Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/MF5LG8OwBdbGDgVEnNS5NF8_14I.roa
File: MF5LG8OwBdbGDgVEnNS5NF8_14I.roa (raw, json)
Hash identifier: /gyj/I/czH8SknmYwT+ARz6t2SQhODj3/1/aFH+1s4E=
Subject key identifier: 30:5E:4B:1B:C3:B0:05:D6:C6:0E:05:44:9C:D4:B9:34:5F:3F:D7:82
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185061719A61B2AB85C5773263B6EE999C7
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/MF5LG8OwBdbGDgVEnNS5NF8_14I.roa
Signing time: Mon 12 Dec 2022 11:27:35 +0000
ROA not before: Mon 12 Dec 2022 11:27:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31195
IP address blocks: 85.26.240.0/22 maxlen: 22
178.178.64.0/24 maxlen: 24
178.178.71.0/24 maxlen: 24
178.178.67.0/24 maxlen: 24
178.178.70.0/24 maxlen: 24
178.178.66.0/24 maxlen: 24
178.178.65.0/24 maxlen: 24
178.178.68.0/24 maxlen: 24
178.178.73.0/24 maxlen: 24
178.178.72.0/24 maxlen: 24
78.25.124.0/22 maxlen: 22
78.25.127.0/24 maxlen: 24
31.173.225.0/24 maxlen: 24
31.173.226.0/24 maxlen: 24
31.173.132.0/23 maxlen: 23
31.173.134.0/23 maxlen: 23
31.173.135.0/24 maxlen: 24
178.176.233.0/24 maxlen: 24
178.176.235.0/24 maxlen: 24
178.176.234.0/24 maxlen: 24
31.173.143.0/24 maxlen: 24
37.28.190.0/24 maxlen: 24
37.28.188.0/22 maxlen: 22
37.28.191.0/24 maxlen: 24
37.29.91.0/24 maxlen: 24
37.29.88.0/22 maxlen: 22
37.29.89.0/24 maxlen: 24
37.29.95.0/24 maxlen: 24
37.29.94.0/24 maxlen: 24
37.29.92.0/22 maxlen: 22
188.170.232.0/24 maxlen: 24
188.170.233.0/24 maxlen: 24
188.170.230.0/24 maxlen: 24
188.170.231.0/24 maxlen: 24
188.170.228.0/23 maxlen: 23
188.170.236.0/24 maxlen: 24
188.170.237.0/24 maxlen: 24
188.170.234.0/24 maxlen: 24
188.170.239.0/24 maxlen: 24
188.170.235.0/24 maxlen: 24
31.173.230.0/24 maxlen: 24
31.173.231.0/24 maxlen: 24
31.173.228.0/23 maxlen: 23
31.173.232.0/23 maxlen: 23
31.173.228.0/24 maxlen: 24
31.173.229.0/24 maxlen: 24
31.173.238.0/24 maxlen: 24
31.173.235.0/24 maxlen: 24
31.173.239.0/24 maxlen: 24
31.173.236.0/23 maxlen: 23
37.29.43.0/24 maxlen: 24
83.149.52.0/22 maxlen: 22
83.169.230.0/24 maxlen: 24
83.169.228.0/23 maxlen: 23
83.169.227.0/24 maxlen: 24
83.169.226.0/24 maxlen: 24
83.169.224.0/23 maxlen: 23
85.26.244.0/22 maxlen: 22
85.26.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:17:19:a6:1b:2a:b8:5c:57:73:26:3b:6e:e9:99:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 11:27:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=305e4b1bc3b005d6c60e05449cd4b9345f3fd782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b6:9e:1e:9e:fd:9f:e1:37:f6:60:20:ec:89:
74:da:bc:99:32:85:4a:63:1e:7f:7e:1e:8c:bb:8a:
30:15:06:a6:29:91:25:2a:c4:47:1e:ec:d6:d8:49:
9b:51:e4:54:99:21:8c:96:09:cb:27:36:6e:58:20:
5a:1a:16:46:a8:95:46:06:9a:11:b9:2d:40:a0:e6:
22:90:3b:03:bb:33:e7:21:45:8f:4d:ca:41:21:49:
2d:94:f1:59:b2:b4:c2:06:3d:e6:af:b8:0c:4e:d9:
03:96:9a:66:eb:11:42:41:e3:0a:4f:9b:b5:07:1a:
96:41:65:3b:ee:cb:a9:f0:ad:13:09:8f:73:8c:7b:
db:95:23:fe:8e:2c:7b:b2:8a:ba:42:7c:d2:61:a5:
75:e9:09:ce:0d:33:9e:6d:c8:af:67:5b:b4:68:df:
3d:ab:54:16:53:86:dd:dd:3b:1a:33:fa:98:9d:aa:
7d:af:6f:5c:fe:ef:39:d0:39:e6:c9:d9:f1:d3:36:
04:0e:48:1d:22:01:e0:66:78:f9:6a:0f:c1:d8:49:
c1:52:85:f1:f3:fb:82:6a:ff:42:ca:e9:f3:05:0e:
eb:aa:b3:06:ed:8f:e1:05:65:63:db:d3:e0:6e:7c:
ab:92:57:50:19:9d:84:0b:7e:d9:a2:8e:eb:28:b4:
c0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:5E:4B:1B:C3:B0:05:D6:C6:0E:05:44:9C:D4:B9:34:5F:3F:D7:82
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/MF5LG8OwBdbGDgVEnNS5NF8_14I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.132.0/22
31.173.143.0/24
31.173.225.0-31.173.226.255
31.173.228.0-31.173.233.255
31.173.235.0-31.173.239.255
37.28.188.0/22
37.29.43.0/24
37.29.88.0/21
78.25.124.0/22
83.149.52.0/22
83.169.224.0-83.169.230.255
85.26.240.0/21
178.176.233.0-178.176.235.255
178.178.64.0-178.178.68.255
178.178.70.0-178.178.73.255
188.170.228.0-188.170.237.255
188.170.239.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:c1:9f:b8:1f:d7:18:0f:7c:40:05:2f:18:9e:cb:55:2f:ab:
87:a1:86:57:05:46:89:9a:5e:19:13:7d:28:8b:ea:5b:db:b2:
f9:aa:5e:92:ee:c1:86:ac:6c:38:7d:e0:36:17:7a:66:80:8f:
b5:8d:c4:37:d5:03:17:8d:7a:04:7d:f0:0b:58:50:d6:a5:63:
aa:02:7f:14:96:28:49:fd:77:24:1e:03:77:24:cb:6a:5c:b1:
40:dc:64:1a:7b:30:32:c3:86:3c:12:62:c2:f4:20:30:51:3d:
81:62:5e:91:81:f3:ff:b8:b2:8c:b1:60:f9:18:b2:1e:0f:c4:
7c:7a:af:d0:17:53:26:92:2d:8f:02:a7:37:5b:64:df:16:f3:
1d:c2:a4:34:1a:04:34:52:84:dd:be:6d:89:67:17:26:bd:9d:
b3:7c:8c:cd:4b:87:0a:67:77:4f:dc:1e:95:d0:b4:d9:be:9c:
ee:90:38:68:6e:0e:a0:4b:d5:ca:27:a7:51:03:54:4a:d9:eb:
a5:0b:17:4f:75:5b:fe:30:d4:57:1a:58:4b:77:ba:cc:bc:2e:
fe:78:44:26:f7:26:f2:e6:11:61:03:fa:ed:78:80:fc:21:84:
5e:a3:34:b1:80:51:e6:8a:8f:77:c5:a4:75:dd:e0:dd:02:d1:
09:a9:45:2b
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAYUGFxmmGyq4XFdzJjtu6ZnHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTEyNzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDVlNGIxYmMzYjAwNWQ2YzYwZTA1NDQ5Y2Q0YjkzNDVmM2ZkNzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhraeHp79n+E39mAg7Il02ryZMoVK
Yx5/fh6Mu4owFQamKZElKsRHHuzW2EmbUeRUmSGMlgnLJzZuWCBaGhZGqJVGBpoR
uS1AoOYikDsDuzPnIUWPTcpBIUktlPFZsrTCBj3mr7gMTtkDlppm6xFCQeMKT5u1
BxqWQWU77sup8K0TCY9zjHvblSP+jix7soq6QnzSYaV16QnODTOebcivZ1u0aN89
q1QWU4bd3TsaM/qYnap9r29c/u850Dnmydnx0zYEDkgdIgHgZnj5ag/B2EnBUoXx
8/uCav9CyunzBQ7rqrMG7Y/hBWVj29PgbnyrkldQGZ2EC37Zoo7rKLTAOwIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFDBeSxvDsAXWxg4FRJzUuTRfP9eCMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvTUY1TEc4T3dCZGJHRGdWRW5OUzVORjhfMTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBrQQCAAEwgaYDBAIf
rYQDBAAfrY8wDAMEAB+t4QMEAB+t4jAMAwQCH63kAwQBH63oMAwDBAAfresDBAQf
reADBAIlHLwDBAAlHSsDBAMlHVgDBAJOGXwDBAJTlTQwDAMEBVOp4AMEAFOp5gME
A1Ua8DAMAwQAsrDpAwQCsrDoMAwDBAayskADBACyskQwDAMEAbKyRgMEAbKySDAM
AwQCvKrkAwQBvKrsAwQAvKrvMA0GCSqGSIb3DQEBCwUAA4IBAQAewZ+4H9cYD3xA
BS8YnstVL6uHoYZXBUaJml4ZE30oi+pb27L5ql6S7sGGrGw4feA2F3pmgI+1jcQ3
1QMXjXoEffALWFDWpWOqAn8UlihJ/XckHgN3JMtqXLFA3GQaezAyw4Y8EmLC9CAw
UT2BYl6RgfP/uLKMsWD5GLIeD8R8eq/QF1Mmki2PAqc3W2TfFvMdwqQ0GgQ0UoTd
vm2JZxcmvZ2zfIzNS4cKZ3dP3B6V0LTZvpzukDhobg6gS9XKJ6dRA1RK2eulCxdP
dVv+MNRXGlhLd7rMvC7+eEQm9yby5hFhA/rteID8IYReozSxgFHmio93xaR13eDd
AtEJqUUr
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:35 2025 by rpki-client