Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/AVoAW6GHE3-5-nXDeqPm8iD5jes.roa
File: AVoAW6GHE3-5-nXDeqPm8iD5jes.roa (raw, json)
Hash identifier: WQmH10HStpwPbh1Jy/NNKnxjOUfAIL+C5yQ6DJr/Jjw=
Subject key identifier: 01:5A:00:5B:A1:87:13:7F:B9:FA:75:C3:7A:A3:E6:F2:20:F9:8D:EB
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F176BBB059DF9C78685C921E9D842720
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/AVoAW6GHE3-5-nXDeqPm8iD5jes.roa
Signing time: Thu 08 Dec 2022 11:20:01 +0000
ROA not before: Thu 08 Dec 2022 11:20:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20632
IP address blocks: 109.188.0.0/16 maxlen: 24
84.204.230.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
84.204.160.0/20 maxlen: 20
84.204.176.0/21 maxlen: 21
79.171.8.0/21 maxlen: 21
84.204.188.0/22 maxlen: 22
84.204.192.0/18 maxlen: 18
193.201.228.0/22 maxlen: 24
109.124.108.0/22 maxlen: 22
217.195.64.0/19 maxlen: 19
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 18
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
84.204.0.0/17 maxlen: 17
93.153.128.0/17 maxlen: 17
93.153.144.0/21 maxlen: 21
212.69.96.0/19 maxlen: 24
93.153.158.0/24 maxlen: 24
93.153.162.0/24 maxlen: 24
93.153.161.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 20
84.204.132.0/22 maxlen: 22
94.25.248.0/21 maxlen: 21
84.204.139.0/24 maxlen: 24
84.204.138.0/24 maxlen: 24
84.204.136.0/24 maxlen: 24
84.204.140.0/22 maxlen: 22
84.204.144.0/20 maxlen: 20
195.5.128.0/19 maxlen: 24
82.140.64.0/18 maxlen: 18
128.204.64.0/18 maxlen: 24
82.140.93.0/24 maxlen: 24
95.137.0.0/17 maxlen: 17
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
82.196.64.0/19 maxlen: 19
81.24.128.0/20 maxlen: 20
195.78.116.0/23 maxlen: 24
213.172.0.0/19 maxlen: 19
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
195.144.224.0/19 maxlen: 19
81.3.128.0/18 maxlen: 18
213.182.160.0/19 maxlen: 19
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
46.47.192.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:76:bb:b0:59:df:9c:78:68:5c:92:1e:9d:84:27:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 11:20:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=015a005ba187137fb9fa75c37aa3e6f220f98deb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9b:16:93:0b:9b:a1:9f:23:dc:47:4b:4f:32:
ee:e7:47:06:2b:dd:c2:7f:07:34:ae:3c:d2:a4:ca:
cb:0b:92:cb:1f:00:41:e5:06:66:3c:50:a1:cd:94:
34:4e:c5:41:b3:8a:51:d5:75:f5:82:4c:e3:6f:65:
d3:dd:b2:67:fb:b1:3d:0a:80:fa:7e:eb:68:6d:02:
ba:54:85:c5:00:b6:69:09:12:5e:6a:7f:9b:cd:ec:
a9:3c:68:93:a8:37:49:73:fa:3a:cc:2e:bc:cb:98:
20:2f:6d:b0:10:99:59:22:a2:f4:61:35:32:7f:0f:
a6:a6:88:ee:f9:99:d4:1f:8b:1d:c7:9a:e1:a2:3a:
96:d3:16:80:ab:3e:9e:dc:c4:36:0b:f9:11:91:7e:
78:ea:d3:ba:0e:00:0f:18:c3:d0:5a:98:9d:25:23:
20:69:dc:ce:b7:39:40:e6:f9:2e:46:f7:4c:e0:b5:
5d:8a:cc:c1:35:78:9d:f6:2f:23:7a:44:a7:bf:46:
a2:f7:c1:c5:31:4c:8c:64:f5:1e:7d:93:bd:28:be:
cc:5b:e2:7b:87:35:9f:93:1a:28:35:64:5d:b8:2c:
47:89:36:0d:dd:be:28:75:8c:63:cc:f0:d7:dd:9e:
22:17:4a:d9:b5:c7:70:ba:27:3a:0c:f8:d2:d0:21:
cc:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5A:00:5B:A1:87:13:7F:B9:FA:75:C3:7A:A3:E6:F2:20:F9:8D:EB
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/AVoAW6GHE3-5-nXDeqPm8iD5jes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.192.0/18
79.171.8.0/21
80.247.176.0/20
81.3.128.0/18
81.24.128.0/20
82.140.64.0/18
82.196.64.0/19
84.204.0.0/17
84.204.132.0-84.204.136.255
84.204.138.0-84.204.183.255
84.204.188.0-84.204.255.255
93.153.128.0/17
94.25.248.0/21
95.137.0.0/17
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.144.224.0/19
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.172.0.0/19
213.182.160.0/19
213.243.64.0/18
217.115.80.0/20
217.195.64.0/19
Signature Algorithm: sha256WithRSAEncryption
2a:0f:ed:8a:d0:35:90:29:a7:5d:85:e1:b6:2f:ab:bc:75:3d:
75:b3:09:95:ac:18:89:c3:cd:a5:b5:c7:6a:30:dc:e7:b7:03:
8f:a9:7f:01:c7:bc:12:3e:0d:fa:93:58:2c:07:91:ab:b4:63:
6d:a7:74:c6:13:64:13:d1:a8:c2:d5:48:f7:9e:8b:ee:2b:37:
d2:2b:20:67:ad:e4:5a:92:52:bf:d0:bc:e7:cc:31:d2:e8:67:
3a:29:e2:de:fd:81:dd:8c:dd:0f:c8:dc:4a:65:0b:5d:da:02:
2d:1f:4d:0d:98:d3:9e:1e:a7:a8:9f:69:76:63:d9:6f:81:12:
9d:ef:00:c7:bf:2e:fe:66:24:e9:6d:e0:27:0d:c3:82:8c:f9:
af:ba:ae:ce:a4:7c:a3:63:f0:9d:ea:87:08:a5:f1:16:84:a6:
f7:aa:5b:e1:17:7f:f5:33:7b:35:86:ce:eb:33:e8:54:89:3c:
49:be:69:c6:9b:75:1a:e7:7c:cc:9f:a1:e9:03:39:d1:83:a5:
aa:c7:41:9f:8c:83:57:14:1b:8f:c8:16:a1:7d:56:f0:f4:9f:
d4:11:e9:e3:25:26:04:96:26:ba:4c:4a:eb:59:51:a5:e2:fe:
7a:fe:33:3c:cf:b5:dc:0a:cc:2a:8e:18:40:3d:69:5f:f5:cb:
6b:cf:20:b1
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgISAYTxdruwWd+ceGhckh6dhCcgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTEyMDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTVhMDA1YmExODcxMzdmYjlmYTc1YzM3YWEzZTZmMjIwZjk4ZGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZsWkwuboZ8j3EdLTzLu50cGK93C
fwc0rjzSpMrLC5LLHwBB5QZmPFChzZQ0TsVBs4pR1XX1gkzjb2XT3bJn+7E9CoD6
futobQK6VIXFALZpCRJean+bzeypPGiTqDdJc/o6zC68y5ggL22wEJlZIqL0YTUy
fw+mpoju+ZnUH4sdx5rhojqW0xaAqz6e3MQ2C/kRkX546tO6DgAPGMPQWpidJSMg
adzOtzlA5vkuRvdM4LVdiszBNXid9i8jekSnv0ai98HFMUyMZPUefZO9KL7MW+J7
hzWfkxooNWRduCxHiTYN3b4odYxjzPDX3Z4iF0rZtcdwuic6DPjS0CHM8wIDAQAB
o4IDEjCCAw4wHQYDVR0OBBYEFAFaAFuhhxN/ufp1w3qj5vIg+Y3rMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvQVZvQVc2R0hFMy01LW5YRGVxUG04aUQ1amVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJgYIKwYBBQUHAQcBAf8EggEVMIIBETCCAQ0EAgABMIIB
BQMEBi4vwAMEA0+rCAMEBFD3sAMEBlEDgAMEBFEYgAMEBlKMQAMEBVLEQAMEB1TM
ADAMAwQCVMyEAwQAVMyIMAwDBAFUzIoDBANUzLAwCwMEAlTMvAMDAFTMAwQHXZmA
AwQDXhn4AwQHX4kAAwQGbXxAAwMAbbwDBAaAzEADBAOyF5ADBAK5AyADBAK50owD
BAO8XqgDAwC8ogMEAsHJ5AMEBcMFgAMEBcMQYAMEAcNOdAMEBcOQ4AMEAMOVbwME
BcPmQAMEBdQOoAMEBdQsQAMEBdRFYAMEBdR3oAMEBdWaoAMEBdWoIAMEBdWsAAME
BdW2oAMEBtXzQAMEBNlzUAMEBdnDQDANBgkqhkiG9w0BAQsFAAOCAQEAKg/titA1
kCmnXYXhti+rvHU9dbMJlawYicPNpbXHajDc57cDj6l/Ace8Ej4N+pNYLAeRq7Rj
bad0xhNkE9GowtVI956L7is30isgZ63kWpJSv9C858wx0uhnOini3v2B3YzdD8jc
SmULXdoCLR9NDZjTnh6nqJ9pdmPZb4ESne8Ax78u/mYk6W3gJw3Dgoz5r7quzqR8
o2PwneqHCKXxFoSm96pb4Rd/9TN7NYbO6zPoVIk8Sb5pxpt1Gud8zJ+h6QM50YOl
qsdBn4yDVxQbj8gWoX1W8PSf1BHp4yUmBJYmukxK61lRpeL+ev4zPM+13ArMKo4Y
QD1pX/XLa88gsQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:33:48 2025 by rpki-client