Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ax7DrmiTC0F8ja9UFNKYGJ0YdPo.roa
File: ax7DrmiTC0F8ja9UFNKYGJ0YdPo.roa (raw, json)
Hash identifier: 0aIokUVDJFYAB3kgHXUXs6HJeDEfp2HrgbZaIubYBGc=
Subject key identifier: 6B:1E:C3:AE:68:93:0B:41:7C:8D:AF:54:14:D2:98:18:9D:18:74:FA
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184D29A7EECE8DB2CB4C636A97157F830F0
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ax7DrmiTC0F8ja9UFNKYGJ0YdPo.roa
Signing time: Fri 02 Dec 2022 11:30:51 +0000
ROA not before: Fri 02 Dec 2022 11:30:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41976
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
81.24.128.0/20 maxlen: 24
79.171.8.0/21 maxlen: 24
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
109.74.112.0/20 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:9a:7e:ec:e8:db:2c:b4:c6:36:a9:71:57:f8:30:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 2 11:30:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b1ec3ae68930b417c8daf5414d298189d1874fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:79:fc:fa:9a:b9:37:de:f4:cc:01:7c:12:b4:
ac:4b:1c:0c:6a:73:1c:c4:45:be:2b:93:7d:13:eb:
6a:99:22:16:1b:6d:27:47:e1:18:31:a1:c6:13:8f:
f1:f2:a7:19:2e:f9:31:04:c0:23:d1:33:cb:41:51:
48:47:82:c0:8f:12:3a:f5:89:69:00:76:b8:89:8f:
e2:64:08:89:64:25:c4:a7:07:38:3a:4d:42:cb:43:
64:10:3f:cc:5c:80:a9:56:82:4d:da:ef:ff:4d:b4:
26:be:6b:42:d3:39:e7:c2:bf:df:6e:5d:ae:b7:9f:
db:ce:f7:a9:07:b6:c8:b2:84:e6:fe:72:88:04:d2:
7f:3d:fc:38:1a:fc:45:d7:ad:a1:93:1e:1b:23:c9:
ef:90:c9:eb:b8:ec:f8:25:f2:e0:4c:42:6f:70:fd:
cb:03:ae:2a:e2:41:dd:19:d4:27:7e:3c:65:04:df:
2d:00:1a:73:8d:91:62:3a:a6:41:6e:58:7b:ae:b1:
b7:5a:6b:71:7d:75:9f:61:e1:8e:74:e3:82:78:ec:
ce:79:ca:f9:89:0a:c8:98:27:af:ae:7d:5b:b2:00:
6c:06:a5:1a:e7:3d:ba:82:c7:7d:7e:33:79:16:9b:
1b:e7:39:aa:c8:e5:a8:3f:89:d6:d5:ab:d6:c5:9f:
b9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:1E:C3:AE:68:93:0B:41:7C:8D:AF:54:14:D2:98:18:9D:18:74:FA
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ax7DrmiTC0F8ja9UFNKYGJ0YdPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
06:b2:56:ad:98:0a:c5:ac:18:58:3e:c9:f6:d2:7b:44:d6:a2:
9c:92:a3:70:21:be:fc:2f:95:12:5e:f7:22:29:c0:d5:35:85:
82:ba:a8:aa:1b:3c:7c:ec:8a:d9:4e:a6:0c:53:fb:c7:a9:42:
30:88:e1:cd:e0:17:3b:0b:a7:58:29:20:2b:1d:25:2a:1d:37:
a4:8e:cd:9f:34:b9:7b:16:84:ea:b5:4a:01:4b:fd:0c:21:5c:
ff:ea:22:e9:db:a6:38:82:14:0f:ed:fe:ce:7c:01:04:4d:31:
c2:62:02:91:ba:61:38:f8:5b:ad:e6:53:4c:59:d9:9e:ac:8a:
36:b2:e0:bf:a3:19:2c:31:6f:1c:a8:a4:11:f6:19:6b:3a:23:
ab:d8:bc:4f:ff:f9:9d:2b:af:47:88:65:e7:b0:1b:d2:4f:ed:
0f:8c:18:f2:11:72:b8:3c:ee:ed:df:a7:39:5f:7c:17:d3:ac:
b7:51:0b:df:66:c5:05:8a:18:8d:bd:99:16:96:da:50:7f:39:
23:ff:86:42:66:d7:d4:43:b7:30:36:40:3d:50:1a:bd:4a:50:
74:0d:43:d0:d2:f7:ea:91:2e:79:a1:2f:15:d6:9b:b6:2a:bf:
d0:d8:06:dd:4c:56:25:33:bd:89:f2:ee:9b:cd:b8:1b:15:12:
e4:3a:06:83
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYTSmn7s6NsstMY2qXFX+DDwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjAyMTEzMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjFlYzNhZTY4OTMwYjQxN2M4ZGFmNTQxNGQyOTgxODlkMTg3NGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXn8+pq5N970zAF8ErSsSxwManMc
xEW+K5N9E+tqmSIWG20nR+EYMaHGE4/x8qcZLvkxBMAj0TPLQVFIR4LAjxI69Ylp
AHa4iY/iZAiJZCXEpwc4Ok1Cy0NkED/MXICpVoJN2u//TbQmvmtC0znnwr/fbl2u
t5/bzvepB7bIsoTm/nKIBNJ/Pfw4GvxF162hkx4bI8nvkMnruOz4JfLgTEJvcP3L
A64q4kHdGdQnfjxlBN8tABpzjZFiOqZBblh7rrG3WmtxfXWfYeGOdOOCeOzOecr5
iQrImCevrn1bsgBsBqUa5z26gsd9fjN5Fpsb5zmqyOWoP4nW1avWxZ+5bQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFGsew65okwtBfI2vVBTSmBidGHT6MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvYXg3RHJtaVRDMEY4amE5VUZOS1lHSjBZZFBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAJO
KWQDBANPqwgDBARQ97ADBARRGIADBAZTqcADBAVT3sADBAdT5YADBAdVGoADBAVW
bcADBAJbwdQDBAddmYADBAdeGYADBAdfiQADBARtSnADBAZtfEADAwBtvAMEBoDM
QAMEA7IXkAMEArkDIAMEArnSjAMEA7xeqAMDALyiAwQCwcnkAwQFwwWAAwQFwxBg
AwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1HegAwQF1Zqg
AwQF1aggAwQG1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IBAQAGslatmArFrBhY
Psn20ntE1qKckqNwIb78L5USXvciKcDVNYWCuqiqGzx87IrZTqYMU/vHqUIwiOHN
4Bc7C6dYKSArHSUqHTekjs2fNLl7FoTqtUoBS/0MIVz/6iLp26Y4ghQP7f7OfAEE
TTHCYgKRumE4+Fut5lNMWdmerIo2suC/oxksMW8cqKQR9hlrOiOr2LxP//mdK69H
iGXnsBvST+0PjBjyEXK4PO7t36c5X3wX06y3UQvfZsUFihiNvZkWltpQfzkj/4ZC
ZtfUQ7cwNkA9UBq9SlB0DUPQ0vfqkS55oS8V1pu2Kr/Q2AbdTFYlM72J8u6bzbgb
FRLkOgaD
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:41:14 2025 by rpki-client