Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/OZTufUJthQ0DgudoHKiYb9HNsXw.roa
File: OZTufUJthQ0DgudoHKiYb9HNsXw.roa (raw, json)
Hash identifier: fyf0VpJSFa+e8W7JVAWElB1gYFFje+BAqYBr/+KDCt8=
Subject key identifier: 39:94:EE:7D:42:6D:85:0D:03:82:E7:68:1C:A8:98:6F:D1:CD:B1:7C
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184765906FF46DABC7EC76ACDC06E89E060
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/OZTufUJthQ0DgudoHKiYb9HNsXw.roa
Signing time: Mon 14 Nov 2022 13:34:16 +0000
ROA not before: Mon 14 Nov 2022 13:34:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41976
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
81.24.128.0/20 maxlen: 24
79.171.8.0/21 maxlen: 24
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
109.74.112.0/20 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
46.232.200.0/21 maxlen: 24
62.64.0.0/19 maxlen: 24
78.25.64.0/18 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:59:06:ff:46:da:bc:7e:c7:6a:cd:c0:6e:89:e0:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Nov 14 13:34:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3994ee7d426d850d0382e7681ca8986fd1cdb17c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f6:f7:87:4a:b4:e2:c3:86:47:d3:d5:0e:63:
50:1c:f5:da:82:7d:2e:ca:93:e1:a5:42:c5:74:15:
3a:e3:3f:28:75:76:94:92:42:cf:f0:2b:1f:f4:cf:
3a:7f:67:7f:2d:dc:67:e7:2a:af:ed:46:26:4d:10:
e6:9e:f3:f5:45:b1:d6:9e:dd:c8:f7:88:30:ee:2d:
31:5d:e3:04:8b:6b:95:a6:e6:b0:69:42:86:cd:a0:
de:92:e4:41:eb:4c:67:bd:34:ad:4d:bf:29:f1:f1:
59:c3:7c:8b:47:22:bd:84:00:49:c7:24:37:40:61:
84:f3:59:05:47:fd:0f:83:09:4a:7d:66:1d:35:56:
e8:a1:08:99:f9:ab:a7:ac:ff:a8:3f:84:99:99:89:
f9:b9:46:eb:59:22:c8:55:02:18:3b:ca:bd:45:bc:
30:ab:f4:55:57:64:24:b6:d9:f6:de:84:94:eb:5c:
cf:5d:c0:eb:6a:0d:24:4e:19:9f:ce:88:de:53:30:
ea:49:4a:78:46:0e:e2:1b:7e:5d:f6:0b:05:ba:3b:
19:93:7e:fe:71:1a:34:05:64:20:05:40:b0:66:9d:
4d:8e:c1:3b:b7:ea:61:74:e8:bc:98:06:d0:f4:fa:
7d:ac:63:cd:ab:06:bd:11:5c:44:cf:cf:ac:31:f6:
43:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:94:EE:7D:42:6D:85:0D:03:82:E7:68:1C:A8:98:6F:D1:CD:B1:7C
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/OZTufUJthQ0DgudoHKiYb9HNsXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.200.0/21
62.64.0.0/19
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
00:26:37:b7:16:45:ec:40:cf:8e:54:07:f5:fd:da:a7:a8:81:
fb:d0:2a:b9:27:f0:0d:ce:24:9f:f4:dc:f2:b2:13:59:29:8e:
53:a4:20:21:26:0b:77:bb:4d:75:93:8b:e7:94:d6:e0:dc:44:
ee:56:f0:31:80:27:52:9a:0f:e2:d6:4a:de:27:48:09:68:4e:
5a:17:1f:40:34:bf:03:c9:6b:f3:75:ed:f3:5d:06:72:1a:c4:
28:e0:c9:00:52:52:1d:74:ef:99:2e:76:37:66:fb:ff:fd:46:
d3:12:bf:80:97:24:8e:62:5c:cd:5b:b5:4b:07:df:87:d4:34:
05:0e:ed:94:f4:df:8e:ed:c0:22:9b:91:e0:d5:b1:37:7c:e1:
c6:46:0a:ff:0d:a9:fa:03:32:19:16:c2:9d:8a:d9:03:8b:30:
9f:ea:ad:e9:27:b2:46:fd:6d:ea:f3:42:b5:89:3a:fb:8a:3b:
36:af:a5:d8:6b:8d:a8:dd:d3:2e:4b:e7:d2:dd:f2:59:d2:2c:
c2:c0:41:5a:56:dc:f1:65:a6:1c:d4:37:49:c0:58:3d:73:6a:
c0:4e:cb:97:ad:97:33:6e:82:35:bf:1e:c3:51:2e:82:6c:66:
7c:02:d9:61:dd:ef:86:8b:85:01:0d:cf:53:17:4a:74:aa:8e:
a3:90:f8:31
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAYR2WQb/Rtq8fsdqzcBuieBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMTE0MTMzNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTk0ZWU3ZDQyNmQ4NTBkMDM4MmU3NjgxY2E4OTg2ZmQxY2RiMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPb3h0q04sOGR9PVDmNQHPXagn0u
ypPhpULFdBU64z8odXaUkkLP8Csf9M86f2d/Ldxn5yqv7UYmTRDmnvP1RbHWnt3I
94gw7i0xXeMEi2uVpuawaUKGzaDekuRB60xnvTStTb8p8fFZw3yLRyK9hABJxyQ3
QGGE81kFR/0PgwlKfWYdNVbooQiZ+aunrP+oP4SZmYn5uUbrWSLIVQIYO8q9Rbww
q/RVV2Qkttn23oSU61zPXcDrag0kThmfzojeUzDqSUp4Rg7iG35d9gsFujsZk37+
cRo0BWQgBUCwZp1NjsE7t+phdOi8mAbQ9Pp9rGPNqwa9EVxEz8+sMfZDuwIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFDmU7n1CbYUNA4LnaByomG/RzbF8MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvT1pUdWZVSnRoUTBEZ3Vkb0hLaVliOUhOc1h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuAwQD
LujIAwQFPkAAAwQFTemgAwQGThlAAwQCTilkAwQDT6sIAwQEUPewAwQEURiAAwQG
U6nAAwQFU97AAwQHU+WAAwQHVRqAAwQFVm3AAwQCW8HUAwQHXZmAAwQHXhmAAwQH
X4kAAwQEbUpwAwQGbXxAAwMAbbwDBAaAzEADBAOyF5ADBAK5AyADBAK50owDBAO8
XqgDAwC8ogMEAsHJ5AMEBcMFgAMEBcMQYAMEAcNOdAMEAMOVbwMEBcPmQAMEBdQO
oAMEBdQsQAMEBdRFYAMEBdR3oAMEBdWaoAMEBdWoIAMEBtXzQAMEBNlzUDANBgkq
hkiG9w0BAQsFAAOCAQEAACY3txZF7EDPjlQH9f3ap6iB+9AquSfwDc4kn/Tc8rIT
WSmOU6QgISYLd7tNdZOL55TW4NxE7lbwMYAnUpoP4tZK3idICWhOWhcfQDS/A8lr
83Xt810GchrEKODJAFJSHXTvmS52N2b7//1G0xK/gJckjmJczVu1Swffh9Q0BQ7t
lPTfju3AIpuR4NWxN3zhxkYK/w2p+gMyGRbCnYrZA4swn+qt6SeyRv1t6vNCtYk6
+4o7Nq+l2GuNqN3TLkvn0t3yWdIswsBBWlbc8WWmHNQ3ScBYPXNqwE7Ll62XM26C
Nb8ew1EugmxmfALZYd3vhouFAQ3PUxdKdKqOo5D4MQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:34 2024 by rpki-client on console-ams.rpki-client.org