Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ZZ6mAOsmc6bklMuMbbMzkotB8O8.roa
File: ZZ6mAOsmc6bklMuMbbMzkotB8O8.roa (raw, json)
Hash identifier: HfRwHSvzbbbyQFtHaoGvVPHeE2fh+FGy2ya5Qsb/X5U=
Subject key identifier: 65:9E:A6:00:EB:26:73:A6:E4:94:CB:8C:6D:B3:33:92:8B:41:F0:EF
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0879E293
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ZZ6mAOsmc6bklMuMbbMzkotB8O8.roa
Signing time: Sat 01 Jan 2022 04:02:36 +0000
ROA not before: Sat 01 Jan 2022 04:02:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31224
IP address blocks: 109.188.0.0/16 maxlen: 24
46.29.192.0/21 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
81.24.128.0/20 maxlen: 24
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
109.74.112.0/20 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
37.29.0.0/17 maxlen: 24
46.232.200.0/21 maxlen: 24
78.25.64.0/18 maxlen: 24
37.28.160.0/19 maxlen: 24
62.64.0.0/19 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
46.229.128.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142205587 (0x879e293)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 04:02:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=659ea600eb2673a6e494cb8c6db333928b41f0ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3f:84:bf:08:71:d6:da:b6:bf:ce:8e:07:75:
3e:80:ab:f7:10:40:6a:da:e2:67:15:3f:10:d8:ff:
30:2c:c8:e2:3b:11:6b:3c:66:81:5d:76:f4:45:5c:
5e:a0:88:4b:6d:94:74:93:49:83:10:f0:6b:cf:e0:
4e:85:06:af:17:7f:2e:0f:f5:5e:e2:c1:29:d0:dc:
6f:ed:21:ee:2c:93:11:b1:38:52:73:a3:58:76:35:
d8:00:68:af:a3:c1:7d:c9:29:c0:22:f5:a3:06:de:
db:24:48:7f:f5:75:ae:11:1b:4c:cb:3a:be:f7:7e:
7a:97:7b:8c:57:40:aa:f5:f5:9a:a1:93:32:a9:91:
53:45:37:50:fa:eb:a8:0f:26:45:99:f9:e2:b8:31:
f7:c7:88:38:b2:cf:f2:79:35:a3:f8:bb:a9:6b:cf:
e7:52:01:79:52:3d:0b:2b:a1:67:ad:0d:ef:c4:28:
93:c8:7e:f6:3a:f3:4a:79:0c:b4:0d:57:1b:67:be:
2d:c2:08:f8:37:a8:12:72:b9:0b:76:03:a4:3a:28:
9a:a7:ee:a1:01:a8:3c:2f:1f:e5:03:62:68:d4:33:
9d:cb:46:c4:ff:8e:b1:48:f3:7f:66:69:2d:8b:ca:
b0:b1:ee:43:77:03:f6:d7:33:ee:ac:b4:74:30:1e:
d5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:9E:A6:00:EB:26:73:A6:E4:94:CB:8C:6D:B3:33:92:8B:41:F0:EF
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ZZ6mAOsmc6bklMuMbbMzkotB8O8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/19
37.29.0.0/17
46.29.192.0/21
46.229.128.0/20
46.232.200.0/21
62.64.0.0/19
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
24:89:32:ff:fb:5d:38:c3:49:e6:b6:78:e1:6f:2f:3a:a7:ed:
b0:9e:f2:f4:8a:95:d3:4c:dd:fc:b1:e0:c2:02:2f:8e:cb:22:
86:11:46:94:ef:f6:7b:f1:58:e1:7c:8f:6c:82:16:05:e7:94:
cd:88:13:8c:30:fb:23:b4:be:83:18:2e:b3:3f:56:a9:20:ef:
38:87:e7:7e:50:87:17:6a:19:1d:1e:5b:8e:65:67:47:dd:e5:
4f:84:2e:9a:9d:1c:5e:e3:90:95:0e:d0:e6:80:c8:80:79:ba:
1f:50:cc:50:92:0f:f3:f3:e3:68:d6:af:d2:4d:4e:d4:2d:0e:
73:81:b1:3f:6f:20:ee:6f:b5:30:43:30:f7:ed:62:88:cf:11:
99:57:c1:41:af:b4:00:67:47:af:c5:cf:86:fe:6e:2d:60:81:
8b:4f:ee:85:f1:e7:7f:83:54:45:e1:44:02:7f:df:cb:28:52:
e5:bf:03:7a:c3:60:45:0d:12:ef:78:85:27:76:2e:e6:8b:30:
37:eb:d9:fe:cb:99:48:63:78:b7:cb:1b:52:d5:0d:5f:9c:db:
6a:fb:4a:05:ca:f6:c0:e3:be:84:05:33:bf:65:da:b2:94:8e:
17:bd:ee:a5:10:42:d4:40:0b:79:b5:47:73:97:b5:b9:af:95:
b9:5b:80:e4
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIECHnikzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MmQ3YzJhMTA3MmQ3MzUwN2FkYmY2NTA3ZGU2OGFhYWMwMTc4NWMwMB4XDTIyMDEw
MTA0MDIzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjU5ZWE2MDBlYjI2
NzNhNmU0OTRjYjhjNmRiMzMzOTI4YjQxZjBlZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALc/hL8Icdbatr/Ojgd1PoCr9xBAatriZxU/ENj/MCzI4jsR
azxmgV129EVcXqCIS22UdJNJgxDwa8/gToUGrxd/Lg/1XuLBKdDcb+0h7iyTEbE4
UnOjWHY12ABor6PBfckpwCL1owbe2yRIf/V1rhEbTMs6vvd+epd7jFdAqvX1mqGT
MqmRU0U3UPrrqA8mRZn54rgx98eIOLLP8nk1o/i7qWvP51IBeVI9CyuhZ60N78Qo
k8h+9jrzSnkMtA1XG2e+LcII+DeoEnK5C3YDpDoomqfuoQGoPC8f5QNiaNQznctG
xP+OsUjzf2ZpLYvKsLHuQ3cD9tcz7qy0dDAe1fcCAwEAAaOCAxMwggMPMB0GA1Ud
DgQWBBRlnqYA6yZzpuSUy4xtszOSi0Hw7zAfBgNVHSMEGDAWgBSS18KhBy1zUHrb
9lB95oqqwBeFwDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2t0ZkNvUWN0YzFCNjJfWlFmZWFLcXNBWGhjQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvOWNmZjdjLWYwNWEtNGUwMi1iZWE3LTg5ZTU2YzgwZDFkMC8x
L1paNm1BT3NtYzZia2xNdU1iYk16a290QjhPOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
OWNmZjdjLWYwNWEtNGUwMi1iZWE3LTg5ZTU2YzgwZDFkMC8xL2t0ZkNvUWN0YzFC
NjJfWlFmZWFLcXNBWGhjQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AScGCCsGAQUFBwEHAQH/BIIBFjCCARIwggEOBAIAATCCAQYDBAUlHKADBAclHQAD
BAMuHcADBAQu5YADBAMu6MgDBAU+QAADBAVN6aADBAZOGUADBAJOKWQDBANPqwgD
BARQ97ADBARRGIADBAZTqcADBAVT3sADBAdT5YADBAdVGoADBAVWbcADBAJbwdQD
BAddmYADBAdeGYADBAdfiQADBARtSnADBAZtfEADAwBtvAMEBoDMQAMEA7IXkAME
ArkDIAMEArnSjAMEA7xeqAMDALyiAwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQA
w5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1HegAwQF1ZqgAwQF1aggAwQG
1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IBAQAkiTL/+104w0nmtnjhby86p+2w
nvL0ipXTTN38seDCAi+OyyKGEUaU7/Z78VjhfI9sghYF55TNiBOMMPsjtL6DGC6z
P1apIO84h+d+UIcXahkdHluOZWdH3eVPhC6anRxe45CVDtDmgMiAebofUMxQkg/z
8+No1q/STU7ULQ5zgbE/byDub7UwQzD37WKIzxGZV8FBr7QAZ0evxc+G/m4tYIGL
T+6F8ed/g1RF4UQCf9/LKFLlvwN6w2BFDRLveIUndi7mizA369n+y5lIY3i3yxtS
1Q1fnNtq+0oFyvbA476EBTO/ZdqylI4Xve6lEELUQAt5tUdzl7W5r5W5W4Dk
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:34:42 2025 by rpki-client