Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/EHkl80WthSPItuN18OPRnQzfauI.roa
File: EHkl80WthSPItuN18OPRnQzfauI.roa (raw, json)
Hash identifier: AYtlbnhpFX1Tb3lxee565XNPNHB4gXQjHvPc+77nB/c=
Subject key identifier: 10:79:25:F3:45:AD:85:23:C8:B6:E3:75:F0:E3:D1:9D:0C:DF:6A:E2
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F14BBAE468A0FDC7D6C97591A8E8B9E6
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/EHkl80WthSPItuN18OPRnQzfauI.roa
Signing time: Thu 08 Dec 2022 10:33:02 +0000
ROA not before: Thu 08 Dec 2022 10:33:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31208
IP address blocks: 109.188.0.0/16 maxlen: 24
195.16.96.0/19 maxlen: 24
178.178.84.0/22 maxlen: 22
178.178.82.0/24 maxlen: 24
178.178.80.0/23 maxlen: 23
193.201.228.0/22 maxlen: 24
178.178.131.0/24 maxlen: 24
178.178.130.0/24 maxlen: 24
178.23.144.0/21 maxlen: 24
178.178.129.0/24 maxlen: 24
178.178.132.0/24 maxlen: 24
178.178.128.0/24 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
212.69.96.0/19 maxlen: 24
185.210.140.0/22 maxlen: 24
178.176.230.0/23 maxlen: 23
212.119.160.0/19 maxlen: 24
37.28.186.0/24 maxlen: 24
188.170.50.0/24 maxlen: 24
37.28.184.0/24 maxlen: 24
188.170.48.0/24 maxlen: 24
37.28.185.0/24 maxlen: 24
188.170.49.0/24 maxlen: 24
188.170.54.0/24 maxlen: 24
188.170.55.0/24 maxlen: 24
37.28.187.0/24 maxlen: 24
188.170.56.0/24 maxlen: 24
188.170.52.0/24 maxlen: 24
188.170.57.0/24 maxlen: 24
188.170.53.0/24 maxlen: 24
188.170.62.0/24 maxlen: 24
188.170.63.0/24 maxlen: 24
188.170.59.0/24 maxlen: 24
188.170.60.0/24 maxlen: 24
188.170.61.0/24 maxlen: 24
37.29.75.0/24 maxlen: 24
37.29.74.0/24 maxlen: 24
37.29.73.0/24 maxlen: 24
37.29.72.0/24 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
178.176.58.0/24 maxlen: 24
178.176.56.0/24 maxlen: 24
178.176.57.0/24 maxlen: 24
178.176.62.0/24 maxlen: 24
178.176.63.0/24 maxlen: 24
178.176.59.0/24 maxlen: 24
178.176.60.0/24 maxlen: 24
178.176.61.0/24 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
83.149.41.0/24 maxlen: 24
83.149.44.0/23 maxlen: 23
83.149.40.0/24 maxlen: 24
83.149.42.0/23 maxlen: 23
195.78.116.0/23 maxlen: 24
83.149.46.0/23 maxlen: 23
83.169.212.0/24 maxlen: 24
83.169.208.0/24 maxlen: 24
83.169.213.0/24 maxlen: 24
83.169.209.0/24 maxlen: 24
83.169.210.0/24 maxlen: 24
83.169.211.0/24 maxlen: 24
83.169.214.0/24 maxlen: 24
83.169.215.0/24 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
178.178.135.0/24 maxlen: 24
178.178.134.0/24 maxlen: 24
178.178.137.0/24 maxlen: 24
178.178.133.0/24 maxlen: 24
178.178.136.0/24 maxlen: 24
178.178.143.0/24 maxlen: 24
178.178.142.0/24 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
46.229.136.0/22 maxlen: 22
46.229.141.0/24 maxlen: 24
46.229.140.0/24 maxlen: 24
46.229.143.0/24 maxlen: 24
46.229.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:4b:ba:e4:68:a0:fd:c7:d6:c9:75:91:a8:e8:b9:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 10:33:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=107925f345ad8523c8b6e375f0e3d19d0cdf6ae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:26:78:84:96:7c:ce:e0:cf:ae:92:a3:ef:08:
67:78:cd:8f:cc:8d:44:e8:2f:4a:de:2a:3d:da:67:
91:7f:e7:9b:cb:1b:46:fe:7b:c2:2e:1d:03:a6:43:
e2:24:80:b6:82:72:d0:7a:a3:3e:89:5c:eb:e0:e8:
46:0d:3c:60:88:55:80:7d:05:53:ee:a4:05:40:9e:
88:84:d5:cb:5e:84:c6:4f:eb:8b:5d:87:3a:01:ba:
b4:47:e5:05:3c:e4:1d:83:b2:d6:52:d5:bc:fd:e2:
93:f8:da:26:3c:a3:9e:5f:d9:0c:97:b2:8e:dc:a5:
27:04:6d:3c:68:d3:42:cb:46:f7:74:e0:e3:8c:6e:
7e:c4:32:eb:66:02:f5:af:61:22:55:bc:73:79:07:
a3:ed:22:f1:8c:f9:a2:e9:5e:cf:75:9d:a3:90:47:
05:72:dd:8f:b1:04:92:85:37:66:cd:54:ec:70:99:
0a:be:ba:aa:bf:b3:bf:2f:5b:02:f8:64:54:5c:5b:
45:09:85:e4:dc:0a:c3:fa:91:12:e2:fb:1e:80:01:
31:f9:69:be:5a:0d:20:f2:4a:99:56:fd:b9:09:93:
18:7b:7a:56:6c:f9:65:0d:e6:26:1f:f5:51:7d:d4:
f7:2b:09:5c:bd:fd:7c:bf:dd:c8:b6:c7:fc:3f:f7:
0b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:79:25:F3:45:AD:85:23:C8:B6:E3:75:F0:E3:D1:9D:0C:DF:6A:E2
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/EHkl80WthSPItuN18OPRnQzfauI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.184.0/22
37.29.72.0/22
46.229.136.0/21
83.149.40.0/21
83.169.208.0/21
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.56.0/21
178.176.230.0/23
178.178.80.0-178.178.82.255
178.178.84.0/22
178.178.128.0-178.178.137.255
178.178.142.0/23
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
188.170.48.0-188.170.50.255
188.170.52.0-188.170.57.255
188.170.59.0-188.170.63.255
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
a4:e6:3e:dd:22:2e:91:79:0c:78:bd:54:b4:e1:52:3b:eb:ab:
a1:2b:69:ea:ac:c6:2e:93:3b:34:be:66:1e:db:08:1e:1b:5f:
25:2f:3e:ce:15:a1:b7:10:79:51:38:a6:2d:93:f8:b8:0c:d7:
3e:70:74:69:c9:23:c1:5f:28:c2:0a:17:16:b7:85:4c:bf:5f:
ec:e2:8b:19:40:6c:2d:be:c5:23:93:27:92:2d:d2:8b:a0:f6:
4e:58:45:18:29:8f:40:17:e5:42:bd:ef:8f:fd:ff:23:49:27:
d7:99:c8:28:b3:a3:bf:98:62:2b:c1:bf:91:6f:a9:18:c9:41:
91:d5:61:d6:73:ec:16:30:15:dd:0e:1b:04:2c:af:e6:78:77:
4d:0e:51:ef:83:0b:59:ad:87:66:ae:20:7e:ba:0e:01:c9:51:
ee:b3:90:da:52:4e:8e:68:54:5f:8a:5f:32:df:fe:ec:af:f9:
f5:da:44:f7:c3:41:b2:da:ea:1b:01:e7:0b:fc:7b:74:b2:e0:
5d:8c:cc:77:ee:b6:67:32:28:44:63:ca:26:ab:34:f8:f3:60:
af:76:90:3b:bd:f6:65:23:8d:f4:ba:9f:63:1d:f5:16:93:73:
d8:83:04:2d:2f:d9:8d:06:77:c8:73:83:29:7f:2e:c2:15:aa:
74:3f:e5:41
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAYTxS7rkaKD9x9bJdZGo6LnmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTAzMzAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDc5MjVmMzQ1YWQ4NTIzYzhiNmUzNzVmMGUzZDE5ZDBjZGY2YWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiZ4hJZ8zuDPrpKj7whneM2PzI1E
6C9K3io92meRf+ebyxtG/nvCLh0DpkPiJIC2gnLQeqM+iVzr4OhGDTxgiFWAfQVT
7qQFQJ6IhNXLXoTGT+uLXYc6Abq0R+UFPOQdg7LWUtW8/eKT+NomPKOeX9kMl7KO
3KUnBG08aNNCy0b3dODjjG5+xDLrZgL1r2EiVbxzeQej7SLxjPmi6V7PdZ2jkEcF
ct2PsQSShTdmzVTscJkKvrqqv7O/L1sC+GRUXFtFCYXk3ArD+pES4vsegAEx+Wm+
Wg0g8kqZVv25CZMYe3pWbPllDeYmH/VRfdT3Kwlcvf18v93Itsf8P/cLSQIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFBB5JfNFrYUjyLbjdfDj0Z0M32riMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvRUhrbDgwV3RoU1BJdHVOMThPUFJuUXpmYXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCCAQUEAgABMIH+
AwQCJRy4AwQCJR1IAwQDLuWIAwQDU5UoAwQDU6nQAwQGbXxAAwMAbbwDBAaAzEAD
BAOyF5ADBAOysDgDBAGysOYwDAMEBLKyUAMEALKyUgMEArKyVDAMAwQHsrKAAwQB
srKIAwQBsrKOAwQCuQMgAwQCudKMAwQDvF6oAwMAvKIwDAMEBLyqMAMEALyqMjAM
AwQCvKo0AwQBvKo4MAwDBAC8qjsDBAa8qgADBALByeQDBAXDBYADBAXDEGADBAHD
TnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXURWADBAXUd6ADBAXVmqADBAXV
qCADBAbV80ADBATZc1AwDQYJKoZIhvcNAQELBQADggEBAKTmPt0iLpF5DHi9VLTh
Ujvrq6Eraeqsxi6TOzS+Zh7bCB4bXyUvPs4VobcQeVE4pi2T+LgM1z5wdGnJI8Ff
KMIKFxa3hUy/X+ziixlAbC2+xSOTJ5It0oug9k5YRRgpj0AX5UK974/9/yNJJ9eZ
yCizo7+YYivBv5FvqRjJQZHVYdZz7BYwFd0OGwQsr+Z4d00OUe+DC1mth2auIH66
DgHJUe6zkNpSTo5oVF+KXzLf/uyv+fXaRPfDQbLa6hsB5wv8e3Sy4F2MzHfutmcy
KERjyiarNPjzYK92kDu99mUjjfS6n2Md9RaTc9iDBC0v2Y0Gd8hzgyl/LsIVqnQ/
5UE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org