Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/B9qRQ9MXPmZ5yM1-rydOUNI0rNk.roa
File: B9qRQ9MXPmZ5yM1-rydOUNI0rNk.roa (raw, json)
Hash identifier: WCI1nmH2DzVRBc/Z9vNIUOkix3YHInwUUiToq6YLdY0=
Subject key identifier: 07:DA:91:43:D3:17:3E:66:79:C8:CD:7E:AF:27:4E:50:D2:34:AC:D9
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505A428776B7DDE07AB578463AFFE4DB6
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/B9qRQ9MXPmZ5yM1-rydOUNI0rNk.roa
Signing time: Mon 12 Dec 2022 09:22:02 +0000
ROA not before: Mon 12 Dec 2022 09:22:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31195
IP address blocks: 195.16.96.0/19 maxlen: 24
193.201.228.0/22 maxlen: 24
85.26.240.0/22 maxlen: 22
178.178.64.0/24 maxlen: 24
178.178.71.0/24 maxlen: 24
178.178.67.0/24 maxlen: 24
178.178.70.0/24 maxlen: 24
178.178.66.0/24 maxlen: 24
178.178.65.0/24 maxlen: 24
178.178.68.0/24 maxlen: 24
178.178.73.0/24 maxlen: 24
178.178.72.0/24 maxlen: 24
78.25.124.0/22 maxlen: 22
78.25.127.0/24 maxlen: 24
31.173.225.0/24 maxlen: 24
31.173.226.0/24 maxlen: 24
31.173.132.0/23 maxlen: 23
31.173.134.0/23 maxlen: 23
31.173.135.0/24 maxlen: 24
178.176.233.0/24 maxlen: 24
178.176.235.0/24 maxlen: 24
178.176.234.0/24 maxlen: 24
31.173.143.0/24 maxlen: 24
37.28.190.0/24 maxlen: 24
37.28.188.0/22 maxlen: 22
37.28.191.0/24 maxlen: 24
37.29.91.0/24 maxlen: 24
37.29.88.0/22 maxlen: 22
37.29.89.0/24 maxlen: 24
37.29.95.0/24 maxlen: 24
37.29.94.0/24 maxlen: 24
37.29.92.0/22 maxlen: 22
188.170.232.0/24 maxlen: 24
188.170.233.0/24 maxlen: 24
188.170.230.0/24 maxlen: 24
188.170.231.0/24 maxlen: 24
188.170.228.0/23 maxlen: 23
188.170.236.0/24 maxlen: 24
188.170.237.0/24 maxlen: 24
188.170.234.0/24 maxlen: 24
188.170.239.0/24 maxlen: 24
188.170.235.0/24 maxlen: 24
31.173.230.0/24 maxlen: 24
31.173.231.0/24 maxlen: 24
31.173.228.0/23 maxlen: 23
31.173.232.0/23 maxlen: 23
31.173.228.0/24 maxlen: 24
31.173.229.0/24 maxlen: 24
31.173.238.0/24 maxlen: 24
31.173.235.0/24 maxlen: 24
31.173.239.0/24 maxlen: 24
31.173.236.0/23 maxlen: 23
195.5.128.0/19 maxlen: 24
37.29.43.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
83.149.52.0/22 maxlen: 22
83.169.230.0/24 maxlen: 24
83.169.228.0/23 maxlen: 23
83.169.227.0/24 maxlen: 24
83.169.226.0/24 maxlen: 24
83.169.224.0/23 maxlen: 23
188.162.0.0/16 maxlen: 24
85.26.244.0/22 maxlen: 22
85.26.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:a4:28:77:6b:7d:de:07:ab:57:84:63:af:fe:4d:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:22:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=07da9143d3173e6679c8cd7eaf274e50d234acd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a1:9f:b5:48:04:d2:25:50:1d:57:1d:40:60:
9d:1e:38:1b:2d:e5:76:41:47:1e:34:2a:09:4a:e6:
44:09:d4:58:d6:95:fd:a7:b3:70:b1:f5:fb:c6:6d:
61:21:60:6f:52:c0:be:53:1e:44:23:c4:f2:a4:d0:
d0:97:96:bf:3f:45:8d:df:1b:27:f4:2f:d4:1b:7b:
cd:61:ae:84:3b:94:9b:1a:06:7c:c5:91:fa:91:14:
73:52:e3:63:02:f7:e0:5b:4c:00:88:c0:c8:3b:c7:
8f:57:c3:78:a8:9a:3a:77:df:35:e7:cd:87:11:c7:
a0:20:03:4a:82:ab:93:87:3e:cf:bf:c8:be:42:76:
3b:a8:5f:05:2e:81:bf:32:74:32:0b:3d:c7:88:32:
2f:fc:3c:f6:44:c2:e8:8b:82:e8:ae:32:42:40:54:
6d:42:b1:5c:09:5d:6f:d2:a1:f4:3c:b2:05:43:1e:
b9:54:2c:6e:3a:e2:cb:94:1b:52:1d:c7:b1:98:85:
d0:01:36:44:c8:2e:41:ae:7e:4e:fd:73:44:75:7f:
fb:e7:04:eb:f7:fd:ba:af:d1:6c:57:1d:fb:1f:60:
d1:c6:2b:3a:02:c2:70:e0:42:f5:5f:6e:17:34:fb:
7a:6d:f4:b9:00:f3:cb:9f:2c:cc:3b:05:fa:c2:2d:
e5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:DA:91:43:D3:17:3E:66:79:C8:CD:7E:AF:27:4E:50:D2:34:AC:D9
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/B9qRQ9MXPmZ5yM1-rydOUNI0rNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.132.0/22
31.173.143.0/24
31.173.225.0-31.173.226.255
31.173.228.0-31.173.233.255
31.173.235.0-31.173.239.255
37.28.188.0/22
37.29.43.0/24
37.29.88.0/21
78.25.124.0/22
83.149.52.0/22
83.169.224.0-83.169.230.255
85.26.240.0/21
178.176.233.0-178.176.235.255
178.178.64.0-178.178.68.255
178.178.70.0-178.178.73.255
188.162.0.0/16
188.170.228.0-188.170.237.255
188.170.239.0/24
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:91:3c:1c:f6:5b:fb:e1:9b:fd:87:e9:c9:3e:da:d3:89:b6:
be:5d:f6:26:55:0e:60:6c:ea:8a:38:71:b8:0c:33:4a:50:97:
1a:9b:39:68:5d:d3:6d:7b:66:7e:9f:e5:a2:44:49:c9:db:14:
44:89:17:8e:fe:5d:31:f6:0e:15:76:ee:79:08:3a:6b:08:ba:
14:ec:32:71:f4:ff:51:d9:5f:92:72:0d:ea:cc:50:ae:49:e7:
f2:a6:d7:81:11:3a:d4:b5:4d:a7:94:fc:52:ba:ac:12:4a:59:
46:e8:ad:fa:d4:b5:05:d8:41:80:3c:5a:59:53:e4:bd:89:dd:
e1:fb:1c:51:40:8a:12:0f:e9:02:d1:30:ec:d9:c6:75:f3:a3:
69:3d:f2:3a:96:6f:dd:45:16:1d:68:32:ba:51:55:06:c3:91:
0c:22:b6:f6:f3:4c:9a:2a:95:31:d2:6e:04:cb:31:d6:32:80:
1e:86:7f:43:64:83:0e:7f:44:81:3b:6f:47:8b:02:a3:7a:77:
30:ab:6e:10:9d:e2:61:61:bc:43:17:96:85:ad:80:04:59:d4:
d4:b2:0a:9e:dc:d5:70:e8:62:5f:28:9d:f5:f8:79:92:29:74:
13:38:c0:ce:4f:c0:d5:95:97:50:60:69:78:0c:cc:12:29:a2:
52:95:df:88
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgISAYUFpCh3a33eB6tXhGOv/k22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkyMjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2RhOTE0M2QzMTczZTY2NzljOGNkN2VhZjI3NGU1MGQyMzRhY2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKGftUgE0iVQHVcdQGCdHjgbLeV2
QUceNCoJSuZECdRY1pX9p7NwsfX7xm1hIWBvUsC+Ux5EI8TypNDQl5a/P0WN3xsn
9C/UG3vNYa6EO5SbGgZ8xZH6kRRzUuNjAvfgW0wAiMDIO8ePV8N4qJo6d981582H
EcegIANKgquThz7Pv8i+QnY7qF8FLoG/MnQyCz3HiDIv/Dz2RMLoi4LorjJCQFRt
QrFcCV1v0qH0PLIFQx65VCxuOuLLlBtSHcexmIXQATZEyC5Brn5O/XNEdX/75wTr
9/26r9FsVx37H2DRxis6AsJw4EL1X24XNPt6bfS5APPLnyzMOwX6wi3lIQIDAQAB
o4ICyzCCAscwHQYDVR0OBBYEFAfakUPTFz5mecjNfq8nTlDSNKzZMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvQjlxUlE5TVhQbVo1eU0xLXJ5ZE9VTkkwck5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHgBggrBgEFBQcBBwEB/wSB0DCBzTCBygQCAAEwgcMDBAIf
rYQDBAAfrY8wDAMEAB+t4QMEAB+t4jAMAwQCH63kAwQBH63oMAwDBAAfresDBAQf
reADBAIlHLwDBAAlHSsDBAMlHVgDBAJOGXwDBAJTlTQwDAMEBVOp4AMEAFOp5gME
A1Ua8DAMAwQAsrDpAwQCsrDoMAwDBAayskADBACyskQwDAMEAbKyRgMEAbKySAMD
ALyiMAwDBAK8quQDBAG8quwDBAC8qu8DBALByeQDBAXDBYADBAXDEGADBAHDTnQw
DQYJKoZIhvcNAQELBQADggEBAFyRPBz2W/vhm/2H6ck+2tOJtr5d9iZVDmBs6oo4
cbgMM0pQlxqbOWhd0217Zn6f5aJEScnbFESJF47+XTH2DhV27nkIOmsIuhTsMnH0
/1HZX5JyDerMUK5J5/Km14EROtS1TaeU/FK6rBJKWUborfrUtQXYQYA8WllT5L2J
3eH7HFFAihIP6QLRMOzZxnXzo2k98jqWb91FFh1oMrpRVQbDkQwitvbzTJoqlTHS
bgTLMdYygB6Gf0Nkgw5/RIE7b0eLAqN6dzCrbhCd4mFhvEMXloWtgARZ1NSyCp7c
1XDoYl8onfX4eZIpdBM4wM5PwNWVl1BgaXgMzBIpolKV34g=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:29 2025 by rpki-client