Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/dUjrLPBwhrGgwBveV6hau1QI7Ok.roa
File: dUjrLPBwhrGgwBveV6hau1QI7Ok.roa (raw, json)
Hash identifier: kc46kJxp4FDe850Rv4//3sr7u7nSfzX3ieXhX0a9WHo=
Subject key identifier: 75:48:EB:2C:F0:70:86:B1:A0:C0:1B:DE:57:A8:5A:BB:54:08:EC:E9
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F176BF0AC7F6C47426EC887F51906792
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/dUjrLPBwhrGgwBveV6hau1QI7Ok.roa
Signing time: Thu 08 Dec 2022 11:20:02 +0000
ROA not before: Thu 08 Dec 2022 11:20:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31088
IP address blocks: 109.188.0.0/16 maxlen: 24
212.69.96.0/19 maxlen: 24
212.14.160.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
195.230.64.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
195.16.96.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
178.23.144.0/21 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:76:bf:0a:c7:f6:c4:74:26:ec:88:7f:51:90:67:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 11:20:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7548eb2cf07086b1a0c01bde57a85abb5408ece9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:33:c0:61:1a:4a:ea:e7:3f:72:06:f3:82:10:
48:1c:34:3f:70:f1:86:f4:a5:69:33:ab:d3:35:90:
33:30:3f:7e:31:01:43:13:fb:e7:e0:62:6e:14:6b:
86:6d:4a:a6:72:c8:37:82:f9:23:83:7d:ca:b2:13:
3a:54:f9:ba:3b:67:d9:8c:00:e5:12:27:de:05:d9:
a9:ce:bd:e8:ba:44:65:b1:ba:01:3a:a0:29:8e:cd:
f7:f6:a4:f0:86:04:63:87:81:1b:1d:11:46:d1:c0:
10:8f:3c:69:9e:69:42:39:d9:6f:14:18:8d:fa:13:
44:e5:86:47:13:d1:c3:e7:61:0b:0b:20:e9:d7:bd:
20:83:45:c1:f6:bc:2e:01:76:de:e2:70:6c:07:30:
55:e9:ff:8b:fc:26:fe:68:1e:f1:99:87:ef:29:49:
e4:92:ea:d8:63:18:43:48:2f:63:b7:17:64:97:fd:
a4:7b:96:67:c3:9c:90:7e:dc:ae:7b:7d:22:6e:ec:
94:c5:7c:20:44:1b:1e:19:b1:f6:33:c6:91:f3:af:
65:b0:8a:66:cd:e7:f3:d0:0a:6d:a4:30:46:99:fc:
37:0a:8f:fa:fb:0c:2c:f7:99:73:c2:5b:38:f8:da:
21:75:bf:fd:6f:92:39:7e:09:68:68:a0:a4:af:63:
fb:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:48:EB:2C:F0:70:86:B1:A0:C0:1B:DE:57:A8:5A:BB:54:08:EC:E9
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/dUjrLPBwhrGgwBveV6hau1QI7Ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
19:ad:2a:01:a8:92:8a:d5:7a:27:f6:45:cb:81:6e:64:26:82:
a6:94:56:60:27:f5:7c:67:c9:60:4f:ff:ef:99:bf:16:bb:9d:
49:33:12:a7:4a:f8:e5:3b:b4:57:e9:0c:3d:85:47:ef:3f:ee:
a9:7b:b9:dd:22:59:f2:c5:71:12:ec:25:b1:f7:44:5c:e7:97:
ba:c3:cf:4f:ad:71:7c:dc:45:89:66:f1:42:da:28:79:ea:4e:
9d:36:ab:4a:71:dc:32:23:ad:55:0d:79:22:0a:94:a6:03:ce:
85:75:a1:c9:37:f3:80:7e:24:b2:00:8f:14:86:6e:62:24:cd:
67:e2:51:98:f9:e9:fa:bf:61:4c:13:83:14:5a:35:f5:9c:b0:
cf:ed:71:0a:81:a1:e4:2b:2c:cb:6e:5e:51:a7:d1:b5:c3:dd:
2c:64:94:37:8d:c1:8d:f1:19:dc:94:d3:c2:e4:ae:b6:61:87:
3d:ae:f4:d2:9e:1e:0a:71:e2:dd:3b:ce:7c:d5:5e:dd:57:8d:
bf:b1:c1:f5:6a:29:01:fb:67:04:e5:b3:27:48:70:f8:7a:11:
55:27:25:40:ed:f4:4f:8d:e8:e1:8c:02:28:37:aa:67:33:75:
86:33:91:90:59:df:23:95:8e:3c:7b:18:23:9e:9c:a0:ed:77:
7f:08:7f:e7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYTxdr8Kx/bEdCbsiH9RkGeSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTEyMDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTQ4ZWIyY2YwNzA4NmIxYTBjMDFiZGU1N2E4NWFiYjU0MDhlY2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDPAYRpK6uc/cgbzghBIHDQ/cPGG
9KVpM6vTNZAzMD9+MQFDE/vn4GJuFGuGbUqmcsg3gvkjg33KshM6VPm6O2fZjADl
EifeBdmpzr3oukRlsboBOqApjs339qTwhgRjh4EbHRFG0cAQjzxpnmlCOdlvFBiN
+hNE5YZHE9HD52ELCyDp170gg0XB9rwuAXbe4nBsBzBV6f+L/Cb+aB7xmYfvKUnk
kurYYxhDSC9jtxdkl/2ke5Znw5yQftyue30ibuyUxXwgRBseGbH2M8aR869lsIpm
zefz0AptpDBGmfw3Co/6+wws95lzwls4+Nohdb/9b5I5fgloaKCkr2P71wIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFHVI6yzwcIaxoMAb3leoWrtUCOzpMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvZFVqckxQQndockdnd0J2ZVY2aGF1MVFJN09rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMDAG28
AwQGgMxAAwQDsheQAwQCuQMgAwQCudKMAwQDvF6oAwMAvKIDBALByeQDBAXDBYAD
BAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXURWADBAXUd6AD
BAXVmqADBAXVqCADBAbV80ADBATZc1AwDQYJKoZIhvcNAQELBQADggEBABmtKgGo
korVeif2RcuBbmQmgqaUVmAn9XxnyWBP/++Zvxa7nUkzEqdK+OU7tFfpDD2FR+8/
7ql7ud0iWfLFcRLsJbH3RFznl7rDz0+tcXzcRYlm8ULaKHnqTp02q0px3DIjrVUN
eSIKlKYDzoV1ock384B+JLIAjxSGbmIkzWfiUZj56fq/YUwTgxRaNfWcsM/tcQqB
oeQrLMtuXlGn0bXD3SxklDeNwY3xGdyU08LkrrZhhz2u9NKeHgpx4t07znzVXt1X
jb+xwfVqKQH7ZwTlsydIcPh6EVUnJUDt9E+N6OGMAig3qmczdYYzkZBZ3yOVjjx7
GCOenKDtd38If+c=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:38:28 2025 by rpki-client