Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/M93U1Aodb88NjfXW-ETY07gBhOM.roa
File: M93U1Aodb88NjfXW-ETY07gBhOM.roa (raw, json)
Hash identifier: SZpcwDSBlNrUvGYjPzTQqlqeSw3BIAIO0shGd0qecEQ=
Subject key identifier: 33:DD:D4:D4:0A:1D:6F:CF:0D:8D:F5:D6:F8:44:D8:D3:B8:01:84:E3
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184148931654EAB63DC1CA8B3627920DD94
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/M93U1Aodb88NjfXW-ETY07gBhOM.roa
Signing time: Wed 26 Oct 2022 13:44:06 +0000
ROA not before: Wed 26 Oct 2022 13:44:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6854
IP address blocks: 109.188.0.0/16 maxlen: 24
46.29.192.0/21 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
81.24.128.0/20 maxlen: 24
79.171.8.0/21 maxlen: 24
78.41.100.0/22 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
37.29.0.0/17 maxlen: 24
80.253.0.0/20 maxlen: 20
46.232.200.0/21 maxlen: 24
37.28.160.0/19 maxlen: 24
62.64.0.0/19 maxlen: 24
78.25.64.0/18 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
46.229.128.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:14:89:31:65:4e:ab:63:dc:1c:a8:b3:62:79:20:dd:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 26 13:44:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33ddd4d40a1d6fcf0d8df5d6f844d8d3b80184e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fb:5a:cc:09:c7:97:df:47:15:dd:23:8e:e0:
c0:3f:b9:09:e9:f7:0d:2d:ad:21:4c:08:64:c6:cb:
41:fb:fe:01:9b:0a:16:8e:63:b7:f0:7e:ed:67:19:
fa:aa:bd:45:3a:b3:0a:ef:40:92:61:6e:b3:9e:af:
97:ef:cc:f9:ca:b2:50:4b:c5:87:37:ab:c6:0f:71:
6a:74:dd:13:fc:0b:09:aa:a7:f1:6c:0d:09:f1:d7:
98:f4:35:64:43:c9:4f:32:cd:1f:56:28:c4:55:6b:
62:0f:63:8b:25:ac:d6:93:3d:2f:60:99:6b:03:f1:
f9:a6:d8:97:3c:41:5e:d0:16:0d:66:94:67:8f:b1:
4d:25:68:fb:84:ed:0c:e5:bf:35:31:12:19:6b:68:
43:ff:96:00:92:a5:2d:47:2d:24:32:63:b4:31:68:
d3:ed:e9:d5:74:f4:be:0c:76:95:58:13:0d:95:bd:
8c:ce:92:17:a7:4a:54:02:c8:ad:57:8a:b2:1d:63:
ef:f7:af:f6:6d:b0:75:82:f7:55:89:7c:46:6c:0a:
d2:ca:56:27:a9:da:7b:76:14:e1:d8:99:c5:eb:e9:
06:57:cb:04:f3:f2:88:9f:07:8a:ab:65:eb:82:d3:
c9:ca:59:36:34:eb:cb:62:54:6e:ed:e5:09:e8:6d:
fa:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:DD:D4:D4:0A:1D:6F:CF:0D:8D:F5:D6:F8:44:D8:D3:B8:01:84:E3
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/M93U1Aodb88NjfXW-ETY07gBhOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/19
37.29.0.0/17
46.29.192.0/21
46.229.128.0/20
46.232.200.0/21
62.64.0.0/19
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
80.253.0.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
40:93:1d:29:b1:8d:aa:2a:66:35:8b:77:a7:9b:c0:00:bf:1b:
cf:75:53:b3:81:e8:f6:68:1c:65:a7:fd:67:87:8c:6c:d1:b7:
d7:71:3e:1f:93:28:29:6a:dc:7d:48:33:ca:0a:53:f5:28:3d:
31:c0:12:09:86:72:2a:35:59:e8:b5:eb:7c:7a:28:9d:5d:ea:
ca:bd:4d:bf:3a:3f:ad:24:97:23:98:13:ae:a4:c8:a8:96:e7:
1d:4d:6d:a0:6e:06:7d:ff:57:da:50:f4:f3:f1:d3:07:7f:b1:
1c:ba:28:7c:3f:48:d5:78:42:92:66:62:6f:0f:a2:50:fa:c1:
0a:c9:7d:8d:6a:14:30:7f:60:c2:b0:10:4d:7f:8b:39:49:74:
ca:bf:fe:86:c7:db:c8:7a:15:04:fd:f4:ba:d1:b6:0c:80:1e:
d7:9b:38:01:85:64:40:1f:61:ce:70:45:f5:4d:07:ed:0e:70:
7a:34:3a:75:45:39:a1:56:a4:1d:e5:0c:d5:c3:c6:72:01:b6:
83:96:a4:dd:c8:d6:a0:64:d1:2a:6f:63:42:66:6b:4b:70:77:
01:f1:a9:29:e1:9b:d3:68:09:46:76:a1:02:cb:6d:76:20:3c:
3f:22:27:a7:78:dd:5e:4e:f7:96:76:5c:9a:cb:c8:84:47:7e:
fc:a2:4f:ce
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAYQUiTFlTqtj3Byos2J5IN2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMDI2MTM0NDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2RkZDRkNDBhMWQ2ZmNmMGQ4ZGY1ZDZmODQ0ZDhkM2I4MDE4NGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vtazAnHl99HFd0jjuDAP7kJ6fcN
La0hTAhkxstB+/4BmwoWjmO38H7tZxn6qr1FOrMK70CSYW6znq+X78z5yrJQS8WH
N6vGD3FqdN0T/AsJqqfxbA0J8deY9DVkQ8lPMs0fVijEVWtiD2OLJazWkz0vYJlr
A/H5ptiXPEFe0BYNZpRnj7FNJWj7hO0M5b81MRIZa2hD/5YAkqUtRy0kMmO0MWjT
7enVdPS+DHaVWBMNlb2MzpIXp0pUAsitV4qyHWPv96/2bbB1gvdViXxGbArSylYn
qdp7dhTh2JnF6+kGV8sE8/KInweKq2XrgtPJylk2NOvLYlRu7eUJ6G36lwIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFDPd1NQKHW/PDY311vhE2NO4AYTjMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvTTkzVTFBb2RiODhOamZYVy1FVFkwN2dCaE9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCARQEAgABMIIB
DAMEBSUcoAMEByUdAAMEAy4dwAMEBC7lgAMEAy7oyAMEBT5AAAMEBU3poAMEBk4Z
QAMEAk4pZAMEA0+rCAMEBFD3sAMEBFD9AAMEBFEYgAMEBlOpwAMEBVPewAMEB1Pl
gAMEB1UagAMEBVZtwAMEAlvB1AMEB12ZgAMEB14ZgAMEB1+JAAMEBG1KcAMEBm18
QAMDAG28AwQGgMxAAwQDsheQAwQCuQMgAwQCudKMAwQDvF6oAwMAvKIDBALByeQD
BAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXURWAD
BAXUd6ADBAXVmqADBAXVqCADBAbV80ADBATZc1AwDQYJKoZIhvcNAQELBQADggEB
AECTHSmxjaoqZjWLd6ebwAC/G891U7OB6PZoHGWn/WeHjGzRt9dxPh+TKClq3H1I
M8oKU/UoPTHAEgmGcio1Wei163x6KJ1d6sq9Tb86P60klyOYE66kyKiW5x1NbaBu
Bn3/V9pQ9PPx0wd/sRy6KHw/SNV4QpJmYm8PolD6wQrJfY1qFDB/YMKwEE1/izlJ
dMq//obH28h6FQT99LrRtgyAHtebOAGFZEAfYc5wRfVNB+0OcHo0OnVFOaFWpB3l
DNXDxnIBtoOWpN3I1qBk0SpvY0Jma0twdwHxqSnhm9NoCUZ2oQLLbXYgPD8iJ6d4
3V5O95Z2XJrLyIRHfvyiT84=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:58 2025 by rpki-client