Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XD5CvgEG7AbTY4kuNC5jh3jbluY.roa
File: XD5CvgEG7AbTY4kuNC5jh3jbluY.roa (raw, json)
Hash identifier: FDAqyaDQ1qSRXDGVO6P/ZBz2hyGSslom48zoqaFxW44=
Subject key identifier: 5C:3E:42:BE:01:06:EC:06:D3:63:89:2E:34:2E:63:87:78:DB:96:E6
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184E2AF54FFCA2BF068B19D1F62F7CCADF1
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XD5CvgEG7AbTY4kuNC5jh3jbluY.roa
Signing time: Mon 05 Dec 2022 14:27:32 +0000
ROA not before: Mon 05 Dec 2022 14:27:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50928
IP address blocks: 109.188.0.0/16 maxlen: 24
46.29.192.0/21 maxlen: 21
46.29.199.0/24 maxlen: 24
46.29.194.0/24 maxlen: 24
46.29.196.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
188.170.244.0/24 maxlen: 24
188.170.244.0/23 maxlen: 23
188.170.245.0/24 maxlen: 24
188.170.251.0/24 maxlen: 24
188.170.249.0/24 maxlen: 24
188.170.250.0/24 maxlen: 24
188.170.248.0/24 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
178.176.250.0/24 maxlen: 24
178.176.248.0/24 maxlen: 24
178.176.253.0/24 maxlen: 24
91.193.212.0/22 maxlen: 24
178.176.251.0/24 maxlen: 24
178.176.252.0/24 maxlen: 24
178.176.249.0/24 maxlen: 24
37.29.81.0/24 maxlen: 24
37.29.83.0/24 maxlen: 24
37.29.80.0/22 maxlen: 22
37.29.80.0/24 maxlen: 24
37.29.82.0/24 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
31.173.248.0/21 maxlen: 21
31.173.252.0/24 maxlen: 24
31.173.249.0/24 maxlen: 24
31.173.251.0/24 maxlen: 24
31.173.248.0/24 maxlen: 24
31.173.253.0/24 maxlen: 24
31.173.250.0/24 maxlen: 24
95.137.0.0/17 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
109.74.112.0/20 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:af:54:ff:ca:2b:f0:68:b1:9d:1f:62:f7:cc:ad:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 5 14:27:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c3e42be0106ec06d363892e342e638778db96e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e6:d1:5c:fe:34:ed:c5:9c:c1:cc:21:ad:b1:
09:18:d6:80:8d:63:61:12:72:4b:b5:62:7b:c1:fd:
ee:68:ed:5a:83:13:1f:68:39:aa:4b:e3:86:c6:d7:
b5:d9:d2:48:cc:a0:c5:64:eb:8a:0b:ae:cd:92:ee:
4a:8c:f1:9f:36:96:e1:f3:b1:61:13:38:b6:c1:70:
c6:ca:45:3d:5d:2f:bb:d5:b7:dd:a6:64:2a:d9:5a:
d4:0a:4a:54:b8:6a:5d:35:a8:74:b1:82:59:f0:d2:
cd:a3:96:e4:d5:c0:3d:5c:cb:f8:48:40:52:bb:3b:
e6:75:1d:c1:49:fa:5a:81:bb:7e:1f:4f:2a:9b:54:
f4:6c:fa:9f:3d:56:e7:53:2d:81:39:7b:c1:19:68:
9a:6f:33:9d:32:cb:d5:44:a8:a0:36:ac:cc:39:4b:
29:8e:4f:a2:9d:85:80:54:00:18:7a:58:ae:be:b1:
4f:f0:f0:e3:3f:e5:b7:3d:51:22:a0:38:6d:53:64:
ec:5d:9e:84:51:ee:36:e5:21:03:17:0a:55:de:2a:
21:9d:69:33:26:a2:dd:f2:b4:35:a8:26:e7:50:46:
3c:2f:20:08:5d:d9:31:45:51:62:61:9d:2e:91:ed:
fa:b2:7d:61:cb:8a:b6:31:f1:6b:7b:7f:ac:b5:ca:
67:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3E:42:BE:01:06:EC:06:D3:63:89:2E:34:2E:63:87:78:DB:96:E6
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XD5CvgEG7AbTY4kuNC5jh3jbluY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.248.0/21
37.29.80.0/22
46.29.192.0/21
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.248.0-178.176.253.255
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
188.170.244.0/23
188.170.248.0/22
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
93:48:14:db:6d:c6:b5:51:22:9c:3e:b9:c9:1a:02:33:ea:6b:
39:96:be:df:0b:1b:f4:85:7d:a9:1a:9b:74:f6:bb:e4:1e:26:
1a:57:7a:12:b0:e7:8b:5e:a8:f9:f5:10:24:84:a6:20:5a:8b:
d0:b5:9c:18:c5:be:b9:9a:f0:53:a5:a3:25:0d:01:60:e3:d0:
8e:59:a8:83:5c:56:c3:34:97:58:fc:a2:aa:a3:94:6b:16:c2:
5c:f3:ed:81:49:c3:52:0d:41:bf:c7:ff:2b:3f:5a:b4:50:8b:
c4:d0:b8:28:83:b5:6a:8b:d2:32:8f:97:bf:68:fc:f0:36:e1:
cb:c5:41:7c:be:16:0e:03:05:2a:04:48:1b:38:6a:3e:65:8c:
36:e8:ab:ec:71:fe:ed:db:6a:45:84:d7:f4:d3:5b:27:6c:fc:
78:a5:70:99:c4:24:a8:24:e7:3d:40:4c:6c:a9:f4:51:10:ed:
70:d8:74:0e:cf:76:71:60:02:1e:c1:0b:79:59:96:cc:50:07:
6c:17:a0:1c:b0:f2:25:6f:38:6f:c9:bc:d6:9f:00:63:d9:79:
f2:21:af:0b:b9:c6:c6:99:59:b6:7b:6d:ff:f6:79:14:cd:1e:
f6:89:d7:85:c3:3a:3a:ee:b4:a0:2a:72:6d:43:1a:b4:0c:c3:
f0:d6:15:14
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAYTir1T/yivwaLGdH2L3zK3xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA1MTQyNzMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzNlNDJiZTAxMDZlYzA2ZDM2Mzg5MmUzNDJlNjM4Nzc4ZGI5NmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjebRXP407cWcwcwhrbEJGNaAjWNh
EnJLtWJ7wf3uaO1agxMfaDmqS+OGxte12dJIzKDFZOuKC67Nku5KjPGfNpbh87Fh
Ezi2wXDGykU9XS+71bfdpmQq2VrUCkpUuGpdNah0sYJZ8NLNo5bk1cA9XMv4SEBS
uzvmdR3BSfpagbt+H08qm1T0bPqfPVbnUy2BOXvBGWiabzOdMsvVRKigNqzMOUsp
jk+inYWAVAAYeliuvrFP8PDjP+W3PVEioDhtU2TsXZ6EUe425SEDFwpV3iohnWkz
JqLd8rQ1qCbnUEY8LyAIXdkxRVFiYZ0uke36sn1hy4q2MfFre3+stcpnRwIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFFw+Qr4BBuwG02OJLjQuY4d425bmMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvWEQ1Q3ZnRUc3QWJUWTRrdU5DNWpoM2pibHVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBAMf
rfgDBAIlHVADBAMuHcADBAVWbcADBAJbwdQDBAddmYADBAdeGYADBAdfiQADBARt
SnADBAZtfEADAwBtvAMEBoDMQAMEA7IXkDAMAwQDsrD4AwQBsrD8AwQCuQMgAwQC
udKMAwQDvF6oAwMAvKIDBAG8qvQDBAK8qvgDBALByeQDBAXDBYADBAXDEGADBAHD
TnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXURWADBAXUd6ADBAXVmqADBAXV
qCADBAbV80ADBATZc1AwDQYJKoZIhvcNAQELBQADggEBAJNIFNttxrVRIpw+ucka
AjPqazmWvt8LG/SFfakam3T2u+QeJhpXehKw54teqPn1ECSEpiBai9C1nBjFvrma
8FOloyUNAWDj0I5ZqINcVsM0l1j8oqqjlGsWwlzz7YFJw1INQb/H/ys/WrRQi8TQ
uCiDtWqL0jKPl79o/PA24cvFQXy+Fg4DBSoESBs4aj5ljDboq+xx/u3bakWE1/TT
Wyds/HilcJnEJKgk5z1ATGyp9FEQ7XDYdA7PdnFgAh7BC3lZlsxQB2wXoByw8iVv
OG/JvNafAGPZefIhrwu5xsaZWbZ7bf/2eRTNHvaJ14XDOjrutKAqcm1DGrQMw/DW
FRQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org