Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/UOvpp8Rqc_GPIVHULWWjWZNYeeY.roa
File: UOvpp8Rqc_GPIVHULWWjWZNYeeY.roa (raw, json)
Hash identifier: jQlbngZNlR9UW/QS5p5JhAhTGrLhOdE1fHeJUoTT36k=
Subject key identifier: 50:EB:E9:A7:C4:6A:73:F1:8F:21:51:D4:2D:65:A3:59:93:58:79:E6
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184C7D3DD51C2F79E56C5C2D62F855E6234
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/UOvpp8Rqc_GPIVHULWWjWZNYeeY.roa
Signing time: Wed 30 Nov 2022 09:17:41 +0000
ROA not before: Wed 30 Nov 2022 09:17:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6854
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
81.24.128.0/20 maxlen: 24
78.41.100.0/22 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
80.253.0.0/20 maxlen: 20
78.25.64.0/18 maxlen: 24
185.210.140.0/22 maxlen: 24
62.64.16.0/20 maxlen: 20
212.119.160.0/19 maxlen: 24
62.64.24.0/21 maxlen: 21
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c7:d3:dd:51:c2:f7:9e:56:c5:c2:d6:2f:85:5e:62:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Nov 30 09:17:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=50ebe9a7c46a73f18f2151d42d65a359935879e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ac:a0:c6:86:6c:d7:78:92:c1:42:5f:8f:f7:
6b:95:ed:6c:41:39:4c:11:18:1f:83:dd:32:d6:02:
7c:92:05:e2:a9:05:f0:85:9d:42:08:42:4f:68:0a:
20:c2:f3:fb:89:c5:5f:ba:30:b2:b6:70:38:ce:aa:
e3:df:65:a4:75:ab:53:97:5f:03:8d:65:2d:62:49:
46:47:50:46:9f:51:75:b6:5b:36:e2:54:06:5c:a3:
5c:bb:46:da:f6:df:dd:d6:bc:0b:b4:b0:45:9a:0c:
61:bd:f0:21:a1:f0:80:6e:88:6e:18:31:f8:35:05:
cc:f7:14:de:2a:d7:a6:d0:e2:ae:d9:f3:92:12:e4:
65:ab:bb:3d:0b:77:82:a8:a2:fe:26:bb:4d:40:49:
cf:43:94:53:d6:de:3e:f5:55:1b:1e:32:59:08:e7:
6f:61:12:6b:4e:b3:4d:b8:09:ae:a3:a9:a9:c3:02:
91:fa:81:46:04:21:63:14:0e:41:87:19:de:c8:e6:
8c:4d:ac:51:de:14:d4:76:f0:ef:58:27:5a:fd:ef:
ac:0b:cc:17:b4:b8:84:fc:2c:06:39:0d:28:36:71:
4f:40:16:ca:21:3c:35:cf:d7:17:f8:11:5a:88:f8:
14:c5:f5:93:dc:64:4b:04:81:00:5c:ee:56:ed:e8:
f7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:EB:E9:A7:C4:6A:73:F1:8F:21:51:D4:2D:65:A3:59:93:58:79:E6
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/UOvpp8Rqc_GPIVHULWWjWZNYeeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.64.16.0/20
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
80.253.0.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
0c:0d:c9:47:bd:e7:d1:3d:f5:e2:c5:4e:39:1f:d5:0b:d0:23:
50:43:84:15:74:51:b4:0f:93:37:0c:51:30:72:4e:e0:54:7d:
e7:86:62:93:db:d7:19:55:f4:35:8e:ae:3a:af:5e:ce:b8:98:
9b:1b:d5:09:6a:cd:3e:a4:d8:6b:7d:15:0e:d9:fe:f1:4f:a3:
ca:75:99:43:f7:93:ca:e5:d0:48:f6:86:e0:2c:26:bd:0a:95:
19:45:d9:42:91:c0:00:7a:72:44:0a:15:c8:d9:0b:7d:cf:0b:
13:c1:38:1a:1f:cf:00:9c:30:d3:62:70:1d:48:89:13:f6:62:
b7:52:0e:a8:44:c3:8e:39:a4:f3:a4:ac:e7:17:62:b9:17:2c:
52:41:4c:f1:2c:b0:13:42:bb:0f:0c:c3:05:b2:9f:fd:9a:0a:
6f:cb:12:06:64:6c:c1:61:6a:59:5b:9a:74:81:c9:c4:62:f0:
1a:0d:26:02:7e:32:27:ad:7c:9b:9f:bf:4c:86:d9:7c:92:62:
19:de:bf:fe:e4:77:8c:f7:61:3e:51:ec:a1:62:82:72:07:bc:
70:82:77:3a:bf:dd:7b:24:64:b8:2f:5d:d5:0c:59:f6:b6:fd:
71:c8:87:52:8e:f5:2d:30:9f:69:ea:b0:07:e6:ea:af:0b:4b:
57:22:f0:c0
-----BEGIN CERTIFICATE-----
MIIF5TCCBM2gAwIBAgISAYTH091RwveeVsXC1i+FXmI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMTMwMDkxNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGViZTlhN2M0NmE3M2YxOGYyMTUxZDQyZDY1YTM1OTkzNTg3OWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6ygxoZs13iSwUJfj/drle1sQTlM
ERgfg90y1gJ8kgXiqQXwhZ1CCEJPaAogwvP7icVfujCytnA4zqrj32WkdatTl18D
jWUtYklGR1BGn1F1tls24lQGXKNcu0ba9t/d1rwLtLBFmgxhvfAhofCAbohuGDH4
NQXM9xTeKtem0OKu2fOSEuRlq7s9C3eCqKL+JrtNQEnPQ5RT1t4+9VUbHjJZCOdv
YRJrTrNNuAmuo6mpwwKR+oFGBCFjFA5BhxneyOaMTaxR3hTUdvDvWCda/e+sC8wX
tLiE/CwGOQ0oNnFPQBbKITw1z9cX+BFaiPgUxfWT3GRLBIEAXO5W7ej3KwIDAQAB
o4IC8TCCAu0wHQYDVR0OBBYEFFDr6afEanPxjyFR1C1lo1mTWHnmMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvVU92cHA4UnFjX0dQSVZIVUxXV2pXWk5ZZWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwge8EAgABMIHoAwQE
PkAQAwQGThlAAwQCTilkAwQDT6sIAwQEUPewAwQEUP0AAwQEURiAAwQGU6nAAwQF
U97AAwQHU+WAAwQHVRqAAwQFVm3AAwQCW8HUAwQHXZmAAwQHXhmAAwQHX4kAAwQE
bUpwAwQGbXxAAwMAbbwDBAaAzEADBAOyF5ADBAK5AyADBAK50owDBAO8XqgDAwC8
ogMEAsHJ5AMEBcMFgAMEBcMQYAMEAcNOdAMEAMOVbwMEBcPmQAMEBdQOoAMEBdQs
QAMEBdRFYAMEBdR3oAMEBdWaoAMEBdWoIAMEBtXzQAMEBNlzUDANBgkqhkiG9w0B
AQsFAAOCAQEADA3JR73n0T314sVOOR/VC9AjUEOEFXRRtA+TNwxRMHJO4FR954Zi
k9vXGVX0NY6uOq9ezriYmxvVCWrNPqTYa30VDtn+8U+jynWZQ/eTyuXQSPaG4Cwm
vQqVGUXZQpHAAHpyRAoVyNkLfc8LE8E4Gh/PAJww02JwHUiJE/Zit1IOqETDjjmk
86Ss5xdiuRcsUkFM8SywE0K7DwzDBbKf/ZoKb8sSBmRswWFqWVuadIHJxGLwGg0m
An4yJ618m5+/TIbZfJJiGd6//uR3jPdhPlHsoWKCcge8cIJ3Or/deyRkuC9d1QxZ
9rb9cciHUo71LTCfaeqwB+bqrwtLVyLwwA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:52 2025 by rpki-client