Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/L1vtTzDmjDKzEnOoNhg-k-1nGx0.roa
File: L1vtTzDmjDKzEnOoNhg-k-1nGx0.roa (raw, json)
Hash identifier: xTuDhsZ2hqp912AwVDKfSNiVfMT+1i0TlwhRBquze6g=
Subject key identifier: 2F:5B:ED:4F:30:E6:8C:32:B3:12:73:A8:36:18:3E:93:ED:67:1B:1D
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185053F6F486B45C2418363A4298F849C62
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/L1vtTzDmjDKzEnOoNhg-k-1nGx0.roa
Signing time: Mon 12 Dec 2022 07:32:01 +0000
ROA not before: Mon 12 Dec 2022 07:32:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20632
IP address blocks: 84.204.230.0/24 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
84.204.160.0/20 maxlen: 20
82.196.64.0/19 maxlen: 19
84.204.176.0/21 maxlen: 21
81.24.128.0/20 maxlen: 20
79.171.8.0/21 maxlen: 21
84.204.188.0/22 maxlen: 22
84.204.192.0/18 maxlen: 18
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
109.124.108.0/22 maxlen: 22
217.195.64.0/19 maxlen: 19
109.124.64.0/18 maxlen: 18
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
213.172.0.0/19 maxlen: 19
84.204.0.0/17 maxlen: 17
93.153.128.0/17 maxlen: 17
93.153.144.0/21 maxlen: 21
212.69.96.0/19 maxlen: 24
93.153.158.0/24 maxlen: 24
188.162.0.0/16 maxlen: 24
93.153.162.0/24 maxlen: 24
93.153.161.0/24 maxlen: 24
195.144.224.0/19 maxlen: 19
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 20
81.3.128.0/18 maxlen: 18
84.204.132.0/22 maxlen: 22
94.25.248.0/21 maxlen: 21
84.204.139.0/24 maxlen: 24
84.204.138.0/24 maxlen: 24
213.182.160.0/19 maxlen: 19
84.204.136.0/24 maxlen: 24
84.204.140.0/22 maxlen: 22
84.204.144.0/20 maxlen: 20
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
82.140.64.0/18 maxlen: 18
82.140.93.0/24 maxlen: 24
95.137.0.0/17 maxlen: 17
46.47.192.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:3f:6f:48:6b:45:c2:41:83:63:a4:29:8f:84:9c:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 07:32:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f5bed4f30e68c32b31273a836183e93ed671b1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:76:95:a8:63:be:d8:9a:95:6f:b5:e2:49:e7:
0f:8a:7a:6d:b6:9b:d7:cf:50:df:ea:9c:ff:2f:06:
bc:2a:17:cd:55:47:74:68:11:f0:40:23:61:f3:cc:
98:2e:c0:be:93:55:d4:25:6b:c0:ee:cc:6a:c7:cb:
c6:55:1b:71:fe:92:09:7d:9e:a0:b6:24:4b:5b:6e:
04:b9:a8:fe:34:7e:11:bc:b5:a6:c8:de:ca:53:0a:
44:66:ba:14:a9:49:58:45:66:24:c9:f4:f8:b6:cd:
ec:9d:dd:8b:99:38:21:eb:10:6d:ba:c7:2f:21:b9:
b2:0e:e8:8f:4d:98:59:39:ca:38:82:f5:72:70:06:
aa:40:32:e7:17:03:1c:1f:e6:6b:79:d9:75:d3:e4:
84:92:15:66:c4:ba:58:91:03:78:3f:9a:bd:9b:f5:
b3:fb:98:44:23:1c:80:fb:8b:ed:6f:1e:be:7d:d1:
09:b8:86:14:5b:82:1d:b6:a4:33:2e:a1:e4:db:ea:
d6:9d:0a:d2:4f:dd:f6:cc:d9:f9:84:39:85:83:82:
b9:46:af:0c:f1:97:ec:65:2e:a8:de:0b:72:f5:e8:
ea:0c:c7:7c:19:97:27:91:52:00:3f:d7:3e:19:67:
a3:5d:b1:e0:a6:dc:c2:cd:cb:b4:91:c2:ae:b3:a8:
66:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:5B:ED:4F:30:E6:8C:32:B3:12:73:A8:36:18:3E:93:ED:67:1B:1D
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/L1vtTzDmjDKzEnOoNhg-k-1nGx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.192.0/18
79.171.8.0/21
80.247.176.0/20
81.3.128.0/18
81.24.128.0/20
82.140.64.0/18
82.196.64.0/19
84.204.0.0/17
84.204.132.0-84.204.136.255
84.204.138.0-84.204.183.255
84.204.188.0-84.204.255.255
93.153.128.0/17
94.25.248.0/21
95.137.0.0/17
109.124.64.0/18
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.144.224.0/19
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.172.0.0/19
213.182.160.0/19
217.195.64.0/19
Signature Algorithm: sha256WithRSAEncryption
1b:37:27:9a:37:80:f0:3e:7a:62:63:04:d4:39:26:83:ec:b2:
6b:0c:da:9a:c5:12:9d:42:38:70:90:bd:ac:ef:04:97:05:ab:
76:45:15:11:12:f0:9f:dd:72:80:ce:2d:25:22:77:78:33:66:
73:94:7a:2f:ed:bd:8e:64:0e:88:9a:4f:06:b7:0f:9c:b8:37:
af:a3:0a:f0:a1:08:d6:ac:94:1a:dc:d2:39:77:53:08:a9:ca:
24:17:fd:1b:d2:b5:bb:17:64:e7:a8:b0:f6:b2:a6:2c:d2:8f:
00:5e:db:0b:85:05:49:a7:ad:5b:6b:62:5e:ef:6a:e5:1c:ca:
e2:ef:56:ef:e7:4b:a2:f1:b4:d9:72:e6:c4:37:d6:b4:2f:7c:
e5:d5:b9:f0:0f:31:6d:be:30:ed:4d:da:04:49:28:3c:38:0f:
c9:2a:e1:d8:3c:13:0a:68:5b:f0:c0:0c:f3:cb:b1:8c:f8:9f:
f0:ea:71:8c:c2:3e:cb:cb:02:bb:ff:24:ba:de:f7:34:9b:43:
55:3f:dc:2f:e6:65:b4:b0:b3:1d:ab:5c:81:d3:57:d3:dc:b7:
f4:f4:87:10:b9:78:a4:2a:48:51:fa:a2:55:b8:c3:64:11:c3:
2f:91:de:08:92:a1:e2:ad:89:32:33:c8:71:ed:d3:1b:ae:75:
45:82:9e:17
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYUFP29Ia0XCQYNjpCmPhJxiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDczMjAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjViZWQ0ZjMwZTY4YzMyYjMxMjczYTgzNjE4M2U5M2VkNjcxYjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinaVqGO+2JqVb7XiSecPinpttpvX
z1Df6pz/Lwa8KhfNVUd0aBHwQCNh88yYLsC+k1XUJWvA7sxqx8vGVRtx/pIJfZ6g
tiRLW24Euaj+NH4RvLWmyN7KUwpEZroUqUlYRWYkyfT4ts3snd2LmTgh6xBtuscv
IbmyDuiPTZhZOco4gvVycAaqQDLnFwMcH+Zredl10+SEkhVmxLpYkQN4P5q9m/Wz
+5hEIxyA+4vtbx6+fdEJuIYUW4IdtqQzLqHk2+rWnQrST932zNn5hDmFg4K5Rq8M
8ZfsZS6o3gty9ejqDMd8GZcnkVIAP9c+GWejXbHgptzCzcu0kcKus6hmsQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFC9b7U8w5owysxJzqDYYPpPtZxsdMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvTDF2dFR6RG1qREt6RW5Pb05oZy1rLTFuR3gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAYu
L8ADBANPqwgDBARQ97ADBAZRA4ADBARRGIADBAZSjEADBAVSxEADBAdUzAAwDAME
AlTMhAMEAFTMiDAMAwQBVMyKAwQDVMywMAsDBAJUzLwDAwBUzAMEB12ZgAMEA14Z
+AMEB1+JAAMEBm18QAMDALyiAwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQFw5Dg
AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1HegAwQF1ZqgAwQF1agg
AwQF1awAAwQF1bagAwQF2cNAMA0GCSqGSIb3DQEBCwUAA4IBAQAbNyeaN4DwPnpi
YwTUOSaD7LJrDNqaxRKdQjhwkL2s7wSXBat2RRUREvCf3XKAzi0lInd4M2ZzlHov
7b2OZA6Imk8Gtw+cuDevowrwoQjWrJQa3NI5d1MIqcokF/0b0rW7F2TnqLD2sqYs
0o8AXtsLhQVJp61ba2Je72rlHMri71bv50ui8bTZcubEN9a0L3zl1bnwDzFtvjDt
TdoESSg8OA/JKuHYPBMKaFvwwAzzy7GM+J/w6nGMwj7LywK7/yS63vc0m0NVP9wv
5mW0sLMdq1yB01fT3Lf09IcQuXikKkhR+qJVuMNkEcMvkd4IkqHirYkyM8hx7dMb
rnVFgp4X
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:23 2025 by rpki-client