Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/N3CO67SDwb-8I48raT7_BTiDivQ.roa
File: N3CO67SDwb-8I48raT7_BTiDivQ.roa (raw, json)
Hash identifier: x50qKUeRS5wvvi68m4L1mLPCBMhU4rf93x8yraBGuEg=
Subject key identifier: 37:70:8E:EB:B4:83:C1:BF:BC:23:8F:2B:69:3E:FF:05:38:83:8A:F4
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F1C2C3C2F80E005A22C6304ADE9A4B33
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/N3CO67SDwb-8I48raT7_BTiDivQ.roa
Signing time: Thu 08 Dec 2022 12:43:03 +0000
ROA not before: Thu 08 Dec 2022 12:43:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41976
IP address blocks: 212.14.160.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
109.74.112.0/21 maxlen: 21
109.74.112.0/20 maxlen: 20
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
178.23.144.0/21 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:c2:c3:c2:f8:0e:00:5a:22:c6:30:4a:de:9a:4b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 12:43:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=37708eebb483c1bfbc238f2b693eff0538838af4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b0:21:d5:f7:94:f7:d9:77:a7:d3:c5:5a:68:
83:49:66:0e:d7:e7:19:8d:d4:5b:57:b3:ab:a0:b3:
33:8f:9a:54:0b:9c:11:e2:07:b9:24:98:79:4f:ca:
4b:0b:85:fe:1c:d3:91:53:84:34:89:fc:82:84:ce:
5a:a3:c2:f1:d1:e6:42:d1:c3:f5:03:41:5b:28:23:
ab:0b:05:16:7c:af:e9:5c:ab:aa:5e:16:c4:64:ea:
01:5d:07:f8:b6:8a:69:ff:ea:f8:ae:ed:6d:8b:bf:
f8:6e:df:ac:cb:5a:ad:00:8e:04:b4:53:31:ed:35:
50:bf:76:cf:06:20:1b:a7:9e:ae:74:bb:cc:b0:05:
6e:79:8e:5b:5b:bd:51:94:ff:8e:2a:7c:ca:8d:ae:
02:ae:b2:5d:eb:ec:09:f9:f8:1a:b7:c5:05:bf:9d:
75:30:07:24:52:57:f5:b5:07:7b:b4:dd:11:c6:2f:
ec:ec:ef:49:03:86:61:6b:54:e1:51:09:cd:f3:bf:
45:42:17:af:7e:0d:a5:58:bf:a4:e2:ce:e3:51:50:
f4:11:86:7a:e0:6b:5f:2d:76:10:0c:69:96:cb:77:
78:54:df:ae:de:0c:7d:55:65:0d:1a:7a:4c:41:ea:
27:5f:12:de:f9:69:7e:b2:17:8a:35:ae:7c:f6:da:
46:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:70:8E:EB:B4:83:C1:BF:BC:23:8F:2B:69:3E:FF:05:38:83:8A:F4
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/N3CO67SDwb-8I48raT7_BTiDivQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.74.112.0/20
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
a2:65:90:5a:b8:cc:56:73:ed:5b:12:a0:2a:4a:ee:0e:3b:95:
2b:80:12:8c:ba:fd:35:20:c4:0a:91:d4:ec:6c:92:79:66:63:
94:09:74:d4:71:a0:5c:7a:fd:dc:45:6a:a5:c5:a4:dc:f3:28:
5f:cd:e6:39:38:14:c4:7e:83:b2:04:ca:1b:89:92:b0:ba:d4:
e1:9e:fb:66:a0:0a:fd:ce:b8:da:b4:15:ea:82:b2:7f:cf:ae:
23:24:11:ec:d2:33:bf:f3:30:7f:70:26:f1:a9:36:7a:05:81:
38:b0:9b:fc:a8:45:cc:08:32:09:20:9a:11:ef:62:7e:b2:ca:
f5:50:f2:d0:e0:34:ae:2b:ec:18:0b:c9:95:c2:ea:b3:11:e4:
99:91:d7:59:14:94:78:0e:7b:5f:47:5d:4b:7a:5b:0a:a9:1e:
51:5f:28:f2:e3:78:57:71:f1:b4:3b:d6:55:85:76:4c:71:a8:
32:aa:16:04:af:8c:57:5f:5d:79:0e:19:f8:8d:a0:0c:24:ea:
52:db:26:22:d9:33:e8:3e:d5:11:f8:bf:64:79:53:e1:5e:b5:
98:ca:fd:e0:21:e6:26:c3:6c:70:eb:24:75:fc:8d:92:30:84:
49:b7:1e:96:12:77:c5:db:28:4e:22:a0:f5:64:9f:68:b5:1c:
68:96:c8:0b
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYTxwsPC+A4AWiLGMEremkszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTI0MzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzcwOGVlYmI0ODNjMWJmYmMyMzhmMmI2OTNlZmYwNTM4ODM4YWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLAh1feU99l3p9PFWmiDSWYO1+cZ
jdRbV7OroLMzj5pUC5wR4ge5JJh5T8pLC4X+HNORU4Q0ifyChM5ao8Lx0eZC0cP1
A0FbKCOrCwUWfK/pXKuqXhbEZOoBXQf4topp/+r4ru1ti7/4bt+sy1qtAI4EtFMx
7TVQv3bPBiAbp56udLvMsAVueY5bW71RlP+OKnzKja4CrrJd6+wJ+fgat8UFv511
MAckUlf1tQd7tN0Rxi/s7O9JA4Zha1ThUQnN879FQhevfg2lWL+k4s7jUVD0EYZ6
4GtfLXYQDGmWy3d4VN+u3gx9VWUNGnpMQeonXxLe+Wl+sheKNa589tpG/wIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFDdwjuu0g8G/vCOPK2k+/wU4g4r0MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvTjNDTzY3U0R3Yi04STQ4cmFUN19CVGlEaXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjCBgwQCAAEwfQMEBG1K
cAMEBoDMQAMEA7IXkAMEArkDIAMEArnSjAMEA7xeqAMDALyiAwQCwcnkAwQFwwWA
AwQFwxBgAwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1Heg
AwQF1ZqgAwQF1aggAwQG1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IBAQCiZZBa
uMxWc+1bEqAqSu4OO5UrgBKMuv01IMQKkdTsbJJ5ZmOUCXTUcaBcev3cRWqlxaTc
8yhfzeY5OBTEfoOyBMobiZKwutThnvtmoAr9zrjatBXqgrJ/z64jJBHs0jO/8zB/
cCbxqTZ6BYE4sJv8qEXMCDIJIJoR72J+ssr1UPLQ4DSuK+wYC8mVwuqzEeSZkddZ
FJR4DntfR11LelsKqR5RXyjy43hXcfG0O9ZVhXZMcagyqhYEr4xXX115Dhn4jaAM
JOpS2yYi2TPoPtUR+L9keVPhXrWYyv3gIeYmw2xw6yR1/I2SMIRJtx6WEnfF2yhO
IqD1ZJ9otRxolsgL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:22 2025 by rpki-client