Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/CLqkir1SEZMfNzotoptFpUiIv3I.roa
File: CLqkir1SEZMfNzotoptFpUiIv3I.roa (raw, json)
Hash identifier: F0jatUoNoIN5V8GnVbNkT4NwvqZdM1gS8kGS9TaGUUg=
Subject key identifier: 08:BA:A4:8A:BD:52:11:93:1F:37:3A:2D:A2:9B:45:A5:48:88:BF:72
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F219E9C2F8AB53D4ADDD38C30F724EF8
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/CLqkir1SEZMfNzotoptFpUiIv3I.roa
Signing time: Thu 08 Dec 2022 14:18:15 +0000
ROA not before: Thu 08 Dec 2022 14:18:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47395
IP address blocks: 109.188.0.0/17 maxlen: 17
94.25.128.0/18 maxlen: 18
212.69.96.0/19 maxlen: 24
212.14.160.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
195.230.64.0/19 maxlen: 24
195.16.96.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f2:19:e9:c2:f8:ab:53:d4:ad:dd:38:c3:0f:72:4e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 14:18:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08baa48abd5211931f373a2da29b45a54888bf72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:39:39:e6:37:eb:2e:c7:ec:9c:fd:29:02:68:
49:5a:c3:85:d4:2b:13:a7:25:78:67:6c:63:dd:79:
ed:f4:a0:c9:dc:dd:e5:d0:84:8f:b9:7d:f3:2d:bf:
43:1f:9c:b3:8f:66:e4:88:6f:41:bc:e6:d7:e3:10:
3c:28:41:dd:65:ce:4f:ca:ea:7b:88:7e:18:35:23:
b2:66:7b:22:32:60:2b:63:be:34:81:c4:22:f3:00:
66:af:5b:47:8d:0c:4b:2f:10:9c:c9:bc:e8:fd:0f:
85:88:7b:a5:48:54:80:28:8a:25:ac:7b:47:93:32:
09:5a:91:3b:4d:e0:6b:9b:98:67:6c:a0:59:bd:88:
8f:a3:bd:d1:6c:ce:f2:94:c5:19:39:8e:89:99:73:
a8:6e:c6:5f:cf:ed:2b:20:fd:c3:4d:67:6d:e6:8e:
87:99:92:c4:fe:85:33:45:d9:fa:8a:0d:04:a3:d4:
b3:ba:e3:35:03:7e:cc:65:2a:03:df:79:3f:1e:7e:
82:dd:b4:67:69:2e:eb:a2:ea:f5:a9:50:f3:17:b1:
8a:ae:09:17:25:f7:44:89:4e:e8:c6:a9:1a:36:c6:
f9:62:6e:71:48:0f:6c:13:57:08:5d:23:86:9f:ce:
0c:0d:3c:70:91:89:56:d8:50:e6:96:72:25:4c:61:
fa:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:BA:A4:8A:BD:52:11:93:1F:37:3A:2D:A2:9B:45:A5:48:88:BF:72
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/CLqkir1SEZMfNzotoptFpUiIv3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.25.128.0/18
109.188.0.0/17
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
89:f7:54:c6:e0:ed:e9:d8:b7:07:96:17:28:35:f9:f9:82:1d:
1a:38:a9:07:fe:dc:d2:f4:29:ca:85:1e:ba:48:a5:94:e6:3d:
8c:1f:71:ca:65:1c:33:85:e0:32:67:b6:76:de:93:71:fe:5b:
66:9b:c6:c1:fc:39:d9:00:0a:c2:52:ed:4f:92:0b:64:d7:ff:
a9:19:2f:b1:2c:cc:91:7a:25:9a:d4:15:d2:7c:6e:5d:52:f8:
7d:59:85:2c:cd:3e:eb:ae:03:e7:6d:8c:c8:3c:6c:b4:c0:b7:
0b:7d:65:0d:34:d0:76:6c:ee:69:81:5e:7d:2e:df:da:5d:cb:
ac:51:36:dc:36:60:b5:fe:be:40:f4:bb:e8:89:0e:92:16:40:
cd:4b:96:52:07:ce:b1:f7:c1:83:5e:38:6b:79:fc:73:cb:69:
e9:59:47:46:e0:8f:db:33:69:d3:40:62:76:3c:ba:b5:09:74:
40:49:cb:ae:17:b6:4f:65:8d:d2:54:70:41:84:5c:0a:2c:88:
ad:bb:7a:4a:1c:4f:96:b0:4a:d3:a5:b8:3f:a3:9f:bd:15:53:
3d:3d:6d:f1:11:11:ad:bb:5e:0f:14:fe:7b:21:51:b3:42:8f:
3c:ec:49:60:14:59:13:19:08:7d:0f:77:f0:e1:32:f4:d1:86:
0f:b4:81:1b
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYTyGenC+KtT1K3dOMMPck74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTQxODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGJhYTQ4YWJkNTIxMTkzMWYzNzNhMmRhMjliNDVhNTQ4ODhiZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDk55jfrLsfsnP0pAmhJWsOF1CsT
pyV4Z2xj3Xnt9KDJ3N3l0ISPuX3zLb9DH5yzj2bkiG9BvObX4xA8KEHdZc5Pyup7
iH4YNSOyZnsiMmArY740gcQi8wBmr1tHjQxLLxCcybzo/Q+FiHulSFSAKIolrHtH
kzIJWpE7TeBrm5hnbKBZvYiPo73RbM7ylMUZOY6JmXOobsZfz+0rIP3DTWdt5o6H
mZLE/oUzRdn6ig0Eo9SzuuM1A37MZSoD33k/Hn6C3bRnaS7rour1qVDzF7GKrgkX
JfdEiU7oxqkaNsb5Ym5xSA9sE1cIXSOGn84MDTxwkYlW2FDmlnIlTGH64QIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFAi6pIq9UhGTHzc6LaKbRaVIiL9yMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvQ0xxa2lyMVNFWk1mTnpvdG9wdEZwVWlJdjNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwdwQCAAEwcQMEBl4ZgAME
B228AAMEArnSjAMEA7xeqAMDALyiAwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQA
w5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1HegAwQF1ZqgAwQF1aggAwQG
1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IBAQCJ91TG4O3p2LcHlhcoNfn5gh0a
OKkH/tzS9CnKhR66SKWU5j2MH3HKZRwzheAyZ7Z23pNx/ltmm8bB/DnZAArCUu1P
kgtk1/+pGS+xLMyReiWa1BXSfG5dUvh9WYUszT7rrgPnbYzIPGy0wLcLfWUNNNB2
bO5pgV59Lt/aXcusUTbcNmC1/r5A9LvoiQ6SFkDNS5ZSB86x98GDXjhrefxzy2np
WUdG4I/bM2nTQGJ2PLq1CXRAScuuF7ZPZY3SVHBBhFwKLIitu3pKHE+WsErTpbg/
o5+9FVM9PW3xERGtu14PFP57IVGzQo887ElgFFkTGQh9D3fw4TL00YYPtIEb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:18 2025 by rpki-client