Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/IivKkp0-CBnCrEClgmZRalk8kfw.roa
File: IivKkp0-CBnCrEClgmZRalk8kfw.roa (raw, json)
Hash identifier: 5WfC1yOC6XtRgJXZfJwPVXNDayrfc7Jn2xpquJ5rnCo=
Subject key identifier: 22:2B:CA:92:9D:3E:08:19:C2:AC:40:A5:82:66:51:6A:59:3C:91:FC
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01850561575F3AA83882668EEB266F6D2A57
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/IivKkp0-CBnCrEClgmZRalk8kfw.roa
Signing time: Mon 12 Dec 2022 08:09:03 +0000
ROA not before: Mon 12 Dec 2022 08:09:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31268
IP address blocks: 193.201.228.0/22 maxlen: 24
212.14.160.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
212.119.160.0/19 maxlen: 24
213.154.160.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:61:57:5f:3a:a8:38:82:66:8e:eb:26:6f:6d:2a:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 08:09:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=222bca929d3e0819c2ac40a58266516a593c91fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:48:1c:dd:63:d9:a1:a8:f5:2c:f2:73:c6:24:
95:f7:09:ec:01:57:6b:92:05:1d:06:b6:48:98:32:
19:cd:73:61:21:9e:4a:9a:4a:c1:92:f3:c5:a4:9f:
9a:b3:ea:ac:11:5b:7d:49:65:1a:7d:56:0f:27:ee:
53:96:76:71:2c:a9:67:c8:3f:05:c4:6f:51:30:28:
1b:60:7a:3d:ee:b4:92:84:27:8f:5a:65:6f:4f:16:
06:26:5c:88:ad:5b:7f:8d:c1:41:68:85:5b:04:9f:
2f:c5:ca:73:0b:2d:93:65:34:91:d9:9a:eb:c2:ed:
c7:68:cc:38:38:a9:7d:e2:d4:26:c2:24:87:40:a7:
ff:ce:86:95:18:89:ca:a2:cd:03:c8:e0:74:8f:ac:
97:91:ea:f2:d2:53:29:fe:d2:81:43:ba:15:a2:78:
d5:23:a9:8a:50:a5:c4:c2:9b:13:6d:3f:36:1b:bf:
7e:fd:83:b8:2d:94:bf:8c:fd:a2:96:9a:52:18:46:
95:4f:16:5f:bf:00:64:f7:7e:40:04:44:e1:d2:ce:
a5:0b:07:72:af:79:66:2c:4e:a5:b0:12:b5:15:83:
08:78:4a:78:f0:62:0b:56:ab:14:72:91:4c:4b:42:
f9:82:89:11:c4:a8:7c:8a:a9:ba:1f:5b:df:ae:54:
a6:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:2B:CA:92:9D:3E:08:19:C2:AC:40:A5:82:66:51:6A:59:3C:91:FC
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/IivKkp0-CBnCrEClgmZRalk8kfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
Signature Algorithm: sha256WithRSAEncryption
83:91:43:a9:6f:89:d4:3c:50:02:d4:86:74:ac:51:e2:17:cb:
04:5d:c7:f9:31:32:73:c8:56:b7:73:a7:83:c4:61:ff:15:ad:
ee:9c:3d:ba:1b:38:f7:f3:1c:20:e0:3f:13:3a:ac:30:22:5b:
04:75:47:28:59:c2:1a:64:89:b2:1d:0e:43:e8:f3:e8:ec:72:
5a:46:be:17:2e:86:7a:56:d2:d7:c7:bc:c7:f7:ab:81:00:f1:
01:7f:9a:e7:3a:b0:29:93:27:e6:0e:19:f0:1f:f4:0c:d2:1e:
b7:07:7c:b3:b3:7e:07:46:8f:4c:11:a1:06:b2:5f:37:82:54:
76:5c:5a:4e:72:55:92:87:66:c5:54:fc:e2:ed:4f:9b:b3:bc:
89:e4:91:8a:d7:78:f9:a8:9b:b3:4c:89:5d:d4:15:6e:d7:ce:
23:3a:71:24:53:b7:9a:0c:a4:d7:58:5a:78:9a:34:36:90:56:
49:50:be:3d:52:1f:f7:31:ab:ca:12:ed:f0:6d:b8:3d:5c:6c:
d1:f3:09:ff:29:59:e5:a2:87:1c:9b:e6:5e:9f:45:9e:ba:f5:
b5:3c:19:f0:6c:5e:d3:5e:8c:7b:7b:1a:e2:7a:a6:08:a6:e4:
e5:21:85:1b:8b:d8:60:25:d9:f6:53:5b:27:e0:f0:0e:e0:f0:
d3:4a:05:62
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYUFYVdfOqg4gmaO6yZvbSpXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDgwOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjJiY2E5MjlkM2UwODE5YzJhYzQwYTU4MjY2NTE2YTU5M2M5MWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEgc3WPZoaj1LPJzxiSV9wnsAVdr
kgUdBrZImDIZzXNhIZ5KmkrBkvPFpJ+as+qsEVt9SWUafVYPJ+5TlnZxLKlnyD8F
xG9RMCgbYHo97rSShCePWmVvTxYGJlyIrVt/jcFBaIVbBJ8vxcpzCy2TZTSR2Zrr
wu3HaMw4OKl94tQmwiSHQKf/zoaVGInKos0DyOB0j6yXkery0lMp/tKBQ7oVonjV
I6mKUKXEwpsTbT82G79+/YO4LZS/jP2ilppSGEaVTxZfvwBk935ABETh0s6lCwdy
r3lmLE6lsBK1FYMIeEp48GILVqsUcpFMS0L5gokRxKh8iqm6H1vfrlSmXwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCIrypKdPggZwqxApYJmUWpZPJH8MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvSWl2S2twMC1DQm5DckVDbGdtWlJhbGs4a2Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzBNBAIAATBHAwMAvKIDBALB
yeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXU
RWADBAXUd6ADBAXVmqAwDQYJKoZIhvcNAQELBQADggEBAIORQ6lvidQ8UALUhnSs
UeIXywRdx/kxMnPIVrdzp4PEYf8Vre6cPbobOPfzHCDgPxM6rDAiWwR1RyhZwhpk
ibIdDkPo8+jsclpGvhcuhnpW0tfHvMf3q4EA8QF/muc6sCmTJ+YOGfAf9AzSHrcH
fLOzfgdGj0wRoQayXzeCVHZcWk5yVZKHZsVU/OLtT5uzvInkkYrXePmom7NMiV3U
FW7XziM6cSRTt5oMpNdYWniaNDaQVklQvj1SH/cxq8oS7fBtuD1cbNHzCf8pWeWi
hxyb5l6fRZ669bU8GfBsXtNejHt7GuJ6pgim5OUhhRuL2GAl2fZTWyfg8A7g8NNK
BWI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:47 2025 by rpki-client