Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/NJkMOsQeNoa_1rK0XZYHrpMWt5E.roa
File: NJkMOsQeNoa_1rK0XZYHrpMWt5E.roa (raw, json)
Hash identifier: ealosVx6OPER/IOQ8AQPyGg1Pq8zt+rkIFRJ++dbloo=
Subject key identifier: 34:99:0C:3A:C4:1E:36:86:BF:D6:B2:B4:5D:96:07:AE:93:16:B7:91
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505910DAC0798BABC8F663BEA8996BD4B
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/NJkMOsQeNoa_1rK0XZYHrpMWt5E.roa
Signing time: Mon 12 Dec 2022 09:01:10 +0000
ROA not before: Mon 12 Dec 2022 09:01:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25159
IP address blocks: 195.16.96.0/19 maxlen: 24
193.201.228.0/22 maxlen: 24
109.188.112.0/23 maxlen: 23
109.188.114.0/24 maxlen: 24
85.26.144.0/20 maxlen: 20
109.188.64.0/19 maxlen: 19
109.188.96.0/21 maxlen: 21
78.25.119.0/24 maxlen: 24
94.25.131.0/24 maxlen: 24
94.25.144.0/20 maxlen: 20
94.25.164.0/24 maxlen: 24
94.25.160.0/24 maxlen: 24
212.69.106.0/24 maxlen: 24
94.25.172.0/22 maxlen: 22
94.25.168.0/22 maxlen: 22
212.69.113.0/24 maxlen: 24
212.69.114.0/24 maxlen: 24
188.170.25.0/24 maxlen: 24
188.170.32.0/21 maxlen: 21
188.170.40.0/21 maxlen: 21
37.28.176.0/21 maxlen: 21
178.177.0.0/18 maxlen: 18
178.177.3.0/24 maxlen: 24
78.25.112.0/22 maxlen: 22
78.25.116.0/23 maxlen: 23
78.25.118.0/24 maxlen: 24
94.25.176.0/21 maxlen: 21
212.69.125.0/24 maxlen: 24
94.25.184.0/21 maxlen: 21
195.5.128.0/19 maxlen: 24
128.204.78.0/23 maxlen: 23
128.204.76.0/22 maxlen: 22
37.29.32.0/21 maxlen: 21
128.204.76.0/23 maxlen: 23
178.176.52.0/22 maxlen: 22
178.176.72.0/21 maxlen: 21
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
31.173.0.0/21 maxlen: 21
195.149.111.0/24 maxlen: 24
31.173.8.0/21 maxlen: 21
178.176.0.0/19 maxlen: 19
213.243.109.0/24 maxlen: 24
213.243.116.0/24 maxlen: 24
83.229.254.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
178.176.32.0/21 maxlen: 21
178.176.40.0/21 maxlen: 21
31.173.72.0/21 maxlen: 21
31.173.80.0/21 maxlen: 21
31.173.88.0/21 maxlen: 21
188.170.0.0/19 maxlen: 19
188.170.24.0/24 maxlen: 24
31.173.16.0/21 maxlen: 21
31.173.24.0/21 maxlen: 21
31.173.32.0/19 maxlen: 19
31.173.60.0/24 maxlen: 24
31.173.64.0/21 maxlen: 21
188.162.0.0/16 maxlen: 24
62.64.0.0/20 maxlen: 20
83.229.211.0/24 maxlen: 24
46.229.128.0/22 maxlen: 22
83.222.212.0/22 maxlen: 22
83.222.216.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:91:0d:ac:07:98:ba:bc:8f:66:3b:ea:89:96:bd:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:01:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34990c3ac41e3686bfd6b2b45d9607ae9316b791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:48:7a:8e:28:03:be:35:b4:ac:af:16:18:8f:
fb:76:23:4f:ae:f6:8a:b0:2a:16:e8:a6:f4:f5:66:
2a:67:9a:40:36:15:a6:12:b6:82:fd:93:e3:78:be:
0e:05:56:78:85:e4:64:a2:0e:c9:7f:87:bc:74:21:
c8:f4:85:ab:33:28:be:16:2a:bf:92:70:a1:ea:77:
62:22:11:86:9e:94:b6:12:4b:82:0a:75:0a:36:9d:
b1:9b:b9:65:e4:8c:84:69:75:f5:6a:b5:0b:f8:17:
6f:f3:43:85:ce:12:e1:4d:79:cc:4e:c8:b4:08:4e:
a7:e9:87:03:ed:ea:77:d8:f8:9b:f9:58:f3:86:64:
89:03:9a:36:1f:b3:58:41:52:ca:c3:d2:c4:3a:7c:
a7:61:37:42:fb:b9:b3:22:98:6c:87:47:91:f8:04:
3a:a0:10:23:cb:d5:bc:fd:b0:1c:01:0b:e3:10:a2:
8f:ae:9e:f8:78:a2:1e:79:9d:19:43:e1:b6:9a:8b:
d2:ae:98:de:5c:c1:70:6c:10:57:4c:d1:0c:14:12:
18:a5:51:7b:d2:dd:e5:e2:bf:6b:12:41:a5:56:6a:
65:59:58:d5:14:fe:88:3a:b9:98:05:a4:65:90:d5:
4c:42:f3:4a:f8:b8:62:7e:f3:f9:03:44:06:34:7f:
cc:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:99:0C:3A:C4:1E:36:86:BF:D6:B2:B4:5D:96:07:AE:93:16:B7:91
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/NJkMOsQeNoa_1rK0XZYHrpMWt5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.0.0-31.173.95.255
37.28.176.0/21
37.29.32.0/21
46.229.128.0/22
62.64.0.0/20
78.25.112.0/21
83.222.212.0-83.222.223.255
83.229.211.0/24
83.229.254.0/24
85.26.144.0/20
94.25.131.0/24
94.25.144.0-94.25.160.255
94.25.164.0/24
94.25.168.0-94.25.191.255
109.188.64.0-109.188.103.255
109.188.112.0-109.188.114.255
128.204.76.0/22
178.176.0.0-178.176.47.255
178.176.52.0/22
178.176.72.0/21
178.177.0.0/18
188.162.0.0/16
188.170.0.0-188.170.47.255
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.69.106.0/24
212.69.113.0-212.69.114.255
212.69.125.0/24
213.243.109.0/24
213.243.116.0/24
Signature Algorithm: sha256WithRSAEncryption
66:38:8c:5b:41:dc:78:5b:85:24:60:67:1b:eb:80:6d:b3:fa:
6b:df:07:a4:e7:09:18:17:86:7d:9e:62:2a:f6:f5:9f:32:27:
a8:aa:04:44:24:ed:05:3e:52:f7:eb:33:b4:82:e6:a2:b9:7d:
ea:96:65:71:89:ad:b4:06:ef:1c:84:85:ed:91:f3:bb:b5:39:
e7:87:03:55:3f:2b:c6:84:19:52:3e:85:54:3c:df:77:bd:d9:
a4:eb:e5:75:1a:2c:1f:ac:03:77:c1:20:7a:21:a2:f9:98:25:
28:ba:ac:3d:e1:0f:5b:16:fe:09:89:86:9c:d3:70:a1:92:d3:
7e:b0:8f:fb:51:5b:55:a6:ab:38:b9:81:40:58:83:34:ca:43:
cd:e6:c8:bf:f6:70:57:fd:d3:5e:28:72:06:3e:27:9d:b7:70:
87:44:4f:c5:98:c3:35:44:f8:35:af:25:0c:70:a7:32:b8:37:
43:2c:94:87:db:ce:56:8c:2b:85:3f:30:94:9b:93:62:78:f3:
1c:40:b6:69:9b:ea:9b:af:31:14:b8:20:43:47:dd:71:0d:48:
9e:2b:27:af:39:51:ee:3d:5f:e2:17:ed:04:2b:ce:03:bb:a1:
2b:0a:7d:8f:40:47:be:0a:2a:0c:48:4a:d1:ae:04:ff:34:04:
57:34:d4:d0
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISAYUFkQ2sB5i6vI9mO+qJlr1LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkwMTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDk5MGMzYWM0MWUzNjg2YmZkNmIyYjQ1ZDk2MDdhZTkzMTZiNzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUh6jigDvjW0rK8WGI/7diNPrvaK
sCoW6Kb09WYqZ5pANhWmEraC/ZPjeL4OBVZ4heRkog7Jf4e8dCHI9IWrMyi+Fiq/
knCh6ndiIhGGnpS2EkuCCnUKNp2xm7ll5IyEaXX1arUL+Bdv80OFzhLhTXnMTsi0
CE6n6YcD7ep32Pib+VjzhmSJA5o2H7NYQVLKw9LEOnynYTdC+7mzIphsh0eR+AQ6
oBAjy9W8/bAcAQvjEKKPrp74eKIeeZ0ZQ+G2movSrpjeXMFwbBBXTNEMFBIYpVF7
0t3l4r9rEkGlVmplWVjVFP6IOrmYBaRlkNVMQvNK+LhifvP5A0QGNH/M9wIDAQAB
o4IDIzCCAx8wHQYDVR0OBBYEFDSZDDrEHjaGv9aytF2WB66TFreRMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvTkprTU9zUWVOb2FfMXJLMFhaWUhycE1XdDVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNwYIKwYBBQUHAQcBAf8EggEmMIIBIjCCAR4EAgABMIIB
FjALAwMAH60DBAUfrUADBAMlHLADBAMlHSADBAIu5YADBAQ+QAADBANOGXAwDAME
AlPe1AMEBVPewAMEAFPl0wMEAFPl/gMEBFUakAMEAF4ZgzAMAwQEXhmQAwQAXhmg
AwQAXhmkMAwDBANeGagDBAZeGYAwDAMEBm28QAMEA228YDAMAwQEbbxwAwQAbbxy
AwQCgMxMMAsDAwSysAMEBLKwIAMEArKwNAMEA7KwSAMEBrKxAAMDALyiMAsDAwG8
qgMEBLyqIAMEAsHJ5AMEBcMFgAMEBcMQYAMEAcNOdAMEAMOVbwMEBcPmQAMEBdQO
oAMEANRFajAMAwQA1EVxAwQA1EVyAwQA1EV9AwQA1fNtAwQA1fN0MA0GCSqGSIb3
DQEBCwUAA4IBAQBmOIxbQdx4W4UkYGcb64Bts/pr3wek5wkYF4Z9nmIq9vWfMieo
qgREJO0FPlL36zO0guaiuX3qlmVxia20Bu8chIXtkfO7tTnnhwNVPyvGhBlSPoVU
PN93vdmk6+V1GiwfrAN3wSB6IaL5mCUouqw94Q9bFv4JiYac03ChktN+sI/7UVtV
pqs4uYFAWIM0ykPN5si/9nBX/dNeKHIGPiedt3CHRE/FmMM1RPg1ryUMcKcyuDdD
LJSH285WjCuFPzCUm5NiePMcQLZpm+qbrzEUuCBDR91xDUieKyevOVHuPV/iF+0E
K84Du6ErCn2PQEe+CioMSErRrgT/NARXNNTQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org