Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/blow0W1BsVSyHoBDT_zPoRapIHY.roa
File: blow0W1BsVSyHoBDT_zPoRapIHY.roa (raw, json)
Hash identifier: XM7Y25Oy89GGa/QdqqnzP6i5Xt9r0T4ZXctx0ZSUATI=
Subject key identifier: 6E:5A:30:D1:6D:41:B1:54:B2:1E:80:43:4F:FC:CF:A1:16:A9:20:76
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01847633565A47749D76205831798B28B6B7
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/blow0W1BsVSyHoBDT_zPoRapIHY.roa
Signing time: Mon 14 Nov 2022 12:53:06 +0000
ROA not before: Mon 14 Nov 2022 12:53:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31268
IP address blocks: 109.188.0.0/16 maxlen: 24
46.29.192.0/21 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
81.24.128.0/20 maxlen: 24
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
46.232.200.0/21 maxlen: 24
62.64.0.0/19 maxlen: 24
78.25.64.0/18 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
46.229.128.0/20 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:33:56:5a:47:74:9d:76:20:58:31:79:8b:28:b6:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Nov 14 12:53:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6e5a30d16d41b154b21e80434ffccfa116a92076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a5:bb:5a:6a:ee:dc:76:b4:37:dd:0a:c5:e8:
33:5b:ab:07:47:23:50:2c:d4:69:f5:23:9c:f2:47:
0a:b2:31:fa:8f:50:d4:68:4d:8a:7f:1e:ef:fb:49:
6b:2d:42:3d:01:4a:f6:50:d2:74:89:b4:92:27:c7:
f0:45:9d:e5:32:ed:01:c9:ff:60:39:8d:e5:25:08:
f6:f7:d0:74:4a:a7:b8:e4:94:90:0e:ae:de:42:4a:
7e:2c:7d:3d:9b:42:09:6f:95:92:1c:a4:7e:82:43:
cf:40:c7:18:67:8e:15:6d:53:8b:04:6a:cf:5d:0d:
99:36:97:e4:46:be:a8:de:a1:eb:2d:e9:99:d3:e5:
b0:2f:f2:b7:d6:87:c1:cd:cf:f0:54:1f:59:14:e0:
dd:49:50:9d:67:c5:e6:c2:0a:77:0d:a4:d3:14:f7:
a9:d2:93:6e:14:76:4c:20:56:c1:64:a1:84:74:b2:
e8:75:26:d3:8e:fa:d9:ce:cb:f5:36:21:8b:fe:2d:
ad:5f:1e:eb:de:e1:34:ec:a4:9c:4f:7d:ce:91:80:
f1:0f:39:bb:26:04:2e:c6:f1:83:6d:34:1d:cc:ec:
4f:2c:34:37:e1:40:eb:62:8c:e2:df:1e:b0:72:09:
0d:f3:a2:a8:3e:6c:49:a0:49:4e:bc:e5:83:ea:f3:
98:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:5A:30:D1:6D:41:B1:54:B2:1E:80:43:4F:FC:CF:A1:16:A9:20:76
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/blow0W1BsVSyHoBDT_zPoRapIHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.192.0/21
46.229.128.0/20
46.232.200.0/21
62.64.0.0/19
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
6e:1c:63:05:2e:ed:db:c8:7e:d3:a9:84:85:ac:39:87:7e:b1:
c8:cd:27:22:e7:41:a1:29:80:a8:99:cc:f3:57:b7:c4:35:b2:
89:f8:ef:a6:0e:cb:c7:e3:48:e1:99:7f:3e:99:55:58:fb:0b:
ef:39:73:fe:3c:cc:f3:cf:0f:cc:01:ae:d9:86:55:39:37:e0:
cb:77:50:ce:86:c1:a2:9b:05:b5:57:38:f0:8c:53:a7:3e:8c:
45:42:df:eb:4d:69:a9:dc:b1:c3:b5:27:fe:bc:53:1e:7c:b7:
1a:db:ba:18:65:09:79:1d:e8:c7:13:49:a9:2a:ec:71:24:c5:
eb:2f:ed:ff:72:8c:70:3e:05:a2:8d:94:d4:69:0e:d2:eb:bb:
3e:e5:4a:51:71:90:7f:24:46:a2:e4:b9:ea:ac:59:5d:2a:fe:
a4:15:db:e4:e9:e7:1e:87:19:42:84:64:68:a2:75:0a:4d:41:
a0:d2:82:4b:c6:4f:fb:1b:b4:df:2b:64:a8:61:be:09:33:f2:
39:ea:af:c4:d4:ef:fe:86:89:16:8d:37:49:d7:e5:bd:52:36:
db:f0:6a:a2:aa:1d:0b:b9:7d:24:25:3a:77:e9:58:98:7a:80:
10:75:c9:cd:b8:a8:de:45:a0:ba:aa:79:b1:b1:04:69:5b:08:
15:82:15:2e
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAYR2M1ZaR3SddiBYMXmLKLa3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMTE0MTI1MzA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTVhMzBkMTZkNDFiMTU0YjIxZTgwNDM0ZmZjY2ZhMTE2YTkyMDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6W7Wmru3Ha0N90KxegzW6sHRyNQ
LNRp9SOc8kcKsjH6j1DUaE2Kfx7v+0lrLUI9AUr2UNJ0ibSSJ8fwRZ3lMu0Byf9g
OY3lJQj299B0Sqe45JSQDq7eQkp+LH09m0IJb5WSHKR+gkPPQMcYZ44VbVOLBGrP
XQ2ZNpfkRr6o3qHrLemZ0+WwL/K31ofBzc/wVB9ZFODdSVCdZ8Xmwgp3DaTTFPep
0pNuFHZMIFbBZKGEdLLodSbTjvrZzsv1NiGL/i2tXx7r3uE07KScT33OkYDxDzm7
JgQuxvGDbTQdzOxPLDQ34UDrYozi3x6wcgkN86KoPmxJoElOvOWD6vOYCQIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFG5aMNFtQbFUsh6AQ0/8z6EWqSB2MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvYmxvdzBXMUJzVlN5SG9CRFRfelBvUmFwSUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCCAQEEAgABMIH6
AwQDLh3AAwQELuWAAwQDLujIAwQFPkAAAwQFTemgAwQGThlAAwQCTilkAwQDT6sI
AwQEUPewAwQEURiAAwQGU6nAAwQFU97AAwQHU+WAAwQHVRqAAwQFVm3AAwQCW8HU
AwQHXZmAAwQHXhmAAwQHX4kAAwQEbUpwAwQGbXxAAwMAbbwDBAaAzEADBAOyF5AD
BAK5AyADBAK50owDBAO8XqgDAwC8ogMEAsHJ5AMEBcMFgAMEBcMQYAMEAcNOdAME
AMOVbwMEBcPmQAMEBdQOoAMEBdQsQAMEBdRFYAMEBdR3oAMEBdWaoAMEBdWoIAME
BtXzQAMEBNlzUDANBgkqhkiG9w0BAQsFAAOCAQEAbhxjBS7t28h+06mEhaw5h36x
yM0nIudBoSmAqJnM81e3xDWyifjvpg7Lx+NI4Zl/PplVWPsL7zlz/jzM888PzAGu
2YZVOTfgy3dQzobBopsFtVc48IxTpz6MRULf601pqdyxw7Un/rxTHny3Gtu6GGUJ
eR3oxxNJqSrscSTF6y/t/3KMcD4Foo2U1GkO0uu7PuVKUXGQfyRGouS56qxZXSr+
pBXb5OnnHocZQoRkaKJ1Ck1BoNKCS8ZP+xu03ytkqGG+CTPyOeqvxNTv/oaJFo03
SdflvVI22/BqoqodC7l9JCU6d+lYmHqAEHXJzbio3kWguqp5sbEEaVsIFYIVLg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:35 2024 by rpki-client on console-ams.rpki-client.org