Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/_66dItIL6U7IB-jjEVz1Lp29yfg.roa
File: _66dItIL6U7IB-jjEVz1Lp29yfg.roa (raw, json)
Hash identifier: naC1BwsOHnr0N+BaUv6om3oZhGySPfCV7kyE1Y8IIpE=
Subject key identifier: FF:AE:9D:22:D2:0B:E9:4E:C8:07:E8:E3:11:5C:F5:2E:9D:BD:C9:F8
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505E1157F5B67BA8741749F325D0B79C4
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/_66dItIL6U7IB-jjEVz1Lp29yfg.roa
Signing time: Mon 12 Dec 2022 10:28:35 +0000
ROA not before: Mon 12 Dec 2022 10:28:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25159
IP address blocks: 195.16.96.0/19 maxlen: 19
193.201.228.0/22 maxlen: 22
109.188.112.0/23 maxlen: 23
109.188.114.0/24 maxlen: 24
195.16.110.0/23 maxlen: 23
195.16.114.0/23 maxlen: 23
85.26.144.0/20 maxlen: 20
109.188.64.0/19 maxlen: 19
109.188.96.0/21 maxlen: 21
78.25.119.0/24 maxlen: 24
94.25.131.0/24 maxlen: 24
94.25.144.0/20 maxlen: 20
94.25.164.0/24 maxlen: 24
94.25.160.0/24 maxlen: 24
212.69.106.0/24 maxlen: 24
94.25.172.0/22 maxlen: 22
94.25.168.0/22 maxlen: 22
212.69.113.0/24 maxlen: 24
212.69.114.0/24 maxlen: 24
188.170.25.0/24 maxlen: 24
188.170.32.0/21 maxlen: 21
188.170.40.0/21 maxlen: 21
37.28.176.0/21 maxlen: 21
178.177.0.0/18 maxlen: 18
178.177.3.0/24 maxlen: 24
78.25.112.0/22 maxlen: 22
78.25.116.0/23 maxlen: 23
78.25.118.0/24 maxlen: 24
94.25.176.0/21 maxlen: 21
212.69.125.0/24 maxlen: 24
94.25.184.0/21 maxlen: 21
128.204.78.0/23 maxlen: 23
128.204.76.0/22 maxlen: 22
37.29.32.0/21 maxlen: 21
128.204.76.0/23 maxlen: 23
178.176.52.0/22 maxlen: 22
178.176.72.0/21 maxlen: 21
31.173.0.0/21 maxlen: 21
195.230.70.0/23 maxlen: 23
31.173.8.0/21 maxlen: 21
178.176.0.0/19 maxlen: 19
213.243.109.0/24 maxlen: 24
213.243.116.0/24 maxlen: 24
83.229.254.0/24 maxlen: 24
178.176.32.0/21 maxlen: 21
178.176.40.0/21 maxlen: 21
31.173.72.0/21 maxlen: 21
31.173.80.0/21 maxlen: 21
31.173.88.0/21 maxlen: 21
188.170.0.0/19 maxlen: 19
188.170.24.0/24 maxlen: 24
31.173.16.0/21 maxlen: 21
31.173.24.0/21 maxlen: 21
195.230.91.0/24 maxlen: 24
195.230.92.0/24 maxlen: 24
31.173.32.0/19 maxlen: 19
31.173.60.0/24 maxlen: 24
31.173.64.0/21 maxlen: 21
188.162.0.0/16 maxlen: 24
62.64.0.0/20 maxlen: 20
83.229.211.0/24 maxlen: 24
46.229.128.0/22 maxlen: 22
83.222.212.0/22 maxlen: 22
83.222.216.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:e1:15:7f:5b:67:ba:87:41:74:9f:32:5d:0b:79:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 10:28:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ffae9d22d20be94ec807e8e3115cf52e9dbdc9f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1f:7e:74:2b:82:27:81:c5:87:3f:08:92:d0:
21:e4:a5:5c:e8:e6:ac:89:f6:c3:e2:7b:49:d2:45:
1c:25:a8:50:52:5d:e0:8b:80:df:eb:bd:77:cf:a2:
d8:c5:8b:b3:42:c0:10:da:91:3b:43:1f:7c:f2:be:
c7:7e:47:8d:29:1b:3b:fb:eb:ed:84:2d:4d:14:69:
5e:56:03:63:61:be:19:d1:ae:df:ed:e5:70:da:e8:
86:1c:ab:4c:18:8a:e5:25:f1:49:49:af:e8:23:2b:
e4:70:d3:2c:4c:19:34:ed:cb:62:fd:26:a8:59:22:
5a:94:bd:66:3a:dd:b2:44:74:6d:c1:e9:2e:31:8c:
ad:99:07:8b:a5:63:b0:48:97:92:42:a2:f8:34:59:
02:ed:14:09:19:c2:18:a6:fd:12:da:62:70:15:e4:
ae:5e:66:6f:24:6f:9a:40:d7:6f:1e:6a:8d:60:a4:
8e:8f:8b:b7:ec:70:0d:c6:6f:54:2d:55:79:24:db:
20:48:05:c5:bd:71:eb:16:50:64:95:fc:42:16:44:
0d:75:a9:42:62:ca:c0:71:13:1f:0f:ee:e1:ef:8f:
e2:b7:d8:f6:c5:e9:5b:7d:1b:9e:40:93:e3:5b:bd:
36:9c:0d:e0:59:c8:12:e3:39:d9:e0:6e:78:df:b1:
da:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:AE:9D:22:D2:0B:E9:4E:C8:07:E8:E3:11:5C:F5:2E:9D:BD:C9:F8
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/_66dItIL6U7IB-jjEVz1Lp29yfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.0.0-31.173.95.255
37.28.176.0/21
37.29.32.0/21
46.229.128.0/22
62.64.0.0/20
78.25.112.0/21
83.222.212.0-83.222.223.255
83.229.211.0/24
83.229.254.0/24
85.26.144.0/20
94.25.131.0/24
94.25.144.0-94.25.160.255
94.25.164.0/24
94.25.168.0-94.25.191.255
109.188.64.0-109.188.103.255
109.188.112.0-109.188.114.255
128.204.76.0/22
178.176.0.0-178.176.47.255
178.176.52.0/22
178.176.72.0/21
178.177.0.0/18
188.162.0.0/16
188.170.0.0-188.170.47.255
193.201.228.0/22
195.16.96.0/19
195.230.70.0/23
195.230.91.0-195.230.92.255
212.69.106.0/24
212.69.113.0-212.69.114.255
212.69.125.0/24
213.243.109.0/24
213.243.116.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:4c:ad:13:ed:e2:66:c0:be:ae:9d:03:1d:5f:04:6e:a4:b3:
0b:cc:14:21:83:90:96:e7:3d:78:e4:d3:c6:72:e4:51:6b:4e:
b3:92:c0:96:1d:8e:1c:01:59:59:c1:82:f3:8f:16:26:0e:f7:
d4:c7:f2:4a:ad:9a:36:48:22:c9:39:ec:a9:9a:a3:dc:63:94:
13:94:bb:c4:95:cf:31:ce:42:91:b7:21:b6:34:02:00:aa:f2:
0b:98:e4:62:6c:f0:4a:bd:50:d6:db:fe:18:7a:b5:2f:9b:fb:
ba:6b:04:b8:98:60:95:78:71:08:7a:0e:13:46:2e:d8:e7:bc:
3f:ee:b1:26:ca:75:1d:3b:39:84:49:a5:cd:ee:1f:ba:dc:91:
7d:b4:84:f3:32:ac:bb:3e:ae:10:9e:3e:8e:d8:c9:84:53:14:
2f:24:d8:49:85:cb:4d:e8:54:92:19:24:43:78:28:43:fa:9c:
08:d2:03:cc:1c:e9:e5:af:42:48:79:f7:11:95:a1:d6:74:ae:
18:47:d5:47:2b:22:0f:60:fc:4d:fe:ef:ce:95:32:d0:cc:26:
94:fe:70:9e:91:0c:bf:1e:c6:34:a5:cc:54:64:9e:7c:e1:e8:
82:77:30:3b:ce:29:c8:7b:2a:9f:77:58:a0:de:26:ea:1c:12:
63:1d:e5:8a
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgISAYUF4RV/W2e6h0F0nzJdC3nEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTAyODM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmFlOWQyMmQyMGJlOTRlYzgwN2U4ZTMxMTVjZjUyZTlkYmRjOWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx9+dCuCJ4HFhz8IktAh5KVc6Oas
ifbD4ntJ0kUcJahQUl3gi4Df6713z6LYxYuzQsAQ2pE7Qx988r7HfkeNKRs7++vt
hC1NFGleVgNjYb4Z0a7f7eVw2uiGHKtMGIrlJfFJSa/oIyvkcNMsTBk07cti/Sao
WSJalL1mOt2yRHRtwekuMYytmQeLpWOwSJeSQqL4NFkC7RQJGcIYpv0S2mJwFeSu
XmZvJG+aQNdvHmqNYKSOj4u37HANxm9ULVV5JNsgSAXFvXHrFlBklfxCFkQNdalC
YsrAcRMfD+7h74/it9j2xelbfRueQJPjW702nA3gWcgS4znZ4G5437Ha6QIDAQAB
o4IDGTCCAxUwHQYDVR0OBBYEFP+unSLSC+lOyAfo4xFc9S6dvcn4MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvXzY2ZEl0SUw2VTdJQi1qakVWejFMcDI5eWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCARQEAgABMIIB
DDALAwMAH60DBAUfrUADBAMlHLADBAMlHSADBAIu5YADBAQ+QAADBANOGXAwDAME
AlPe1AMEBVPewAMEAFPl0wMEAFPl/gMEBFUakAMEAF4ZgzAMAwQEXhmQAwQAXhmg
AwQAXhmkMAwDBANeGagDBAZeGYAwDAMEBm28QAMEA228YDAMAwQEbbxwAwQAbbxy
AwQCgMxMMAsDAwSysAMEBLKwIAMEArKwNAMEA7KwSAMEBrKxAAMDALyiMAsDAwG8
qgMEBLyqIAMEAsHJ5AMEBcMQYAMEAcPmRjAMAwQAw+ZbAwQAw+ZcAwQA1EVqMAwD
BADURXEDBADURXIDBADURX0DBADV820DBADV83QwDQYJKoZIhvcNAQELBQADggEB
AKpMrRPt4mbAvq6dAx1fBG6kswvMFCGDkJbnPXjk08Zy5FFrTrOSwJYdjhwBWVnB
gvOPFiYO99TH8kqtmjZIIsk57Kmao9xjlBOUu8SVzzHOQpG3IbY0AgCq8guY5GJs
8Eq9UNbb/hh6tS+b+7prBLiYYJV4cQh6DhNGLtjnvD/usSbKdR07OYRJpc3uH7rc
kX20hPMyrLs+rhCePo7YyYRTFC8k2EmFy03oVJIZJEN4KEP6nAjSA8wc6eWvQkh5
9xGVodZ0rhhH1UcrIg9g/E3+786VMtDMJpT+cJ6RDL8exjSlzFRknnzh6IJ3MDvO
Kch7Kp93WKDeJuocEmMd5Yo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:35 2024 by rpki-client on console-ams.rpki-client.org