Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/U-3tZlNO0cxtjLPSaYpjlBAoOtw.roa
File: U-3tZlNO0cxtjLPSaYpjlBAoOtw.roa (raw, json)
Hash identifier: nEf9BHWWgRvD3WpJs2WpuMVvVPcQalzGq4Il2nJ877s=
Subject key identifier: 53:ED:ED:66:53:4E:D1:CC:6D:8C:B3:D2:69:8A:63:94:10:28:3A:DC
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184E2AF4C5EA35365AA4BB3D3794363109E
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/U-3tZlNO0cxtjLPSaYpjlBAoOtw.roa
Signing time: Mon 05 Dec 2022 14:27:29 +0000
ROA not before: Mon 05 Dec 2022 14:27:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25159
IP address blocks: 109.188.0.0/16 maxlen: 24
195.16.96.0/19 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
78.25.119.0/24 maxlen: 24
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.170.25.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
188.170.32.0/21 maxlen: 21
188.170.40.0/21 maxlen: 21
37.28.176.0/21 maxlen: 21
212.119.160.0/19 maxlen: 24
91.193.212.0/22 maxlen: 24
178.177.0.0/18 maxlen: 18
178.177.3.0/24 maxlen: 24
78.25.112.0/22 maxlen: 22
78.25.116.0/23 maxlen: 23
78.25.118.0/24 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
37.29.32.0/21 maxlen: 21
95.137.0.0/17 maxlen: 24
178.176.52.0/22 maxlen: 22
178.176.72.0/21 maxlen: 21
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
31.173.0.0/21 maxlen: 21
31.173.8.0/21 maxlen: 21
178.176.0.0/19 maxlen: 19
83.229.254.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
178.176.32.0/21 maxlen: 21
178.176.40.0/21 maxlen: 21
31.173.72.0/21 maxlen: 21
31.173.80.0/21 maxlen: 21
31.173.88.0/21 maxlen: 21
188.170.0.0/19 maxlen: 19
188.170.24.0/24 maxlen: 24
31.173.16.0/21 maxlen: 21
31.173.24.0/21 maxlen: 21
31.173.32.0/19 maxlen: 19
31.173.60.0/24 maxlen: 24
31.173.64.0/21 maxlen: 21
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
109.74.112.0/20 maxlen: 24
62.64.0.0/20 maxlen: 20
213.243.64.0/18 maxlen: 24
83.229.211.0/24 maxlen: 24
217.115.80.0/20 maxlen: 24
46.229.128.0/22 maxlen: 22
212.44.64.0/19 maxlen: 24
83.222.212.0/22 maxlen: 22
83.222.216.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:af:4c:5e:a3:53:65:aa:4b:b3:d3:79:43:63:10:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 5 14:27:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53eded66534ed1cc6d8cb3d2698a639410283adc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f9:10:90:6b:97:44:56:0d:98:9e:0e:23:c4:
3c:75:8a:68:38:e9:6c:8f:c3:c7:dd:be:06:5a:8e:
41:b5:e9:91:b7:d8:f9:08:2c:b4:0d:3b:cc:b6:6a:
66:53:ac:2c:66:14:0c:e1:98:7a:ed:27:22:1f:92:
68:4c:68:3d:d9:59:bb:b3:be:b3:a3:c2:d2:a0:1f:
db:cf:e2:91:bf:42:ee:66:ca:86:9f:00:63:73:08:
04:52:a7:21:88:8c:f6:8a:17:8e:01:11:11:27:20:
b7:d9:c7:f8:2d:4e:5a:e4:79:98:92:ff:15:fc:79:
51:42:81:dd:20:0a:ff:9b:5b:b4:bd:28:93:9a:15:
d4:68:7f:e5:7d:3d:16:08:5c:39:d7:ba:fa:97:30:
d5:a6:03:b4:e9:2e:17:40:90:83:75:ac:34:c0:d4:
18:f1:2c:df:cd:d6:48:f5:54:da:ac:90:92:b7:37:
e0:5c:db:09:ca:6f:83:00:88:77:c2:ee:67:61:c2:
aa:2b:09:35:be:97:05:28:6e:e9:85:28:8e:3d:dd:
c8:63:cc:67:ef:f0:e7:61:33:65:ad:4f:f6:7e:93:
f9:18:bb:8a:7e:f8:b4:3e:29:91:6a:24:6a:58:b0:
5a:ab:8f:52:f1:b3:2f:d7:73:73:f8:95:2d:d5:61:
3e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:ED:ED:66:53:4E:D1:CC:6D:8C:B3:D2:69:8A:63:94:10:28:3A:DC
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/U-3tZlNO0cxtjLPSaYpjlBAoOtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.0.0-31.173.95.255
37.28.176.0/21
37.29.32.0/21
46.229.128.0/22
62.64.0.0/20
78.25.112.0/21
83.222.212.0-83.222.223.255
83.229.211.0/24
83.229.254.0/24
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.0.0-178.176.47.255
178.176.52.0/22
178.176.72.0/21
178.177.0.0/18
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
188.170.0.0-188.170.47.255
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
53:de:db:d5:4b:d1:7c:9f:92:c2:ce:3e:69:af:b4:b3:8f:5b:
71:9d:54:dc:f3:40:a2:aa:ba:c1:8b:79:ab:17:ee:cd:8d:9a:
98:7f:9a:14:fe:95:e0:6d:70:0b:c7:05:d2:30:f2:ac:28:b4:
b2:a7:1b:df:e0:b9:d4:d4:d9:79:81:80:51:e1:04:36:f0:9d:
7d:67:c4:15:0a:9e:f0:e3:af:ed:e6:f1:21:3d:cd:d7:d0:19:
f6:6f:63:97:55:0e:66:d0:06:42:9c:52:84:3a:62:2c:0b:98:
10:00:30:1a:51:00:e3:26:2a:01:ba:bb:dd:94:bf:16:a8:28:
9b:b4:d7:ce:09:34:41:04:20:22:d2:17:8a:65:3e:53:1c:83:
69:11:d9:ed:3a:69:99:94:82:97:15:0a:e2:d4:cb:0a:80:72:
40:f2:91:26:e5:1b:11:f6:53:e5:e8:36:cb:38:df:61:98:22:
b8:c5:ec:e9:1c:8e:a3:3e:d1:bc:20:fd:35:22:13:9a:21:b6:
c7:ff:b5:2c:d4:2c:39:bc:f2:3f:3c:b9:67:96:65:dd:3f:ee:
15:69:21:26:c4:e6:ba:97:04:f4:80:28:d8:e1:de:11:34:79:
20:69:2c:cc:5a:0b:1d:e5:93:dc:7f:17:d7:c7:97:c2:75:d6:
0f:44:9c:cf
-----BEGIN CERTIFICATE-----
MIIGGDCCBQCgAwIBAgISAYTir0xeo1Nlqkuz03lDYxCeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA1MTQyNzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2VkZWQ2NjUzNGVkMWNjNmQ4Y2IzZDI2OThhNjM5NDEwMjgzYWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPkQkGuXRFYNmJ4OI8Q8dYpoOOls
j8PH3b4GWo5BtemRt9j5CCy0DTvMtmpmU6wsZhQM4Zh67SciH5JoTGg92Vm7s76z
o8LSoB/bz+KRv0LuZsqGnwBjcwgEUqchiIz2iheOARERJyC32cf4LU5a5HmYkv8V
/HlRQoHdIAr/m1u0vSiTmhXUaH/lfT0WCFw517r6lzDVpgO06S4XQJCDdaw0wNQY
8SzfzdZI9VTarJCStzfgXNsJym+DAIh3wu5nYcKqKwk1vpcFKG7phSiOPd3IY8xn
7/DnYTNlrU/2fpP5GLuKfvi0PimRaiRqWLBaq49S8bMv13Nz+JUt1WE+wQIDAQAB
o4IDJDCCAyAwHQYDVR0OBBYEFFPt7WZTTtHMbYyz0mmKY5QQKDrcMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvVS0zdFpsTk8wY3h0akxQU2FZcGpsQkFvT3R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOAYIKwYBBQUHAQcBAf8EggEnMIIBIzCCAR8EAgABMIIB
FzALAwMAH60DBAUfrUADBAMlHLADBAMlHSADBAIu5YADBAQ+QAADBANOGXAwDAME
AlPe1AMEBVPewAMEAFPl0wMEAFPl/gMEBVZtwAMEAlvB1AMEB12ZgAMEB14ZgAME
B1+JAAMEBG1KcAMEBm18QAMDAG28AwQGgMxAAwQDsheQMAsDAwSysAMEBLKwIAME
ArKwNAMEA7KwSAMEBrKxAAMEArkDIAMEArnSjAMEA7xeqAMDALyiMAsDAwG8qgME
BLyqIAMEAsHJ5AMEBcMFgAMEBcMQYAMEAcNOdAMEAMOVbwMEBcPmQAMEBdQOoAME
BdQsQAMEBdRFYAMEBdR3oAMEBdWaoAMEBdWoIAMEBtXzQAMEBNlzUDANBgkqhkiG
9w0BAQsFAAOCAQEAU97b1UvRfJ+Sws4+aa+0s49bcZ1U3PNAoqq6wYt5qxfuzY2a
mH+aFP6V4G1wC8cF0jDyrCi0sqcb3+C51NTZeYGAUeEENvCdfWfEFQqe8OOv7ebx
IT3N19AZ9m9jl1UOZtAGQpxShDpiLAuYEAAwGlEA4yYqAbq73ZS/Fqgom7TXzgk0
QQQgItIXimU+UxyDaRHZ7TppmZSClxUK4tTLCoByQPKRJuUbEfZT5eg2yzjfYZgi
uMXs6RyOoz7RvCD9NSITmiG2x/+1LNQsObzyPzy5Z5Zl3T/uFWkhJsTmupcE9IAo
2OHeETR5IGkszFoLHeWT3H8X18eXwnXWD0Sczw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:17 2025 by rpki-client