Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/89qBF_LKAOOJwgM3H_AssIz7LUU.roa
File: 89qBF_LKAOOJwgM3H_AssIz7LUU.roa (raw, json)
Hash identifier: VnhMsE0+eA9ThkZAt4rcteE2ahb6rJ514wviKxb8f7I=
Subject key identifier: F3:DA:81:17:F2:CA:00:E3:89:C2:03:37:1F:F0:2C:B0:8C:FB:2D:45
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184E2AF4A1090BF83F8583D92607CFF9C51
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/89qBF_LKAOOJwgM3H_AssIz7LUU.roa
Signing time: Mon 05 Dec 2022 14:27:29 +0000
ROA not before: Mon 05 Dec 2022 14:27:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8263
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
109.74.112.0/20 maxlen: 24
178.176.224.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
178.176.226.0/24 maxlen: 24
178.176.225.0/24 maxlen: 24
212.119.160.0/19 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:af:4a:10:90:bf:83:f8:58:3d:92:60:7c:ff:9c:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 5 14:27:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3da8117f2ca00e389c203371ff02cb08cfb2d45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ae:49:0c:0a:f6:1a:e0:60:53:32:d0:47:81:
1e:e3:95:47:5b:bc:3e:83:a4:a2:3a:83:71:88:1b:
ed:15:b6:2d:33:83:6a:69:d5:5c:23:c6:d6:cb:62:
bb:a9:67:1f:4c:95:73:94:c8:cf:eb:57:f1:6f:1b:
6e:95:f1:a0:8a:92:5f:11:fd:51:07:de:da:19:38:
9a:51:a9:4c:d6:63:83:ac:3b:3b:38:5f:e5:e0:b7:
86:a9:cb:8d:6d:7c:13:d9:64:c9:4c:71:e9:bf:40:
95:19:b7:88:ba:6a:26:73:36:c6:51:a0:90:64:89:
32:8e:0c:e7:fc:3d:09:62:eb:e5:5e:ff:1e:14:98:
e8:eb:29:28:2c:2d:59:20:62:5b:e3:36:73:86:f4:
d0:f1:e6:d3:a7:3d:9d:0e:73:b8:04:bf:1c:3c:ba:
92:ac:e0:6e:cd:88:5f:1d:76:90:67:8c:dc:3b:62:
54:33:f9:7b:a2:90:e6:a3:bb:c4:45:56:7a:4f:93:
7e:1e:74:f2:bd:86:9f:dd:8e:f8:0b:4f:65:39:d7:
61:8d:38:ed:d9:ae:70:61:15:33:23:70:8d:f3:61:
34:e7:e3:e2:a0:47:98:a4:69:8f:87:c2:5e:dd:01:
90:6c:55:d6:e3:c5:dc:77:36:d1:3e:77:97:78:a5:
fe:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:DA:81:17:F2:CA:00:E3:89:C2:03:37:1F:F0:2C:B0:8C:FB:2D:45
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/89qBF_LKAOOJwgM3H_AssIz7LUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.224.0-178.176.226.255
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
3d:a1:9f:27:f1:d5:aa:89:2d:83:58:04:21:09:1d:3f:85:68:
ed:9d:fd:c5:bc:bd:af:3c:4b:b1:c0:69:99:a2:b0:e0:a7:16:
9f:24:32:ba:4f:92:ac:51:06:79:66:98:83:e9:31:a1:fe:a3:
8e:92:7b:20:ed:b1:c3:38:51:de:57:a6:df:a0:ba:f3:32:39:
4a:2a:a0:b8:65:3b:30:c4:0d:31:b9:3a:82:68:48:5d:91:7f:
89:5a:47:63:16:56:e5:6b:ca:f6:d2:99:1e:33:0b:50:68:9e:
d4:70:13:79:7b:88:c9:0d:e7:7d:40:c7:35:5f:57:d0:b6:ed:
b2:a6:5d:f0:5b:0e:15:fd:41:cc:cd:f0:76:c3:89:92:ce:a4:
90:89:52:af:09:95:05:2f:1d:41:93:1e:91:d6:97:83:2b:61:
6d:eb:ca:37:bb:3f:be:cd:58:10:5a:55:19:02:b0:f1:42:66:
28:19:ac:51:dd:55:92:54:d7:9c:f1:59:53:7d:76:3e:d1:c8:
71:aa:d3:0b:46:53:f1:b1:18:97:bb:13:ba:9c:9c:a5:c1:32:
f5:35:32:33:31:d0:7a:6b:4d:9b:50:1e:54:55:eb:05:05:3f:
c1:01:74:ee:83:ec:32:77:1d:a0:55:75:42:0c:93:45:e5:88:
3d:35:7f:37
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYTir0oQkL+D+Fg9kmB8/5xRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA1MTQyNzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2RhODExN2YyY2EwMGUzODljMjAzMzcxZmYwMmNiMDhjZmIyZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAga5JDAr2GuBgUzLQR4Ee45VHW7w+
g6SiOoNxiBvtFbYtM4NqadVcI8bWy2K7qWcfTJVzlMjP61fxbxtulfGgipJfEf1R
B97aGTiaUalM1mODrDs7OF/l4LeGqcuNbXwT2WTJTHHpv0CVGbeIumomczbGUaCQ
ZIkyjgzn/D0JYuvlXv8eFJjo6ykoLC1ZIGJb4zZzhvTQ8ebTpz2dDnO4BL8cPLqS
rOBuzYhfHXaQZ4zcO2JUM/l7opDmo7vERVZ6T5N+HnTyvYaf3Y74C09lOddhjTjt
2a5wYRUzI3CN82E05+PioEeYpGmPh8Je3QGQbFXW48XcdzbRPneXeKX+ZQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFPPagRfyygDjicIDNx/wLLCM+y1FMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvODlxQkZfTEtBT09Kd2dNM0hfQXNzSXo3TFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBAVW
bcADBAJbwdQDBAddmYADBAdeGYADBAdfiQADBARtSnADBAZtfEADAwBtvAMEBoDM
QAMEA7IXkDAMAwQFsrDgAwQAsrDiAwQCuQMgAwQCudKMAwQDvF6oAwMAvKIDBALB
yeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXU
RWADBAXUd6ADBAXVmqADBAXVqCADBAbV80ADBATZc1AwDQYJKoZIhvcNAQELBQAD
ggEBAD2hnyfx1aqJLYNYBCEJHT+FaO2d/cW8va88S7HAaZmisOCnFp8kMrpPkqxR
BnlmmIPpMaH+o46SeyDtscM4Ud5Xpt+guvMyOUoqoLhlOzDEDTG5OoJoSF2Rf4la
R2MWVuVryvbSmR4zC1BontRwE3l7iMkN531AxzVfV9C27bKmXfBbDhX9QczN8HbD
iZLOpJCJUq8JlQUvHUGTHpHWl4MrYW3ryje7P77NWBBaVRkCsPFCZigZrFHdVZJU
15zxWVN9dj7RyHGq0wtGU/GxGJe7E7qcnKXBMvU1MjMx0HprTZtQHlRV6wUFP8EB
dO6D7DJ3HaBVdUIMk0XliD01fzc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:33 2025 by rpki-client