Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/DUX-YsUQpIJr_ExbA99gti78ZTo.roa
File: DUX-YsUQpIJr_ExbA99gti78ZTo.roa (raw, json)
Hash identifier: bKHX/vnQbGbZ/6nwWH3WwDUDo01EycaPusaY10zMJTc=
Subject key identifier: 0D:45:FE:62:C5:10:A4:82:6B:FC:4C:5B:03:DF:60:B6:2E:FC:65:3A
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184C3EFC789CB3BD3A11D44A839DD03FBDB
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/DUX-YsUQpIJr_ExbA99gti78ZTo.roa
Signing time: Tue 29 Nov 2022 15:09:42 +0000
ROA not before: Tue 29 Nov 2022 15:09:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24866
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
81.24.128.0/20 maxlen: 24
78.41.100.0/22 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
78.25.64.0/18 maxlen: 24
185.210.140.0/22 maxlen: 24
178.176.227.0/24 maxlen: 24
212.119.160.0/19 maxlen: 24
178.176.229.0/24 maxlen: 24
178.176.228.0/24 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c3:ef:c7:89:cb:3b:d3:a1:1d:44:a8:39:dd:03:fb:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Nov 29 15:09:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d45fe62c510a4826bfc4c5b03df60b62efc653a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:02:39:7f:92:e9:ad:18:b2:a1:1b:a3:16:4c:
fa:fe:12:10:dd:90:e6:e6:25:74:73:65:88:72:3b:
ab:b3:24:60:cb:b1:53:36:a3:a5:29:49:64:dc:02:
c8:8c:05:1f:c5:7f:46:1f:67:c7:d1:63:57:67:2f:
93:5b:62:37:fc:7a:8d:1a:17:7a:c1:78:78:8c:85:
98:c3:13:c8:63:b0:83:35:8f:bd:ef:5e:1e:b3:94:
21:30:e1:9a:db:4d:40:2e:36:f3:7b:58:f7:d4:eb:
17:d0:ce:a6:c1:c1:d2:27:b0:ca:28:65:6e:09:9e:
df:a5:fe:39:32:7b:fb:eb:0c:1f:49:ff:e6:59:2d:
54:32:aa:ac:9e:b8:dd:0a:71:a1:a4:09:5c:60:0b:
16:af:2d:11:73:f8:08:2b:b3:72:84:e1:bc:9e:5f:
90:1d:d1:52:6a:95:bc:14:83:e0:69:6b:88:f0:ab:
8d:59:d7:df:63:4f:e4:3b:4c:56:78:2a:a5:ef:1c:
cd:4f:e6:53:51:13:1c:af:32:96:2c:6c:b4:49:ff:
bd:7a:d0:fa:f1:16:9d:a9:82:a3:2d:e7:07:da:08:
7f:52:8e:a1:b3:08:34:cb:a5:8b:ee:da:55:cb:f4:
2f:c6:80:8b:75:98:c5:2d:b4:71:b0:0e:17:3d:4e:
fd:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:45:FE:62:C5:10:A4:82:6B:FC:4C:5B:03:DF:60:B6:2E:FC:65:3A
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/DUX-YsUQpIJr_ExbA99gti78ZTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.227.0-178.176.229.255
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
97:d4:cd:3e:73:d2:4f:36:67:ef:99:7a:0f:41:c2:e5:64:7b:
ff:2d:8c:73:27:2f:2e:78:81:9a:22:88:da:bc:d7:d4:cd:8d:
3d:3d:4a:a0:30:0d:75:fd:d1:60:ba:7d:37:ae:d7:61:74:17:
a5:b5:ff:ec:7d:f4:0a:59:e1:7b:69:8d:d7:47:71:bb:0b:96:
d7:75:8c:e9:d1:07:d2:2c:51:aa:2e:fe:64:a1:a2:ab:c1:bc:
4a:99:e4:24:68:db:91:1d:13:2d:0c:fd:c6:5e:6c:d2:f8:7d:
5f:5e:5d:3c:69:6d:41:f8:c8:f5:5a:90:16:af:d2:7b:84:55:
bd:49:55:6e:c1:48:e2:e7:94:91:19:7b:b4:97:5d:85:71:37:
25:d9:e7:7e:46:f4:f8:98:b8:e0:0b:5f:85:dc:4b:5f:0a:db:
0a:ba:e6:43:20:b8:1f:3f:dd:f3:a3:bd:5b:2e:6c:14:86:4f:
96:4e:0c:c0:5f:16:2d:44:e9:8d:62:db:f2:ae:8e:15:1f:5e:
ed:b5:ba:3a:05:96:5e:3d:7d:e4:76:9e:97:3e:b6:fa:5d:af:
5f:bb:ad:07:c0:0c:e4:a7:3f:33:a6:ab:5b:0e:00:69:77:da:
6f:39:4a:0f:c5:94:d4:f4:dd:80:bf:18:28:f9:ee:83:4d:5b:
d5:c7:54:90
-----BEGIN CERTIFICATE-----
MIIF7TCCBNWgAwIBAgISAYTD78eJyzvToR1EqDndA/vbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMTI5MTUwOTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDQ1ZmU2MmM1MTBhNDgyNmJmYzRjNWIwM2RmNjBiNjJlZmM2NTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugI5f5LprRiyoRujFkz6/hIQ3ZDm
5iV0c2WIcjursyRgy7FTNqOlKUlk3ALIjAUfxX9GH2fH0WNXZy+TW2I3/HqNGhd6
wXh4jIWYwxPIY7CDNY+9714es5QhMOGa201ALjbze1j31OsX0M6mwcHSJ7DKKGVu
CZ7fpf45Mnv76wwfSf/mWS1UMqqsnrjdCnGhpAlcYAsWry0Rc/gIK7NyhOG8nl+Q
HdFSapW8FIPgaWuI8KuNWdffY0/kO0xWeCql7xzNT+ZTURMcrzKWLGy0Sf+9etD6
8RadqYKjLecH2gh/Uo6hswg0y6WL7tpVy/QvxoCLdZjFLbRxsA4XPU79NQIDAQAB
o4IC+TCCAvUwHQYDVR0OBBYEFA1F/mLFEKSCa/xMWwPfYLYu/GU6MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvRFVYLVlzVVFwSUpyX0V4YkE5OWd0aTc4WlRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDQYIKwYBBQUHAQcBAf8Egf0wgfowgfcEAgABMIHwAwQF
TemgAwQGThlAAwQCTilkAwQDT6sIAwQEUPewAwQEURiAAwQGU6nAAwQFU97AAwQH
U+WAAwQHVRqAAwQFVm3AAwQCW8HUAwQHXZmAAwQHXhmAAwQHX4kAAwQEbUpwAwQG
bXxAAwMAbbwDBAaAzEADBAOyF5AwDAMEALKw4wMEAbKw5AMEArkDIAMEArnSjAME
A7xeqAMDALyiAwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQAw5VvAwQFw+ZAAwQF
1A6gAwQF1CxAAwQF1EVgAwQF1HegAwQF1ZqgAwQF1aggAwQG1fNAAwQE2XNQMA0G
CSqGSIb3DQEBCwUAA4IBAQCX1M0+c9JPNmfvmXoPQcLlZHv/LYxzJy8ueIGaIoja
vNfUzY09PUqgMA11/dFgun03rtdhdBeltf/sffQKWeF7aY3XR3G7C5bXdYzp0QfS
LFGqLv5koaKrwbxKmeQkaNuRHRMtDP3GXmzS+H1fXl08aW1B+Mj1WpAWr9J7hFW9
SVVuwUji55SRGXu0l12FcTcl2ed+RvT4mLjgC1+F3EtfCtsKuuZDILgfP93zo71b
LmwUhk+WTgzAXxYtROmNYtvyro4VH17ttbo6BZZePX3kdp6XPrb6Xa9fu60HwAzk
pz8zpqtbDgBpd9pvOUoPxZTU9N2Avxgo+e6DTVvVx1SQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:00 2025 by rpki-client