Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/QHzzcHq0nrhUbrfV9R7NLj7MfyE.roa
File: QHzzcHq0nrhUbrfV9R7NLj7MfyE.roa (raw, json)
Hash identifier: FRfoCZxUitRe8oWjrcLRcCpyrn5mNCkx4SWcHDCQWXA=
Subject key identifier: 40:7C:F3:70:7A:B4:9E:B8:54:6E:B7:D5:F5:1E:CD:2E:3E:CC:7F:21
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505AE3F721D852BBB6960A5FA58B5E10C
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/QHzzcHq0nrhUbrfV9R7NLj7MfyE.roa
Signing time: Mon 12 Dec 2022 09:33:03 +0000
ROA not before: Mon 12 Dec 2022 09:33:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41976
IP address blocks: 188.162.0.0/16 maxlen: 24
109.74.112.0/21 maxlen: 21
109.74.112.0/20 maxlen: 20
195.16.96.0/19 maxlen: 24
193.201.228.0/22 maxlen: 24
213.168.54.0/24 maxlen: 24
213.168.56.0/21 maxlen: 21
213.168.53.0/24 maxlen: 24
213.168.60.0/24 maxlen: 24
213.168.62.0/24 maxlen: 24
213.168.61.0/24 maxlen: 24
195.5.128.0/19 maxlen: 24
213.168.36.0/24 maxlen: 24
213.168.34.0/24 maxlen: 24
213.168.32.0/21 maxlen: 21
213.168.32.0/19 maxlen: 19
213.168.43.0/24 maxlen: 24
213.168.40.0/21 maxlen: 21
213.168.47.0/24 maxlen: 24
213.168.46.0/24 maxlen: 24
213.168.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:ae:3f:72:1d:85:2b:bb:69:60:a5:fa:58:b5:e1:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:33:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=407cf3707ab49eb8546eb7d5f51ecd2e3ecc7f21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:2e:71:94:e4:33:00:de:11:8b:0d:4c:b9:c3:
a9:d3:b3:56:b0:3d:ff:ec:11:f8:80:4f:74:6e:01:
21:ee:a0:5a:a3:cb:9d:da:77:02:ef:4a:4e:0f:eb:
31:1a:f7:7a:ea:99:3d:61:d2:61:2a:8e:4e:eb:b7:
6b:09:bb:eb:6e:9c:3f:3c:ff:95:64:54:a5:60:23:
7f:ac:69:16:f7:cb:f5:ce:97:9f:a8:86:8c:8c:5f:
2c:e7:86:58:e4:df:8e:4c:2c:78:e8:75:96:54:79:
e3:11:7d:f1:3d:30:a1:56:02:74:c3:2c:1b:61:51:
f4:fd:03:4a:c2:f0:31:69:8b:c3:90:cf:ca:57:5d:
88:a5:4e:e1:28:4d:15:c2:14:2d:0b:a6:ab:e0:ae:
19:62:50:9a:44:f5:f5:22:fe:2d:69:8d:a0:6a:da:
d3:05:3f:07:8e:f5:d5:35:86:21:a4:95:71:29:e2:
24:34:ad:92:a2:0a:f7:eb:85:e9:ca:46:ec:cc:78:
7a:25:33:ba:66:88:61:f3:90:3b:d3:9c:25:a3:eb:
dc:f8:8a:49:36:a5:5b:19:81:70:32:8d:fe:71:26:
d4:04:a2:d6:4e:36:f7:7b:c4:eb:86:f1:b2:11:9d:
33:e2:b6:96:37:4f:9c:ab:b6:15:d1:c3:f6:3d:d9:
48:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:7C:F3:70:7A:B4:9E:B8:54:6E:B7:D5:F5:1E:CD:2E:3E:CC:7F:21
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/QHzzcHq0nrhUbrfV9R7NLj7MfyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.74.112.0/20
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
213.168.32.0/19
Signature Algorithm: sha256WithRSAEncryption
78:fb:46:a9:db:37:de:49:12:4d:b2:b3:4b:3c:52:0b:b8:07:
5c:8b:a5:c1:e6:f4:ae:0f:1b:b4:fb:a6:27:bf:d1:7d:4d:24:
98:ad:36:4a:dc:68:8b:5e:22:91:6f:66:4b:67:d8:dd:01:5c:
58:4e:ed:ab:66:71:f3:03:23:7f:94:b5:12:f7:80:89:76:72:
f1:49:ab:06:60:22:4a:f1:b0:a9:59:54:53:d8:37:14:87:5b:
ae:4e:af:b3:b4:49:fc:96:89:1a:77:f6:69:62:8e:f8:88:b0:
c3:aa:9d:03:a9:09:d8:87:fd:60:97:4b:6b:98:3e:3d:5e:4b:
a3:dc:1e:5c:53:63:45:c7:ea:d3:ea:07:41:67:47:ea:f2:75:
5c:5f:34:8b:cf:90:ca:5d:ab:55:4a:cc:3d:16:18:9f:3b:11:
76:3e:8f:ed:5b:23:f7:cd:09:3b:51:7c:eb:ca:f6:d5:26:47:
bc:5e:81:71:c0:f0:b7:5f:b4:73:6b:c2:1f:de:62:26:6d:71:
a5:02:ab:0e:2c:8c:f3:25:e1:0c:6d:23:52:1f:8f:6e:7f:55:
2f:9e:53:0f:90:c9:8e:da:d2:33:6f:e9:48:e3:90:ce:58:a4:
05:21:c0:d2:7a:39:ac:10:97:c9:4e:ac:59:f8:fa:ba:32:05:
77:b9:31:86
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYUFrj9yHYUru2lgpfpYteEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkzMzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDdjZjM3MDdhYjQ5ZWI4NTQ2ZWI3ZDVmNTFlY2QyZTNlY2M3ZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhC5xlOQzAN4Riw1MucOp07NWsD3/
7BH4gE90bgEh7qBao8ud2ncC70pOD+sxGvd66pk9YdJhKo5O67drCbvrbpw/PP+V
ZFSlYCN/rGkW98v1zpefqIaMjF8s54ZY5N+OTCx46HWWVHnjEX3xPTChVgJ0wywb
YVH0/QNKwvAxaYvDkM/KV12IpU7hKE0VwhQtC6ar4K4ZYlCaRPX1Iv4taY2gatrT
BT8HjvXVNYYhpJVxKeIkNK2Sogr364XpykbszHh6JTO6Zohh85A705wlo+vc+IpJ
NqVbGYFwMo3+cSbUBKLWTjb3e8TrhvGyEZ0z4raWN0+cq7YV0cP2PdlIwwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEB883B6tJ64VG631fUezS4+zH8hMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvUUh6emNIcTBucmhVYnJmVjlSN05MajdNZnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAATAjAwQEbUpwAwMA
vKIDBALByeQDBAXDBYADBAXDEGADBAXVqCAwDQYJKoZIhvcNAQELBQADggEBAHj7
RqnbN95JEk2ys0s8Ugu4B1yLpcHm9K4PG7T7pie/0X1NJJitNkrcaIteIpFvZktn
2N0BXFhO7atmcfMDI3+UtRL3gIl2cvFJqwZgIkrxsKlZVFPYNxSHW65Or7O0SfyW
iRp39mlijviIsMOqnQOpCdiH/WCXS2uYPj1eS6PcHlxTY0XH6tPqB0FnR+rydVxf
NIvPkMpdq1VKzD0WGJ87EXY+j+1bI/fNCTtRfOvK9tUmR7xegXHA8LdftHNrwh/e
YiZtcaUCqw4sjPMl4QxtI1Ifj25/VS+eUw+QyY7a0jNv6UjjkM5YpAUhwNJ6OawQ
l8lOrFn4+royBXe5MYY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:24 2025 by rpki-client