Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/9lCqtwpc1Csgv4daQzqaqh7x_bE.roa
File: 9lCqtwpc1Csgv4daQzqaqh7x_bE.roa (raw, json)
Hash identifier: DFaea2AisZRWkODMMtDdt92RceGx4ufJq2Q3B8Z2KPw=
Subject key identifier: F6:50:AA:B7:0A:5C:D4:2B:20:BF:87:5A:43:3A:9A:AA:1E:F1:FD:B1
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505A424DD52A52A3844D3A8FB148DFBCD
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/9lCqtwpc1Csgv4daQzqaqh7x_bE.roa
Signing time: Mon 12 Dec 2022 09:22:01 +0000
ROA not before: Mon 12 Dec 2022 09:22:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20663
IP address blocks: 195.16.96.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
213.154.187.0/24 maxlen: 24
213.154.190.0/23 maxlen: 23
193.201.228.0/22 maxlen: 24
213.154.189.0/24 maxlen: 24
213.154.188.0/24 maxlen: 24
213.154.163.0/24 maxlen: 24
213.154.162.0/24 maxlen: 24
213.154.166.0/24 maxlen: 24
213.154.161.0/24 maxlen: 24
213.154.165.0/24 maxlen: 24
213.154.160.0/24 maxlen: 24
213.154.164.0/24 maxlen: 24
213.154.160.0/21 maxlen: 21
213.154.167.0/24 maxlen: 24
213.154.171.0/24 maxlen: 24
213.154.172.0/23 maxlen: 23
213.154.169.0/24 maxlen: 24
213.154.168.0/24 maxlen: 24
213.154.176.0/23 maxlen: 23
213.154.179.0/24 maxlen: 24
213.154.174.0/24 maxlen: 24
213.154.178.0/24 maxlen: 24
213.154.178.0/23 maxlen: 23
213.154.186.0/24 maxlen: 24
213.154.181.0/24 maxlen: 24
213.154.185.0/24 maxlen: 24
213.154.180.0/24 maxlen: 24
188.162.0.0/16 maxlen: 24
195.5.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:a4:24:dd:52:a5:2a:38:44:d3:a8:fb:14:8d:fb:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:22:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f650aab70a5cd42b20bf875a433a9aaa1ef1fdb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:59:f0:07:34:43:05:31:48:3d:1e:89:ed:61:
9c:1d:50:26:31:09:99:1e:11:00:bb:f8:1f:ce:da:
b7:9d:ec:6e:96:96:a4:42:31:a4:7f:6f:04:1f:ce:
b2:7c:52:33:60:c3:f1:8f:90:4e:58:c2:52:11:e5:
3b:ef:55:4a:ce:fb:f2:dd:52:8c:36:b3:2d:7a:79:
61:2b:75:d7:4b:82:d1:54:4d:be:7f:c6:df:87:d1:
44:fb:12:a1:6d:f2:c7:19:20:e0:8e:d2:e6:72:77:
e2:de:c0:e7:4b:c1:d9:57:91:fb:ee:a5:02:f5:bc:
de:ce:e2:25:57:2e:d4:c3:9d:42:5a:1b:e0:f1:46:
2a:f3:3c:9a:48:56:f2:dd:64:cb:a9:83:38:4b:34:
ff:a6:8e:97:c6:e8:21:51:14:ed:64:aa:46:bf:e8:
97:e8:2b:c3:71:66:4f:70:bc:51:aa:fc:38:1a:af:
c7:57:83:f2:4f:4e:3b:b3:a0:1b:31:20:5d:da:86:
05:4c:b5:b4:0f:53:bc:f5:f1:3e:df:7f:1f:ae:0f:
6b:00:16:cb:76:0a:3d:31:ac:7f:01:3a:f7:74:14:
92:da:77:20:d8:5f:c5:14:5a:bf:39:41:73:45:c8:
94:55:b0:dc:ff:f4:b7:93:7e:24:99:1e:20:6d:28:
57:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:50:AA:B7:0A:5C:D4:2B:20:BF:87:5A:43:3A:9A:AA:1E:F1:FD:B1
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/9lCqtwpc1Csgv4daQzqaqh7x_bE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
213.154.160.0-213.154.169.255
213.154.171.0-213.154.174.255
213.154.176.0-213.154.181.255
213.154.185.0-213.154.191.255
Signature Algorithm: sha256WithRSAEncryption
17:ad:0e:8a:2f:da:21:0a:4a:b4:a0:f2:5c:6e:35:67:11:59:
14:cf:8a:77:20:e5:f7:92:ef:fd:64:6a:98:a7:5a:fb:1f:7d:
0b:4c:0c:fc:0d:32:62:fa:c1:91:cd:5f:ab:a3:88:ac:c8:23:
3e:f7:d6:54:bc:92:08:1b:cc:00:12:6a:ef:cd:3a:a0:68:fb:
05:94:93:92:d1:b9:64:d6:2c:4c:ba:c9:91:a1:f1:a1:2c:e8:
71:aa:db:7b:2d:5e:51:ae:7b:3a:b1:80:80:04:4d:31:0f:ff:
13:1e:0e:c9:98:4e:ae:20:89:97:6b:3b:ce:a9:38:ea:24:67:
e0:3e:f4:c6:f1:a5:df:55:e0:51:6d:ec:de:f9:63:77:bb:70:
c9:84:bf:50:0e:cb:bd:ee:fd:97:40:2e:90:18:88:82:82:22:
ed:b3:ee:35:a0:4c:66:e2:a8:ff:de:bb:a1:bf:d4:02:2a:81:
a9:33:cb:ee:37:63:08:d9:44:5f:81:1d:2f:dd:73:f1:67:3d:
2e:f6:99:95:45:f0:ae:c2:f4:50:a2:48:14:92:8c:10:36:27:
23:0d:52:fd:ba:e7:f4:c6:54:48:ce:dd:cc:2f:1f:3a:05:57:
25:40:3b:89:01:e8:9d:ae:9e:d7:c7:ec:56:d0:7d:91:f2:54:
85:bf:5d:8f
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYUFpCTdUqUqOETTqPsUjfvNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkyMjAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjUwYWFiNzBhNWNkNDJiMjBiZjg3NWE0MzNhOWFhYTFlZjFmZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFnwBzRDBTFIPR6J7WGcHVAmMQmZ
HhEAu/gfztq3nexulpakQjGkf28EH86yfFIzYMPxj5BOWMJSEeU771VKzvvy3VKM
NrMtenlhK3XXS4LRVE2+f8bfh9FE+xKhbfLHGSDgjtLmcnfi3sDnS8HZV5H77qUC
9bzezuIlVy7Uw51CWhvg8UYq8zyaSFby3WTLqYM4SzT/po6XxughURTtZKpGv+iX
6CvDcWZPcLxRqvw4Gq/HV4PyT047s6AbMSBd2oYFTLW0D1O89fE+338frg9rABbL
dgo9Max/ATr3dBSS2ncg2F/FFFq/OUFzRciUVbDc//S3k34kmR4gbShXLQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFPZQqrcKXNQrIL+HWkM6mqoe8f2xMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvOWxDcXR3cGMxQ3NndjRkYVF6cWFxaDd4X2JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBbBAIAATBVAwMAvKIDBALB
yeQDBAXDBYADBAXDEGADBAHDTnQwDAMEBdWaoAMEAdWaqDAMAwQA1ZqrAwQA1Zqu
MAwDBATVmrADBAHVmrQwDAMEANWauQMEBtWagDANBgkqhkiG9w0BAQsFAAOCAQEA
F60Oii/aIQpKtKDyXG41ZxFZFM+KdyDl95Lv/WRqmKda+x99C0wM/A0yYvrBkc1f
q6OIrMgjPvfWVLySCBvMABJq7806oGj7BZSTktG5ZNYsTLrJkaHxoSzocarbey1e
Ua57OrGAgARNMQ//Ex4OyZhOriCJl2s7zqk46iRn4D70xvGl31XgUW3s3vljd7tw
yYS/UA7Lve79l0AukBiIgoIi7bPuNaBMZuKo/967ob/UAiqBqTPL7jdjCNlEX4Ed
L91z8Wc9LvaZlUXwrsL0UKJIFJKMEDYnIw1S/brn9MZUSM7dzC8fOgVXJUA7iQHo
na6e18fsVtB9kfJUhb9djw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:34 2024 by rpki-client on console-ams.rpki-client.org