76:ba:ba:31:b3:53:ad:12:0c:1a:15:e7:a7:b8:
05:74:72:c5:3d:8f:89:cb:75:80:f9:1a:ad:85:47:
71:62:9e:d3:8e:cd:c0:17:10:c8:ad:46:78:c3:4e:
b0:e9:7d:65:d5:56:ce:6d:52:ce:0f:7f:33:47:8e:
0a:dc:a1:06:f4:aa:fc:8b:b6:2a:bc:77:62:b7:6b:
42:c1:23:85:b1:53:cc:5b:cd:54:df:66:13:f4:09:
14:9b:91:99:61:39:a4:59:d0:96:b0:c9:c5:4f:a3:
9d:da:22:9b:8d:90:85:00:1f:05:76:dc:36:56:af:
38:ec:b5:e4:a6:e9:d3:54:4d:64:f7:2a:a8:8f:89:
e5:01:fd:83:01:1a:46:e8:cd:a5:21:70:b9:8d:8f:
9b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:88:E1:D0:82:00:7E:0E:7B:3F:71:1B:47:35:5E:68:8F:43:24:CE
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/84jh0IIAfg57P3EbRzVeaI9DJM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.248.0/21
37.29.80.0/22
46.29.192.0/21
178.23.144.0/21
178.176.248.0-178.176.253.255
188.162.0.0/16
188.170.244.0/23
188.170.248.0-188.170.252.255
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
Signature Algorithm: sha256WithRSAEncryption
2d:82:a3:92:a6:1d:7d:8a:a7:4e:80:ad:18:3a:c1:f0:61:ba:
7a:35:46:bd:22:89:0d:15:1a:ec:49:59:83:99:56:59:55:45:
28:c4:8b:82:b6:b3:8a:6f:cb:a0:e7:79:d3:22:a2:ba:b2:48:
bc:fc:a3:9c:71:1a:8f:9d:16:0f:9d:bb:ce:ed:43:9c:88:e5:
17:b2:0a:18:33:24:ce:30:d2:26:61:d7:03:d4:8c:fc:b7:e4:
c5:4a:18:4a:92:ec:fe:de:d9:e3:8b:9e:45:97:f2:e8:ed:9d:
8e:af:fb:6c:ba:f6:4e:be:d3:c3:b5:76:c9:86:61:ed:03:73:
5e:93:88:04:eb:d8:52:e9:52:01:44:35:60:b5:39:3a:39:5e:
2c:91:a4:5f:e9:75:3e:ae:fb:02:2b:21:5e:13:1c:22:97:07:
b7:ca:4d:a3:05:59:2f:37:80:b9:4f:56:51:88:c3:0b:c1:e8:
cf:1e:39:8d:19:68:a6:2a:ff:64:f3:c7:2f:74:3a:27:c7:1d:
ca:d7:37:76:9b:0a:32:2e:72:af:a1:dd:69:0e:43:e7:1b:b5:
f1:3b:14:02:f9:03:60:2c:80:e0:e7:54:ee:36:b4:ca:df:3a:
90:30:43:1d:25:e4:9f:00:13:3e:ee:4a:40:56:b9:53:fd:6a:
89:ec:06:5a
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYUFrkDlQTafkvrnpbquZhF+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkzMzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzg4ZTFkMDgyMDA3ZTBlN2IzZjcxMWI0NzM1NWU2ODhmNDMyNGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCdNpOUJUmRby0Nq1dmZZabP+JeY
iJHnCLuZSFmSgVQFPsVQxx3mvg5IP+dzkbBGRsMEIG0OHut9Roca/VjOLl1XVR4e
BGXd5u4g+owJc3Dx6Lf4lyHG2VyT4RUm06Db3TJU9qjptNGHdrq6MbNTrRIMGhXn
p7gFdHLFPY+Jy3WA+RqthUdxYp7Tjs3AFxDIrUZ4w06w6X1l1VbObVLOD38zR44K
3KEG9Kr8i7YqvHdit2tCwSOFsVPMW81U32YT9AkUm5GZYTmkWdCWsMnFT6Od2iKb
jZCFAB8Fdtw2Vq847LXkpunTVE1k9yqoj4nlAf2DARpG6M2lIXC5jY+bmQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFPOI4dCCAH4Oez9xG0c1XmiPQyTOMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvODRqaDBJSUFmZzU3UDNFYlJ6VmVhSTlESk00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBXBAIAATBRAwQDH634AwQC
JR1QAwQDLh3AAwQDsheQMAwDBAOysPgDBAGysPwDAwC8ogMEAbyq9DAMAwQDvKr4
AwQAvKr8AwQCwcnkAwQFwwWAAwQFwxBgMA0GCSqGSIb3DQEBCwUAA4IBAQAtgqOS
ph19iqdOgK0YOsHwYbp6NUa9IokNFRrsSVmDmVZZVUUoxIuCtrOKb8ug53nTIqK6
ski8/KOccRqPnRYPnbvO7UOciOUXsgoYMyTOMNImYdcD1Iz8t+TFShhKkuz+3tnj
i55Fl/Lo7Z2Or/tsuvZOvtPDtXbJhmHtA3Nek4gE69hS6VIBRDVgtTk6OV4skaRf
6XU+rvsCKyFeExwilwe3yk2jBVkvN4C5T1ZRiMMLwejPHjmNGWimKv9k88cvdDon
xx3K1zd2mwoyLnKvod1pDkPnG7XxOxQC+QNgLIDg51TuNrTK3zqQMEMdJeSfABM+
7kpAVrlT/WqJ7AZa
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:31:24 2025 by rpki-client