Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/iVg8tp-jBWnYMJb6LBF1SpB54VE.roa
File: iVg8tp-jBWnYMJb6LBF1SpB54VE.roa (raw, json)
Hash identifier: yttC46iyzyJsTyKHxZKfV9A+3QSbgZmjSPkgGxSmI+c=
Subject key identifier: 89:58:3C:B6:9F:A3:05:69:D8:30:96:FA:2C:11:75:4A:90:79:E1:51
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018769F22FCCC2BADAF5F95CD79361C85264
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/iVg8tp-jBWnYMJb6LBF1SpB54VE.roa
Signing time: Mon 10 Apr 2023 06:54:52 +0000
ROA not before: Mon 10 Apr 2023 06:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31205
IP address blocks: 188.170.247.0/24 maxlen: 24
85.26.226.0/24 maxlen: 24
85.26.224.0/24 maxlen: 24
85.26.229.0/24 maxlen: 24
85.26.227.0/24 maxlen: 24
85.26.230.0/24 maxlen: 24
85.26.228.0/24 maxlen: 24
85.26.231.0/24 maxlen: 24
185.210.142.0/23 maxlen: 23
185.210.140.0/23 maxlen: 23
178.176.240.0/22 maxlen: 22
78.25.92.0/23 maxlen: 23
78.25.94.0/23 maxlen: 23
178.176.244.0/22 maxlen: 22
37.29.86.0/23 maxlen: 23
188.170.240.0/22 maxlen: 22
31.173.240.0/23 maxlen: 23
128.204.66.0/24 maxlen: 24
31.173.242.0/23 maxlen: 23
128.204.67.0/24 maxlen: 24
31.173.244.0/22 maxlen: 22
83.149.50.0/24 maxlen: 24
83.149.48.0/24 maxlen: 24
83.149.51.0/24 maxlen: 24
83.149.49.0/24 maxlen: 24
178.176.48.0/24 maxlen: 24
83.169.252.0/22 maxlen: 22
83.169.248.0/22 maxlen: 22
188.162.1.0/24 maxlen: 24
188.162.0.0/24 maxlen: 24
188.162.4.0/22 maxlen: 22
188.162.2.0/23 maxlen: 23
188.162.8.0/23 maxlen: 23
188.162.10.0/23 maxlen: 23
46.232.202.0/23 maxlen: 23
188.162.12.0/23 maxlen: 23
188.162.14.0/23 maxlen: 23
46.232.200.0/24 maxlen: 24
188.162.81.0/24 maxlen: 24
188.162.79.0/24 maxlen: 24
188.162.84.0/24 maxlen: 24
188.162.85.0/24 maxlen: 24
188.162.82.0/24 maxlen: 24
188.162.83.0/24 maxlen: 24
188.162.80.0/24 maxlen: 24
188.162.89.0/24 maxlen: 24
188.162.86.0/24 maxlen: 24
188.162.87.0/24 maxlen: 24
188.162.90.0/23 maxlen: 23
188.162.88.0/24 maxlen: 24
188.162.92.0/22 maxlen: 22
188.162.78.0/24 maxlen: 24
188.162.72.0/22 maxlen: 22
188.162.76.0/23 maxlen: 23
2a03:d000:67fe::/48 maxlen: 48
2a03:d000:6400::/40 maxlen: 40
2a03:d000:6500::/40 maxlen: 40
2a03:d000:67ff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:69:f2:2f:cc:c2:ba:da:f5:f9:5c:d7:93:61:c8:52:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Apr 10 06:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89583cb69fa30569d83096fa2c11754a9079e151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:af:f6:ee:c7:95:2b:a5:81:ac:7d:d1:4c:30:
1d:b6:e7:fd:a4:ec:f3:92:a9:f3:61:92:c3:34:df:
cc:e2:80:fd:17:99:bc:ed:51:a1:c9:0a:6f:5f:80:
02:42:ad:32:78:b4:73:04:9a:2a:b0:e7:c5:7c:db:
33:83:ea:28:72:f3:6b:c6:bb:6a:a4:02:5f:82:ee:
e6:76:99:4b:a3:7c:4a:36:d9:29:b1:bf:02:17:3f:
e0:3b:47:15:62:da:f8:fb:63:49:17:f2:b3:23:4b:
b3:01:48:cd:86:b4:42:a6:cf:b7:53:6f:87:3b:71:
c4:20:85:4e:79:62:45:8b:ad:7a:99:6b:94:0f:26:
ec:1c:a8:b0:e3:ea:f5:78:5c:41:70:96:9f:08:13:
e9:25:7e:c3:29:4c:71:7f:fa:cf:6e:93:08:6c:ea:
c1:c5:38:62:7e:b6:b5:88:72:67:4b:06:ad:57:ac:
f0:1b:c4:81:80:8d:51:41:5d:a5:16:b4:42:54:0a:
0c:62:15:f3:36:3b:4f:18:8d:7a:31:8b:83:4e:1f:
a7:9a:d2:9b:05:e9:7c:73:fa:34:6c:c7:80:b5:4d:
3c:41:c6:27:98:d3:05:68:f8:64:e4:d5:12:c5:f4:
3d:63:70:7e:4e:0d:18:41:63:23:f0:25:75:23:39:
31:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:58:3C:B6:9F:A3:05:69:D8:30:96:FA:2C:11:75:4A:90:79:E1:51
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/iVg8tp-jBWnYMJb6LBF1SpB54VE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.240.0/21
37.29.86.0/23
46.232.200.0/24
46.232.202.0/23
78.25.92.0/22
83.149.48.0/22
83.169.248.0/21
85.26.224.0/24
85.26.226.0-85.26.231.255
128.204.66.0/23
178.176.48.0/24
178.176.240.0/21
185.210.140.0/22
188.162.0.0/20
188.162.72.0-188.162.95.255
188.170.240.0/22
188.170.247.0/24
IPv6:
2a03:d000:6400::/39
2a03:d000:67fe::/47
Signature Algorithm: sha256WithRSAEncryption
32:db:db:df:e2:cc:78:7c:99:d3:d6:7f:92:c1:41:00:77:f1:
fa:de:31:b6:3d:95:5a:d8:61:b1:69:db:93:8c:2c:64:ee:3d:
29:f9:2b:25:01:61:f5:93:31:bb:e6:24:3b:67:cf:92:ae:e7:
ce:9c:71:bc:f3:de:18:fa:a9:c5:54:9f:b0:90:09:68:69:21:
53:ea:7e:41:10:75:24:db:64:82:f7:ef:a2:82:72:6a:47:28:
32:6d:04:2a:58:16:63:ed:d0:9a:cf:ee:b0:17:25:19:d0:d3:
dc:ae:28:01:c3:a7:31:d4:78:50:4e:4e:a1:92:98:65:ad:d1:
89:3a:2c:ce:ac:54:c2:af:37:05:a9:68:3a:12:f7:42:39:e8:
82:dc:97:e8:ad:98:08:9e:af:d3:89:2a:52:45:5e:9e:02:27:
dc:ee:c8:a4:0f:3e:4e:38:06:30:50:12:fb:e3:98:c1:46:71:
d1:b1:5d:fe:b7:d9:88:9e:ba:3b:11:36:0b:cc:80:b4:30:19:
4a:b7:95:0e:b3:e2:d8:a0:c1:c5:06:50:a3:8f:53:8d:ad:f9:
da:c8:65:5c:42:16:f5:8d:27:4b:6c:a6:38:4b:dd:e4:ca:52:
38:ef:27:d3:f6:c6:50:f5:19:d9:b6:4e:e6:b9:f8:99:93:36:
98:ec:82:4d
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAYdp8i/Mwrra9flc15NhyFJkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwNDEwMDY1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTU4M2NiNjlmYTMwNTY5ZDgzMDk2ZmEyYzExNzU0YTkwNzllMTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnq/27seVK6WBrH3RTDAdtuf9pOzz
kqnzYZLDNN/M4oD9F5m87VGhyQpvX4ACQq0yeLRzBJoqsOfFfNszg+oocvNrxrtq
pAJfgu7mdplLo3xKNtkpsb8CFz/gO0cVYtr4+2NJF/KzI0uzAUjNhrRCps+3U2+H
O3HEIIVOeWJFi616mWuUDybsHKiw4+r1eFxBcJafCBPpJX7DKUxxf/rPbpMIbOrB
xThifra1iHJnSwatV6zwG8SBgI1RQV2lFrRCVAoMYhXzNjtPGI16MYuDTh+nmtKb
Bel8c/o0bMeAtU08QcYnmNMFaPhk5NUSxfQ9Y3B+Tg0YQWMj8CV1IzkxRQIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFIlYPLafowVp2DCW+iwRdUqQeeFRMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvaVZnOHRwLWpCV25ZTUpiNkxCRjFTcEI1NFZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzB8BAIAATB2AwQDH63w
AwQBJR1WAwQALujIAwQBLujKAwQCThlcAwQCU5UwAwQDU6n4AwQAVRrgMAwDBAFV
GuIDBANVGuADBAGAzEIDBACysDADBAOysPADBAK50owDBAS8ogAwDAMEA7yiSAME
BbyiQAMEAryq8AMEALyq9zAXBAIAAjARAwYBKgPQAGQDBwEqA9AAZ/4wDQYJKoZI
hvcNAQELBQADggEBADLb29/izHh8mdPWf5LBQQB38freMbY9lVrYYbFp25OMLGTu
PSn5KyUBYfWTMbvmJDtnz5Ku586ccbzz3hj6qcVUn7CQCWhpIVPqfkEQdSTbZIL3
76KCcmpHKDJtBCpYFmPt0JrP7rAXJRnQ09yuKAHDpzHUeFBOTqGSmGWt0Yk6LM6s
VMKvNwWpaDoS90I56ILcl+itmAier9OJKlJFXp4CJ9zuyKQPPk44BjBQEvvjmMFG
cdGxXf632YieujsRNgvMgLQwGUq3lQ6z4tigwcUGUKOPU42t+drIZVxCFvWNJ0ts
pjhL3eTKUjjvJ9P2xlD1Gdm2Tua5+JmTNpjsgk0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:42 2025 by rpki-client