Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/M99WkKFmfcBKvqoNTlJ0PkSzy-Q.roa
File: M99WkKFmfcBKvqoNTlJ0PkSzy-Q.roa (raw, json)
Hash identifier: te2rMKiO+DXvI8n+NTFONgSG5IGqPJaocnLlIFy5zmk=
Subject key identifier: 33:DF:56:90:A1:66:7D:C0:4A:BE:AA:0D:4E:52:74:3E:44:B3:CB:E4
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01842D38D9DF352CDFC728FDD026D7D14F8E
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/M99WkKFmfcBKvqoNTlJ0PkSzy-Q.roa
Signing time: Mon 31 Oct 2022 08:46:51 +0000
ROA not before: Mon 31 Oct 2022 08:46:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29648
IP address blocks: 109.188.0.0/16 maxlen: 24
85.26.128.0/17 maxlen: 24
193.201.228.0/22 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
78.25.64.0/18 maxlen: 24
31.173.119.0/24 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
195.5.128.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
81.24.128.0/20 maxlen: 24
195.78.116.0/23 maxlen: 24
31.173.104.0/24 maxlen: 24
31.173.105.0/24 maxlen: 24
31.173.112.0/24 maxlen: 24
31.173.109.0/24 maxlen: 24
31.173.110.0/24 maxlen: 24
31.173.107.0/24 maxlen: 24
31.173.108.0/24 maxlen: 24
31.173.106.0/24 maxlen: 24
31.173.111.0/24 maxlen: 24
31.173.117.0/24 maxlen: 24
31.173.118.0/24 maxlen: 24
31.173.115.0/24 maxlen: 24
31.173.116.0/24 maxlen: 24
31.173.113.0/24 maxlen: 24
31.173.114.0/24 maxlen: 24
46.232.200.0/21 maxlen: 24
62.64.0.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
46.29.192.0/21 maxlen: 24
195.16.96.0/19 maxlen: 24
79.171.8.0/21 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
185.3.32.0/22 maxlen: 24
86.109.192.0/19 maxlen: 24
188.170.98.0/24 maxlen: 24
188.170.97.0/24 maxlen: 24
188.170.96.0/24 maxlen: 24
188.170.103.0/24 maxlen: 24
188.170.100.0/24 maxlen: 24
188.170.105.0/24 maxlen: 24
188.170.102.0/24 maxlen: 24
188.170.99.0/24 maxlen: 24
188.170.104.0/24 maxlen: 24
188.170.101.0/24 maxlen: 24
188.170.106.0/24 maxlen: 24
188.170.111.0/24 maxlen: 24
188.170.108.0/24 maxlen: 24
188.170.110.0/24 maxlen: 24
188.170.107.0/24 maxlen: 24
212.69.96.0/19 maxlen: 24
188.170.109.0/24 maxlen: 24
188.170.112.0/24 maxlen: 24
188.170.114.0/24 maxlen: 24
188.170.113.0/24 maxlen: 24
188.170.116.0/24 maxlen: 24
188.170.115.0/24 maxlen: 24
188.170.118.0/24 maxlen: 24
188.170.117.0/24 maxlen: 24
188.170.119.0/24 maxlen: 24
188.170.122.0/24 maxlen: 24
188.170.121.0/24 maxlen: 24
188.170.124.0/24 maxlen: 24
188.170.123.0/24 maxlen: 24
188.170.125.0/24 maxlen: 24
37.29.0.0/17 maxlen: 24
188.170.120.0/24 maxlen: 24
188.170.127.0/24 maxlen: 24
188.170.126.0/24 maxlen: 24
78.109.120.0/24 maxlen: 24
37.28.160.0/19 maxlen: 24
78.109.121.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
178.176.96.0/24 maxlen: 24
178.176.98.0/24 maxlen: 24
178.176.97.0/24 maxlen: 24
178.176.102.0/24 maxlen: 24
178.176.99.0/24 maxlen: 24
178.176.101.0/24 maxlen: 24
178.176.103.0/24 maxlen: 24
178.176.100.0/24 maxlen: 24
78.41.100.0/22 maxlen: 24
178.176.118.0/24 maxlen: 24
178.176.115.0/24 maxlen: 24
178.176.117.0/24 maxlen: 24
178.176.114.0/24 maxlen: 24
178.176.116.0/24 maxlen: 24
178.176.123.0/24 maxlen: 24
178.176.120.0/24 maxlen: 24
178.176.125.0/24 maxlen: 24
178.176.122.0/24 maxlen: 24
178.176.119.0/24 maxlen: 24
178.176.124.0/24 maxlen: 24
178.176.121.0/24 maxlen: 24
178.176.126.0/24 maxlen: 24
178.176.127.0/24 maxlen: 24
83.169.192.0/18 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
46.229.128.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:38:d9:df:35:2c:df:c7:28:fd:d0:26:d7:d1:4f:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 31 08:46:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33df5690a1667dc04abeaa0d4e52743e44b3cbe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:6d:15:11:6c:2f:ac:34:83:d6:68:ac:9a:13:
75:f8:e6:a1:99:31:31:53:f2:cf:94:f2:7a:b4:46:
ff:12:38:85:b8:98:cb:76:d1:16:69:f9:37:3e:ab:
a5:ff:34:60:8d:13:56:47:94:05:14:dc:73:33:ac:
1f:b6:a2:80:9c:ed:d3:07:20:5c:4b:34:ec:c9:47:
02:a9:ec:44:13:bc:2a:ab:37:3b:02:58:2f:12:70:
07:d0:ed:56:18:2f:95:e3:90:c0:b3:d1:2d:4c:fe:
1e:ae:44:ba:fb:eb:8d:9a:2a:a2:08:94:d9:3d:24:
1a:fb:c5:1f:52:55:81:f5:be:70:f2:7e:14:9b:4a:
a5:0f:0d:2d:3a:73:f0:3a:0e:8e:04:0a:be:2e:46:
cf:b2:5c:a4:f5:dc:4e:43:68:79:a0:e1:f1:99:d0:
00:af:1c:1b:39:9e:79:8a:06:7e:46:03:0c:e3:27:
80:22:15:35:ac:00:20:e3:0f:29:d8:14:07:ab:2d:
33:9d:de:cd:19:30:4b:2c:ed:44:06:69:c7:99:20:
24:6d:6c:15:ee:78:d1:91:51:81:13:3d:1b:97:2c:
07:7f:b9:ca:6d:f6:0a:4c:2c:b9:17:10:c9:60:89:
63:19:06:1a:32:b2:2d:a5:0c:85:b2:13:c6:75:5d:
c1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:DF:56:90:A1:66:7D:C0:4A:BE:AA:0D:4E:52:74:3E:44:B3:CB:E4
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/M99WkKFmfcBKvqoNTlJ0PkSzy-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.104.0-31.173.119.255
37.28.160.0/19
37.29.0.0/17
46.29.192.0/21
46.229.128.0/20
46.232.200.0/21
62.64.0.0/19
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
78.109.120.0/23
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.96.0/21
178.176.114.0-178.176.127.255
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
188.170.96.0/19
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
75:21:fc:98:0f:1e:4f:28:98:d1:8f:53:e2:68:76:3d:e4:97:
84:ad:f4:0e:99:a2:91:9a:0f:4b:be:2c:bf:3b:c9:a1:dd:38:
84:1c:8f:34:8f:63:ad:b5:fa:f4:8d:11:68:1e:ab:20:39:27:
fb:f1:b4:fb:a5:3e:88:b6:53:f1:de:46:e0:c6:3e:ba:f4:88:
e4:df:19:33:3d:f4:a7:88:df:7e:60:0b:d3:32:56:70:6d:1c:
8b:35:ad:54:c2:40:15:46:bd:33:13:7a:fa:d6:7b:1f:93:bb:
9a:e4:49:e5:92:fd:a9:ae:2c:16:85:95:da:6c:4f:98:57:5d:
c7:7a:88:52:a3:00:a8:1d:b0:82:85:81:c9:65:85:3c:18:a7:
bb:4a:28:17:c5:45:f2:d1:5a:6f:1d:88:a5:31:25:3a:8a:9d:
4a:ca:d0:4c:11:37:aa:1d:59:5b:c5:7f:1b:49:04:20:9f:2b:
82:5f:75:2d:00:21:0f:92:e9:c4:4d:22:d8:36:d7:56:4c:d2:
14:00:2e:a5:a9:27:2f:34:aa:9b:e3:a5:e2:de:d7:73:3a:74:
c5:2a:c9:ea:73:3c:ee:40:14:2e:73:eb:89:22:1b:b6:53:16:
11:c9:df:ef:2f:76:fb:99:b8:f6:ba:4e:d0:df:1f:fd:11:6c:
a4:26:bf:44
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgISAYQtONnfNSzfxyj90CbX0U+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMDMxMDg0NjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2RmNTY5MGExNjY3ZGMwNGFiZWFhMGQ0ZTUyNzQzZTQ0YjNjYmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2W0VEWwvrDSD1mismhN1+OahmTEx
U/LPlPJ6tEb/EjiFuJjLdtEWafk3Pqul/zRgjRNWR5QFFNxzM6wftqKAnO3TByBc
SzTsyUcCqexEE7wqqzc7AlgvEnAH0O1WGC+V45DAs9EtTP4erkS6++uNmiqiCJTZ
PSQa+8UfUlWB9b5w8n4Um0qlDw0tOnPwOg6OBAq+LkbPslyk9dxOQ2h5oOHxmdAA
rxwbOZ55igZ+RgMM4yeAIhU1rAAg4w8p2BQHqy0znd7NGTBLLO1EBmnHmSAkbWwV
7njRkVGBEz0blywHf7nKbfYKTCy5FxDJYIljGQYaMrItpQyFshPGdV3BQwIDAQAB
o4IDQTCCAz0wHQYDVR0OBBYEFDPfVpChZn3ASr6qDU5SdD5Es8vkMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvTTk5V2tLRm1mY0JLdnFvTlRsSjBQa1N6eS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVQYIKwYBBQUHAQcBAf8EggFEMIIBQDCCATwEAgABMIIB
NDAMAwQDH61oAwQDH61wAwQFJRygAwQHJR0AAwQDLh3AAwQELuWAAwQDLujIAwQF
PkAAAwQFTemgAwQGThlAAwQCTilkAwQBTm14AwQDT6sIAwQEUPewAwQEURiAAwQG
U6nAAwQFU97AAwQHU+WAAwQHVRqAAwQFVm3AAwQCW8HUAwQHXZmAAwQHXhmAAwQH
X4kAAwQEbUpwAwQGbXxAAwMAbbwDBAaAzEADBAOyF5ADBAOysGAwDAMEAbKwcgME
B7KwAAMEArkDIAMEArnSjAMEA7xeqAMDALyiAwQFvKpgAwQCwcnkAwQFwwWAAwQF
wxBgAwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1HegAwQF
1ZqgAwQF1aggAwQG1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IBAQB1IfyYDx5P
KJjRj1PiaHY95JeErfQOmaKRmg9Lviy/O8mh3TiEHI80j2Ottfr0jRFoHqsgOSf7
8bT7pT6ItlPx3kbgxj669Ijk3xkzPfSniN9+YAvTMlZwbRyLNa1UwkAVRr0zE3r6
1nsfk7ua5Enlkv2priwWhZXabE+YV13HeohSowCoHbCChYHJZYU8GKe7SigXxUXy
0VpvHYilMSU6ip1KytBMETeqHVlbxX8bSQQgnyuCX3UtACEPkunETSLYNtdWTNIU
AC6lqScvNKqb46Xi3tdzOnTFKsnqczzuQBQuc+uJIhu2UxYRyd/vL3b7mbj2uk7Q
3x/9EWykJr9E
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:16 2025 by rpki-client