Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/PRpCo55NzahENlh2ZOZlzoUVoeo.roa
File: PRpCo55NzahENlh2ZOZlzoUVoeo.roa (raw, json)
Hash identifier: xCN7OkM/AxIvKcytGvkq4HO5qD6lEvvCwS395b5f8aA=
Subject key identifier: 3D:1A:42:A3:9E:4D:CD:A8:44:36:58:76:64:E6:65:CE:85:15:A1:EA
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505911296D546CFA9DD42CBE2CFE10780
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/PRpCo55NzahENlh2ZOZlzoUVoeo.roa
Signing time: Mon 12 Dec 2022 09:01:11 +0000
ROA not before: Mon 12 Dec 2022 09:01:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31213
IP address blocks: 212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/20 maxlen: 20
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
85.26.208.0/22 maxlen: 22
85.26.212.0/22 maxlen: 22
109.188.128.0/17 maxlen: 17
85.26.216.0/22 maxlen: 22
85.26.220.0/22 maxlen: 22
188.170.80.0/21 maxlen: 21
78.25.120.0/22 maxlen: 22
188.170.92.0/22 maxlen: 22
188.162.0.0/16 maxlen: 24
37.28.160.0/21 maxlen: 21
85.26.248.0/22 maxlen: 22
85.26.252.0/22 maxlen: 22
37.28.168.0/21 maxlen: 21
78.25.96.0/21 maxlen: 21
78.25.104.0/22 maxlen: 22
188.170.68.0/24 maxlen: 24
188.170.65.0/24 maxlen: 24
188.170.66.0/24 maxlen: 24
188.170.67.0/24 maxlen: 24
78.25.108.0/22 maxlen: 22
188.170.72.0/21 maxlen: 21
94.25.228.0/23 maxlen: 23
94.25.232.0/21 maxlen: 21
37.29.71.0/24 maxlen: 24
37.29.68.0/23 maxlen: 23
37.29.70.0/24 maxlen: 24
83.149.0.0/21 maxlen: 21
195.5.128.0/19 maxlen: 24
128.204.74.0/24 maxlen: 24
128.204.75.0/24 maxlen: 24
94.25.208.0/22 maxlen: 22
37.29.48.0/21 maxlen: 21
37.29.56.0/21 maxlen: 21
94.25.216.0/21 maxlen: 21
94.25.224.0/21 maxlen: 21
37.29.64.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:91:12:96:d5:46:cf:a9:dd:42:cb:e2:cf:e1:07:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:01:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d1a42a39e4dcda84436587664e665ce8515a1ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c4:5b:bf:e9:6f:c3:4d:92:02:b2:a1:1f:6a:
31:df:1a:81:5e:66:78:1e:ec:35:68:de:a8:29:8d:
8d:aa:74:e2:27:91:df:0c:15:89:b0:af:4b:09:0e:
fd:3a:a2:f7:73:2a:7c:10:74:e4:34:44:b9:2a:2f:
d5:1a:22:66:36:84:b7:10:7b:57:b0:b7:cb:a1:80:
d3:26:18:96:b9:02:76:bc:70:59:19:fe:19:13:6b:
c2:d1:0d:42:54:d4:19:10:a4:79:42:04:d9:cd:7d:
64:66:4a:b6:9e:e1:03:d1:89:7d:de:50:dc:9d:a6:
37:90:ce:fe:8e:7e:ee:fb:47:9d:4b:cd:5a:bd:7b:
c2:bf:f7:a2:83:60:3c:d4:13:43:71:50:45:c8:b0:
9f:ae:5f:0a:ed:29:d7:03:57:9d:33:c8:ba:79:37:
05:b4:ca:84:6a:57:01:46:8c:55:95:d2:e6:9c:27:
b1:2a:30:1a:08:ac:bb:02:ab:56:b8:d8:da:c6:82:
54:31:9f:93:8a:a4:07:e7:03:34:84:32:98:c3:94:
20:e6:8a:0f:72:ed:c6:0b:84:08:34:df:3d:52:65:
c2:bd:ed:7f:91:a5:ad:15:e4:f7:39:ce:fe:29:50:
b0:62:cb:b4:54:6e:ef:4c:89:c1:e1:54:8d:1a:9f:
35:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:1A:42:A3:9E:4D:CD:A8:44:36:58:76:64:E6:65:CE:85:15:A1:EA
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/PRpCo55NzahENlh2ZOZlzoUVoeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/20
37.29.48.0-37.29.71.255
78.25.96.0/20
78.25.120.0/22
83.149.0.0/21
85.26.128.0/20
85.26.208.0/20
85.26.248.0/21
94.25.208.0/22
94.25.216.0-94.25.239.255
109.188.128.0/17
128.204.74.0/23
188.162.0.0/16
188.170.65.0-188.170.68.255
188.170.72.0-188.170.87.255
188.170.92.0/22
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
Signature Algorithm: sha256WithRSAEncryption
2a:3c:0f:a5:2b:8f:b1:83:59:70:84:83:63:36:16:fa:ce:03:
27:fb:50:b3:5d:b9:7b:9f:a0:7c:16:3e:e8:81:0d:a6:0d:f7:
ef:81:3b:dd:16:c0:85:22:60:48:f7:9c:2b:50:75:99:7a:91:
0b:cc:2c:8f:a0:4b:23:51:78:a2:34:f4:84:c6:29:93:46:7f:
15:5e:82:e7:c3:c3:ba:6a:f3:62:57:54:84:a3:75:14:c9:aa:
38:9b:54:58:57:68:c5:02:81:d5:6b:8c:ec:58:91:03:e8:4a:
ae:61:80:15:af:94:84:8c:9c:69:30:12:e2:f5:d7:a6:13:6a:
a4:e8:cd:a3:d5:ba:31:c4:89:f3:4a:03:8c:f6:55:40:51:25:
73:97:03:76:6f:dc:db:24:9f:2a:1e:de:3e:51:3f:54:a8:cf:
45:f6:09:20:5e:60:71:36:79:27:23:62:ee:a4:57:68:19:ae:
1a:1f:af:28:0b:df:d7:55:f5:27:ec:63:27:f2:54:fe:47:fd:
d4:bd:1b:04:6e:bd:21:30:5d:e7:a2:71:c8:68:26:ce:f8:f0:
45:5c:ee:0c:2f:7e:47:ff:a5:74:11:1f:00:fb:ff:67:d1:98:
06:5f:bb:80:52:1c:02:7b:cc:33:49:4d:7e:62:a6:a7:25:ba:
ab:ea:8c:40
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAYUFkRKW1UbPqd1Cy+LP4QeAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkwMTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDFhNDJhMzllNGRjZGE4NDQzNjU4NzY2NGU2NjVjZTg1MTVhMWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcRbv+lvw02SArKhH2ox3xqBXmZ4
Huw1aN6oKY2NqnTiJ5HfDBWJsK9LCQ79OqL3cyp8EHTkNES5Ki/VGiJmNoS3EHtX
sLfLoYDTJhiWuQJ2vHBZGf4ZE2vC0Q1CVNQZEKR5QgTZzX1kZkq2nuED0Yl93lDc
naY3kM7+jn7u+0edS81avXvCv/eig2A81BNDcVBFyLCfrl8K7SnXA1edM8i6eTcF
tMqEalcBRoxVldLmnCexKjAaCKy7AqtWuNjaxoJUMZ+TiqQH5wM0hDKYw5Qg5ooP
cu3GC4QINN89UmXCve1/kaWtFeT3Oc7+KVCwYsu0VG7vTInB4VSNGp819wIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFD0aQqOeTc2oRDZYdmTmZc6FFaHqMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvUFJwQ281NU56YWhFTmxoMlpPWmx6b1VWb2VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHGBggrBgEFBQcBBwEB/wSBtjCBszCBsAQCAAEwgakDBAQl
HKAwDAMEBCUdMAMEAyUdQAMEBE4ZYAMEAk4ZeAMEA1OVAAMEBFUagAMEBFUa0AME
A1Ua+AMEAl4Z0DAMAwQDXhnYAwQEXhngAwQHbbyAAwQBgMxKAwMAvKIwDAMEALyq
QQMEALyqRDAMAwQDvKpIAwQDvKpQAwQCvKpcAwQCwcnkAwQFwwWAAwQFwxBgAwQB
w050AwQAw5VvAwQFw+ZAAwQF1A6gMA0GCSqGSIb3DQEBCwUAA4IBAQAqPA+lK4+x
g1lwhINjNhb6zgMn+1CzXbl7n6B8Fj7ogQ2mDffvgTvdFsCFImBI95wrUHWZepEL
zCyPoEsjUXiiNPSEximTRn8VXoLnw8O6avNiV1SEo3UUyao4m1RYV2jFAoHVa4zs
WJED6EquYYAVr5SEjJxpMBLi9demE2qk6M2j1boxxInzSgOM9lVAUSVzlwN2b9zb
JJ8qHt4+UT9UqM9F9gkgXmBxNnknI2LupFdoGa4aH68oC9/XVfUn7GMn8lT+R/3U
vRsEbr0hMF3nonHIaCbO+PBFXO4ML35H/6V0ER8A+/9n0ZgGX7uAUhwCe8wzSU1+
YqanJbqr6oxA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org