Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/dV5IeheYee6ldHoD0LX9VwwIMDQ.roa
File: dV5IeheYee6ldHoD0LX9VwwIMDQ.roa (raw, json)
Hash identifier: ibypuntpG7OLa1ctSUgSBgRsYnnlv+y9KfJUGBiLmpE=
Subject key identifier: 75:5E:48:7A:17:98:79:EE:A5:74:7A:03:D0:B5:FD:57:0C:08:30:34
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505A424060FC4027ED9C041B5B981D692
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/dV5IeheYee6ldHoD0LX9VwwIMDQ.roa
Signing time: Mon 12 Dec 2022 09:22:01 +0000
ROA not before: Mon 12 Dec 2022 09:22:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20632
IP address blocks: 84.204.230.0/24 maxlen: 24
212.14.160.0/19 maxlen: 19
195.16.96.0/19 maxlen: 24
84.204.160.0/20 maxlen: 20
82.196.64.0/19 maxlen: 19
84.204.176.0/21 maxlen: 21
81.24.128.0/20 maxlen: 20
79.171.8.0/21 maxlen: 21
84.204.188.0/22 maxlen: 22
84.204.192.0/18 maxlen: 18
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
109.124.108.0/22 maxlen: 22
217.195.64.0/19 maxlen: 19
109.124.64.0/18 maxlen: 18
213.172.0.0/19 maxlen: 19
84.204.0.0/17 maxlen: 17
93.153.128.0/17 maxlen: 17
93.153.144.0/21 maxlen: 21
93.153.158.0/24 maxlen: 24
188.162.0.0/16 maxlen: 24
93.153.162.0/24 maxlen: 24
93.153.161.0/24 maxlen: 24
195.144.224.0/19 maxlen: 19
212.119.160.0/19 maxlen: 19
80.247.176.0/20 maxlen: 20
81.3.128.0/18 maxlen: 18
84.204.132.0/22 maxlen: 22
94.25.248.0/21 maxlen: 21
84.204.139.0/24 maxlen: 24
84.204.138.0/24 maxlen: 24
213.182.160.0/19 maxlen: 19
84.204.136.0/24 maxlen: 24
84.204.140.0/22 maxlen: 22
84.204.144.0/20 maxlen: 20
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 19
82.140.64.0/18 maxlen: 18
82.140.93.0/24 maxlen: 24
95.137.0.0/17 maxlen: 17
46.47.192.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:a4:24:06:0f:c4:02:7e:d9:c0:41:b5:b9:81:d6:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 09:22:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=755e487a179879eea5747a03d0b5fd570c083034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c2:b5:4d:c1:1c:b9:8d:82:63:b7:68:54:db:
e7:0d:70:ec:a5:36:a9:84:9c:92:59:62:9c:15:5e:
a9:da:0a:de:cb:6c:b0:cd:00:81:81:b7:9d:b1:32:
4b:a1:02:45:79:ea:a1:78:91:1c:b4:ae:c7:1a:86:
db:54:90:7c:df:fe:78:40:d5:0e:b2:13:95:b0:eb:
46:22:7f:3f:86:5e:31:30:95:b9:66:2c:91:bd:5b:
b4:66:e2:61:df:f4:5c:e8:4a:7c:70:a0:34:12:bb:
12:4b:34:3d:c4:13:d2:9d:2a:25:51:9f:14:43:42:
7c:7b:07:e5:97:ce:91:30:4a:bf:fd:db:fa:5d:2c:
a9:83:c7:93:f0:d1:a0:85:e3:4b:20:e3:8b:35:6d:
58:13:56:66:8c:ed:e0:ab:0b:19:b2:fb:d0:33:5d:
a8:a3:53:e7:cc:b5:fb:71:b4:d4:c0:45:a3:d3:7f:
ab:87:7e:18:4b:66:4d:5d:82:08:ab:fb:a9:0b:c0:
58:17:e9:2a:cf:eb:6a:12:89:9e:1e:56:de:83:a2:
0a:3d:d3:ef:de:44:2b:10:75:16:63:db:ef:85:89:
d2:f0:31:b4:e2:b4:98:53:b7:ae:ab:66:15:7b:0d:
47:11:df:a3:54:7d:7b:b9:c9:23:d4:9c:54:99:0d:
a6:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:5E:48:7A:17:98:79:EE:A5:74:7A:03:D0:B5:FD:57:0C:08:30:34
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/dV5IeheYee6ldHoD0LX9VwwIMDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.192.0/18
79.171.8.0/21
80.247.176.0/20
81.3.128.0/18
81.24.128.0/20
82.140.64.0/18
82.196.64.0/19
84.204.0.0/17
84.204.132.0-84.204.136.255
84.204.138.0-84.204.183.255
84.204.188.0-84.204.255.255
93.153.128.0/17
94.25.248.0/21
95.137.0.0/17
109.124.64.0/18
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.144.224.0/19
212.14.160.0/19
212.44.64.0/19
212.119.160.0/19
213.172.0.0/19
213.182.160.0/19
217.195.64.0/19
Signature Algorithm: sha256WithRSAEncryption
1a:20:f2:7c:dd:0d:8e:c0:3c:fe:03:cb:2e:f9:8e:96:18:3f:
a1:57:0e:37:e5:bc:69:0b:9d:cb:d8:19:48:aa:b3:84:9a:10:
37:2e:7c:8d:25:50:94:e6:58:1a:83:cc:5b:3a:56:0e:4b:39:
be:6d:07:c5:40:36:f3:76:a0:7d:e8:b0:68:0c:3e:89:b0:7b:
d0:e2:04:10:86:55:03:ff:a7:58:1e:f9:d1:bc:f2:b8:1c:71:
17:b0:7d:81:20:b6:97:bc:93:de:51:5b:c9:31:ea:d6:8c:57:
ef:34:81:d6:79:d4:16:62:9a:86:d9:11:af:ae:f2:71:f8:5d:
8a:0f:75:88:0f:df:24:f6:02:40:34:ea:13:da:78:a6:7e:70:
b9:ce:6c:29:4f:ae:78:76:43:fd:e7:03:4b:da:b7:db:40:b9:
7c:ea:87:9a:d3:69:7c:69:3a:04:0c:f3:d6:41:e7:3b:96:7f:
bb:6a:00:de:82:d7:9c:8b:52:38:bf:22:d9:40:37:30:bb:fd:
18:7a:3f:f9:40:de:10:7f:4c:9d:70:f0:4a:c7:f1:83:fa:54:
73:81:3e:28:da:c0:52:91:ec:6f:09:ef:3a:de:44:b7:b1:5e:
69:a8:74:92:0d:cd:d8:a7:95:9b:fd:70:f1:7a:e7:c2:b7:30:
52:87:ff:fa
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAYUFpCQGD8QCftnAQbW5gdaSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDkyMjAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTVlNDg3YTE3OTg3OWVlYTU3NDdhMDNkMGI1ZmQ1NzBjMDgzMDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsK1TcEcuY2CY7doVNvnDXDspTap
hJySWWKcFV6p2grey2ywzQCBgbedsTJLoQJFeeqheJEctK7HGobbVJB83/54QNUO
shOVsOtGIn8/hl4xMJW5ZiyRvVu0ZuJh3/Rc6Ep8cKA0ErsSSzQ9xBPSnSolUZ8U
Q0J8ewfll86RMEq//dv6XSypg8eT8NGgheNLIOOLNW1YE1ZmjO3gqwsZsvvQM12o
o1PnzLX7cbTUwEWj03+rh34YS2ZNXYIIq/upC8BYF+kqz+tqEomeHlbeg6IKPdPv
3kQrEHUWY9vvhYnS8DG04rSYU7euq2YVew1HEd+jVH17uckj1JxUmQ2m+wIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFHVeSHoXmHnupXR6A9C1/VcMCDA0MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvZFY1SWVoZVllZTZsZEhvRDBMWDlWd3dJTURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBAYu
L8ADBANPqwgDBARQ97ADBAZRA4ADBARRGIADBAZSjEADBAVSxEADBAdUzAAwDAME
AlTMhAMEAFTMiDAMAwQBVMyKAwQDVMywMAsDBAJUzLwDAwBUzAMEB12ZgAMEA14Z
+AMEB1+JAAMEBm18QAMDALyiAwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQFw5Dg
AwQF1A6gAwQF1CxAAwQF1HegAwQF1awAAwQF1bagAwQF2cNAMA0GCSqGSIb3DQEB
CwUAA4IBAQAaIPJ83Q2OwDz+A8su+Y6WGD+hVw435bxpC53L2BlIqrOEmhA3LnyN
JVCU5lgag8xbOlYOSzm+bQfFQDbzdqB96LBoDD6JsHvQ4gQQhlUD/6dYHvnRvPK4
HHEXsH2BILaXvJPeUVvJMerWjFfvNIHWedQWYpqG2RGvrvJx+F2KD3WID98k9gJA
NOoT2nimfnC5zmwpT654dkP95wNL2rfbQLl86oea02l8aToEDPPWQec7ln+7agDe
gteci1I4vyLZQDcwu/0Yej/5QN4Qf0ydcPBKx/GD+lRzgT4o2sBSkexvCe863kS3
sV5pqHSSDc3Yp5Wb/XDxeufCtzBSh//6
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:12 2025 by rpki-client