Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/WdhvoQKCsvD4vMQl9pQDQ-Z0hfQ.roa
File: WdhvoQKCsvD4vMQl9pQDQ-Z0hfQ.roa (raw, json)
Hash identifier: NQbgbTw91ucSu7fSZ8JPqyiiDAEq33wKDdcv2Eke62w=
Subject key identifier: 59:D8:6F:A1:02:82:B2:F0:F8:BC:C4:25:F6:94:03:43:E6:74:85:F4
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184E23BF9F32B778471FB686DD197C32134
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/WdhvoQKCsvD4vMQl9pQDQ-Z0hfQ.roa
Signing time: Mon 05 Dec 2022 12:21:32 +0000
ROA not before: Mon 05 Dec 2022 12:21:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47395
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:3b:f9:f3:2b:77:84:71:fb:68:6d:d1:97:c3:21:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 5 12:21:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=59d86fa10282b2f0f8bcc425f6940343e67485f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:46:19:6b:05:50:05:be:a4:8b:6f:0f:9d:ff:
61:ca:e4:5d:2e:fd:50:89:1f:4d:45:20:fe:c0:fe:
1b:ba:91:4e:d6:2d:59:08:9a:0a:61:02:1a:3d:83:
27:87:80:b5:16:ea:81:2b:07:d2:66:58:24:77:e6:
16:0c:13:80:4f:9c:60:f2:04:d6:5c:c8:0a:be:d5:
70:6b:00:64:09:a7:a0:3d:fa:31:88:bd:97:cd:42:
62:da:8b:00:52:c4:13:37:17:15:07:3f:43:33:33:
cc:86:41:89:ff:8f:d1:92:2e:61:6d:07:71:8e:02:
79:06:ab:14:5a:4a:59:55:c8:7d:e8:ac:e5:8d:b5:
94:77:32:e5:b5:4e:04:4d:ab:aa:e9:d8:f4:66:1a:
d5:94:98:74:08:2c:b1:55:d4:80:64:73:56:0a:18:
8a:47:72:cb:97:f3:f3:5e:b9:1a:68:6e:c1:45:11:
a6:1a:52:91:35:ad:f2:44:f9:3c:72:b2:1f:5e:a3:
f3:54:a2:b8:0e:ad:e6:be:7f:34:ec:80:8f:0e:fa:
ec:d3:55:d6:02:d2:e4:a8:c8:08:f0:5a:3f:b3:ff:
22:b1:31:07:23:e4:9f:22:f3:29:49:ab:72:d6:73:
73:0b:c4:6d:e6:10:34:70:cb:2e:d8:ba:fb:80:bf:
e8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:D8:6F:A1:02:82:B2:F0:F8:BC:C4:25:F6:94:03:43:E6:74:85:F4
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/WdhvoQKCsvD4vMQl9pQDQ-Z0hfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
19:7e:45:ec:0d:9c:b0:6b:48:4e:7b:14:e5:33:51:6e:ad:5d:
b3:4f:d2:4d:32:42:f6:55:40:b8:3a:33:e5:80:97:68:9d:b1:
89:54:f1:41:52:74:6c:cf:a6:3a:fc:8c:3a:60:87:03:0f:8d:
ae:dd:24:db:a6:48:81:4e:88:78:0d:34:97:6a:0e:21:d9:8b:
ab:e2:5d:0d:4d:0e:5c:c1:ce:fa:2e:77:bb:ec:24:93:36:9c:
ec:df:95:67:a3:4f:f4:0b:0f:15:ab:3e:fa:ec:65:80:0a:f3:
fe:ce:45:b2:ec:75:8c:07:bb:32:4f:a2:5e:fd:30:f3:58:f3:
13:72:97:d3:d9:60:37:9b:45:98:b7:98:c9:9c:38:9a:cf:a8:
39:04:1c:d9:e0:84:34:60:bd:87:f2:12:ae:e1:7c:97:33:6d:
bf:80:27:98:39:5f:44:86:4b:7d:9d:80:4c:7b:69:02:fa:6f:
ec:bd:73:e3:27:52:d1:95:be:62:e9:cc:38:7c:01:68:67:11:
45:46:fd:1a:ff:77:4e:33:10:b6:79:d1:69:a4:c4:fd:7e:1d:
3b:e2:24:b3:39:b3:87:cf:9f:4c:ac:0b:f7:ce:4d:18:0f:05:
a8:65:0a:2f:c5:82:ef:fa:5e:b3:42:9a:5b:94:7b:3c:a0:20:
6a:7c:a6:3b
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAYTiO/nzK3eEcftobdGXwyE0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA1MTIyMTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWQ4NmZhMTAyODJiMmYwZjhiY2M0MjVmNjk0MDM0M2U2NzQ4NWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0YZawVQBb6ki28Pnf9hyuRdLv1Q
iR9NRSD+wP4bupFO1i1ZCJoKYQIaPYMnh4C1FuqBKwfSZlgkd+YWDBOAT5xg8gTW
XMgKvtVwawBkCaegPfoxiL2XzUJi2osAUsQTNxcVBz9DMzPMhkGJ/4/Rki5hbQdx
jgJ5BqsUWkpZVch96KzljbWUdzLltU4ETauq6dj0ZhrVlJh0CCyxVdSAZHNWChiK
R3LLl/PzXrkaaG7BRRGmGlKRNa3yRPk8crIfXqPzVKK4Dq3mvn807ICPDvrs01XW
AtLkqMgI8Fo/s/8isTEHI+SfIvMpSaty1nNzC8Rt5hA0cMsu2Lr7gL/ouwIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFFnYb6ECgrLw+LzEJfaUA0PmdIX0MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvV2Rodm9RS0NzdkQ0dk1RbDlwUURRLVowaGZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBAZT
qcADBAVT3sADBAdT5YADBAdVGoADBAVWbcADBAJbwdQDBAddmYADBAdeGYADBAdf
iQADBARtSnADBAZtfEADAwBtvAMEBoDMQAMEA7IXkAMEArkDIAMEArnSjAMEA7xe
qAMDALyiAwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQAw5VvAwQFw+ZAAwQF1A6g
AwQF1CxAAwQF1EVgAwQF1HegAwQF1ZqgAwQF1aggAwQG1fNAAwQE2XNQMA0GCSqG
SIb3DQEBCwUAA4IBAQAZfkXsDZywa0hOexTlM1FurV2zT9JNMkL2VUC4OjPlgJdo
nbGJVPFBUnRsz6Y6/Iw6YIcDD42u3STbpkiBToh4DTSXag4h2Yur4l0NTQ5cwc76
Lne77CSTNpzs35Vno0/0Cw8Vqz767GWACvP+zkWy7HWMB7syT6Je/TDzWPMTcpfT
2WA3m0WYt5jJnDiaz6g5BBzZ4IQ0YL2H8hKu4XyXM22/gCeYOV9Ehkt9nYBMe2kC
+m/svXPjJ1LRlb5i6cw4fAFoZxFFRv0a/3dOMxC2edFppMT9fh074iSzObOHz59M
rAv3zk0YDwWoZQovxYLv+l6zQppblHs8oCBqfKY7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:35 2025 by rpki-client