Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/CBk24hspK60p8kKLfWorm8ttvco.roa
File: CBk24hspK60p8kKLfWorm8ttvco.roa (raw, json)
Hash identifier: KzU5nmRft3Obp+2qIbH6V6BI5klfuIceHqv6vmz4TNU=
Subject key identifier: 08:19:36:E2:1B:29:2B:AD:29:F2:42:8B:7D:6A:2B:9B:CB:6D:BD:CA
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505910BEE11ADE858D10E5CD7D2277053
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/CBk24hspK60p8kKLfWorm8ttvco.roa
Signing time: Mon 12 Dec 2022 09:01:09 +0000
ROA not before: Mon 12 Dec 2022 09:01:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20663
IP address blocks: 212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
213.154.187.0/24 maxlen: 24
213.154.190.0/23 maxlen: 23
193.201.228.0/22 maxlen: 24
213.154.189.0/24 maxlen: 24
213.154.188.0/24 maxlen: 24
213.154.163.0/24 maxlen: 24
213.154.162.0/24 maxlen: 24
213.154.166.0/24 maxlen: 24
213.154.161.0/24 maxlen: 24
213.154.165.0/24 maxlen: 24
213.154.160.0/24 maxlen: 24
213.154.164.0/24 maxlen: 24
213.154.160.0/21 maxlen: 21
213.154.167.0/24 maxlen: 24
213.154.171.0/24 maxlen: 24
213.154.172.0/23 maxlen: 23
213.154.169.0/24 maxlen: 24
213.154.168.0/24 maxlen: 24
213.154.176.0/23 maxlen: 23
213.154.179.0/24 maxlen: 24
213.154.174.0/24 maxlen: 24
213.154.178.0/24 maxlen: 24
213.154.178.0/23 maxlen: 23
213.154.186.0/24 maxlen: 24
213.154.181.0/24 maxlen: 24
213.154.185.0/24 maxlen: 24
213.154.180.0/24 maxlen: 24
188.162.0.0/16 maxlen: 24
195.5.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:91:0b:ee:11:ad:e8:58:d1:0e:5c:d7:d2:27:70:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:01:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=081936e21b292bad29f2428b7d6a2b9bcb6dbdca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fd:89:3d:b8:b5:83:ca:21:eb:c1:f4:4c:53:
c2:b3:d3:2d:39:df:81:f5:88:f4:17:f8:55:10:31:
f7:af:9c:11:f6:74:32:bd:8f:7e:64:d7:f2:a3:5b:
29:47:39:06:81:e4:86:8a:c5:af:ab:79:07:6d:92:
7e:d3:b2:41:d3:50:4e:75:69:39:e2:ca:7a:9a:af:
5c:b9:92:5a:fa:33:3f:90:29:11:4b:96:67:b7:47:
44:a8:e5:80:45:77:d5:0e:18:6d:cf:c2:d6:45:f9:
9b:81:e9:ed:82:78:16:fc:dd:e9:79:a9:cf:a6:ce:
01:ee:06:90:7a:da:45:f7:dc:bb:f3:94:a6:d7:90:
72:3d:ef:60:c4:7c:38:77:ea:de:33:ac:f2:ef:41:
96:b4:ea:5c:bb:54:63:21:1c:3e:e2:ac:55:98:f5:
01:a4:c9:d8:de:a1:0a:ec:b1:7b:48:52:5d:f4:fe:
78:cb:39:a3:4c:00:49:f2:30:96:63:a9:a0:5a:74:
8e:d2:58:49:ac:87:ed:ee:96:80:f4:a5:66:84:86:
d1:20:15:65:e1:8d:79:83:68:ec:77:d3:c4:8f:c2:
d5:42:a6:92:80:fd:4d:49:ee:00:cc:32:e7:20:1f:
b5:0d:25:0f:94:78:01:c6:0b:95:8c:8e:f8:48:8b:
28:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:19:36:E2:1B:29:2B:AD:29:F2:42:8B:7D:6A:2B:9B:CB:6D:BD:CA
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/CBk24hspK60p8kKLfWorm8ttvco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
213.154.160.0-213.154.169.255
213.154.171.0-213.154.174.255
213.154.176.0-213.154.181.255
213.154.185.0-213.154.191.255
Signature Algorithm: sha256WithRSAEncryption
80:0e:2c:85:a2:4a:6e:db:85:0e:14:56:1d:ef:01:a4:8e:99:
4b:82:de:29:d2:54:91:5d:02:8d:8b:b0:9d:c6:78:c9:31:40:
29:5c:b2:48:50:b9:57:06:32:5c:01:5d:15:ac:59:fb:37:69:
4c:7b:f2:05:22:4e:ba:74:15:38:60:36:1a:a0:a3:62:10:c0:
32:8a:b1:c3:a9:21:be:d2:c6:3a:21:b3:cb:42:00:bb:06:28:
a3:78:ec:6b:f6:97:96:db:85:69:15:ef:01:1c:f8:bd:8f:42:
2b:dd:bb:1a:80:5b:5d:b2:e0:24:b3:99:fa:42:eb:1d:26:ed:
53:e6:40:da:62:fd:ef:4c:84:60:e1:3f:4b:a6:23:ae:d9:df:
a7:8b:22:da:7f:0b:c4:8d:13:27:c3:39:7f:85:47:f2:c2:05:
60:c8:68:dd:d3:20:55:48:47:0b:f8:f0:a5:16:ea:6c:88:10:
fc:f6:10:da:eb:b7:db:5e:2e:76:41:ab:c7:ad:10:cf:5e:cc:
96:fa:d2:57:fa:de:8d:9a:c3:0f:7a:f8:c9:45:e1:4b:3d:c9:
5d:c7:ef:db:28:27:48:21:96:8f:df:fc:85:88:fb:82:59:7d:
16:34:cb:4b:16:02:71:85:a4:28:65:fe:db:02:8a:99:ca:d0:
37:51:c2:59
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAYUFkQvuEa3oWNEOXNfSJ3BTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkwMTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODE5MzZlMjFiMjkyYmFkMjlmMjQyOGI3ZDZhMmI5YmNiNmRiZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf2JPbi1g8oh68H0TFPCs9MtOd+B
9Yj0F/hVEDH3r5wR9nQyvY9+ZNfyo1spRzkGgeSGisWvq3kHbZJ+07JB01BOdWk5
4sp6mq9cuZJa+jM/kCkRS5Znt0dEqOWARXfVDhhtz8LWRfmbgentgngW/N3peanP
ps4B7gaQetpF99y785Sm15ByPe9gxHw4d+reM6zy70GWtOpcu1RjIRw+4qxVmPUB
pMnY3qEK7LF7SFJd9P54yzmjTABJ8jCWY6mgWnSO0lhJrIft7paA9KVmhIbRIBVl
4Y15g2jsd9PEj8LVQqaSgP1NSe4AzDLnIB+1DSUPlHgBxguVjI74SIsouwIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFAgZNuIbKSutKfJCi31qK5vLbb3KMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvQ0JrMjRoc3BLNjBwOGtLTGZXb3JtOHR0dmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wbQQCAAEwZwMDALyiAwQC
wcnkAwQFwwWAAwQFwxBgAwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gMAwDBAXVmqAD
BAHVmqgwDAMEANWaqwMEANWarjAMAwQE1ZqwAwQB1Zq0MAwDBADVmrkDBAbVmoAw
DQYJKoZIhvcNAQELBQADggEBAIAOLIWiSm7bhQ4UVh3vAaSOmUuC3inSVJFdAo2L
sJ3GeMkxQClcskhQuVcGMlwBXRWsWfs3aUx78gUiTrp0FThgNhqgo2IQwDKKscOp
Ib7Sxjohs8tCALsGKKN47Gv2l5bbhWkV7wEc+L2PQivduxqAW12y4CSzmfpC6x0m
7VPmQNpi/e9MhGDhP0umI67Z36eLItp/C8SNEyfDOX+FR/LCBWDIaN3TIFVIRwv4
8KUW6myIEPz2ENrrt9teLnZBq8etEM9ezJb60lf63o2aww96+MlF4Us9yV3H79so
J0ghlo/f/IWI+4JZfRY0y0sWAnGFpChl/tsCipnK0DdRwlk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:23 2025 by rpki-client