Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XuIMM4tLLHDvb37KloNPxVmVKq0.roa
File: XuIMM4tLLHDvb37KloNPxVmVKq0.roa (raw, json)
Hash identifier: QY0EA/uZyNSeR2V7vcEltQR2COMT9tkSJT5fyP34Dt4=
Subject key identifier: 5E:E2:0C:33:8B:4B:2C:70:EF:6F:7E:CA:96:83:4F:C5:59:95:2A:AD
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184D30EA7330769DF061C485668D0AFDB63
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XuIMM4tLLHDvb37KloNPxVmVKq0.roa
Signing time: Fri 02 Dec 2022 13:37:43 +0000
ROA not before: Fri 02 Dec 2022 13:37:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25159
IP address blocks: 109.188.0.0/16 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
78.25.119.0/24 maxlen: 24
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.170.25.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
188.170.32.0/21 maxlen: 21
188.170.40.0/21 maxlen: 21
37.28.176.0/21 maxlen: 21
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
178.177.0.0/18 maxlen: 18
178.177.3.0/24 maxlen: 24
78.25.112.0/22 maxlen: 22
78.25.116.0/23 maxlen: 23
78.25.118.0/24 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
37.29.32.0/21 maxlen: 21
95.137.0.0/17 maxlen: 24
178.176.52.0/22 maxlen: 22
178.176.72.0/21 maxlen: 21
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
31.173.0.0/21 maxlen: 21
31.173.8.0/21 maxlen: 21
178.176.0.0/19 maxlen: 19
81.24.128.0/20 maxlen: 24
195.78.116.0/23 maxlen: 24
178.176.32.0/21 maxlen: 21
178.176.40.0/21 maxlen: 21
31.173.72.0/21 maxlen: 21
31.173.80.0/21 maxlen: 21
31.173.88.0/21 maxlen: 21
188.170.0.0/19 maxlen: 19
188.170.24.0/24 maxlen: 24
31.173.16.0/21 maxlen: 21
31.173.24.0/21 maxlen: 21
31.173.32.0/19 maxlen: 19
83.169.192.0/18 maxlen: 24
31.173.60.0/24 maxlen: 24
31.173.64.0/21 maxlen: 21
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
109.74.112.0/20 maxlen: 24
62.64.0.0/20 maxlen: 20
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
46.229.128.0/22 maxlen: 22
212.44.64.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d3:0e:a7:33:07:69:df:06:1c:48:56:68:d0:af:db:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 2 13:37:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ee20c338b4b2c70ef6f7eca96834fc559952aad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f8:7a:87:25:d3:12:f6:c7:6f:a3:2d:9e:f9:
7c:20:02:2f:98:80:de:34:24:1c:44:b1:13:7b:57:
ba:a9:3b:d0:b1:bb:17:91:7d:80:28:c0:16:7a:2a:
be:aa:3f:da:40:99:a0:98:9e:12:ad:73:84:b6:3c:
5c:f7:e8:1d:a1:fc:49:f7:04:eb:63:8d:5c:29:db:
d9:96:d7:c7:10:08:42:af:e0:fa:7d:ed:c7:d4:d9:
ae:c1:92:95:03:09:b5:1a:13:d0:be:1f:44:df:85:
16:5d:f4:5a:ac:c1:80:a4:94:56:c0:c2:6f:b7:18:
3a:9a:77:cb:88:97:1a:10:02:5f:0c:fd:56:da:dd:
44:ce:3b:16:5c:45:89:af:d6:ab:93:d3:5f:3a:6c:
30:a0:ac:01:98:67:67:70:e4:5d:20:eb:97:18:1a:
0d:6a:a8:52:f3:5c:c3:4f:67:ab:43:b9:31:b3:3e:
51:20:d6:2e:2f:8e:bd:fd:3c:ce:7f:45:da:8f:08:
e0:f2:5f:16:e3:7e:a7:21:f5:97:39:e3:58:a8:a4:
c3:87:99:22:ee:6c:f4:a4:a5:87:aa:33:65:67:93:
36:47:65:27:9a:74:fd:81:dc:58:8f:21:88:f0:ef:
11:9d:3c:72:53:33:f5:bb:be:a6:81:c0:70:e0:36:
d0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E2:0C:33:8B:4B:2C:70:EF:6F:7E:CA:96:83:4F:C5:59:95:2A:AD
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XuIMM4tLLHDvb37KloNPxVmVKq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.0.0-31.173.95.255
37.28.176.0/21
37.29.32.0/21
46.229.128.0/22
62.64.0.0/20
78.25.112.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.0.0-178.176.47.255
178.176.52.0/22
178.176.72.0/21
178.177.0.0/18
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
188.170.0.0-188.170.47.255
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
0b:ea:0d:21:75:0f:dd:2d:6a:35:00:b2:05:ca:b3:4e:d2:b4:
d8:c7:c1:1f:70:7b:c0:1e:13:62:c6:31:14:75:92:53:67:8b:
49:5f:20:68:42:5b:1a:c6:3b:d6:1a:37:d8:7f:fc:db:dd:cd:
fb:68:03:46:e4:b7:19:1c:46:49:b7:51:7b:76:1b:b4:af:f1:
82:c8:ea:11:63:9e:a2:37:3d:b9:b4:ca:71:01:a4:06:ce:de:
31:3e:db:e0:4a:44:8d:fe:07:3b:82:46:6e:ca:74:b1:f1:61:
07:49:c8:aa:7a:fd:52:98:60:ed:c7:9a:f0:b8:04:1f:45:83:
d8:66:7d:e4:d3:44:c6:58:39:7e:3a:0e:6c:bd:b8:2f:23:5b:
05:94:57:6a:71:09:84:8b:97:59:92:9b:1e:47:bf:81:df:d2:
f0:ef:65:5d:38:52:7c:26:d6:8d:1e:6e:7f:f5:8b:0c:c9:6b:
03:d5:4f:18:c5:b0:75:aa:bb:bb:67:04:3f:41:23:8b:ac:3e:
34:14:f0:b9:fd:06:1b:09:7f:d1:a1:f3:e3:5c:71:da:6c:98:
65:e9:af:08:fa:8b:a7:d7:76:2c:47:2c:6d:28:b8:cf:17:41:
5e:6b:ce:8f:88:d0:78:b1:00:a0:39:b8:2f:c7:f8:cb:e1:dc:
9e:49:7b:98
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgISAYTTDqczB2nfBhxIVmjQr9tjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjAyMTMzNzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWUyMGMzMzhiNGIyYzcwZWY2ZjdlY2E5NjgzNGZjNTU5OTUyYWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivh6hyXTEvbHb6Mtnvl8IAIvmIDe
NCQcRLETe1e6qTvQsbsXkX2AKMAWeiq+qj/aQJmgmJ4SrXOEtjxc9+gdofxJ9wTr
Y41cKdvZltfHEAhCr+D6fe3H1NmuwZKVAwm1GhPQvh9E34UWXfRarMGApJRWwMJv
txg6mnfLiJcaEAJfDP1W2t1EzjsWXEWJr9ark9NfOmwwoKwBmGdncORdIOuXGBoN
aqhS81zDT2erQ7kxsz5RINYuL469/TzOf0Xajwjg8l8W436nIfWXOeNYqKTDh5ki
7mz0pKWHqjNlZ5M2R2UnmnT9gdxYjyGI8O8RnTxyUzP1u76mgcBw4DbQ8wIDAQAB
o4IDLjCCAyowHQYDVR0OBBYEFF7iDDOLSyxw729+ypaDT8VZlSqtMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvWHVJTU00dExMSER2YjM3S2xvTlB4Vm1WS3EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQgYIKwYBBQUHAQcBAf8EggExMIIBLTCCASkEAgABMIIB
ITALAwMAH60DBAUfrUADBAMlHLADBAMlHSADBAIu5YADBAQ+QAADBANOGXADBARQ
97ADBARRGIADBAZTqcADBAVT3sADBAdT5YADBAdVGoADBAVWbcADBAJbwdQDBAdd
mYADBAdeGYADBAdfiQADBARtSnADBAZtfEADAwBtvAMEBoDMQAMEA7IXkDALAwME
srADBASysCADBAKysDQDBAOysEgDBAaysQADBAK5AyADBAK50owDBAO8XqgDAwC8
ojALAwMBvKoDBAS8qiADBALByeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD
5kADBAXUDqADBAXULEADBAXURWADBAXUd6ADBAXVmqADBAXVqCADBAbV80ADBATZ
c1AwDQYJKoZIhvcNAQELBQADggEBAAvqDSF1D90tajUAsgXKs07StNjHwR9we8Ae
E2LGMRR1klNni0lfIGhCWxrGO9YaN9h//NvdzftoA0bktxkcRkm3UXt2G7Sv8YLI
6hFjnqI3Pbm0ynEBpAbO3jE+2+BKRI3+BzuCRm7KdLHxYQdJyKp6/VKYYO3HmvC4
BB9Fg9hmfeTTRMZYOX46Dmy9uC8jWwWUV2pxCYSLl1mSmx5Hv4Hf0vDvZV04Unwm
1o0ebn/1iwzJawPVTxjFsHWqu7tnBD9BI4usPjQU8Ln9BhsJf9Gh8+NccdpsmGXp
rwj6i6fXdixHLG0ouM8XQV5rzo+I0HixAKA5uC/H+Mvh3J5Je5g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org