Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/F08cVjHjFMg-_wWZa9D5kggTgkU.roa
File: F08cVjHjFMg-_wWZa9D5kggTgkU.roa (raw, json)
Hash identifier: UVTlE/Q185YTzigJvZWDCmDVEPPRToFKFXD07U2GT6o=
Subject key identifier: 17:4F:1C:56:31:E3:14:C8:3E:FF:05:99:6B:D0:F9:92:08:13:82:45
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184D29A7D4730CF0E726C3AC6C3B47AA9CA
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/F08cVjHjFMg-_wWZa9D5kggTgkU.roa
Signing time: Fri 02 Dec 2022 11:30:50 +0000
ROA not before: Fri 02 Dec 2022 11:30:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31268
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
81.24.128.0/20 maxlen: 24
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:9a:7d:47:30:cf:0e:72:6c:3a:c6:c3:b4:7a:a9:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 2 11:30:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=174f1c5631e314c83eff05996bd0f99208138245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ca:dc:b2:eb:5b:19:c3:65:ec:d8:c4:50:25:
df:8e:16:97:a4:bc:06:d7:cb:37:09:8c:41:e6:e0:
b6:fe:36:9e:da:56:68:c0:65:4e:a2:2d:18:bb:3d:
95:6f:3c:70:46:4c:d4:c1:8f:60:81:93:8c:1c:c2:
a3:da:2f:42:da:62:67:7e:e2:bf:35:a8:31:d7:17:
eb:69:d2:a9:99:0c:1d:6c:fa:95:ac:fb:fe:49:3d:
05:31:ed:e4:f4:d4:78:b6:ae:41:91:80:9a:4e:cf:
db:3b:10:86:aa:0a:04:76:18:87:67:40:36:25:87:
28:86:f8:cb:ad:a9:c1:91:1b:86:12:8b:93:1c:1c:
37:24:18:3c:5f:01:45:e3:9c:7c:82:59:92:4f:af:
bd:3d:2f:d6:7d:74:b6:8c:c6:12:d3:68:fb:b7:1d:
9e:7b:f9:48:91:af:9e:d5:2d:c2:3f:45:99:8f:65:
b0:b6:0d:a6:6f:86:37:08:1f:5a:be:50:0e:62:6b:
7b:cb:3c:ce:fb:21:5b:ae:92:b9:ed:c1:ac:40:f7:
68:89:52:0c:5b:63:f2:74:de:c8:9a:0b:d8:a6:7a:
9b:a1:24:d2:7e:73:81:21:cc:e3:5b:05:e7:de:0a:
ae:70:9d:b9:51:9f:c7:57:9a:7e:12:c9:7f:cd:b0:
f6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:4F:1C:56:31:E3:14:C8:3E:FF:05:99:6B:D0:F9:92:08:13:82:45
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/F08cVjHjFMg-_wWZa9D5kggTgkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
3f:dd:7c:af:fc:5a:30:18:0e:12:fa:f6:da:04:b7:2a:af:7b:
8c:c5:c9:3d:49:a4:16:61:1d:18:46:a6:96:c5:14:5f:eb:6d:
cf:da:06:4d:ed:a0:30:2b:db:ca:91:d6:5c:16:c7:dd:84:4e:
45:07:68:4f:12:98:2d:6f:82:07:46:ca:b6:2d:a4:59:45:cf:
cc:db:9b:19:c7:09:dd:73:7f:8b:13:fb:86:cf:5d:29:12:6f:
c0:dd:1e:db:45:9b:89:51:da:d6:c4:7b:77:ae:23:be:db:c0:
37:c0:c0:7f:97:ab:81:82:4a:a9:37:58:d0:f6:f2:22:3f:1e:
4a:96:2c:49:87:d1:d4:87:d1:11:6b:fb:91:e5:cd:d3:80:7b:
0f:8c:81:ef:00:a0:6f:8c:3d:a9:73:14:37:70:b0:9a:f8:d8:
23:1b:f6:85:5c:64:cc:58:9b:fa:6b:0a:29:6e:08:4d:bc:1b:
88:9a:d7:72:7c:41:08:5f:06:dd:4c:1f:15:3e:df:25:3b:41:
da:70:e5:ba:3c:8e:16:ab:96:55:83:78:78:06:17:1f:8c:34:
81:d7:75:37:15:e7:9f:b0:13:23:c0:2a:31:88:4a:89:2a:1d:
85:5b:e6:df:ab:0f:fc:8d:db:6b:92:56:17:72:98:e4:8d:1f:
ae:42:62:58
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYTSmn1HMM8Ocmw6xsO0eqnKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjAyMTEzMDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzRmMWM1NjMxZTMxNGM4M2VmZjA1OTk2YmQwZjk5MjA4MTM4MjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcrcsutbGcNl7NjEUCXfjhaXpLwG
18s3CYxB5uC2/jae2lZowGVOoi0Yuz2VbzxwRkzUwY9ggZOMHMKj2i9C2mJnfuK/
Nagx1xfradKpmQwdbPqVrPv+ST0FMe3k9NR4tq5BkYCaTs/bOxCGqgoEdhiHZ0A2
JYcohvjLranBkRuGEouTHBw3JBg8XwFF45x8glmST6+9PS/WfXS2jMYS02j7tx2e
e/lIka+e1S3CP0WZj2Wwtg2mb4Y3CB9avlAOYmt7yzzO+yFbrpK57cGsQPdoiVIM
W2PydN7ImgvYpnqboSTSfnOBIczjWwXn3gqucJ25UZ/HV5p+Esl/zbD2BQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFBdPHFYx4xTIPv8FmWvQ+ZIIE4JFMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvRjA4Y1ZqSGpGTWctX3dXWmE5RDVrZ2dUZ2tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAJO
KWQDBANPqwgDBARQ97ADBARRGIADBAZTqcADBAVT3sADBAdT5YADBAdVGoADBAVW
bcADBAJbwdQDBAddmYADBAdeGYADBAdfiQADBARtSnADBAZtfEADAwBtvAMEBoDM
QAMEA7IXkAMEArkDIAMEArnSjAMEA7xeqAMDALyiAwQCwcnkAwQFwwWAAwQFwxBg
AwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1HegAwQF1Zqg
AwQF1aggAwQG1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IBAQA/3Xyv/FowGA4S
+vbaBLcqr3uMxck9SaQWYR0YRqaWxRRf623P2gZN7aAwK9vKkdZcFsfdhE5FB2hP
Epgtb4IHRsq2LaRZRc/M25sZxwndc3+LE/uGz10pEm/A3R7bRZuJUdrWxHt3riO+
28A3wMB/l6uBgkqpN1jQ9vIiPx5KlixJh9HUh9ERa/uR5c3TgHsPjIHvAKBvjD2p
cxQ3cLCa+NgjG/aFXGTMWJv6awopbghNvBuImtdyfEEIXwbdTB8VPt8lO0HacOW6
PI4Wq5ZVg3h4BhcfjDSB13U3FeefsBMjwCoxiEqJKh2FW+bfqw/8jdtrklYXcpjk
jR+uQmJY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:12 2025 by rpki-client