Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/IB_9pFfrIzOEfPlYrOtv129qj5w.roa
File: IB_9pFfrIzOEfPlYrOtv129qj5w.roa (raw, json)
Hash identifier: WaVGoKBQDSTyWWNBWugcfIE0cXhXaUDdO12rvI5kpvE=
Subject key identifier: 20:1F:FD:A4:57:EB:23:33:84:7C:F9:58:AC:EB:6F:D7:6F:6A:8F:9C
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01841D94585956C81FAA9A015C1086F9175E
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/IB_9pFfrIzOEfPlYrOtv129qj5w.roa
Signing time: Fri 28 Oct 2022 07:52:51 +0000
ROA not before: Fri 28 Oct 2022 07:52:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31205
IP address blocks: 109.188.0.0/16 maxlen: 24
46.29.192.0/21 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
37.29.0.0/17 maxlen: 24
78.25.64.0/18 maxlen: 24
37.28.160.0/19 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
178.176.240.0/22 maxlen: 22
178.176.244.0/22 maxlen: 22
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
31.173.240.0/23 maxlen: 23
195.5.128.0/19 maxlen: 24
31.173.242.0/23 maxlen: 23
128.204.64.0/18 maxlen: 24
31.173.244.0/22 maxlen: 22
95.137.0.0/17 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
81.24.128.0/20 maxlen: 24
83.149.50.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
83.149.49.0/24 maxlen: 24
78.41.100.0/22 maxlen: 24
83.149.48.0/24 maxlen: 24
83.149.51.0/24 maxlen: 24
178.176.48.0/24 maxlen: 24
83.169.192.0/18 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
188.94.168.0/21 maxlen: 24
46.232.200.0/21 maxlen: 24
62.64.0.0/19 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
212.44.64.0/19 maxlen: 24
46.229.128.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1d:94:58:59:56:c8:1f:aa:9a:01:5c:10:86:f9:17:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 28 07:52:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=201ffda457eb2333847cf958aceb6fd76f6a8f9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:aa:88:a9:95:f7:02:00:79:78:b2:5a:26:67:
65:53:9b:66:e8:3f:31:e0:44:ca:6e:c6:da:50:31:
1e:7b:df:7e:a1:d2:95:0a:37:59:a1:d6:0b:f6:f2:
0b:25:bf:a6:db:1c:d8:b9:2e:aa:d1:98:d8:10:3e:
e6:42:df:2d:76:34:4c:8d:ab:ff:65:b5:30:4f:05:
2a:86:2b:2f:9c:ea:61:2c:3a:36:04:41:83:83:4d:
4a:2d:2c:28:66:a9:f7:a8:ab:69:4b:4c:98:15:e9:
db:98:87:73:a1:7b:18:ef:4e:8c:b8:c2:6b:0a:69:
e8:a0:60:0d:be:9e:3d:2c:a4:be:40:29:c2:54:ee:
5c:15:29:2d:3f:87:d5:b3:70:e2:13:32:e0:2b:2e:
32:72:62:4a:b8:69:1b:80:41:b8:5d:e7:62:db:f0:
a2:dc:e6:75:80:e6:4a:d4:e6:82:f4:8d:01:7d:a4:
59:a2:71:78:a2:2c:d0:54:36:23:1b:ae:e4:82:a2:
0c:78:4b:c5:06:2f:f0:03:c8:5d:7d:a0:5e:94:0e:
6e:bc:86:d0:eb:33:c9:52:fc:59:18:ef:3f:80:f7:
32:79:8e:07:02:4d:04:4a:0c:12:4c:76:23:f1:d8:
3d:b3:e0:91:f4:9c:b9:e1:bc:ea:a3:13:2a:73:25:
11:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:1F:FD:A4:57:EB:23:33:84:7C:F9:58:AC:EB:6F:D7:6F:6A:8F:9C
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/IB_9pFfrIzOEfPlYrOtv129qj5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.240.0/21
37.28.160.0/19
37.29.0.0/17
46.29.192.0/21
46.229.128.0/20
46.232.200.0/21
62.64.0.0/19
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.149.48.0/22
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.48.0/24
178.176.240.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
0a:2e:a6:fd:0f:57:39:4a:c6:81:52:6a:82:ed:c3:61:95:11:
ce:8c:ba:d4:1c:1f:15:de:b7:15:2a:20:dd:85:41:6e:fb:22:
6c:c3:8d:66:ca:42:98:dd:48:33:33:eb:1f:c2:f2:8c:3c:21:
4a:45:d2:8d:15:b9:24:02:40:76:59:7b:f1:a0:9e:3b:9a:58:
04:b0:88:5b:62:2d:cf:00:76:e2:b9:69:e2:97:74:9c:ef:2b:
ea:09:55:90:0e:ea:dd:9e:99:80:8a:8b:fa:5e:94:9b:df:bc:
fb:d9:57:d6:57:cc:42:fd:49:44:e7:4c:c2:72:ea:cd:92:d0:
17:2f:39:24:fd:bb:c7:44:cd:94:a3:a1:be:86:e4:0d:1b:33:
74:ef:79:ab:aa:9d:e2:36:f0:a9:89:b9:2c:f6:da:17:78:24:
89:34:d2:08:59:f4:07:df:e7:31:8b:bc:5b:2e:5d:ef:50:be:
5d:e7:e5:eb:61:de:1d:b4:fb:bf:75:c8:40:a1:56:1d:bc:88:
74:09:60:13:2d:e5:b4:ab:35:a2:9c:a0:14:64:e7:49:44:06:
a2:b3:4c:15:83:ed:e2:95:72:3c:16:33:09:1d:b3:a5:f5:86:
f6:13:0c:45:a4:98:6d:1d:32:06:12:0c:99:7c:93:bd:38:ad:
ad:8d:e6:cd
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgISAYQdlFhZVsgfqpoBXBCG+RdeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMDI4MDc1MjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDFmZmRhNDU3ZWIyMzMzODQ3Y2Y5NThhY2ViNmZkNzZmNmE4ZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qqIqZX3AgB5eLJaJmdlU5tm6D8x
4ETKbsbaUDEee99+odKVCjdZodYL9vILJb+m2xzYuS6q0ZjYED7mQt8tdjRMjav/
ZbUwTwUqhisvnOphLDo2BEGDg01KLSwoZqn3qKtpS0yYFenbmIdzoXsY706MuMJr
CmnooGANvp49LKS+QCnCVO5cFSktP4fVs3DiEzLgKy4ycmJKuGkbgEG4Xedi2/Ci
3OZ1gOZK1OaC9I0BfaRZonF4oizQVDYjG67kgqIMeEvFBi/wA8hdfaBelA5uvIbQ
6zPJUvxZGO8/gPcyeY4HAk0ESgwSTHYj8dg9s+CR9Jy54bzqoxMqcyURPQIDAQAB
o4IDKzCCAycwHQYDVR0OBBYEFCAf/aRX6yMzhHz5WKzrb9dvao+cMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvSUJfOXBGZnJJek9FZlBsWXJPdHYxMjlxajV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPwYIKwYBBQUHAQcBAf8EggEuMIIBKjCCASYEAgABMIIB
HgMEAx+t8AMEBSUcoAMEByUdAAMEAy4dwAMEBC7lgAMEAy7oyAMEBT5AAAMEBU3p
oAMEBk4ZQAMEAk4pZAMEA0+rCAMEBFD3sAMEBFEYgAMEAlOVMAMEBlOpwAMEBVPe
wAMEB1PlgAMEB1UagAMEBVZtwAMEAlvB1AMEB12ZgAMEB14ZgAMEB1+JAAMEBG1K
cAMEBm18QAMDAG28AwQGgMxAAwQDsheQAwQAsrAwAwQDsrDwAwQCuQMgAwQCudKM
AwQDvF6oAwMAvKIDBALByeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kAD
BAXUDqADBAXULEADBAXURWADBAXUd6ADBAXVmqADBAXVqCADBAbV80ADBATZc1Aw
DQYJKoZIhvcNAQELBQADggEBAAoupv0PVzlKxoFSaoLtw2GVEc6MutQcHxXetxUq
IN2FQW77ImzDjWbKQpjdSDMz6x/C8ow8IUpF0o0VuSQCQHZZe/GgnjuaWASwiFti
Lc8AduK5aeKXdJzvK+oJVZAO6t2emYCKi/pelJvfvPvZV9ZXzEL9SUTnTMJy6s2S
0BcvOST9u8dEzZSjob6G5A0bM3TveauqneI28KmJuSz22hd4JIk00ghZ9Aff5zGL
vFsuXe9Qvl3n5eth3h20+791yEChVh28iHQJYBMt5bSrNaKcoBRk50lEBqKzTBWD
7eKVcjwWMwkds6X1hvYTDEWkmG0dMgYSDJl8k704ra2N5s0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:34 2024 by rpki-client on console-ams.rpki-client.org