Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/EX2X5cKFavJR89CSYf3E6Wr9OuQ.roa
File: EX2X5cKFavJR89CSYf3E6Wr9OuQ.roa (raw, json)
Hash identifier: rPfRD+raokR6Ci6Vy9XhVS4IJtj651X6Z+HhExUNHXs=
Subject key identifier: 11:7D:97:E5:C2:85:6A:F2:51:F3:D0:92:61:FD:C4:E9:6A:FD:3A:E4
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184D30EA85273085C20DA8DE5040DA6F0D8
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/EX2X5cKFavJR89CSYf3E6Wr9OuQ.roa
Signing time: Fri 02 Dec 2022 13:37:43 +0000
ROA not before: Fri 02 Dec 2022 13:37:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31088
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
81.24.128.0/20 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
109.74.112.0/20 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d3:0e:a8:52:73:08:5c:20:da:8d:e5:04:0d:a6:f0:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 2 13:37:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=117d97e5c2856af251f3d09261fdc4e96afd3ae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c7:25:92:af:4e:5c:52:be:ad:7d:f2:b2:eb:
dc:73:e6:d8:b1:1c:e6:2b:6f:1f:35:54:cb:46:f2:
16:4a:cf:07:1f:51:c2:62:5e:32:86:9a:83:3d:bb:
ff:e3:8d:ce:eb:62:2e:f8:22:9e:05:f8:37:9f:ad:
34:72:a3:6a:0b:93:0b:9f:7d:2a:ba:49:70:1a:73:
4b:4f:b9:c6:07:e0:37:b8:f9:d6:2e:d9:94:a4:16:
51:92:fa:e2:60:e3:85:25:41:c8:73:98:39:b7:13:
3d:f2:a5:21:77:51:b7:75:00:19:c8:dd:1f:97:2d:
2d:35:f3:e1:8e:ed:09:e0:a6:38:c8:cc:37:8a:54:
19:7d:e9:46:6e:51:f6:aa:7b:63:03:d9:b1:65:ad:
c3:ab:2b:9a:de:c3:17:e4:24:e0:b7:ca:d4:f9:7b:
e0:82:3b:79:c9:1b:61:6a:50:9d:8e:c3:9b:12:2f:
41:51:3c:56:e3:65:01:81:af:ce:cd:92:8b:9d:c8:
6f:b9:9c:d3:32:80:81:c7:d3:b9:39:46:0e:f0:3c:
33:75:ad:84:49:92:8c:86:b7:48:0a:5e:e7:80:1d:
20:b5:fa:f7:00:3b:e6:32:26:1c:22:65:05:31:78:
f6:0b:3b:c0:a2:84:36:f8:ab:a5:fd:0d:ca:a0:5d:
ea:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:7D:97:E5:C2:85:6A:F2:51:F3:D0:92:61:FD:C4:E9:6A:FD:3A:E4
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/EX2X5cKFavJR89CSYf3E6Wr9OuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
4f:1d:35:3c:5e:fb:fc:d7:85:84:ea:0d:b2:12:d2:9f:e3:98:
db:d1:fa:11:ad:e5:f2:db:33:4b:24:cc:92:fc:79:6a:37:10:
b3:d6:ce:0c:df:3c:e6:e2:12:ce:c3:95:a5:5e:1a:08:8b:bd:
b3:94:4e:7e:a3:fa:81:ce:ac:f9:9b:a5:f2:c5:02:13:d4:88:
fb:cd:5e:c1:0e:0d:58:6b:f3:2c:9d:19:42:17:28:49:4c:58:
e1:5d:e9:c8:a6:df:28:09:24:fb:4e:be:6c:20:15:97:3c:df:
eb:2a:30:ea:ad:95:f4:22:e8:ae:06:43:1e:62:26:07:06:01:
cc:c5:7d:98:cd:94:f9:69:fa:71:5c:13:0c:48:f2:00:58:4e:
da:bb:bf:31:70:f0:1f:dd:ef:50:71:6e:d9:35:69:27:fd:40:
34:ca:c6:73:33:55:48:30:1d:70:66:0e:f4:57:4d:09:7d:d3:
3c:16:2c:2d:e3:05:ea:60:30:e6:7c:02:d9:56:06:80:c0:9c:
0e:26:02:f9:f1:d2:15:b7:91:64:1f:17:b2:08:a9:71:66:61:
9b:31:f2:0d:bf:db:02:aa:6e:30:cd:91:ae:62:f9:07:ac:71:
0c:ba:b6:f9:07:9d:2d:bf:8f:cb:8c:e4:03:b9:aa:5d:85:a9:
d9:2a:08:c8
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAYTTDqhScwhcINqN5QQNpvDYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjAyMTMzNzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTdkOTdlNWMyODU2YWYyNTFmM2QwOTI2MWZkYzRlOTZhZmQzYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcclkq9OXFK+rX3ysuvcc+bYsRzm
K28fNVTLRvIWSs8HH1HCYl4yhpqDPbv/443O62Iu+CKeBfg3n600cqNqC5MLn30q
uklwGnNLT7nGB+A3uPnWLtmUpBZRkvriYOOFJUHIc5g5txM98qUhd1G3dQAZyN0f
ly0tNfPhju0J4KY4yMw3ilQZfelGblH2qntjA9mxZa3Dqyua3sMX5CTgt8rU+Xvg
gjt5yRthalCdjsObEi9BUTxW42UBga/OzZKLnchvuZzTMoCBx9O5OUYO8Dwzda2E
SZKMhrdICl7ngB0gtfr3ADvmMiYcImUFMXj2CzvAooQ2+Kul/Q3KoF3qLwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFBF9l+XChWryUfPQkmH9xOlq/TrkMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvRVgyWDVjS0ZhdkpSODlDU1lmM0U2V3I5T3VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBARQ
97ADBARRGIADBAZTqcADBAVT3sADBAdT5YADBAdVGoADBAVWbcADBAJbwdQDBAdd
mYADBAdeGYADBAdfiQADBARtSnADBAZtfEADAwBtvAMEBoDMQAMEA7IXkAMEArkD
IAMEArnSjAMEA7xeqAMDALyiAwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQAw5Vv
AwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1HegAwQF1ZqgAwQF1aggAwQG1fNA
AwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IBAQBPHTU8Xvv814WE6g2yEtKf45jb0foR
reXy2zNLJMyS/HlqNxCz1s4M3zzm4hLOw5WlXhoIi72zlE5+o/qBzqz5m6XyxQIT
1Ij7zV7BDg1Ya/MsnRlCFyhJTFjhXenIpt8oCST7Tr5sIBWXPN/rKjDqrZX0Iuiu
BkMeYiYHBgHMxX2YzZT5afpxXBMMSPIAWE7au78xcPAf3e9QcW7ZNWkn/UA0ysZz
M1VIMB1wZg70V00JfdM8Fiwt4wXqYDDmfALZVgaAwJwOJgL58dIVt5FkHxeyCKlx
ZmGbMfINv9sCqm4wzZGuYvkHrHEMurb5B50tv4/LjOQDuapdhanZKgjI
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org