Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/iR6xE7LwgtJxA4qfMUc2RlrkngM.roa
File: iR6xE7LwgtJxA4qfMUc2RlrkngM.roa (raw, json)
Hash identifier: 2dvsf9rseCz8zz/IYePRLgM5cge6L6sajAFhklFDtuk=
Subject key identifier: 89:1E:B1:13:B2:F0:82:D2:71:03:8A:9F:31:47:36:46:5A:E4:9E:03
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F243D0B32E7231975B9B344ED4577EF1
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/iR6xE7LwgtJxA4qfMUc2RlrkngM.roa
Signing time: Thu 08 Dec 2022 15:04:01 +0000
ROA not before: Thu 08 Dec 2022 15:04:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31088
IP address blocks: 212.69.96.0/19 maxlen: 24
212.14.160.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
195.230.64.0/19 maxlen: 24
195.16.96.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
212.119.160.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f2:43:d0:b3:2e:72:31:97:5b:9b:34:4e:d4:57:7e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 15:04:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=891eb113b2f082d271038a9f314736465ae49e03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:19:58:00:bc:73:be:66:0b:9e:f6:a7:d1:c7:
6e:43:e6:9a:d9:58:e6:19:a7:80:45:aa:89:ac:31:
17:b9:82:38:bf:ff:f6:c6:de:60:81:64:6d:78:bf:
9d:8c:d4:e1:e5:a4:28:c3:3d:4b:48:3f:d4:de:73:
01:a9:3c:87:9a:ef:6a:fb:92:4f:4d:52:97:0d:9e:
6b:d3:b5:b7:d1:7d:d0:2d:dc:e3:c0:e8:55:e9:47:
2e:6f:07:a0:b5:1a:4e:2d:32:fc:26:d1:b3:15:0d:
78:3f:ec:29:b3:f5:d4:17:61:eb:e3:15:30:b3:9c:
e4:d3:6d:30:9a:21:4c:0e:7c:39:e1:87:95:85:64:
ea:48:f0:08:45:59:6a:58:9e:8b:1b:bd:90:d8:78:
56:65:35:81:8f:30:2b:63:5b:8c:3f:b7:b1:56:2c:
0c:ea:e9:f3:f8:53:da:2e:6b:31:f3:f6:a5:67:2b:
16:81:ee:6d:47:70:70:75:c2:64:54:f9:31:7b:61:
e7:45:1b:d5:a8:3d:e6:22:1b:e1:f7:44:79:ad:e2:
6b:8f:33:52:c7:8a:91:50:5f:22:af:c6:2e:15:31:
8e:1c:53:b8:7e:04:4f:57:27:51:83:63:f3:63:c4:
69:a4:59:e4:bd:2a:d8:2d:e5:51:75:45:1a:72:77:
55:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:1E:B1:13:B2:F0:82:D2:71:03:8A:9F:31:47:36:46:5A:E4:9E:03
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/iR6xE7LwgtJxA4qfMUc2RlrkngM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
15:67:68:a8:cd:10:30:43:3e:ca:2e:0b:1a:cf:11:4b:39:a1:
df:58:7d:e6:a8:7d:34:a8:c9:87:f6:18:db:c8:fc:64:ac:9b:
3f:ba:e0:25:9c:8d:e1:49:0d:52:d5:1c:44:0f:2d:68:00:9e:
82:99:db:ab:a3:93:b3:f8:9f:42:f0:7f:e4:56:33:88:ce:d3:
48:bd:55:75:22:c5:36:aa:2d:19:9d:d2:f2:72:50:33:5d:32:
f3:fd:d5:a1:8f:3c:c4:c8:07:69:27:d1:63:bc:72:e5:00:d3:
98:c7:dc:1e:09:38:54:64:b7:9f:a1:fc:14:ee:ad:28:9c:bc:
66:0c:20:04:70:64:82:ee:74:67:63:83:9a:e1:e0:2b:23:97:
19:85:3f:b4:ab:53:32:f6:f8:c3:85:cb:ba:64:63:a2:07:bf:
40:f1:e8:17:39:2c:37:20:c1:17:d1:c2:58:8a:fd:70:80:34:
2e:12:85:3a:05:a3:e2:a1:04:25:82:7e:af:63:75:31:98:27:
b2:64:78:84:a0:5e:8a:ee:43:61:9d:bb:fb:4a:45:fb:43:55:
17:11:e8:85:2a:27:ed:b5:9f:93:ce:4d:04:48:c1:2f:95:20:
0a:62:a0:04:f2:13:80:ed:d3:2a:86:39:6c:83:cf:34:69:d8:
25:0f:1b:0c
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAYTyQ9CzLnIxl1ubNE7UV37xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTUwNDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTFlYjExM2IyZjA4MmQyNzEwMzhhOWYzMTQ3MzY0NjVhZTQ5ZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxlYALxzvmYLnvan0cduQ+aa2Vjm
GaeARaqJrDEXuYI4v//2xt5ggWRteL+djNTh5aQowz1LSD/U3nMBqTyHmu9q+5JP
TVKXDZ5r07W30X3QLdzjwOhV6UcubwegtRpOLTL8JtGzFQ14P+wps/XUF2Hr4xUw
s5zk020wmiFMDnw54YeVhWTqSPAIRVlqWJ6LG72Q2HhWZTWBjzArY1uMP7exViwM
6unz+FPaLmsx8/alZysWge5tR3BwdcJkVPkxe2HnRRvVqD3mIhvh90R5reJrjzNS
x4qRUF8ir8YuFTGOHFO4fgRPVydRg2PzY8RppFnkvSrYLeVRdUUacndVzwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFIkesROy8ILScQOKnzFHNkZa5J4DMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvaVI2eEU3THdndEp4QTRxZk1VYzJSbHJrbmdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBfBAIAATBZAwMAvKIDBALB
yeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXU
RWADBAXUd6ADBAXVmqADBAXVqCADBAbV80ADBATZc1AwDQYJKoZIhvcNAQELBQAD
ggEBABVnaKjNEDBDPsouCxrPEUs5od9YfeaofTSoyYf2GNvI/GSsmz+64CWcjeFJ
DVLVHEQPLWgAnoKZ26ujk7P4n0Lwf+RWM4jO00i9VXUixTaqLRmd0vJyUDNdMvP9
1aGPPMTIB2kn0WO8cuUA05jH3B4JOFRkt5+h/BTurSicvGYMIARwZILudGdjg5rh
4CsjlxmFP7SrUzL2+MOFy7pkY6IHv0Dx6Bc5LDcgwRfRwliK/XCANC4ShToFo+Kh
BCWCfq9jdTGYJ7JkeISgXoruQ2Gdu/tKRftDVRcR6IUqJ+21n5POTQRIwS+VIApi
oATyE4Dt0yqGOWyDzzRp2CUPGww=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:08 2025 by rpki-client