Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Aoc8LLW45dLnbrdAuSN5k9aq9zg.roa
File: Aoc8LLW45dLnbrdAuSN5k9aq9zg.roa (raw, json)
Hash identifier: 92vh4EROGWxJiHSJODd6lvKRbPoNvBnPtAW6pJpQkxk=
Subject key identifier: 02:87:3C:2C:B5:B8:E5:D2:E7:6E:B7:40:B9:23:79:93:D6:AA:F7:38
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505A42A19340B6DF0D6A64F41483E51E1
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Aoc8LLW45dLnbrdAuSN5k9aq9zg.roa
Signing time: Mon 12 Dec 2022 09:22:02 +0000
ROA not before: Mon 12 Dec 2022 09:22:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31213
IP address blocks: 195.16.96.0/19 maxlen: 24
85.26.128.0/20 maxlen: 20
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
85.26.208.0/22 maxlen: 22
85.26.212.0/22 maxlen: 22
109.188.128.0/17 maxlen: 17
85.26.216.0/22 maxlen: 22
85.26.220.0/22 maxlen: 22
188.170.80.0/21 maxlen: 21
78.25.120.0/22 maxlen: 22
188.170.92.0/22 maxlen: 22
188.162.0.0/16 maxlen: 24
37.28.160.0/21 maxlen: 21
85.26.248.0/22 maxlen: 22
85.26.252.0/22 maxlen: 22
37.28.168.0/21 maxlen: 21
78.25.96.0/21 maxlen: 21
78.25.104.0/22 maxlen: 22
188.170.68.0/24 maxlen: 24
188.170.65.0/24 maxlen: 24
188.170.66.0/24 maxlen: 24
188.170.67.0/24 maxlen: 24
78.25.108.0/22 maxlen: 22
188.170.72.0/21 maxlen: 21
94.25.228.0/23 maxlen: 23
94.25.232.0/21 maxlen: 21
37.29.71.0/24 maxlen: 24
37.29.68.0/23 maxlen: 23
37.29.70.0/24 maxlen: 24
83.149.0.0/21 maxlen: 21
195.5.128.0/19 maxlen: 24
128.204.74.0/24 maxlen: 24
128.204.75.0/24 maxlen: 24
94.25.208.0/22 maxlen: 22
37.29.48.0/21 maxlen: 21
37.29.56.0/21 maxlen: 21
94.25.216.0/21 maxlen: 21
94.25.224.0/21 maxlen: 21
37.29.64.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:a4:2a:19:34:0b:6d:f0:d6:a6:4f:41:48:3e:51:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:22:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02873c2cb5b8e5d2e76eb740b9237993d6aaf738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:31:83:60:e2:65:7e:f5:04:ef:c9:38:c8:f2:
c4:5b:37:90:a7:6d:18:22:6d:a0:db:3c:3d:21:49:
1a:91:ad:29:29:ca:d6:b0:32:52:5e:8e:f8:c5:78:
bd:74:65:36:f3:14:14:9f:12:38:c7:93:4e:2b:c0:
de:91:4a:1f:ad:24:01:de:b4:83:81:15:32:f7:9b:
35:d6:e4:27:42:cf:03:99:45:d5:5e:f2:a1:aa:dd:
47:86:b6:c3:a3:e9:61:39:ca:e7:d1:bb:f1:4e:d3:
57:eb:69:79:87:c5:d6:e6:78:30:29:b6:1a:b8:a4:
b7:0b:06:45:f7:27:e3:ba:ee:9a:1f:0e:93:0b:8f:
ae:5d:ed:6c:b6:96:80:b6:79:82:50:a4:51:10:0b:
65:25:48:9e:9d:fe:b6:33:ab:4f:f2:8f:5d:e2:25:
a8:38:9d:c4:42:7f:44:d4:10:35:5f:76:10:8b:49:
db:fc:31:54:17:d8:4b:76:77:c3:86:7f:e9:2d:45:
bb:25:ac:d0:2a:9d:62:aa:ba:88:78:63:a6:68:0b:
20:72:97:fe:3e:c0:d8:8a:47:90:33:f6:19:70:20:
d1:1b:5e:6b:e9:f4:7b:3e:73:36:b4:2c:fb:71:b6:
ef:20:75:1d:64:dc:54:90:3c:99:44:4b:dc:03:2d:
1d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:87:3C:2C:B5:B8:E5:D2:E7:6E:B7:40:B9:23:79:93:D6:AA:F7:38
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Aoc8LLW45dLnbrdAuSN5k9aq9zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/20
37.29.48.0-37.29.71.255
78.25.96.0/20
78.25.120.0/22
83.149.0.0/21
85.26.128.0/20
85.26.208.0/20
85.26.248.0/21
94.25.208.0/22
94.25.216.0-94.25.239.255
109.188.128.0/17
128.204.74.0/23
188.162.0.0/16
188.170.65.0-188.170.68.255
188.170.72.0-188.170.87.255
188.170.92.0/22
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
Signature Algorithm: sha256WithRSAEncryption
02:7e:40:fc:e0:8f:f6:87:7c:9a:4f:3e:ad:4e:76:e9:8d:b5:
95:bb:a3:47:c0:39:1f:3b:ee:39:a4:3a:ca:dd:7a:32:02:a1:
58:63:7a:fd:6b:9e:0a:fa:09:a0:b9:08:eb:16:32:5f:71:fd:
8c:99:d8:0e:53:d1:c6:3a:1d:e4:d4:c6:e1:38:09:a8:31:e0:
4c:61:cf:96:cf:bb:c2:92:29:fb:ef:04:13:79:01:4b:75:d6:
03:16:93:c9:c5:ff:c2:61:0c:85:49:66:8f:b5:85:f7:aa:7b:
2a:8e:c3:d5:5d:a3:57:81:d2:b7:37:5b:5a:f0:79:64:13:ec:
32:ca:fd:62:1c:38:01:c9:99:97:6a:28:a8:aa:66:c5:1c:97:
4b:82:57:23:22:c0:8c:03:35:92:32:32:7f:0d:89:0d:40:fc:
56:5e:15:64:a9:95:95:28:5a:fa:21:65:a1:95:0b:5b:dc:a4:
4f:a9:d3:41:ac:69:0a:b0:ea:ed:59:64:f1:ce:23:c6:bb:2f:
a0:bf:d5:33:8b:48:a9:b5:10:cb:4d:16:d3:23:a8:76:9c:5c:
25:a5:ce:29:8a:b2:52:ad:4d:a2:78:7a:28:cf:5a:b6:c0:4a:
2b:12:48:25:9e:a7:83:9c:05:64:c5:00:c7:08:a6:c9:9c:b5:
1d:b1:b7:3b
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAYUFpCoZNAtt8NamT0FIPlHhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkyMjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjg3M2MyY2I1YjhlNWQyZTc2ZWI3NDBiOTIzNzk5M2Q2YWFmNzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjGDYOJlfvUE78k4yPLEWzeQp20Y
Im2g2zw9IUkaka0pKcrWsDJSXo74xXi9dGU28xQUnxI4x5NOK8DekUofrSQB3rSD
gRUy95s11uQnQs8DmUXVXvKhqt1HhrbDo+lhOcrn0bvxTtNX62l5h8XW5ngwKbYa
uKS3CwZF9yfjuu6aHw6TC4+uXe1stpaAtnmCUKRREAtlJUienf62M6tP8o9d4iWo
OJ3EQn9E1BA1X3YQi0nb/DFUF9hLdnfDhn/pLUW7JazQKp1iqrqIeGOmaAsgcpf+
PsDYikeQM/YZcCDRG15r6fR7PnM2tCz7cbbvIHUdZNxUkDyZREvcAy0dwQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFAKHPCy1uOXS5263QLkjeZPWqvc4MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvQW9jOExMVzQ1ZExuYnJkQXVTTjVrOWFxOXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTCBngQCAAEwgZcDBAQl
HKAwDAMEBCUdMAMEAyUdQAMEBE4ZYAMEAk4ZeAMEA1OVAAMEBFUagAMEBFUa0AME
A1Ua+AMEAl4Z0DAMAwQDXhnYAwQEXhngAwQHbbyAAwQBgMxKAwMAvKIwDAMEALyq
QQMEALyqRDAMAwQDvKpIAwQDvKpQAwQCvKpcAwQCwcnkAwQFwwWAAwQFwxBgAwQB
w050MA0GCSqGSIb3DQEBCwUAA4IBAQACfkD84I/2h3yaTz6tTnbpjbWVu6NHwDkf
O+45pDrK3XoyAqFYY3r9a54K+gmguQjrFjJfcf2MmdgOU9HGOh3k1MbhOAmoMeBM
Yc+Wz7vCkin77wQTeQFLddYDFpPJxf/CYQyFSWaPtYX3qnsqjsPVXaNXgdK3N1ta
8HlkE+wyyv1iHDgByZmXaiioqmbFHJdLglcjIsCMAzWSMjJ/DYkNQPxWXhVkqZWV
KFr6IWWhlQtb3KRPqdNBrGkKsOrtWWTxziPGuy+gv9Uzi0iptRDLTRbTI6h2nFwl
pc4pirJSrU2ieHooz1q2wEorEkglnqeDnAVkxQDHCKbJnLUdsbc7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:57 2025 by rpki-client