Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/cqEaZfl_o5Sh6hNWHiN44UulWn4.roa
File: cqEaZfl_o5Sh6hNWHiN44UulWn4.roa (raw, json)
Hash identifier: Ym8mxAIxxB68NwrYRYgM/hXqofZtUs2MgcZrSAIN8lI=
Subject key identifier: 72:A1:1A:65:F9:7F:A3:94:A1:EA:13:56:1E:23:78:E1:4B:A5:5A:7E
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184E2AF500C9607369BB3299311DA685E18
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/cqEaZfl_o5Sh6hNWHiN44UulWn4.roa
Signing time: Mon 05 Dec 2022 14:27:30 +0000
ROA not before: Mon 05 Dec 2022 14:27:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31195
IP address blocks: 109.188.0.0/16 maxlen: 24
195.16.96.0/19 maxlen: 24
193.201.228.0/22 maxlen: 24
85.26.240.0/22 maxlen: 22
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
178.178.64.0/24 maxlen: 24
178.178.71.0/24 maxlen: 24
178.178.66.0/24 maxlen: 24
178.178.65.0/24 maxlen: 24
178.178.68.0/24 maxlen: 24
178.178.67.0/24 maxlen: 24
178.178.70.0/24 maxlen: 24
178.178.73.0/24 maxlen: 24
185.3.32.0/22 maxlen: 24
178.178.72.0/24 maxlen: 24
78.25.124.0/22 maxlen: 22
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
78.25.127.0/24 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
31.173.225.0/24 maxlen: 24
31.173.226.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
31.173.132.0/23 maxlen: 23
212.119.160.0/19 maxlen: 24
31.173.134.0/23 maxlen: 23
31.173.135.0/24 maxlen: 24
178.176.233.0/24 maxlen: 24
178.176.235.0/24 maxlen: 24
178.176.234.0/24 maxlen: 24
31.173.143.0/24 maxlen: 24
37.28.188.0/22 maxlen: 22
37.28.191.0/24 maxlen: 24
37.28.190.0/24 maxlen: 24
91.193.212.0/22 maxlen: 24
37.29.89.0/24 maxlen: 24
37.29.91.0/24 maxlen: 24
37.29.88.0/22 maxlen: 22
37.29.95.0/24 maxlen: 24
37.29.92.0/22 maxlen: 22
37.29.94.0/24 maxlen: 24
188.170.233.0/24 maxlen: 24
188.170.231.0/24 maxlen: 24
188.170.228.0/23 maxlen: 23
188.170.232.0/24 maxlen: 24
188.170.230.0/24 maxlen: 24
188.170.236.0/24 maxlen: 24
188.170.234.0/24 maxlen: 24
188.170.239.0/24 maxlen: 24
188.170.237.0/24 maxlen: 24
188.170.235.0/24 maxlen: 24
31.173.231.0/24 maxlen: 24
31.173.228.0/23 maxlen: 23
31.173.228.0/24 maxlen: 24
31.173.230.0/24 maxlen: 24
31.173.232.0/23 maxlen: 23
31.173.229.0/24 maxlen: 24
31.173.239.0/24 maxlen: 24
31.173.236.0/23 maxlen: 23
31.173.238.0/24 maxlen: 24
31.173.235.0/24 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
37.29.43.0/24 maxlen: 24
95.137.0.0/17 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
83.149.52.0/22 maxlen: 22
83.169.228.0/23 maxlen: 23
83.169.230.0/24 maxlen: 24
83.169.227.0/24 maxlen: 24
83.169.226.0/24 maxlen: 24
83.169.224.0/23 maxlen: 23
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
85.26.244.0/22 maxlen: 22
85.26.247.0/24 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:af:50:0c:96:07:36:9b:b3:29:93:11:da:68:5e:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 5 14:27:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72a11a65f97fa394a1ea13561e2378e14ba55a7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:65:cf:f9:b1:7f:25:79:7a:04:b0:bf:ca:d8:
8c:4b:b3:e6:e2:a5:8a:9a:55:f1:1d:ca:aa:f2:64:
fa:77:aa:ea:80:d3:93:f4:bd:26:dd:5a:6c:d9:fe:
ee:87:95:74:e7:b0:d4:a0:8d:08:9e:e9:70:84:ec:
9f:92:91:07:43:c5:4a:c8:79:93:1c:58:b0:ed:d3:
8f:05:30:d5:f0:90:9c:96:f1:05:67:37:54:d0:4d:
dc:7b:fe:9b:33:da:65:a8:08:1d:d0:88:e3:08:e2:
e9:38:a3:d2:40:d3:fb:f1:17:11:1f:8d:6f:ea:ee:
96:b9:41:e4:47:9f:68:2c:c1:c9:54:c1:fc:e7:8f:
05:d3:c1:00:b2:b9:9b:36:24:f8:3e:6e:a6:e4:0c:
f2:c6:62:02:98:07:4f:50:45:6b:1c:ce:b5:17:a3:
21:70:ef:2c:4c:e7:9a:5f:f0:09:59:e5:8e:7d:f6:
33:ed:48:12:74:12:1a:33:ac:42:bd:6f:26:cc:b6:
ad:e2:ec:ef:7d:4c:48:ca:8d:0f:6e:3e:c3:0b:cc:
bf:a7:c4:28:9f:f9:17:ee:fe:04:1f:eb:5d:6b:10:
5c:3a:40:5b:2a:06:2f:2c:61:da:51:a6:10:2e:fe:
09:2a:c0:c5:ab:36:f7:fe:7b:ef:b1:04:21:6e:17:
dc:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A1:1A:65:F9:7F:A3:94:A1:EA:13:56:1E:23:78:E1:4B:A5:5A:7E
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/cqEaZfl_o5Sh6hNWHiN44UulWn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.132.0/22
31.173.143.0/24
31.173.225.0-31.173.226.255
31.173.228.0-31.173.233.255
31.173.235.0-31.173.239.255
37.28.188.0/22
37.29.43.0/24
37.29.88.0/21
78.25.124.0/22
83.149.52.0/22
83.169.224.0-83.169.230.255
85.26.240.0/21
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.233.0-178.176.235.255
178.178.64.0-178.178.68.255
178.178.70.0-178.178.73.255
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
188.170.228.0-188.170.237.255
188.170.239.0/24
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
74:4b:d1:7b:35:44:6b:53:c4:01:01:1b:4e:68:13:7d:5b:b5:
eb:3e:4e:fb:02:c8:42:c1:9d:68:bf:e5:1a:2b:9e:cd:09:0e:
9d:02:59:17:d9:1a:b4:f1:53:03:b7:32:e9:40:bb:3e:9d:b7:
97:6d:e2:0e:da:f5:82:2e:95:53:20:d9:6a:cf:d4:d1:28:eb:
ea:a0:0c:b8:b7:06:fe:4a:14:c7:d4:99:59:d4:56:c2:1e:d6:
24:9b:75:5f:77:06:c5:5d:f5:86:dd:df:5f:3f:4f:a6:22:b7:
52:0e:49:91:97:ce:ca:e3:16:3d:3d:8f:98:4b:10:41:59:ae:
a6:1c:3b:48:93:50:b6:ff:16:d4:f2:17:93:51:b9:b5:ea:96:
65:16:51:45:ce:07:aa:b6:63:8d:be:fb:66:c2:d8:bc:68:1b:
e7:f6:95:87:5b:e3:dd:a7:81:26:f5:0d:0b:7c:d8:63:c5:ed:
99:24:dc:ff:37:94:10:0b:37:57:69:94:05:b3:61:4a:d1:42:
ba:d7:da:40:ac:16:d0:d2:ba:87:e3:94:0e:1c:e8:30:b7:e4:
02:0f:0f:3d:0c:1c:37:73:d9:da:72:2b:8c:74:3b:1c:07:df:
49:96:e6:22:5c:e1:c4:21:68:98:24:f0:c2:2e:fe:9a:a3:d3:
6d:49:24:81
-----BEGIN CERTIFICATE-----
MIIGTTCCBTWgAwIBAgISAYTir1AMlgc2m7MpkxHaaF4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA1MTQyNzMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmExMWE2NWY5N2ZhMzk0YTFlYTEzNTYxZTIzNzhlMTRiYTU1YTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGXP+bF/JXl6BLC/ytiMS7Pm4qWK
mlXxHcqq8mT6d6rqgNOT9L0m3Vps2f7uh5V057DUoI0InulwhOyfkpEHQ8VKyHmT
HFiw7dOPBTDV8JCclvEFZzdU0E3ce/6bM9plqAgd0IjjCOLpOKPSQNP78RcRH41v
6u6WuUHkR59oLMHJVMH8548F08EAsrmbNiT4Pm6m5AzyxmICmAdPUEVrHM61F6Mh
cO8sTOeaX/AJWeWOffYz7UgSdBIaM6xCvW8mzLat4uzvfUxIyo0Pbj7DC8y/p8Qo
n/kX7v4EH+tdaxBcOkBbKgYvLGHaUaYQLv4JKsDFqzb3/nvvsQQhbhfc7QIDAQAB
o4IDWTCCA1UwHQYDVR0OBBYEFHKhGmX5f6OUoeoTVh4jeOFLpVp+MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvY3FFYVpmbF9vNVNoNmhOV0hpTjQ0VXVsV240LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbQYIKwYBBQUHAQcBAf8EggFcMIIBWDCCAVQEAgABMIIB
TAMEAh+thAMEAB+tjzAMAwQAH63hAwQAH63iMAwDBAIfreQDBAEfregwDAMEAB+t
6wMEBB+t4AMEAiUcvAMEACUdKwMEAyUdWAMEAk4ZfAMEAlOVNDAMAwQFU6ngAwQA
U6nmAwQDVRrwAwQFVm3AAwQCW8HUAwQHXZmAAwQHXhmAAwQHX4kAAwQEbUpwAwQG
bXxAAwMAbbwDBAaAzEADBAOyF5AwDAMEALKw6QMEArKw6DAMAwQGsrJAAwQAsrJE
MAwDBAGyskYDBAGyskgDBAK5AyADBAK50owDBAO8XqgDAwC8ojAMAwQCvKrkAwQB
vKrsAwQAvKrvAwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQAw5VvAwQFw+ZAAwQF
1A6gAwQF1CxAAwQF1EVgAwQF1HegAwQF1ZqgAwQF1aggAwQG1fNAAwQE2XNQMA0G
CSqGSIb3DQEBCwUAA4IBAQB0S9F7NURrU8QBARtOaBN9W7XrPk77AshCwZ1ov+Ua
K57NCQ6dAlkX2Rq08VMDtzLpQLs+nbeXbeIO2vWCLpVTINlqz9TRKOvqoAy4twb+
ShTH1JlZ1FbCHtYkm3VfdwbFXfWG3d9fP0+mIrdSDkmRl87K4xY9PY+YSxBBWa6m
HDtIk1C2/xbU8heTUbm16pZlFlFFzgeqtmONvvtmwti8aBvn9pWHW+Pdp4Em9Q0L
fNhjxe2ZJNz/N5QQCzdXaZQFs2FK0UK619pArBbQ0rqH45QOHOgwt+QCDw89DBw3
c9naciuMdDscB99JluYiXOHEIWiYJPDCLv6ao9NtSSSB
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:34 2025 by rpki-client