Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/a2INAOXEmpxcu30h8mvVkZWaBBs.roa
File: a2INAOXEmpxcu30h8mvVkZWaBBs.roa (raw, json)
Hash identifier: yMDI458Y+QwVVwdCwWvUURhqWrtZg+29e/P8o1tI+Nk=
Subject key identifier: 6B:62:0D:00:E5:C4:9A:9C:5C:BB:7D:21:F2:6B:D5:91:95:9A:04:1B
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184D29A77DCD7122EEBB976DDF1EDA65F24
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/a2INAOXEmpxcu30h8mvVkZWaBBs.roa
Signing time: Fri 02 Dec 2022 11:30:49 +0000
ROA not before: Fri 02 Dec 2022 11:30:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25159
IP address blocks: 109.188.0.0/16 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
78.25.119.0/24 maxlen: 24
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.170.25.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
188.170.32.0/21 maxlen: 21
188.170.40.0/21 maxlen: 21
37.28.176.0/21 maxlen: 21
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
178.177.0.0/18 maxlen: 18
178.177.3.0/24 maxlen: 24
78.25.112.0/22 maxlen: 22
78.25.116.0/23 maxlen: 23
78.25.118.0/24 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
37.29.32.0/21 maxlen: 21
95.137.0.0/17 maxlen: 24
178.176.52.0/22 maxlen: 22
178.176.72.0/21 maxlen: 21
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
31.173.0.0/21 maxlen: 21
31.173.8.0/21 maxlen: 21
178.176.0.0/19 maxlen: 19
81.24.128.0/20 maxlen: 24
195.78.116.0/23 maxlen: 24
178.176.32.0/21 maxlen: 21
78.41.100.0/22 maxlen: 24
178.176.40.0/21 maxlen: 21
31.173.72.0/21 maxlen: 21
31.173.80.0/21 maxlen: 21
31.173.88.0/21 maxlen: 21
188.170.0.0/19 maxlen: 19
188.170.24.0/24 maxlen: 24
31.173.16.0/21 maxlen: 21
31.173.24.0/21 maxlen: 21
31.173.32.0/19 maxlen: 19
83.169.192.0/18 maxlen: 24
31.173.60.0/24 maxlen: 24
31.173.64.0/21 maxlen: 21
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
109.74.112.0/20 maxlen: 24
62.64.0.0/20 maxlen: 20
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
46.229.128.0/22 maxlen: 22
212.44.64.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:9a:77:dc:d7:12:2e:eb:b9:76:dd:f1:ed:a6:5f:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 2 11:30:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b620d00e5c49a9c5cbb7d21f26bd591959a041b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:21:77:65:db:5e:01:81:94:a1:23:0d:5e:b6:
e2:2e:99:ba:9c:00:d6:6e:6f:a1:cc:af:ec:8c:75:
46:06:59:33:9a:29:99:a2:3c:aa:a0:b3:1a:6f:c2:
d1:a0:fa:90:24:cf:d3:4e:2c:86:17:09:ac:8a:10:
0b:70:d5:68:de:d9:22:7c:47:7a:18:b9:e1:c7:aa:
32:32:bc:29:01:87:4a:e7:05:ad:67:1b:a4:68:b6:
99:0d:2b:61:24:3b:09:f5:37:a8:21:bd:86:1f:2a:
4e:e0:46:b5:0e:ba:15:1a:34:ba:15:1d:49:61:16:
39:07:1e:2c:5e:d7:28:15:da:4f:8c:1a:6a:ef:a1:
59:b7:cc:a1:b1:a7:1a:fd:f9:87:84:d0:89:13:cc:
68:08:22:22:d6:82:62:60:86:02:b1:18:6d:dd:ab:
a4:67:59:c3:aa:25:8a:59:00:8f:8f:85:09:dd:5a:
36:08:f4:18:d3:cd:cf:19:2f:7f:f3:44:a0:4e:db:
ed:a6:fb:5d:9f:40:1a:ad:79:44:f1:6a:f8:45:01:
10:20:c8:c9:83:c6:f6:80:62:d5:e7:58:e3:54:65:
f1:4e:3d:10:7c:e6:36:f5:f7:14:a1:a8:6e:a8:9b:
f8:d3:6b:a8:e3:44:87:c4:b4:af:1b:0a:b2:66:5c:
bf:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:62:0D:00:E5:C4:9A:9C:5C:BB:7D:21:F2:6B:D5:91:95:9A:04:1B
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/a2INAOXEmpxcu30h8mvVkZWaBBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.0.0-31.173.95.255
37.28.176.0/21
37.29.32.0/21
46.229.128.0/22
62.64.0.0/20
78.25.112.0/21
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.0.0-178.176.47.255
178.176.52.0/22
178.176.72.0/21
178.177.0.0/18
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
188.170.0.0-188.170.47.255
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
08:e5:1a:8a:91:11:80:b5:e3:a6:a1:89:89:78:6a:fe:5e:06:
5f:c6:b5:2e:21:6b:d0:73:62:b2:cd:8d:16:24:72:a4:82:22:
3e:53:93:d9:9c:a0:e6:b2:83:13:13:f8:0e:c8:6c:8f:d7:0a:
47:61:a8:45:7d:c0:1d:99:f5:e1:fc:55:7d:3a:cd:73:c4:f7:
26:f8:60:16:d5:ef:74:36:7f:a1:72:0b:b8:f9:7c:05:06:16:
51:ad:1e:56:91:22:40:c0:ab:9a:64:56:eb:80:cf:46:86:0f:
a5:38:88:59:12:b6:87:67:d6:16:8e:9f:42:93:55:04:64:c6:
21:05:19:84:47:9d:76:a9:64:38:cf:6d:c8:ea:23:29:ea:01:
b3:d0:71:7c:88:d3:9b:93:4b:ab:00:d5:0f:44:fa:77:75:e9:
7f:b9:97:3c:6c:1e:79:ae:9e:11:04:d1:59:b3:d7:b9:3e:7b:
42:21:23:d8:c0:72:56:ec:68:3c:b6:28:73:3b:78:90:3d:3b:
1c:6b:c4:2c:d9:e9:20:23:3d:5a:14:e0:b5:31:05:f1:6d:cd:
2a:bc:10:fd:3a:60:52:55:f4:79:7f:ba:cf:05:e3:a3:e0:ea:
0f:f4:39:a4:5d:17:0e:34:46:85:8e:fa:24:df:e3:1c:cf:8c:
cf:f3:69:42
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgISAYTSmnfc1xIu67l23fHtpl8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjAyMTEzMDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjYyMGQwMGU1YzQ5YTljNWNiYjdkMjFmMjZiZDU5MTk1OWEwNDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCF3ZdteAYGUoSMNXrbiLpm6nADW
bm+hzK/sjHVGBlkzmimZojyqoLMab8LRoPqQJM/TTiyGFwmsihALcNVo3tkifEd6
GLnhx6oyMrwpAYdK5wWtZxukaLaZDSthJDsJ9TeoIb2GHypO4Ea1DroVGjS6FR1J
YRY5Bx4sXtcoFdpPjBpq76FZt8yhsaca/fmHhNCJE8xoCCIi1oJiYIYCsRht3auk
Z1nDqiWKWQCPj4UJ3Vo2CPQY083PGS9/80SgTtvtpvtdn0AarXlE8Wr4RQEQIMjJ
g8b2gGLV51jjVGXxTj0QfOY29fcUoahuqJv402uo40SHxLSvGwqyZly/QQIDAQAB
o4IDOjCCAzYwHQYDVR0OBBYEFGtiDQDlxJqcXLt9IfJr1ZGVmgQbMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvYTJJTkFPWEVtcHhjdTMwaDhtdlZrWldhQkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTgYIKwYBBQUHAQcBAf8EggE9MIIBOTCCATUEAgABMIIB
LTALAwMAH60DBAUfrUADBAMlHLADBAMlHSADBAIu5YADBAQ+QAADBANOGXADBAJO
KWQDBANPqwgDBARQ97ADBARRGIADBAZTqcADBAVT3sADBAdT5YADBAdVGoADBAVW
bcADBAJbwdQDBAddmYADBAdeGYADBAdfiQADBARtSnADBAZtfEADAwBtvAMEBoDM
QAMEA7IXkDALAwMEsrADBASysCADBAKysDQDBAOysEgDBAaysQADBAK5AyADBAK5
0owDBAO8XqgDAwC8ojALAwMBvKoDBAS8qiADBALByeQDBAXDBYADBAXDEGADBAHD
TnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXURWADBAXUd6ADBAXVmqADBAXV
qCADBAbV80ADBATZc1AwDQYJKoZIhvcNAQELBQADggEBAAjlGoqREYC146ahiYl4
av5eBl/GtS4ha9BzYrLNjRYkcqSCIj5Tk9mcoOaygxMT+A7IbI/XCkdhqEV9wB2Z
9eH8VX06zXPE9yb4YBbV73Q2f6FyC7j5fAUGFlGtHlaRIkDAq5pkVuuAz0aGD6U4
iFkStodn1haOn0KTVQRkxiEFGYRHnXapZDjPbcjqIynqAbPQcXyI05uTS6sA1Q9E
+nd16X+5lzxsHnmunhEE0Vmz17k+e0IhI9jAclbsaDy2KHM7eJA9OxxrxCzZ6SAj
PVoU4LUxBfFtzSq8EP06YFJV9Hl/us8F46Pg6g/0OaRdFw40RoWO+iTf4xzPjM/z
aUI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:26 2025 by rpki-client