Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/8lyy7Dp9UQOBXHH2UgBGDkJLFS4.roa
File: 8lyy7Dp9UQOBXHH2UgBGDkJLFS4.roa (raw, json)
Hash identifier: oXyvJ3Hn6nxu6Ekx30bSF4VnMUjFvztznxpira2MJLQ=
Subject key identifier: F2:5C:B2:EC:3A:7D:51:03:81:5C:71:F6:52:00:46:0E:42:4B:15:2E
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184C7D3DDDEC6B5459C2C41003795BA537B
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/8lyy7Dp9UQOBXHH2UgBGDkJLFS4.roa
Signing time: Wed 30 Nov 2022 09:17:41 +0000
ROA not before: Wed 30 Nov 2022 09:17:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8263
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
81.24.128.0/20 maxlen: 24
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
109.74.112.0/20 maxlen: 24
78.25.64.0/18 maxlen: 24
178.176.224.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
178.176.226.0/24 maxlen: 24
178.176.225.0/24 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c7:d3:dd:de:c6:b5:45:9c:2c:41:00:37:95:ba:53:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Nov 30 09:17:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f25cb2ec3a7d5103815c71f65200460e424b152e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:11:87:a2:24:df:3b:6c:18:cc:53:39:f3:9b:
19:f6:c7:23:72:d2:ab:5b:46:15:b1:3e:70:60:d9:
88:c9:79:53:27:dc:63:34:e2:bd:9b:28:3d:d0:50:
73:6e:ac:92:0c:69:df:22:82:4d:57:f5:eb:bb:34:
69:10:86:d8:ae:26:21:f3:f3:95:86:2c:ad:71:68:
a5:3c:f2:eb:69:e7:01:48:26:36:6b:bd:13:bd:b8:
4a:c7:f4:5a:a1:0a:6e:00:f2:11:99:17:9b:d2:f2:
c9:13:23:43:9f:1c:91:4a:f9:3e:f9:70:74:ea:c6:
78:4b:3a:64:91:ad:53:c4:62:ca:fa:0c:ab:29:a6:
52:ad:98:59:db:f8:07:fd:af:3a:b0:33:ca:21:4b:
c8:e9:6d:a3:1a:18:3f:45:76:dd:41:34:54:f2:00:
c8:86:fd:d6:fd:ba:0e:94:f5:25:ce:8b:54:43:c4:
08:1a:eb:3b:6b:c4:69:42:aa:fd:7c:c3:12:ba:3b:
b1:b1:f9:86:29:df:61:61:60:cf:cd:61:dd:4c:6b:
c9:3c:b7:62:9a:fe:b4:20:dd:64:35:e7:b9:af:1f:
0a:8a:f5:9e:9c:87:b0:cd:04:a5:e8:f9:fb:7a:83:
df:d6:3a:11:cf:fd:60:12:65:6a:21:8d:dc:30:ba:
dd:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:5C:B2:EC:3A:7D:51:03:81:5C:71:F6:52:00:46:0E:42:4B:15:2E
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/8lyy7Dp9UQOBXHH2UgBGDkJLFS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.224.0-178.176.226.255
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
2f:1b:14:e4:f8:9b:1f:b3:36:f6:3d:18:33:e8:c3:9a:c7:d0:
2c:73:e2:5c:83:9f:b3:8e:c3:92:ce:b0:a1:c8:64:30:0b:62:
3d:36:35:cc:37:b7:f5:83:ff:70:e6:5f:2e:68:af:43:0d:ae:
e8:c3:a1:a0:64:c8:89:fa:dd:36:a4:92:15:c4:78:58:52:55:
85:df:47:8d:5b:85:29:9e:ed:f5:4c:53:e9:3c:84:dc:86:f6:
0a:f9:4c:c1:24:8a:57:6e:5d:4e:12:0f:c7:70:d0:4a:d9:78:
7e:aa:a7:b8:9d:8d:2b:6d:e3:14:75:69:17:56:d2:5d:76:cb:
89:62:f3:f8:04:ab:a9:15:87:47:2d:d6:89:86:e6:43:75:fc:
e9:80:95:44:7e:c0:b1:fe:52:22:df:4a:39:df:68:04:16:b0:
bb:96:3e:7c:63:dc:1a:36:98:49:d5:53:11:84:a7:73:b5:c0:
48:fd:bd:8c:47:97:8a:17:b0:5a:a4:22:c9:f6:c5:ca:4f:83:
07:5b:3b:12:ad:de:10:0a:df:dc:13:65:7c:4d:31:15:21:4b:
5f:4f:3c:89:71:83:d6:2e:ba:96:ec:2c:0e:f5:59:da:21:b8:
9c:a7:32:da:e6:2e:2e:6c:dc:e5:44:46:78:f7:5a:20:70:87:
2f:ad:9d:a8
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAYTH093exrVFnCxBADeVulN7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMTMwMDkxNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjVjYjJlYzNhN2Q1MTAzODE1YzcxZjY1MjAwNDYwZTQyNGIxNTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxGHoiTfO2wYzFM585sZ9scjctKr
W0YVsT5wYNmIyXlTJ9xjNOK9myg90FBzbqySDGnfIoJNV/XruzRpEIbYriYh8/OV
hiytcWilPPLraecBSCY2a70TvbhKx/RaoQpuAPIRmReb0vLJEyNDnxyRSvk++XB0
6sZ4Szpkka1TxGLK+gyrKaZSrZhZ2/gH/a86sDPKIUvI6W2jGhg/RXbdQTRU8gDI
hv3W/boOlPUlzotUQ8QIGus7a8RpQqr9fMMSujuxsfmGKd9hYWDPzWHdTGvJPLdi
mv60IN1kNee5rx8KivWenIewzQSl6Pn7eoPf1joRz/1gEmVqIY3cMLrdUQIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFPJcsuw6fVEDgVxx9lIARg5CSxUuMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvOGx5eTdEcDlVUU9CWEhIMlVnQkdEa0pMRlM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgfEEAgABMIHqAwQG
ThlAAwQCTilkAwQDT6sIAwQEUPewAwQEURiAAwQGU6nAAwQFU97AAwQHU+WAAwQH
VRqAAwQFVm3AAwQCW8HUAwQHXZmAAwQHXhmAAwQHX4kAAwQEbUpwAwQGbXxAAwMA
bbwDBAaAzEADBAOyF5AwDAMEBbKw4AMEALKw4gMEArkDIAMEArnSjAMEA7xeqAMD
ALyiAwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF
1CxAAwQF1EVgAwQF1HegAwQF1ZqgAwQF1aggAwQG1fNAAwQE2XNQMA0GCSqGSIb3
DQEBCwUAA4IBAQAvGxTk+Jsfszb2PRgz6MOax9Asc+Jcg5+zjsOSzrChyGQwC2I9
NjXMN7f1g/9w5l8uaK9DDa7ow6GgZMiJ+t02pJIVxHhYUlWF30eNW4Upnu31TFPp
PITchvYK+UzBJIpXbl1OEg/HcNBK2Xh+qqe4nY0rbeMUdWkXVtJddsuJYvP4BKup
FYdHLdaJhuZDdfzpgJVEfsCx/lIi30o532gEFrC7lj58Y9waNphJ1VMRhKdztcBI
/b2MR5eKF7BapCLJ9sXKT4MHWzsSrd4QCt/cE2V8TTEVIUtfTzyJcYPWLrqW7CwO
9VnaIbicpzLa5i4ubNzlREZ491ogcIcvrZ2o
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:24 2024 by rpki-client on console-fra.rpki-client.org