Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/UjlCXVuvyTIEb1_91a7uFTmKbJs.roa
File: UjlCXVuvyTIEb1_91a7uFTmKbJs.roa (raw, json)
Hash identifier: DP2vMKLwzgebg2oPhVuKMtPPeg/ipOBIlVSNTrzlJfc=
Subject key identifier: 52:39:42:5D:5B:AF:C9:32:04:6F:5F:FD:D5:AE:EE:15:39:8A:6C:9B
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F243CDE8D9EA0600AF45E2DEA0602CD6
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/UjlCXVuvyTIEb1_91a7uFTmKbJs.roa
Signing time: Thu 08 Dec 2022 15:04:00 +0000
ROA not before: Thu 08 Dec 2022 15:04:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20632
IP address blocks: 84.204.230.0/24 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
84.204.160.0/20 maxlen: 20
82.196.64.0/19 maxlen: 19
84.204.176.0/21 maxlen: 21
81.24.128.0/20 maxlen: 20
79.171.8.0/21 maxlen: 21
84.204.188.0/22 maxlen: 22
84.204.192.0/18 maxlen: 18
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
109.124.108.0/22 maxlen: 22
217.195.64.0/19 maxlen: 19
109.124.64.0/18 maxlen: 18
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
213.172.0.0/19 maxlen: 19
84.204.0.0/17 maxlen: 17
93.153.128.0/17 maxlen: 17
93.153.144.0/21 maxlen: 21
212.69.96.0/19 maxlen: 24
93.153.158.0/24 maxlen: 24
188.162.0.0/16 maxlen: 24
93.153.162.0/24 maxlen: 24
93.153.161.0/24 maxlen: 24
195.144.224.0/19 maxlen: 19
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 20
81.3.128.0/18 maxlen: 18
84.204.132.0/22 maxlen: 22
94.25.248.0/21 maxlen: 21
84.204.139.0/24 maxlen: 24
84.204.138.0/24 maxlen: 24
213.182.160.0/19 maxlen: 19
213.243.64.0/18 maxlen: 24
84.204.136.0/24 maxlen: 24
84.204.140.0/22 maxlen: 22
84.204.144.0/20 maxlen: 20
217.115.80.0/20 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
82.140.64.0/18 maxlen: 18
82.140.93.0/24 maxlen: 24
95.137.0.0/17 maxlen: 17
46.47.192.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f2:43:cd:e8:d9:ea:06:00:af:45:e2:de:a0:60:2c:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 15:04:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5239425d5bafc932046f5ffdd5aeee15398a6c9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:bd:82:f3:7b:b3:59:3b:b9:54:29:d9:f6:29:
9e:12:4d:eb:fd:0a:74:93:d6:4f:1c:e9:4d:31:e6:
45:88:99:3f:cb:39:2b:72:88:9f:bc:db:2a:e7:9e:
53:74:22:96:02:18:e4:fa:79:03:16:f3:8a:e0:de:
a3:60:a7:a5:37:be:be:26:5b:65:6a:a5:55:4a:5a:
75:4f:1b:a2:8b:11:1d:6c:fb:67:06:7f:8e:f4:9a:
89:fc:83:7b:a7:fd:9f:fb:12:28:e1:80:49:a5:76:
6a:d0:f4:d7:3c:1e:51:f0:be:19:23:ba:72:b1:c2:
b2:76:47:51:55:95:ad:ad:97:52:3a:7c:91:58:94:
96:a7:4d:63:a8:94:85:68:ad:e6:0a:ab:4b:5b:ed:
ff:ee:6a:62:06:f9:05:9b:90:b3:fb:dd:3f:53:98:
dd:8b:5f:96:5b:12:ea:f3:25:32:5c:f4:a6:72:80:
10:b1:04:f8:f2:21:94:7a:5d:40:97:28:ba:da:c6:
20:b6:64:2b:f7:aa:3f:0c:23:c9:5a:de:c0:19:2a:
ad:88:27:43:7d:05:67:58:b4:5c:ff:a1:40:22:5a:
01:a5:ff:01:9f:68:e2:02:1e:4e:da:b3:82:27:e6:
cd:54:6f:3e:84:ce:78:50:ee:d9:ec:cc:61:e8:c6:
3f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:39:42:5D:5B:AF:C9:32:04:6F:5F:FD:D5:AE:EE:15:39:8A:6C:9B
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/UjlCXVuvyTIEb1_91a7uFTmKbJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.192.0/18
79.171.8.0/21
80.247.176.0/20
81.3.128.0/18
81.24.128.0/20
82.140.64.0/18
82.196.64.0/19
84.204.0.0/17
84.204.132.0-84.204.136.255
84.204.138.0-84.204.183.255
84.204.188.0-84.204.255.255
93.153.128.0/17
94.25.248.0/21
95.137.0.0/17
109.124.64.0/18
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.144.224.0/19
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.172.0.0/19
213.182.160.0/19
213.243.64.0/18
217.115.80.0/20
217.195.64.0/19
Signature Algorithm: sha256WithRSAEncryption
41:84:2e:15:15:a1:b9:d1:c6:d9:6b:9e:c0:7c:df:ed:59:51:
fa:be:15:11:45:37:6e:a1:50:84:6a:84:84:26:44:9d:82:6d:
d1:6c:32:ee:6d:86:4f:c6:75:a5:80:cc:61:9e:e2:cf:0b:ff:
f8:df:5b:33:4a:dc:c2:8d:7b:61:44:c2:26:da:37:75:e3:7d:
6c:71:7a:c3:98:4f:f6:6f:01:78:f3:db:51:36:9d:1d:6d:9c:
20:86:45:1e:48:d1:45:d9:aa:9d:7f:f6:91:a2:74:4f:c1:b1:
aa:a7:de:9c:87:59:16:8d:c5:9f:c1:85:a2:3b:fa:08:be:d7:
a8:ff:83:15:8d:4d:6b:ba:4f:59:23:c6:09:1b:9d:e2:fd:75:
ad:e8:e9:17:5f:23:a1:0b:93:05:fa:ef:c6:60:c6:1d:77:5a:
f7:b5:02:0f:e9:6a:e0:69:69:80:25:60:cb:8d:7d:df:12:b9:
36:c4:c9:ef:53:c0:d8:cc:f4:28:c4:6f:8d:16:db:f7:51:16:
87:da:03:c9:79:d7:e1:cb:e6:b2:58:b0:38:87:6f:fa:14:0b:
72:79:b9:ac:76:88:1f:46:9c:aa:53:57:72:a9:7a:96:10:39:
41:ae:55:25:ad:ea:80:5f:38:62:a9:99:b1:c3:bc:07:a2:0f:
3c:28:13:a7
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgISAYTyQ83o2eoGAK9F4t6gYCzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTUwNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjM5NDI1ZDViYWZjOTMyMDQ2ZjVmZmRkNWFlZWUxNTM5OGE2YzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkr2C83uzWTu5VCnZ9imeEk3r/Qp0
k9ZPHOlNMeZFiJk/yzkrcoifvNsq555TdCKWAhjk+nkDFvOK4N6jYKelN76+Jltl
aqVVSlp1TxuiixEdbPtnBn+O9JqJ/IN7p/2f+xIo4YBJpXZq0PTXPB5R8L4ZI7py
scKydkdRVZWtrZdSOnyRWJSWp01jqJSFaK3mCqtLW+3/7mpiBvkFm5Cz+90/U5jd
i1+WWxLq8yUyXPSmcoAQsQT48iGUel1Alyi62sYgtmQr96o/DCPJWt7AGSqtiCdD
fQVnWLRc/6FAIloBpf8Bn2jiAh5O2rOCJ+bNVG8+hM54UO7Z7Mxh6MY/3QIDAQAB
o4IC6jCCAuYwHQYDVR0OBBYEFFI5Ql1br8kyBG9f/dWu7hU5imybMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvVWpsQ1hWdXZ5VElFYjFfOTFhN3VGVG1LYkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH/BggrBgEFBQcBBwEB/wSB7zCB7DCB6QQCAAEwgeIDBAYu
L8ADBANPqwgDBARQ97ADBAZRA4ADBARRGIADBAZSjEADBAVSxEADBAdUzAAwDAME
AlTMhAMEAFTMiDAMAwQBVMyKAwQDVMywMAsDBAJUzLwDAwBUzAMEB12ZgAMEA14Z
+AMEB1+JAAMEBm18QAMDALyiAwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQFw5Dg
AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1HegAwQF1ZqgAwQF1agg
AwQF1awAAwQF1bagAwQG1fNAAwQE2XNQAwQF2cNAMA0GCSqGSIb3DQEBCwUAA4IB
AQBBhC4VFaG50cbZa57AfN/tWVH6vhURRTduoVCEaoSEJkSdgm3RbDLubYZPxnWl
gMxhnuLPC//431szStzCjXthRMIm2jd1431scXrDmE/2bwF489tRNp0dbZwghkUe
SNFF2aqdf/aRonRPwbGqp96ch1kWjcWfwYWiO/oIvteo/4MVjU1ruk9ZI8YJG53i
/XWt6OkXXyOhC5MF+u/GYMYdd1r3tQIP6WrgaWmAJWDLjX3fErk2xMnvU8DYzPQo
xG+NFtv3URaH2gPJedfhy+ayWLA4h2/6FAtyebmsdogfRpyqU1dyqXqWEDlBrlUl
reqAXzhiqZmxw7wHog88KBOn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:01 2025 by rpki-client