Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/E6socxkWbl8cSkEGI2xna9oNwN4.roa
File: E6socxkWbl8cSkEGI2xna9oNwN4.roa (raw, json)
Hash identifier: zn53Qghy8h0f6e7Ts+R0JRz0oWyCnvBESL6kADqGVB4=
Subject key identifier: 13:AB:28:73:19:16:6E:5F:1C:4A:41:06:23:6C:67:6B:DA:0D:C0:DE
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184D30EAC5ECFB0DC5B77235CC22E624090
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/E6socxkWbl8cSkEGI2xna9oNwN4.roa
Signing time: Fri 02 Dec 2022 13:37:44 +0000
ROA not before: Fri 02 Dec 2022 13:37:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31213
IP address blocks: 109.188.0.0/16 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
78.25.120.0/22 maxlen: 22
188.170.80.0/21 maxlen: 21
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
188.170.92.0/22 maxlen: 22
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
37.28.160.0/21 maxlen: 21
37.28.168.0/21 maxlen: 21
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
78.25.96.0/21 maxlen: 21
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
78.25.104.0/22 maxlen: 22
188.170.66.0/24 maxlen: 24
188.170.68.0/24 maxlen: 24
188.170.65.0/24 maxlen: 24
188.170.67.0/24 maxlen: 24
78.25.108.0/22 maxlen: 22
188.170.72.0/21 maxlen: 21
37.29.71.0/24 maxlen: 24
37.29.68.0/23 maxlen: 23
37.29.70.0/24 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
37.29.48.0/21 maxlen: 21
95.137.0.0/17 maxlen: 24
37.29.56.0/21 maxlen: 21
37.29.64.0/22 maxlen: 22
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
81.24.128.0/20 maxlen: 24
195.78.116.0/23 maxlen: 24
83.169.192.0/18 maxlen: 24
109.74.112.0/20 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.149.0.0/21 maxlen: 21
83.222.192.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
212.44.64.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d3:0e:ac:5e:cf:b0:dc:5b:77:23:5c:c2:2e:62:40:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 2 13:37:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=13ab287319166e5f1c4a4106236c676bda0dc0de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:66:19:0f:21:0e:fc:93:64:1f:d7:e2:e0:2c:
39:8b:02:78:e2:21:78:6a:76:53:07:c9:49:d5:24:
8c:00:90:df:7a:76:c1:8c:c8:b0:86:b3:72:13:ad:
64:3c:d2:20:e5:1c:88:13:03:67:d9:89:e9:59:65:
0a:d6:7f:76:f0:98:17:90:24:cd:e6:f1:bb:6f:d6:
81:a5:d0:17:c7:bf:86:77:f3:1c:ff:e7:97:3b:48:
9c:85:b6:8a:7d:09:01:c8:db:77:4d:0c:49:26:a8:
3f:e0:26:8e:15:8c:5b:93:2e:bf:d1:7c:00:ae:61:
a0:a4:40:8d:72:24:77:3b:50:ac:0c:59:58:72:55:
f3:35:a6:da:68:5f:1a:0a:2f:c7:4d:c5:4b:41:9a:
05:97:06:7c:75:e4:a1:14:e6:0a:06:a3:75:f2:b5:
cf:7c:5b:56:86:07:26:8c:b8:52:f2:72:e5:d4:17:
e8:91:3a:fe:d7:75:39:96:86:77:35:43:54:e8:8d:
b0:b4:29:c5:03:07:01:c7:d5:b9:5f:57:15:22:37:
1f:fd:80:b9:91:44:5c:d8:63:fa:6f:ae:b9:ad:5e:
0e:29:c6:7a:41:ca:a5:6d:a1:8b:f3:c3:09:73:56:
52:b8:13:48:a8:af:c7:78:60:11:cc:27:5d:9b:30:
c3:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:AB:28:73:19:16:6E:5F:1C:4A:41:06:23:6C:67:6B:DA:0D:C0:DE
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/E6socxkWbl8cSkEGI2xna9oNwN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/20
37.29.48.0-37.29.71.255
78.25.96.0/20
78.25.120.0/22
80.247.176.0/20
81.24.128.0/20
83.149.0.0/21
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
188.170.65.0-188.170.68.255
188.170.72.0-188.170.87.255
188.170.92.0/22
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
81:e2:7e:b0:49:96:97:8d:d4:78:0c:ac:5b:3e:34:15:39:37:
34:06:ab:bf:d6:a7:89:a1:25:c4:94:15:0b:cb:ce:2a:b8:b0:
02:99:f2:14:f2:04:a2:ef:4e:b1:c4:cf:66:c6:d4:c0:83:a5:
e3:a0:71:15:08:a6:52:29:c0:70:6c:56:e7:5a:93:4f:62:ec:
78:50:9f:e1:1d:f9:8d:45:65:37:aa:9f:cc:51:07:07:5d:bf:
3c:82:6e:7b:64:98:5b:82:e6:62:56:6d:01:1e:17:bc:d0:30:
33:7a:4c:e1:f3:2b:48:b1:c0:c8:5e:bf:87:dc:97:fb:07:b8:
80:ae:62:37:ba:55:3c:bb:39:ac:1d:37:a3:c9:7f:54:c6:6b:
59:e9:bc:0c:82:0a:03:53:25:d1:8e:f6:75:de:7b:70:43:fb:
17:c4:ee:e8:27:a4:9c:45:8e:bd:90:71:7f:38:7e:26:1e:3f:
6b:4e:46:ad:8b:38:f1:f3:b9:60:66:d3:03:6a:d6:81:9c:8c:
ee:46:cd:93:9b:ba:cc:83:be:6a:43:aa:92:32:3a:dc:db:0b:
fe:df:57:5c:1e:aa:a0:32:7e:7a:84:c8:12:e7:bf:ff:2a:d8:
59:72:c1:61:a5:c7:ba:45:b7:cc:06:9b:31:6d:31:93:d8:d5:
32:8c:b1:ab
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISAYTTDqxez7DcW3cjXMIuYkCQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjAyMTMzNzQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2FiMjg3MzE5MTY2ZTVmMWM0YTQxMDYyMzZjNjc2YmRhMGRjMGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmYZDyEO/JNkH9fi4Cw5iwJ44iF4
anZTB8lJ1SSMAJDfenbBjMiwhrNyE61kPNIg5RyIEwNn2YnpWWUK1n928JgXkCTN
5vG7b9aBpdAXx7+Gd/Mc/+eXO0ichbaKfQkByNt3TQxJJqg/4CaOFYxbky6/0XwA
rmGgpECNciR3O1CsDFlYclXzNabaaF8aCi/HTcVLQZoFlwZ8deShFOYKBqN18rXP
fFtWhgcmjLhS8nLl1BfokTr+13U5loZ3NUNU6I2wtCnFAwcBx9W5X1cVIjcf/YC5
kURc2GP6b665rV4OKcZ6QcqlbaGL88MJc1ZSuBNIqK/HeGARzCddmzDDiQIDAQAB
o4IDHzCCAxswHQYDVR0OBBYEFBOrKHMZFm5fHEpBBiNsZ2vaDcDeMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvRTZzb2N4a1dibDhjU2tFR0kyeG5hOW9Od040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMwYIKwYBBQUHAQcBAf8EggEiMIIBHjCCARoEAgABMIIB
EgMEBCUcoDAMAwQEJR0wAwQDJR1AAwQEThlgAwQCThl4AwQEUPewAwQEURiAAwQD
U5UAAwQGU6nAAwQFU97AAwQHU+WAAwQHVRqAAwQFVm3AAwQCW8HUAwQHXZmAAwQH
XhmAAwQHX4kAAwQEbUpwAwQGbXxAAwMAbbwDBAaAzEADBAOyF5ADBAK5AyADBAK5
0owDBAO8XqgDAwC8ojAMAwQAvKpBAwQAvKpEMAwDBAO8qkgDBAO8qlADBAK8qlwD
BALByeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXULEAD
BAXURWADBAXUd6ADBAXVmqADBAXVqCADBAbV80ADBATZc1AwDQYJKoZIhvcNAQEL
BQADggEBAIHifrBJlpeN1HgMrFs+NBU5NzQGq7/Wp4mhJcSUFQvLziq4sAKZ8hTy
BKLvTrHEz2bG1MCDpeOgcRUIplIpwHBsVudak09i7HhQn+Ed+Y1FZTeqn8xRBwdd
vzyCbntkmFuC5mJWbQEeF7zQMDN6TOHzK0ixwMhev4fcl/sHuICuYje6VTy7Oawd
N6PJf1TGa1npvAyCCgNTJdGO9nXee3BD+xfE7ugnpJxFjr2QcX84fiYeP2tORq2L
OPHzuWBm0wNq1oGcjO5GzZObusyDvmpDqpIyOtzbC/7fV1weqqAyfnqEyBLnv/8q
2FlywWGlx7pFt8wGmzFtMZPY1TKMsas=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org