Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Gt9M1imYIphAvcncCrCi0ATPPew.roa
File: Gt9M1imYIphAvcncCrCi0ATPPew.roa (raw, json)
Hash identifier: +aIx30RmUJhso6a3nd0oQb6jfe0NUbTHPvcQ3skyzC4=
Subject key identifier: 1A:DF:4C:D6:29:98:22:98:40:BD:C9:DC:0A:B0:A2:D0:04:CF:3D:EC
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184E23BF067FA1BA850B4A68A2C95141737
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Gt9M1imYIphAvcncCrCi0ATPPew.roa
Signing time: Mon 05 Dec 2022 12:21:29 +0000
ROA not before: Mon 05 Dec 2022 12:21:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24866
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
185.210.140.0/22 maxlen: 24
178.176.227.0/24 maxlen: 24
212.119.160.0/19 maxlen: 24
178.176.229.0/24 maxlen: 24
178.176.228.0/24 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:3b:f0:67:fa:1b:a8:50:b4:a6:8a:2c:95:14:17:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 5 12:21:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1adf4cd62998229840bdc9dc0ab0a2d004cf3dec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9e:db:95:b4:b4:73:27:32:8e:1e:a8:15:e5:
2c:86:d7:61:55:8a:25:58:2e:f7:1c:5e:9f:e9:b6:
f6:65:ee:03:d3:97:7c:7b:dd:58:d9:df:f4:47:49:
0f:b2:c5:3d:ef:a0:e9:e5:67:91:76:d3:bd:09:69:
7d:23:96:38:c1:66:d0:71:68:97:8b:9b:ba:3c:fc:
0c:b9:74:96:1b:f2:05:14:1c:5b:f7:fe:bb:eb:c9:
8e:24:25:8d:5f:d3:24:8a:74:9c:c2:e5:0f:79:25:
78:a6:d0:c6:8b:c1:43:16:87:74:66:70:80:f4:6b:
01:1f:8e:79:01:a6:8c:29:3e:93:a1:44:2e:d7:3c:
c0:35:66:e8:8a:80:67:f5:5f:eb:e3:46:a0:8a:73:
96:79:b8:bb:b5:e2:51:56:30:9f:af:c0:95:d7:64:
9c:26:65:f2:3d:9e:09:6d:0f:98:1a:93:af:8f:43:
55:63:ad:08:a5:09:cd:01:fe:f1:1f:f8:df:e8:75:
3b:a1:47:52:71:2d:4d:7e:ff:0c:da:be:2e:22:05:
34:01:d0:63:c9:9b:5e:2e:80:ad:2b:5e:9b:76:c2:
06:b0:c0:3e:6d:11:47:d2:6f:6a:29:79:6b:6e:74:
37:fc:ea:b8:40:6a:17:9c:d4:4f:93:76:6f:21:70:
59:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:DF:4C:D6:29:98:22:98:40:BD:C9:DC:0A:B0:A2:D0:04:CF:3D:EC
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Gt9M1imYIphAvcncCrCi0ATPPew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.227.0-178.176.229.255
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
72:b4:4a:2d:6e:30:f3:0b:95:d7:56:6f:11:f1:a4:53:14:46:
ff:64:b6:20:73:7f:27:4c:9d:5a:04:81:75:04:31:46:6a:e1:
9c:dc:46:72:fb:03:4c:09:8b:44:40:86:43:91:7d:9e:06:97:
ca:60:28:3e:3e:eb:c3:b8:ae:34:12:fe:73:97:b4:ef:26:67:
3c:aa:79:e8:f9:83:6e:dd:d8:a4:64:96:86:cc:b2:38:bd:62:
48:78:23:7a:3e:77:0c:e7:dd:05:12:41:d8:fd:4a:55:aa:4f:
b8:bf:64:9f:05:6e:45:74:a5:dd:90:4f:37:98:8a:44:e5:f6:
98:24:b8:46:68:d0:64:39:76:f7:d2:bf:de:b9:13:68:d7:c1:
53:bf:24:7f:dd:95:31:b3:13:26:81:e2:43:55:56:72:94:e0:
6e:02:34:a0:4b:db:da:be:72:36:fb:5b:0e:17:69:ec:0a:b2:
dd:1a:b9:56:bb:f0:fd:06:5b:3b:ad:59:ec:99:ff:c6:ee:e4:
0d:3e:be:c9:4f:af:c2:92:9f:41:e9:06:ec:b3:80:15:98:1f:
51:5f:a4:06:0d:23:03:c3:84:12:69:37:3b:a2:d3:87:67:7b:
66:98:99:e4:96:ab:9e:85:ab:82:4c:6d:f8:91:a1:cd:76:3c:
a7:b1:80:7b
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAYTiO/Bn+huoULSmiiyVFBc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA1MTIyMTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWRmNGNkNjI5OTgyMjk4NDBiZGM5ZGMwYWIwYTJkMDA0Y2YzZGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJ7blbS0cycyjh6oFeUshtdhVYol
WC73HF6f6bb2Ze4D05d8e91Y2d/0R0kPssU976Dp5WeRdtO9CWl9I5Y4wWbQcWiX
i5u6PPwMuXSWG/IFFBxb9/6768mOJCWNX9MkinScwuUPeSV4ptDGi8FDFod0ZnCA
9GsBH455AaaMKT6ToUQu1zzANWboioBn9V/r40aginOWebi7teJRVjCfr8CV12Sc
JmXyPZ4JbQ+YGpOvj0NVY60IpQnNAf7xH/jf6HU7oUdScS1Nfv8M2r4uIgU0AdBj
yZteLoCtK16bdsIGsMA+bRFH0m9qKXlrbnQ3/Oq4QGoXnNRPk3ZvIXBZ3QIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFBrfTNYpmCKYQL3J3AqwotAEzz3sMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvR3Q5TTFpbVlJcGhBdmNuY0NyQ2kwQVRQUGV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwDBAZT
qcADBAVT3sADBAdT5YADBAdVGoADBAVWbcADBAJbwdQDBAddmYADBAdeGYADBAdf
iQADBARtSnADBAZtfEADAwBtvAMEBoDMQAMEA7IXkDAMAwQAsrDjAwQBsrDkAwQC
uQMgAwQCudKMAwQDvF6oAwMAvKIDBALByeQDBAXDBYADBAXDEGADBAHDTnQDBADD
lW8DBAXD5kADBAXUDqADBAXULEADBAXURWADBAXUd6ADBAXVmqADBAXVqCADBAbV
80ADBATZc1AwDQYJKoZIhvcNAQELBQADggEBAHK0Si1uMPMLlddWbxHxpFMURv9k
tiBzfydMnVoEgXUEMUZq4ZzcRnL7A0wJi0RAhkORfZ4Gl8pgKD4+68O4rjQS/nOX
tO8mZzyqeej5g27d2KRklobMsji9Ykh4I3o+dwzn3QUSQdj9SlWqT7i/ZJ8FbkV0
pd2QTzeYikTl9pgkuEZo0GQ5dvfSv965E2jXwVO/JH/dlTGzEyaB4kNVVnKU4G4C
NKBL29q+cjb7Ww4XaewKst0auVa78P0GWzutWeyZ/8bu5A0+vslPr8KSn0HpBuyz
gBWYH1FfpAYNIwPDhBJpNzui04dne2aYmeSWq56Fq4JMbfiRoc12PKexgHs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org