Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Nd6m9wBTXVGOxYqOC8Rab8vDspY.roa
File: Nd6m9wBTXVGOxYqOC8Rab8vDspY.roa (raw, json)
Hash identifier: tEe1efKti+jublFWJ7I04DmakoQiGwUcqkOMIlLmyek=
Subject key identifier: 35:DE:A6:F7:00:53:5D:51:8E:C5:8A:8E:0B:C4:5A:6F:CB:C3:B2:96
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184763350BE3F919D324A3CC431EF13791F
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Nd6m9wBTXVGOxYqOC8Rab8vDspY.roa
Signing time: Mon 14 Nov 2022 12:53:05 +0000
ROA not before: Mon 14 Nov 2022 12:53:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24866
IP address blocks: 109.188.0.0/16 maxlen: 24
46.29.192.0/21 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
81.24.128.0/20 maxlen: 24
78.41.100.0/22 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
46.232.200.0/21 maxlen: 24
62.64.0.0/19 maxlen: 24
78.25.64.0/18 maxlen: 24
185.210.140.0/22 maxlen: 24
178.176.227.0/24 maxlen: 24
212.119.160.0/19 maxlen: 24
178.176.229.0/24 maxlen: 24
178.176.228.0/24 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
46.229.128.0/20 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:33:50:be:3f:91:9d:32:4a:3c:c4:31:ef:13:79:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Nov 14 12:53:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=35dea6f700535d518ec58a8e0bc45a6fcbc3b296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ba:47:31:83:77:95:c4:42:2a:02:b3:89:26:
1f:91:a1:8d:c6:51:cb:5e:88:f9:99:65:78:e8:f5:
49:cf:f5:2d:db:3c:56:07:14:97:cd:46:3a:ca:f3:
2e:6e:d6:48:f0:d5:32:33:d9:93:ec:75:ed:90:a2:
9c:aa:24:f7:a9:20:89:1d:3a:76:c5:0f:b2:e6:8e:
59:a7:f0:b8:72:b4:ad:f9:67:88:56:8b:f5:d5:4e:
f3:c5:3c:66:b5:88:8f:05:e6:31:40:da:87:f5:ae:
49:4a:00:96:95:a6:9a:85:73:11:88:e0:45:0f:09:
ee:6e:28:08:50:df:c9:a0:f3:d8:71:96:6d:2a:8b:
dc:0b:59:85:6b:33:13:5c:5c:1a:aa:bb:f9:99:52:
70:b3:ff:7a:33:95:4c:ec:70:2e:ca:2d:61:3d:d8:
1f:ff:ad:32:f2:f5:db:c0:0f:b9:63:ed:aa:2d:cd:
61:96:e2:db:89:c9:46:d0:09:c2:b3:62:f4:f9:34:
45:f7:14:c5:87:3c:68:f9:cd:99:73:65:3c:71:f3:
3d:65:80:36:ec:cc:5e:b5:6d:49:23:7c:8b:22:df:
59:05:8b:7a:61:c0:09:bc:9d:46:c3:42:5f:8f:b4:
84:fb:8f:fd:d7:33:97:c1:26:4c:66:86:aa:03:ac:
86:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:DE:A6:F7:00:53:5D:51:8E:C5:8A:8E:0B:C4:5A:6F:CB:C3:B2:96
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/Nd6m9wBTXVGOxYqOC8Rab8vDspY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.192.0/21
46.229.128.0/20
46.232.200.0/21
62.64.0.0/19
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.227.0-178.176.229.255
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
88:b6:3f:f9:05:f7:28:3c:49:ac:c6:ea:e0:be:be:b5:27:56:
32:21:10:e6:1d:52:93:fb:30:24:d9:9c:99:4f:75:11:4d:56:
a0:23:5c:01:1e:75:87:39:d5:9c:31:3e:be:b1:68:41:88:d7:
d8:3e:04:d0:1c:22:2a:8b:95:13:eb:71:db:40:20:f9:87:5f:
0e:25:66:b2:ca:9f:13:1f:0a:86:cd:39:c2:93:bb:c5:38:03:
e7:4d:24:39:5f:c7:8a:ef:ab:7e:bd:59:d9:fd:4d:76:b0:4e:
6c:ad:cd:b8:e5:5f:74:56:a2:78:65:79:32:93:18:54:71:2b:
23:41:96:e1:f1:59:c3:a3:83:47:75:fd:ee:37:ca:05:dc:cf:
a8:f4:43:88:8f:d0:bc:dc:cb:7b:01:63:1e:c8:68:37:d5:c8:
50:4f:c1:fa:5c:13:f3:88:ba:dd:b8:e4:bd:6e:a5:42:7c:88:
d3:98:58:2b:05:36:b4:2b:5b:22:d0:3b:fd:bc:e3:fe:77:43:
aa:0f:50:a5:7c:c5:a8:83:58:78:05:33:bc:f1:39:e3:ad:6d:
8f:17:a9:40:72:88:a5:a5:74:5e:4c:97:25:8f:fd:fe:13:c8:
47:77:8d:d9:ed:3f:ad:77:ca:2c:6d:4d:be:ec:9d:c1:dd:20:
cf:b7:7c:f8
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgISAYR2M1C+P5GdMko8xDHvE3kfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMTE0MTI1MzA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWRlYTZmNzAwNTM1ZDUxOGVjNThhOGUwYmM0NWE2ZmNiYzNiMjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7pHMYN3lcRCKgKziSYfkaGNxlHL
Xoj5mWV46PVJz/Ut2zxWBxSXzUY6yvMubtZI8NUyM9mT7HXtkKKcqiT3qSCJHTp2
xQ+y5o5Zp/C4crSt+WeIVov11U7zxTxmtYiPBeYxQNqH9a5JSgCWlaaahXMRiOBF
DwnubigIUN/JoPPYcZZtKovcC1mFazMTXFwaqrv5mVJws/96M5VM7HAuyi1hPdgf
/60y8vXbwA+5Y+2qLc1hluLbiclG0AnCs2L0+TRF9xTFhzxo+c2Zc2U8cfM9ZYA2
7MxetW1JI3yLIt9ZBYt6YcAJvJ1Gw0Jfj7SE+4/91zOXwSZMZoaqA6yGRQIDAQAB
o4IDFTCCAxEwHQYDVR0OBBYEFDXepvcAU11RjsWKjgvEWm/Lw7KWMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvTmQ2bTl3QlRYVkdPeFlxT0M4UmFiOHZEc3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKQYIKwYBBQUHAQcBAf8EggEYMIIBFDCCARAEAgABMIIB
CAMEAy4dwAMEBC7lgAMEAy7oyAMEBT5AAAMEBU3poAMEBk4ZQAMEAk4pZAMEA0+r
CAMEBFD3sAMEBFEYgAMEBlOpwAMEBVPewAMEB1PlgAMEB1UagAMEBVZtwAMEAlvB
1AMEB12ZgAMEB14ZgAMEB1+JAAMEBG1KcAMEBm18QAMDAG28AwQGgMxAAwQDsheQ
MAwDBACysOMDBAGysOQDBAK5AyADBAK50owDBAO8XqgDAwC8ogMEAsHJ5AMEBcMF
gAMEBcMQYAMEAcNOdAMEAMOVbwMEBcPmQAMEBdQOoAMEBdQsQAMEBdRFYAMEBdR3
oAMEBdWaoAMEBdWoIAMEBtXzQAMEBNlzUDANBgkqhkiG9w0BAQsFAAOCAQEAiLY/
+QX3KDxJrMbq4L6+tSdWMiEQ5h1Sk/swJNmcmU91EU1WoCNcAR51hznVnDE+vrFo
QYjX2D4E0BwiKouVE+tx20Ag+YdfDiVmssqfEx8Khs05wpO7xTgD500kOV/Hiu+r
fr1Z2f1NdrBObK3NuOVfdFaieGV5MpMYVHErI0GW4fFZw6ODR3X97jfKBdzPqPRD
iI/QvNzLewFjHshoN9XIUE/B+lwT84i63bjkvW6lQnyI05hYKwU2tCtbItA7/bzj
/ndDqg9QpXzFqINYeAUzvPE5461tjxepQHKIpaV0XkyXJY/9/hPIR3eN2e0/rXfK
LG1Nvuydwd0gz7d8+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org