Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/FjCyIq3dX5Msq9MxQkdtxo5iTRQ.roa
File: FjCyIq3dX5Msq9MxQkdtxo5iTRQ.roa (raw, json)
Hash identifier: geBJVNI7UaQOY8dX7v//sdCubpa4v7ZYqaMwJmVQyf4=
Subject key identifier: 16:30:B2:22:AD:DD:5F:93:2C:AB:D3:31:42:47:6D:C6:8E:62:4D:14
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505910B8BDE3B466A9D2684B1871FF994
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/FjCyIq3dX5Msq9MxQkdtxo5iTRQ.roa
Signing time: Mon 12 Dec 2022 09:01:09 +0000
ROA not before: Mon 12 Dec 2022 09:01:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20632
IP address blocks: 84.204.230.0/24 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
84.204.160.0/20 maxlen: 20
82.196.64.0/19 maxlen: 19
84.204.176.0/21 maxlen: 21
81.24.128.0/20 maxlen: 20
79.171.8.0/21 maxlen: 21
84.204.188.0/22 maxlen: 22
84.204.192.0/18 maxlen: 18
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
109.124.108.0/22 maxlen: 22
217.195.64.0/19 maxlen: 19
109.124.64.0/18 maxlen: 18
213.172.0.0/19 maxlen: 19
84.204.0.0/17 maxlen: 17
93.153.128.0/17 maxlen: 17
93.153.144.0/21 maxlen: 21
93.153.158.0/24 maxlen: 24
188.162.0.0/16 maxlen: 24
93.153.162.0/24 maxlen: 24
93.153.161.0/24 maxlen: 24
195.144.224.0/19 maxlen: 19
212.119.160.0/19 maxlen: 19
80.247.176.0/20 maxlen: 20
81.3.128.0/18 maxlen: 18
84.204.132.0/22 maxlen: 22
94.25.248.0/21 maxlen: 21
84.204.139.0/24 maxlen: 24
84.204.138.0/24 maxlen: 24
213.182.160.0/19 maxlen: 19
84.204.136.0/24 maxlen: 24
84.204.140.0/22 maxlen: 22
84.204.144.0/20 maxlen: 20
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 19
82.140.64.0/18 maxlen: 18
82.140.93.0/24 maxlen: 24
95.137.0.0/17 maxlen: 17
46.47.192.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:91:0b:8b:de:3b:46:6a:9d:26:84:b1:87:1f:f9:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:01:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1630b222addd5f932cabd33142476dc68e624d14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b8:41:3c:53:07:92:82:43:1d:a4:9e:d5:0d:
eb:4b:4b:84:71:1d:2f:b9:0a:e6:70:35:d0:64:ad:
1f:5b:3d:cc:90:66:b3:fa:50:c9:40:f6:68:75:9c:
c5:d0:07:9f:01:2f:91:b7:b4:ec:06:63:86:25:a0:
cb:0a:9e:d4:03:6f:a2:c9:97:8d:5f:82:92:fa:8e:
d4:8c:3e:c2:99:58:74:3a:94:43:ea:52:00:8a:e9:
f0:e5:32:dd:b8:8c:59:08:ed:bf:f3:e4:7a:c8:f5:
4d:32:4e:f4:d4:a2:f5:16:44:1b:67:36:74:03:b6:
37:d6:f0:63:33:b4:c0:c3:74:b5:69:99:d2:1a:50:
44:ac:de:25:cd:3c:8d:9d:55:5b:10:95:9a:a4:c3:
6f:01:27:8e:be:98:49:64:9f:3a:7e:68:3d:85:23:
25:78:62:61:5e:db:df:ee:23:fa:d1:eb:75:20:b4:
ed:72:e2:17:f1:cb:d9:9b:5b:de:7d:8b:37:13:e3:
67:2c:c6:33:87:a4:bd:9d:c2:1f:65:79:6f:36:63:
58:2e:09:8a:62:db:3e:23:f3:8f:9c:99:b2:e0:49:
ce:5f:f1:ad:48:5e:9e:1b:ac:fd:c8:1c:77:71:1d:
a3:29:46:ca:c3:04:b2:bc:ce:13:f8:c5:c2:54:5a:
62:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:30:B2:22:AD:DD:5F:93:2C:AB:D3:31:42:47:6D:C6:8E:62:4D:14
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/FjCyIq3dX5Msq9MxQkdtxo5iTRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.192.0/18
79.171.8.0/21
80.247.176.0/20
81.3.128.0/18
81.24.128.0/20
82.140.64.0/18
82.196.64.0/19
84.204.0.0/17
84.204.132.0-84.204.136.255
84.204.138.0-84.204.183.255
84.204.188.0-84.204.255.255
93.153.128.0/17
94.25.248.0/21
95.137.0.0/17
109.124.64.0/18
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.144.224.0/19
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.119.160.0/19
213.172.0.0/19
213.182.160.0/19
217.195.64.0/19
Signature Algorithm: sha256WithRSAEncryption
95:00:a2:d0:60:59:a0:33:56:1f:5c:95:ad:96:7b:83:a7:9a:
9f:51:e8:f0:a9:ea:48:07:d5:a3:c8:5b:d1:67:14:55:c6:76:
8c:35:c2:c5:bd:1f:fd:0f:d2:64:7c:02:98:b7:80:09:12:19:
9d:c4:77:5f:8d:23:cd:50:e1:d6:44:a7:31:68:63:4c:c9:6f:
d9:03:28:6c:b3:9c:97:3d:b7:64:d6:bb:92:63:8d:cb:19:2a:
85:91:11:2b:00:57:1d:d3:22:9c:b4:43:c4:43:4c:4f:b4:66:
bb:6c:6f:11:0e:c1:51:37:62:71:81:6a:ba:5d:e4:f7:be:1f:
ee:0b:94:cb:e6:d9:95:94:23:40:08:69:9b:9c:ec:4e:b4:25:
7e:0b:04:9d:ef:9c:36:1c:ce:a4:e4:ea:d4:78:c3:3c:91:9d:
b3:3b:25:7a:0f:6f:2f:1d:f8:dc:2e:8d:bc:3c:65:ac:b7:f2:
0e:a3:8a:3a:2b:a6:37:b9:72:97:fc:b9:d1:aa:65:4a:e5:55:
ff:2b:a1:f7:94:30:b1:07:09:a1:bf:87:f3:c6:e1:c4:11:93:
a9:88:74:de:36:07:35:45:6b:e4:1f:0c:14:01:fd:70:85:f4:
fd:07:1c:44:3b:03:90:43:4c:47:4c:46:60:8a:f4:73:82:53:
30:01:03:df
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAYUFkQuL3jtGap0mhLGHH/mUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkwMTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjMwYjIyMmFkZGQ1ZjkzMmNhYmQzMzE0MjQ3NmRjNjhlNjI0ZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrhBPFMHkoJDHaSe1Q3rS0uEcR0v
uQrmcDXQZK0fWz3MkGaz+lDJQPZodZzF0AefAS+Rt7TsBmOGJaDLCp7UA2+iyZeN
X4KS+o7UjD7CmVh0OpRD6lIAiunw5TLduIxZCO2/8+R6yPVNMk701KL1FkQbZzZ0
A7Y31vBjM7TAw3S1aZnSGlBErN4lzTyNnVVbEJWapMNvASeOvphJZJ86fmg9hSMl
eGJhXtvf7iP60et1ILTtcuIX8cvZm1vefYs3E+NnLMYzh6S9ncIfZXlvNmNYLgmK
Yts+I/OPnJmy4EnOX/GtSF6eG6z9yBx3cR2jKUbKwwSyvM4T+MXCVFpiNwIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFBYwsiKt3V+TLKvTMUJHbcaOYk0UMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvRmpDeUlxM2RYNU1zcTlNeFFrZHR4bzVpVFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQDBAYu
L8ADBANPqwgDBARQ97ADBAZRA4ADBARRGIADBAZSjEADBAVSxEADBAdUzAAwDAME
AlTMhAMEAFTMiDAMAwQBVMyKAwQDVMywMAsDBAJUzLwDAwBUzAMEB12ZgAMEA14Z
+AMEB1+JAAMEBm18QAMDALyiAwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQFw5Dg
AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1HegAwQF1awAAwQF1bagAwQF2cNA
MA0GCSqGSIb3DQEBCwUAA4IBAQCVAKLQYFmgM1YfXJWtlnuDp5qfUejwqepIB9Wj
yFvRZxRVxnaMNcLFvR/9D9JkfAKYt4AJEhmdxHdfjSPNUOHWRKcxaGNMyW/ZAyhs
s5yXPbdk1ruSY43LGSqFkRErAFcd0yKctEPEQ0xPtGa7bG8RDsFRN2JxgWq6XeT3
vh/uC5TL5tmVlCNACGmbnOxOtCV+CwSd75w2HM6k5OrUeMM8kZ2zOyV6D28vHfjc
Lo28PGWst/IOo4o6K6Y3uXKX/LnRqmVK5VX/K6H3lDCxBwmhv4fzxuHEEZOpiHTe
Ngc1RWvkHwwUAf1whfT9BxxEOwOQQ0xHTEZgivRzglMwAQPf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:41 2025 by rpki-client