Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/AnwKK0MG69LjTsykoM3PD495jhg.roa
File: AnwKK0MG69LjTsykoM3PD495jhg.roa (raw, json)
Hash identifier: rOk7wN81ucv7dmzveTgtLRAnpUjfiRo300QwbYfKjak=
Subject key identifier: 02:7C:0A:2B:43:06:EB:D2:E3:4E:CC:A4:A0:CD:CF:0F:8F:79:8E:18
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505AE34F4B517A2356E66991BDDC6378A
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/AnwKK0MG69LjTsykoM3PD495jhg.roa
Signing time: Mon 12 Dec 2022 09:33:00 +0000
ROA not before: Mon 12 Dec 2022 09:33:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20632
IP address blocks: 84.204.230.0/24 maxlen: 24
212.14.160.0/19 maxlen: 19
195.16.96.0/19 maxlen: 24
84.204.160.0/20 maxlen: 20
82.196.64.0/19 maxlen: 19
84.204.176.0/21 maxlen: 21
81.24.128.0/20 maxlen: 20
79.171.8.0/21 maxlen: 21
84.204.188.0/22 maxlen: 22
84.204.192.0/18 maxlen: 18
193.201.228.0/22 maxlen: 24
109.124.108.0/22 maxlen: 22
217.195.64.0/19 maxlen: 19
109.124.64.0/18 maxlen: 18
213.172.0.0/19 maxlen: 19
84.204.0.0/17 maxlen: 17
93.153.128.0/17 maxlen: 17
93.153.144.0/21 maxlen: 21
93.153.158.0/24 maxlen: 24
188.162.0.0/16 maxlen: 24
93.153.162.0/24 maxlen: 24
93.153.161.0/24 maxlen: 24
195.144.224.0/19 maxlen: 19
212.119.160.0/19 maxlen: 19
80.247.176.0/20 maxlen: 20
81.3.128.0/18 maxlen: 18
84.204.132.0/22 maxlen: 22
94.25.248.0/21 maxlen: 21
84.204.139.0/24 maxlen: 24
84.204.138.0/24 maxlen: 24
213.182.160.0/19 maxlen: 19
84.204.136.0/24 maxlen: 24
84.204.140.0/22 maxlen: 22
84.204.144.0/20 maxlen: 20
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 19
82.140.64.0/18 maxlen: 18
82.140.93.0/24 maxlen: 24
95.137.0.0/17 maxlen: 17
46.47.192.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:ae:34:f4:b5:17:a2:35:6e:66:99:1b:dd:c6:37:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:33:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=027c0a2b4306ebd2e34ecca4a0cdcf0f8f798e18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c9:6d:c1:bc:1c:45:24:4a:b7:51:6f:9a:ed:
35:47:b5:0f:c9:37:86:0a:9a:4c:f4:a2:fa:ea:cb:
30:a7:3e:96:b8:23:0c:1e:e4:7c:af:bc:81:b1:d1:
32:ef:ff:3b:de:7b:46:e2:ed:bd:f0:67:26:81:dc:
07:f3:29:53:dd:ce:5a:3b:17:71:a5:7b:aa:b2:c1:
1b:09:46:82:4c:8d:d8:0a:5d:11:b5:4a:6c:f4:bb:
a5:27:d7:d2:b3:63:c7:91:45:4c:58:c5:92:ff:27:
55:6e:4f:07:b6:27:4f:bb:7a:e9:1a:b2:36:61:11:
5f:6f:8b:81:2f:c8:0f:a9:2a:07:d6:ef:98:93:f2:
dd:61:45:e9:80:fd:ad:7e:f1:6a:10:f6:73:66:3c:
4e:df:9d:df:09:a3:f6:84:aa:81:c3:1a:93:bf:17:
a4:da:97:38:a3:93:43:ce:93:bf:c2:30:d3:89:74:
4b:0b:df:94:80:d9:0c:da:ce:5c:d0:7b:1f:65:56:
1b:ee:52:f0:ec:a2:05:74:5d:22:7d:14:61:59:b8:
30:ac:50:05:49:e3:dc:f5:4b:74:90:0a:03:5e:f9:
c3:4d:4c:04:fb:2d:47:3d:70:fe:ee:e8:8d:0f:0c:
35:82:a1:47:d8:d1:9e:7a:87:0d:6d:db:27:84:be:
78:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:7C:0A:2B:43:06:EB:D2:E3:4E:CC:A4:A0:CD:CF:0F:8F:79:8E:18
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/AnwKK0MG69LjTsykoM3PD495jhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.192.0/18
79.171.8.0/21
80.247.176.0/20
81.3.128.0/18
81.24.128.0/20
82.140.64.0/18
82.196.64.0/19
84.204.0.0/17
84.204.132.0-84.204.136.255
84.204.138.0-84.204.183.255
84.204.188.0-84.204.255.255
93.153.128.0/17
94.25.248.0/21
95.137.0.0/17
109.124.64.0/18
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.144.224.0/19
212.14.160.0/19
212.44.64.0/19
212.119.160.0/19
213.172.0.0/19
213.182.160.0/19
217.195.64.0/19
Signature Algorithm: sha256WithRSAEncryption
1f:f4:ac:2f:46:45:a5:bc:01:50:2e:70:c6:54:2d:dd:62:6a:
8d:af:63:37:e7:ae:c8:9d:b1:fd:05:e9:d8:c4:c5:70:4e:cd:
27:93:ff:b1:09:3a:80:5e:ef:1d:33:6d:5f:4a:0d:b2:1f:a9:
33:e9:d3:25:5f:70:d5:3b:90:e1:ff:f5:7b:9b:8f:c6:e3:7a:
a1:77:70:25:57:89:8b:e6:80:f7:b9:d4:b2:96:9d:e1:4b:b5:
61:3f:bb:d8:23:9c:48:c6:2e:5a:6f:8b:12:41:4a:04:82:33:
4a:ef:68:cb:74:5b:28:94:6a:20:30:0b:48:9d:71:36:bc:48:
c7:92:21:ef:9d:21:b6:e4:e0:3a:2a:44:dc:66:04:c0:96:29:
0a:29:5b:58:ba:ef:7e:94:92:b1:d3:5d:33:68:60:61:c2:a4:
04:12:f9:45:bc:43:54:68:19:62:b5:c4:71:a8:94:11:af:90:
49:5d:c6:62:40:94:39:f8:41:17:90:ec:df:d7:f9:ae:ef:dd:
f2:75:f9:8f:dd:6b:1a:ab:13:41:63:7e:10:99:fc:e8:d4:d3:
09:48:13:3b:ab:fb:57:e1:69:e6:6b:f8:2a:88:60:5a:2f:67:
e8:df:bf:44:e4:92:ac:65:72:57:fc:0d:23:4c:b0:2d:ae:68:
e9:52:f8:ad
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYUFrjT0tReiNW5mmRvdxjeKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkzMzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjdjMGEyYjQzMDZlYmQyZTM0ZWNjYTRhMGNkY2YwZjhmNzk4ZTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsltwbwcRSRKt1Fvmu01R7UPyTeG
CppM9KL66sswpz6WuCMMHuR8r7yBsdEy7/873ntG4u298GcmgdwH8ylT3c5aOxdx
pXuqssEbCUaCTI3YCl0RtUps9LulJ9fSs2PHkUVMWMWS/ydVbk8HtidPu3rpGrI2
YRFfb4uBL8gPqSoH1u+Yk/LdYUXpgP2tfvFqEPZzZjxO353fCaP2hKqBwxqTvxek
2pc4o5NDzpO/wjDTiXRLC9+UgNkM2s5c0HsfZVYb7lLw7KIFdF0ifRRhWbgwrFAF
SePc9Ut0kAoDXvnDTUwE+y1HPXD+7uiNDww1gqFH2NGeeocNbdsnhL54uQIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFAJ8CitDBuvS407MpKDNzw+PeY4YMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvQW53S0swTUc2OUxqVHN5a29NM1BENDk1amhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAYu
L8ADBANPqwgDBARQ97ADBAZRA4ADBARRGIADBAZSjEADBAVSxEADBAdUzAAwDAME
AlTMhAMEAFTMiDAMAwQBVMyKAwQDVMywMAsDBAJUzLwDAwBUzAMEB12ZgAMEA14Z
+AMEB1+JAAMEBm18QAMDALyiAwQCwcnkAwQFwwWAAwQFwxBgAwQFw5DgAwQF1A6g
AwQF1CxAAwQF1HegAwQF1awAAwQF1bagAwQF2cNAMA0GCSqGSIb3DQEBCwUAA4IB
AQAf9KwvRkWlvAFQLnDGVC3dYmqNr2M3567InbH9BenYxMVwTs0nk/+xCTqAXu8d
M21fSg2yH6kz6dMlX3DVO5Dh//V7m4/G43qhd3AlV4mL5oD3udSylp3hS7VhP7vY
I5xIxi5ab4sSQUoEgjNK72jLdFsolGogMAtInXE2vEjHkiHvnSG25OA6KkTcZgTA
likKKVtYuu9+lJKx010zaGBhwqQEEvlFvENUaBlitcRxqJQRr5BJXcZiQJQ5+EEX
kOzf1/mu793ydfmP3WsaqxNBY34Qmfzo1NMJSBM7q/tX4Wnma/gqiGBaL2fo379E
5JKsZXJX/A0jTLAtrmjpUvit
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:54:56 2025 by rpki-client