Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/9OlgW6xfn7DhGUEXk90SOI8_S0o.roa
File: 9OlgW6xfn7DhGUEXk90SOI8_S0o.roa (raw, json)
Hash identifier: OzaRQpdQ2FDECKPutx9qiFg0B6DRUP466M50A6ivKh0=
Subject key identifier: F4:E9:60:5B:AC:5F:9F:B0:E1:19:41:17:93:DD:12:38:8F:3F:4B:4A
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185E88C17E3608A6EBB01083D68EF25CBE7
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/9OlgW6xfn7DhGUEXk90SOI8_S0o.roa
Signing time: Wed 25 Jan 2023 10:49:33 +0000
ROA not before: Wed 25 Jan 2023 10:49:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50928
IP address blocks: 46.29.192.0/21 maxlen: 21
46.29.199.0/24 maxlen: 24
46.29.194.0/24 maxlen: 24
46.29.196.0/24 maxlen: 24
188.170.244.0/23 maxlen: 23
188.170.244.0/24 maxlen: 24
188.170.245.0/24 maxlen: 24
188.170.250.0/24 maxlen: 24
188.170.251.0/24 maxlen: 24
188.170.252.0/24 maxlen: 24
188.170.248.0/24 maxlen: 24
188.170.249.0/24 maxlen: 24
178.23.144.0/21 maxlen: 21
178.23.149.0/24 maxlen: 24
178.23.148.0/24 maxlen: 24
178.23.151.0/24 maxlen: 24
178.23.150.0/24 maxlen: 24
178.176.250.0/24 maxlen: 24
178.176.251.0/24 maxlen: 24
178.176.252.0/24 maxlen: 24
178.176.248.0/24 maxlen: 24
178.176.253.0/24 maxlen: 24
178.176.249.0/24 maxlen: 24
178.176.254.0/24 maxlen: 24
37.29.81.0/24 maxlen: 24
37.29.80.0/24 maxlen: 24
37.29.83.0/24 maxlen: 24
37.29.80.0/22 maxlen: 22
37.29.82.0/24 maxlen: 24
31.173.248.0/21 maxlen: 21
31.173.248.0/24 maxlen: 24
31.173.252.0/24 maxlen: 24
31.173.253.0/24 maxlen: 24
31.173.249.0/24 maxlen: 24
31.173.250.0/24 maxlen: 24
31.173.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e8:8c:17:e3:60:8a:6e:bb:01:08:3d:68:ef:25:cb:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 25 10:49:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4e9605bac5f9fb0e119411793dd12388f3f4b4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:aa:a0:1c:0a:8e:54:ef:44:b3:b2:50:18:3a:
8e:ef:b6:26:20:e2:30:de:fe:8f:b7:ab:28:30:17:
91:e5:68:25:54:70:da:a1:c3:5a:bd:1a:cc:1e:66:
48:29:9e:c3:8f:bd:fa:49:fc:1d:2d:a6:5b:b2:da:
ba:85:ae:67:65:e2:a1:e5:45:14:8d:a7:7d:a7:de:
da:80:01:c0:b5:da:41:d0:41:55:c9:21:9d:3e:47:
29:fb:26:df:56:14:9a:1c:5b:01:3e:9f:4c:99:4c:
c1:d7:a1:40:07:f2:52:a0:8f:0f:05:16:c2:64:4e:
10:15:31:3e:5e:66:2e:62:16:0c:c3:9e:74:d5:bc:
c6:d2:bd:be:02:b1:41:16:6c:d4:67:4e:a5:a0:a1:
d6:25:cb:ce:7b:05:a4:28:4d:17:c9:52:ca:27:0a:
cc:14:ad:df:1e:e3:f1:1c:71:43:f7:53:77:cc:c6:
ab:d4:17:0e:01:1c:63:8d:0f:ab:9f:19:3b:96:a2:
72:5c:e5:a4:35:83:cb:20:2c:66:b9:a4:95:72:8d:
f1:61:df:a0:d4:84:4f:33:87:75:04:f2:83:c1:0a:
5d:ad:3b:a3:4f:76:94:d4:84:0b:5e:00:a9:f9:f5:
66:b8:f0:17:c4:19:c5:fb:95:72:c7:68:c8:e2:7a:
28:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:E9:60:5B:AC:5F:9F:B0:E1:19:41:17:93:DD:12:38:8F:3F:4B:4A
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/9OlgW6xfn7DhGUEXk90SOI8_S0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.248.0/21
37.29.80.0/22
46.29.192.0/21
178.23.144.0/21
178.176.248.0-178.176.254.255
188.170.244.0/23
188.170.248.0-188.170.252.255
Signature Algorithm: sha256WithRSAEncryption
60:fc:7b:ef:02:5a:5d:d0:bf:f3:3d:b4:1a:95:e3:49:c8:b2:
f6:3f:d0:17:03:a4:cb:55:40:e9:eb:6b:8a:1c:da:86:81:e6:
de:68:b8:ec:4f:b6:a2:ca:28:5c:b5:87:0d:58:84:ec:0e:c6:
05:e4:73:c8:d7:a7:aa:bf:4d:dd:bb:55:d3:c2:d4:bb:b7:32:
1e:5d:1c:35:fb:67:bc:c4:66:53:d0:ad:a2:1f:24:76:22:e9:
6e:73:a5:0a:79:f8:d9:c0:84:d0:5e:08:72:67:54:76:95:7d:
16:79:b5:44:75:bd:6a:17:16:c4:fd:57:bb:f6:bd:cc:3a:a6:
b1:15:c9:fb:66:e5:7e:3d:e8:2e:ea:32:93:0e:83:95:c7:6b:
69:79:7d:24:03:e3:69:76:6b:78:ad:2d:f5:79:5e:67:da:eb:
48:2c:12:ba:e1:26:9e:2c:ec:48:b9:3b:bc:da:37:92:eb:71:
00:f6:6d:0d:4b:03:0b:65:cf:f3:06:67:7e:0d:58:f7:1a:2d:
78:05:8b:7a:a3:00:93:cd:8c:d5:52:d5:54:e1:c5:86:28:ff:
f9:04:58:35:2e:9a:f7:a8:9a:01:de:10:88:8d:e2:b1:de:2a:
eb:95:78:61:5c:4e:0b:4c:b7:e0:3b:47:da:7a:19:d9:9a:cc:
7d:0c:97:e2
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYXojBfjYIpuuwEIPWjvJcvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTI1MTA0OTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGU5NjA1YmFjNWY5ZmIwZTExOTQxMTc5M2RkMTIzODhmM2Y0YjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6qgHAqOVO9Es7JQGDqO77YmIOIw
3v6Pt6soMBeR5WglVHDaocNavRrMHmZIKZ7Dj736SfwdLaZbstq6ha5nZeKh5UUU
jad9p97agAHAtdpB0EFVySGdPkcp+ybfVhSaHFsBPp9MmUzB16FAB/JSoI8PBRbC
ZE4QFTE+XmYuYhYMw5501bzG0r2+ArFBFmzUZ06loKHWJcvOewWkKE0XyVLKJwrM
FK3fHuPxHHFD91N3zMar1BcOARxjjQ+rnxk7lqJyXOWkNYPLICxmuaSVco3xYd+g
1IRPM4d1BPKDwQpdrTujT3aU1IQLXgCp+fVmuPAXxBnF+5Vyx2jI4nooPwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFPTpYFusX5+w4RlBF5PdEjiPP0tKMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvOU9sZ1c2eGZuN0RoR1VFWGs5MFNPSThfUzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQDH634AwQC
JR1QAwQDLh3AAwQDsheQMAwDBAOysPgDBACysP4DBAG8qvQwDAMEA7yq+AMEALyq
/DANBgkqhkiG9w0BAQsFAAOCAQEAYPx77wJaXdC/8z20GpXjSciy9j/QFwOky1VA
6etrihzahoHm3mi47E+2osooXLWHDViE7A7GBeRzyNenqr9N3btV08LUu7cyHl0c
NftnvMRmU9Ctoh8kdiLpbnOlCnn42cCE0F4IcmdUdpV9Fnm1RHW9ahcWxP1Xu/a9
zDqmsRXJ+2blfj3oLuoykw6DlcdraXl9JAPjaXZreK0t9XleZ9rrSCwSuuEmnizs
SLk7vNo3kutxAPZtDUsDC2XP8wZnfg1Y9xoteAWLeqMAk82M1VLVVOHFhij/+QRY
NS6a96iaAd4QiI3isd4q65V4YVxOC0y34DtH2noZ2ZrMfQyX4g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:43 2025 by rpki-client