Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/TcBxvdQodxP8O77TJ3aTRtHuuFg.roa
File: TcBxvdQodxP8O77TJ3aTRtHuuFg.roa (raw, json)
Hash identifier: PczLbt4dqBWlq4pHSzrVZj0Nuk30vOxkwDLSx4Xq+3E=
Subject key identifier: 4D:C0:71:BD:D4:28:77:13:FC:3B:BE:D3:27:76:93:46:D1:EE:B8:58
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018413351F03DA88A861AC24002BB4EC6931
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/TcBxvdQodxP8O77TJ3aTRtHuuFg.roa
Signing time: Wed 26 Oct 2022 07:32:39 +0000
ROA not before: Wed 26 Oct 2022 07:32:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20632
IP address blocks: 109.188.0.0/16 maxlen: 24
46.29.192.0/21 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
81.24.128.0/20 maxlen: 24
79.171.8.0/21 maxlen: 24
78.41.100.0/22 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
109.74.112.0/20 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
37.29.0.0/17 maxlen: 24
46.232.200.0/21 maxlen: 24
78.25.64.0/18 maxlen: 24
62.64.0.0/19 maxlen: 24
37.28.160.0/19 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
46.229.128.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
46.47.192.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:13:35:1f:03:da:88:a8:61:ac:24:00:2b:b4:ec:69:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 26 07:32:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4dc071bdd4287713fc3bbed327769346d1eeb858
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ff:2e:de:69:19:2d:e1:44:b2:08:5d:c1:ce:
55:b2:08:23:c6:84:81:74:eb:5b:9d:0b:34:94:db:
8f:e8:20:b9:5a:4e:12:1c:6f:00:dc:44:d9:9d:69:
2b:d3:8a:f3:66:90:4f:a2:ad:a3:63:6d:68:a1:1a:
9a:7b:9b:b6:49:fc:4a:99:ea:be:6b:1d:4b:c3:de:
d1:43:ed:b2:55:0c:af:ef:db:b1:d5:60:68:a1:78:
fc:d6:a9:28:81:f2:29:b5:a6:fe:a5:4c:24:2b:c4:
e8:ee:dd:a4:a4:a9:74:95:f3:65:92:1d:a6:fb:af:
d4:0e:6e:89:e1:e5:e8:36:e2:1d:c8:69:fd:4c:11:
17:01:35:e9:3c:29:6f:6a:d2:01:85:ae:8a:f9:b1:
93:f8:5e:46:27:d0:ce:14:6d:4b:b0:ed:77:b9:ef:
f6:e8:24:f5:a0:89:72:0b:5f:d2:f4:0d:6f:42:b4:
c4:df:b4:5a:9c:92:b2:9f:73:da:0d:6d:65:92:6f:
c1:8a:6f:d1:7d:17:41:57:c3:40:a0:6c:97:61:46:
b0:3b:aa:09:f7:56:af:dd:5b:e6:cb:66:c4:f9:44:
fb:84:60:b9:7d:f9:f4:55:32:4b:c0:54:22:03:e8:
fb:df:e8:35:43:b2:68:08:3e:a7:20:ec:60:c2:18:
58:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C0:71:BD:D4:28:77:13:FC:3B:BE:D3:27:76:93:46:D1:EE:B8:58
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/TcBxvdQodxP8O77TJ3aTRtHuuFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/19
37.29.0.0/17
46.29.192.0/21
46.47.192.0/18
46.229.128.0/20
46.232.200.0/21
62.64.0.0/19
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
13:f3:49:d6:32:57:69:d8:6a:23:7f:72:fa:6d:c0:bd:bb:e7:
d2:9b:00:eb:0b:66:cd:3a:41:7a:9a:1b:89:2a:77:a6:f6:20:
8e:81:97:f3:d7:7f:18:4c:6e:5c:f3:3c:70:e9:06:b7:fd:22:
d9:24:99:94:11:ae:d9:3f:f6:c5:88:2c:94:a1:8f:55:c2:13:
e7:5f:a5:bc:81:45:24:e9:e7:40:a9:5f:bd:8c:90:45:6f:af:
9a:57:c8:e6:46:51:b2:26:e4:ad:f3:ce:11:6d:53:ca:09:7c:
13:ab:72:dd:2a:42:01:ca:9e:bc:4d:2b:a4:9c:31:9a:d3:89:
ce:3e:33:59:24:08:a4:06:a8:74:ae:88:41:a0:f1:a1:c1:15:
35:a5:d4:84:b6:78:06:ed:c2:21:72:72:21:68:55:75:93:ab:
91:c4:98:91:d0:93:09:87:94:0d:12:4e:ff:00:94:f4:c5:a6:
b6:6f:93:1c:bb:6c:bf:c2:60:bf:1d:5c:3a:3b:05:03:55:72:
44:05:bb:3c:2e:00:17:ee:16:45:dd:e8:88:7d:c3:38:cf:56:
0e:2d:5d:ce:bf:6b:96:03:3c:e7:99:00:ad:cc:46:fd:5d:41:
1b:4f:dd:67:00:94:00:25:09:0a:cc:fe:fa:21:33:64:93:11:
93:1b:f6:66
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAYQTNR8D2oioYawkACu07GkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMDI2MDczMjM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGMwNzFiZGQ0Mjg3NzEzZmMzYmJlZDMyNzc2OTM0NmQxZWViODU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkf8u3mkZLeFEsghdwc5VsggjxoSB
dOtbnQs0lNuP6CC5Wk4SHG8A3ETZnWkr04rzZpBPoq2jY21ooRqae5u2SfxKmeq+
ax1Lw97RQ+2yVQyv79ux1WBooXj81qkogfIptab+pUwkK8To7t2kpKl0lfNlkh2m
+6/UDm6J4eXoNuIdyGn9TBEXATXpPClvatIBha6K+bGT+F5GJ9DOFG1LsO13ue/2
6CT1oIlyC1/S9A1vQrTE37RanJKyn3PaDW1lkm/Bim/RfRdBV8NAoGyXYUawO6oJ
91av3Vvmy2bE+UT7hGC5ffn0VTJLwFQiA+j73+g1Q7JoCD6nIOxgwhhYfQIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFE3Acb3UKHcT/Du+0yd2k0bR7rhYMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvVGNCeHZkUW9keFA4Tzc3VEozYVRSdEh1dUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCARQEAgABMIIB
DAMEBSUcoAMEByUdAAMEAy4dwAMEBi4vwAMEBC7lgAMEAy7oyAMEBT5AAAMEBU3p
oAMEBk4ZQAMEAk4pZAMEA0+rCAMEBFD3sAMEBFEYgAMEBlOpwAMEBVPewAMEB1Pl
gAMEB1UagAMEBVZtwAMEAlvB1AMEB12ZgAMEB14ZgAMEB1+JAAMEBG1KcAMEBm18
QAMDAG28AwQGgMxAAwQDsheQAwQCuQMgAwQCudKMAwQDvF6oAwMAvKIDBALByeQD
BAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXURWAD
BAXUd6ADBAXVmqADBAXVqCADBAbV80ADBATZc1AwDQYJKoZIhvcNAQELBQADggEB
ABPzSdYyV2nYaiN/cvptwL2759KbAOsLZs06QXqaG4kqd6b2II6Bl/PXfxhMblzz
PHDpBrf9ItkkmZQRrtk/9sWILJShj1XCE+dfpbyBRSTp50CpX72MkEVvr5pXyOZG
UbIm5K3zzhFtU8oJfBOrct0qQgHKnrxNK6ScMZrTic4+M1kkCKQGqHSuiEGg8aHB
FTWl1IS2eAbtwiFyciFoVXWTq5HEmJHQkwmHlA0STv8AlPTFprZvkxy7bL/CYL8d
XDo7BQNVckQFuzwuABfuFkXd6Ih9wzjPVg4tXc6/a5YDPOeZAK3MRv1dQRtP3WcA
lAAlCQrM/vohM2STEZMb9mY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org