Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/8o7v4nmBW2S4I5MAIt7Mke2-xx0.roa
File: 8o7v4nmBW2S4I5MAIt7Mke2-xx0.roa (raw, json)
Hash identifier: H9tRJEcHEuyykLfCbDeJ/yADimLibR9Gv3h3VdyWvpU=
Subject key identifier: F2:8E:EF:E2:79:81:5B:64:B8:23:93:00:22:DE:CC:91:ED:BE:C7:1D
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185059113CFD93E535393BE77F6FB0E3DCB
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/8o7v4nmBW2S4I5MAIt7Mke2-xx0.roa
Signing time: Mon 12 Dec 2022 09:01:11 +0000
ROA not before: Mon 12 Dec 2022 09:01:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31268
IP address blocks: 193.201.228.0/22 maxlen: 24
212.14.160.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:91:13:cf:d9:3e:53:53:93:be:77:f6:fb:0e:3d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:01:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f28eefe279815b64b823930022decc91edbec71d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3e:ad:f8:80:77:2f:43:86:c2:2c:a9:e9:8b:
a1:ec:44:15:05:d9:9b:db:8f:8b:2f:19:79:de:18:
68:50:bd:33:a8:03:fd:04:b4:c7:c1:fd:c5:14:61:
74:e7:47:9c:1f:f6:0a:56:30:6f:15:38:b5:4e:43:
5f:08:aa:87:5c:66:c9:e8:10:2a:5f:5b:f2:f4:3c:
ff:ae:56:e5:1a:8e:13:d7:b4:b1:44:9d:71:7f:51:
00:39:8f:73:47:77:df:2d:a3:9d:d4:37:3d:e6:3d:
b2:45:0e:43:fc:51:5f:89:c2:bd:e3:ea:6d:8e:47:
16:e1:b3:99:c6:04:00:49:0b:b3:16:42:d4:26:6a:
d6:58:81:3d:9b:e2:9a:32:ab:08:e2:4f:6c:b9:30:
46:05:b8:1e:61:4f:41:a2:84:07:14:6e:09:c2:5b:
69:c7:18:7d:e9:ff:8f:b6:ee:15:c5:f5:b0:c9:b9:
c6:e3:ce:dd:b8:e3:c4:25:a0:4a:37:b0:54:11:a8:
7a:ab:67:63:45:c1:f3:4c:11:2f:62:df:8e:f3:d6:
94:c8:4e:82:a9:87:97:3f:59:da:5f:3c:b4:ad:94:
aa:a2:3c:e6:62:41:9a:c0:9c:16:93:e6:c4:fb:e6:
24:b8:06:7e:19:2c:5b:ca:f2:75:a0:25:bc:cf:d1:
0c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:8E:EF:E2:79:81:5B:64:B8:23:93:00:22:DE:CC:91:ED:BE:C7:1D
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/8o7v4nmBW2S4I5MAIt7Mke2-xx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
Signature Algorithm: sha256WithRSAEncryption
ab:24:5d:97:6f:85:b7:17:a1:92:26:8e:58:3c:88:68:17:d5:
9b:d8:50:c9:53:28:c4:72:c7:50:c6:93:ca:10:21:5a:51:e3:
af:8a:49:d0:41:2d:80:99:f8:58:8e:05:09:d3:65:7a:15:34:
9a:1c:7b:5c:01:a5:12:24:18:24:52:0e:7b:77:cf:a0:41:1d:
b2:f2:56:56:85:e0:20:95:d2:a0:de:5f:b2:2d:b7:fc:31:0e:
95:ef:10:68:92:1f:c0:80:c4:74:6e:78:9e:91:81:bf:b6:08:
07:2f:a7:ad:cc:c9:84:f5:dc:16:b4:0e:63:8e:69:10:c9:78:
d2:aa:d3:02:71:74:65:96:cd:8a:fc:34:a2:48:b9:f6:b7:75:
6f:f2:db:28:c8:f4:ed:f4:f6:82:f0:9f:b6:e7:ee:ef:34:20:
d8:1f:e4:a9:37:62:c2:39:ce:c9:0a:39:00:b6:dc:a7:33:93:
a3:0a:af:40:3b:2a:b6:fc:a0:07:e9:37:4d:21:8c:3d:bc:93:
6d:a3:80:ad:40:18:23:23:b1:4b:ce:0d:a1:c7:73:18:f1:db:
d1:4e:cb:7e:2b:66:e3:21:cf:bf:70:d3:d2:a8:03:87:30:98:
9e:1c:62:99:a0:eb:49:17:13:38:9b:e7:12:0f:15:88:41:fd:
1f:24:8c:11
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYUFkRPP2T5TU5O+d/b7Dj3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkwMTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjhlZWZlMjc5ODE1YjY0YjgyMzkzMDAyMmRlY2M5MWVkYmVjNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjT6t+IB3L0OGwiyp6Yuh7EQVBdmb
24+LLxl53hhoUL0zqAP9BLTHwf3FFGF050ecH/YKVjBvFTi1TkNfCKqHXGbJ6BAq
X1vy9Dz/rlblGo4T17SxRJ1xf1EAOY9zR3ffLaOd1Dc95j2yRQ5D/FFficK94+pt
jkcW4bOZxgQASQuzFkLUJmrWWIE9m+KaMqsI4k9suTBGBbgeYU9BooQHFG4Jwltp
xxh96f+Ptu4VxfWwybnG487duOPEJaBKN7BUEah6q2djRcHzTBEvYt+O89aUyE6C
qYeXP1naXzy0rZSqojzmYkGawJwWk+bE++YkuAZ+GSxbyvJ1oCW8z9EM/wIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFPKO7+J5gVtkuCOTACLezJHtvscdMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvOG83djRubUJXMlM0STVNQUl0N01rZTIteHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAATAvAwMAvKIDBALB
yeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqAwDQYJKoZIhvcN
AQELBQADggEBAKskXZdvhbcXoZImjlg8iGgX1ZvYUMlTKMRyx1DGk8oQIVpR46+K
SdBBLYCZ+FiOBQnTZXoVNJoce1wBpRIkGCRSDnt3z6BBHbLyVlaF4CCV0qDeX7It
t/wxDpXvEGiSH8CAxHRueJ6Rgb+2CAcvp63MyYT13Ba0DmOOaRDJeNKq0wJxdGWW
zYr8NKJIufa3dW/y2yjI9O309oLwn7bn7u80INgf5Kk3YsI5zskKOQC23Kczk6MK
r0A7Krb8oAfpN00hjD28k22jgK1AGCMjsUvODaHHcxjx29FOy34rZuMhz79w09Ko
A4cwmJ4cYpmg60kXEzib5xIPFYhB/R8kjBE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:14 2025 by rpki-client