Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/HrDVVLX77UcaNH8PXjloqkXPVs8.roa
File: HrDVVLX77UcaNH8PXjloqkXPVs8.roa (raw, json)
Hash identifier: gIq7lu1U3NkUHuJLgq1O/NirCKfSDaAS3HF6KMkeCow=
Subject key identifier: 1E:B0:D5:54:B5:FB:ED:47:1A:34:7F:0F:5E:39:68:AA:45:CF:56:CF
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F176C50D44011B911EDD0CAEB77F0F56
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/HrDVVLX77UcaNH8PXjloqkXPVs8.roa
Signing time: Thu 08 Dec 2022 11:20:03 +0000
ROA not before: Thu 08 Dec 2022 11:20:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42891
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
91.193.212.0/22 maxlen: 22
193.201.228.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
178.23.144.0/21 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:76:c5:0d:44:01:1b:91:1e:dd:0c:ae:b7:7f:0f:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 11:20:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1eb0d554b5fbed471a347f0f5e3968aa45cf56cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:53:0f:5b:50:61:86:d1:fc:58:6d:aa:c1:06:
1a:b3:de:e6:42:7b:15:a9:6f:1a:46:10:e2:e7:45:
1f:b7:63:f0:4a:20:02:0e:93:00:d9:38:37:4d:20:
40:6c:a7:76:47:56:e9:1b:47:eb:fa:3a:13:c4:45:
d8:8b:b0:4d:4b:e0:0a:ad:4a:42:f1:ba:47:66:23:
64:9b:16:fd:ae:bd:45:f6:dd:9e:00:70:55:c4:9e:
6b:f0:4e:62:de:0f:29:05:23:e6:84:a0:84:fd:fa:
d5:20:64:92:a7:ec:85:29:eb:f8:14:e4:f3:ea:6e:
fe:c4:58:5a:15:bf:34:ba:11:bd:41:65:15:9a:60:
ef:f7:a6:bf:fa:50:4b:48:48:4d:74:95:b8:ae:d5:
33:e9:55:74:1c:24:a1:32:b3:8f:c0:47:db:4b:2d:
d3:01:be:9c:af:f8:61:21:2a:50:b1:e5:ec:3b:e8:
a5:be:e5:14:93:84:db:30:be:80:19:e9:9c:bc:6a:
fa:31:09:89:78:19:a1:6e:8b:00:04:c7:f9:5e:7c:
a4:ec:b7:37:dd:e2:86:8e:e0:e4:40:73:fe:50:0d:
fa:39:40:0d:2b:10:de:6f:29:82:d6:f9:d8:16:f5:
a6:80:ab:ff:52:3d:5b:d4:e6:64:13:a0:32:d9:11:
07:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B0:D5:54:B5:FB:ED:47:1A:34:7F:0F:5E:39:68:AA:45:CF:56:CF
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/HrDVVLX77UcaNH8PXjloqkXPVs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.212.0/22
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
2a:0f:bc:bb:17:62:c9:9e:2c:1e:54:0e:6a:94:63:e2:9e:8e:
b7:1b:42:33:72:34:46:c5:ed:74:b0:7e:3c:63:95:d0:a5:cf:
ed:65:7b:bf:2f:8d:90:30:6f:5c:c5:bf:3c:f3:34:8a:37:8f:
a5:ce:79:df:58:50:aa:f6:b7:b0:c7:49:d1:10:57:64:8e:86:
ae:d3:35:bd:fb:95:8d:e1:76:9c:f3:f6:37:db:40:09:88:2e:
35:53:7e:fe:89:06:cc:b3:d0:ef:a7:0f:f8:16:c4:5f:e6:fd:
16:d7:ad:1d:90:58:45:7f:00:16:0e:95:ed:97:53:5f:b7:f6:
fb:76:3b:58:7c:02:d5:9e:65:66:99:9a:9c:74:c8:8c:b7:ea:
f1:e0:ca:0a:c1:fd:3d:01:38:f4:2f:87:b0:f6:74:50:72:6f:
8a:da:b4:0b:a4:41:34:83:b9:87:e3:99:3e:05:50:b0:3e:8a:
68:0a:cb:d9:4e:6f:6e:3b:09:68:df:e4:5f:b6:1a:2e:3a:9a:
6d:d0:3a:78:15:14:39:40:e2:e9:a9:d4:97:8e:44:8d:a3:c1:
22:5e:c9:87:6b:aa:92:95:a2:4e:a1:fa:51:38:bc:81:9e:22:
f7:28:4e:f5:9c:59:c5:33:be:86:b0:ce:02:73:ff:1e:54:27:
ae:4b:54:80
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYTxdsUNRAEbkR7dDK63fw9WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTEyMDAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWIwZDU1NGI1ZmJlZDQ3MWEzNDdmMGY1ZTM5NjhhYTQ1Y2Y1NmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFMPW1BhhtH8WG2qwQYas97mQnsV
qW8aRhDi50Uft2PwSiACDpMA2Tg3TSBAbKd2R1bpG0fr+joTxEXYi7BNS+AKrUpC
8bpHZiNkmxb9rr1F9t2eAHBVxJ5r8E5i3g8pBSPmhKCE/frVIGSSp+yFKev4FOTz
6m7+xFhaFb80uhG9QWUVmmDv96a/+lBLSEhNdJW4rtUz6VV0HCShMrOPwEfbSy3T
Ab6cr/hhISpQseXsO+ilvuUUk4TbML6AGemcvGr6MQmJeBmhbosABMf5Xnyk7Lc3
3eKGjuDkQHP+UA36OUANKxDebymC1vnYFvWmgKv/Uj1b1OZkE6Ay2REHdQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFB6w1VS1++1HGjR/D145aKpFz1bPMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvSHJEVlZMWDc3VWNhTkg4UFhqbG9xa1hQVnM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAJb
wdQDAwBtvAMEBoDMQAMEA7IXkAMEArkDIAMEArnSjAMEA7xeqAMDALyiAwQCwcnk
AwQFwwWAAwQFwxBgAwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVg
AwQF1HegAwQF1ZqgAwQF1aggAwQG1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IB
AQAqD7y7F2LJniweVA5qlGPino63G0IzcjRGxe10sH48Y5XQpc/tZXu/L42QMG9c
xb888zSKN4+lznnfWFCq9rewx0nREFdkjoau0zW9+5WN4Xac8/Y320AJiC41U37+
iQbMs9Dvpw/4FsRf5v0W160dkFhFfwAWDpXtl1Nft/b7djtYfALVnmVmmZqcdMiM
t+rx4MoKwf09ATj0L4ew9nRQcm+K2rQLpEE0g7mH45k+BVCwPopoCsvZTm9uOwlo
3+RfthouOppt0Dp4FRQ5QOLpqdSXjkSNo8EiXsmHa6qSlaJOofpROLyBniL3KE71
nFnFM76GsM4Cc/8eVCeuS1SA
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:41:17 2025 by rpki-client