Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ifkRWxqd7Em21WQ4UjTbt94Z2q4.roa
File: ifkRWxqd7Em21WQ4UjTbt94Z2q4.roa (raw, json)
Hash identifier: OD739HPjJfzSGcWBu8y937h5x6iwYGQUw1ABOBjEj28=
Subject key identifier: 89:F9:11:5B:1A:9D:EC:49:B6:D5:64:38:52:34:DB:B7:DE:19:DA:AE
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01841D90AE03D2C597D194271C292C3FC248
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ifkRWxqd7Em21WQ4UjTbt94Z2q4.roa
Signing time: Fri 28 Oct 2022 07:48:51 +0000
ROA not before: Fri 28 Oct 2022 07:48:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29648
IP address blocks: 109.188.0.0/16 maxlen: 24
46.29.192.0/21 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
37.29.0.0/17 maxlen: 24
78.109.120.0/24 maxlen: 24
37.28.160.0/19 maxlen: 24
78.109.121.0/24 maxlen: 24
31.173.119.0/24 maxlen: 24
78.25.64.0/18 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
178.176.98.0/24 maxlen: 24
77.233.160.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
178.176.96.0/24 maxlen: 24
178.176.97.0/24 maxlen: 24
178.176.102.0/24 maxlen: 24
178.176.103.0/24 maxlen: 24
178.176.99.0/24 maxlen: 24
178.176.100.0/24 maxlen: 24
178.176.101.0/24 maxlen: 24
81.24.128.0/20 maxlen: 24
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 24
31.173.104.0/24 maxlen: 24
31.173.105.0/24 maxlen: 24
31.173.112.0/24 maxlen: 24
31.173.108.0/24 maxlen: 24
31.173.109.0/24 maxlen: 24
31.173.110.0/24 maxlen: 24
31.173.106.0/24 maxlen: 24
31.173.111.0/24 maxlen: 24
31.173.107.0/24 maxlen: 24
31.173.116.0/24 maxlen: 24
31.173.113.0/24 maxlen: 24
31.173.117.0/24 maxlen: 24
31.173.114.0/24 maxlen: 24
31.173.118.0/24 maxlen: 24
31.173.115.0/24 maxlen: 24
178.176.118.0/24 maxlen: 24
178.176.114.0/24 maxlen: 24
178.176.115.0/24 maxlen: 24
178.176.116.0/24 maxlen: 24
178.176.117.0/24 maxlen: 24
178.176.122.0/24 maxlen: 24
178.176.123.0/24 maxlen: 24
178.176.119.0/24 maxlen: 24
178.176.124.0/24 maxlen: 24
178.176.120.0/24 maxlen: 24
178.176.125.0/24 maxlen: 24
178.176.121.0/24 maxlen: 24
178.176.126.0/24 maxlen: 24
178.176.127.0/24 maxlen: 24
83.169.192.0/18 maxlen: 24
188.94.168.0/21 maxlen: 24
109.74.112.0/20 maxlen: 24
188.162.0.0/16 maxlen: 24
46.232.200.0/21 maxlen: 24
62.64.0.0/19 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
212.44.64.0/19 maxlen: 24
46.229.128.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1d:90:ae:03:d2:c5:97:d1:94:27:1c:29:2c:3f:c2:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 28 07:48:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89f9115b1a9dec49b6d564385234dbb7de19daae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d9:92:39:31:5a:1a:1a:96:5f:14:32:77:ca:
0d:ff:9a:0d:c3:3c:28:d7:0f:4a:9c:d8:2b:a0:d8:
88:9d:ea:f1:b0:43:12:61:f5:73:f6:9b:23:e3:7e:
72:6e:d8:75:a1:9d:1f:ae:a6:2c:5b:a4:c9:67:3e:
e9:cc:b1:fd:96:d8:8d:c5:a4:43:30:9b:08:1f:d7:
e1:f6:3c:7e:40:ea:29:fe:11:ba:b5:09:46:2e:59:
47:03:6f:bb:4c:29:23:52:7d:09:92:63:c4:7d:c2:
fe:ef:86:00:5f:8e:03:7b:d1:a3:66:53:e9:c5:80:
0c:5c:18:2c:e0:4b:63:21:48:3f:14:2d:4d:49:a9:
c6:86:f6:55:18:3d:3a:31:15:78:7b:0c:2c:e4:9a:
22:2d:12:8d:95:2b:f7:49:8a:90:e5:7d:b4:42:7d:
3f:b3:c0:a4:6d:8a:59:c1:85:39:4c:88:a8:14:23:
b3:ac:21:93:84:73:19:bb:4b:d0:fa:5d:b2:81:d7:
9b:f3:36:3c:2a:e4:b4:ca:9b:1e:79:4d:35:55:f4:
05:e1:87:ad:e5:c3:c9:cd:d9:2c:08:02:c4:ac:2f:
1d:a5:ba:8a:ef:85:29:b8:b5:1f:73:cc:fe:c9:c2:
e7:bb:b8:80:61:56:df:9a:f6:46:77:55:cc:ae:19:
fd:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:F9:11:5B:1A:9D:EC:49:B6:D5:64:38:52:34:DB:B7:DE:19:DA:AE
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ifkRWxqd7Em21WQ4UjTbt94Z2q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.104.0-31.173.119.255
37.28.160.0/19
37.29.0.0/17
46.29.192.0/21
46.229.128.0/20
46.232.200.0/21
62.64.0.0/19
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
78.109.120.0/23
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.96.0/21
178.176.114.0-178.176.127.255
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
84:8b:5f:61:21:7d:68:d8:5b:53:1d:69:e5:c5:ff:75:89:b4:
b0:81:47:c2:46:b4:79:33:56:fc:68:a9:2d:ba:9b:61:04:52:
96:4f:51:41:71:15:ff:86:12:a3:6e:d7:96:44:a3:a0:c3:78:
13:75:24:7a:63:1c:2d:6e:87:9e:6f:0f:10:52:3e:90:3a:d5:
2b:77:24:5f:30:d9:ce:53:5d:58:23:20:f0:fc:03:35:90:d3:
8f:f6:e7:61:22:e5:5d:04:8b:9e:d9:60:99:af:76:de:d1:2b:
05:48:33:41:59:cf:c1:30:a6:00:fe:9b:37:da:07:21:91:69:
11:05:02:00:a7:b8:54:40:de:d1:58:db:36:38:ab:36:a9:15:
48:74:16:da:ed:d9:52:f1:38:c6:4c:be:be:32:ca:34:a8:9b:
f7:0e:fb:6a:c3:3d:a4:33:90:0b:d6:90:1d:67:71:f0:92:d3:
73:bd:f1:f7:1c:d7:60:04:11:5a:66:e5:c5:1e:70:45:e2:54:
4a:ee:ed:0b:6c:bc:47:bd:5a:bb:94:ed:8a:6c:df:48:3c:3f:
8c:e7:3d:f1:95:a0:70:d7:f4:cf:a0:a9:13:99:ed:44:b3:ab:
3b:f2:17:7e:89:88:fd:04:02:e5:71:ed:f7:d9:0b:e8:a5:87:
72:fe:d9:1c
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgISAYQdkK4D0sWX0ZQnHCksP8JIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMDI4MDc0ODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWY5MTE1YjFhOWRlYzQ5YjZkNTY0Mzg1MjM0ZGJiN2RlMTlkYWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutmSOTFaGhqWXxQyd8oN/5oNwzwo
1w9KnNgroNiInerxsEMSYfVz9psj435ybth1oZ0frqYsW6TJZz7pzLH9ltiNxaRD
MJsIH9fh9jx+QOop/hG6tQlGLllHA2+7TCkjUn0JkmPEfcL+74YAX44De9GjZlPp
xYAMXBgs4EtjIUg/FC1NSanGhvZVGD06MRV4ewws5JoiLRKNlSv3SYqQ5X20Qn0/
s8CkbYpZwYU5TIioFCOzrCGThHMZu0vQ+l2ygdeb8zY8KuS0ypseeU01VfQF4Yet
5cPJzdksCALErC8dpbqK74UpuLUfc8z+ycLnu7iAYVbfmvZGd1XMrhn9uQIDAQAB
o4IDOzCCAzcwHQYDVR0OBBYEFIn5EVsanexJttVkOFI027feGdquMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvaWZrUld4cWQ3RW0yMVdRNFVqVGJ0OTRaMnE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBTwYIKwYBBQUHAQcBAf8EggE+MIIBOjCCATYEAgABMIIB
LjAMAwQDH61oAwQDH61wAwQFJRygAwQHJR0AAwQDLh3AAwQELuWAAwQDLujIAwQF
PkAAAwQFTemgAwQGThlAAwQCTilkAwQBTm14AwQDT6sIAwQEUPewAwQEURiAAwQG
U6nAAwQFU97AAwQHU+WAAwQHVRqAAwQFVm3AAwQCW8HUAwQHXZmAAwQHXhmAAwQH
X4kAAwQEbUpwAwQGbXxAAwMAbbwDBAaAzEADBAOyF5ADBAOysGAwDAMEAbKwcgME
B7KwAAMEArkDIAMEArnSjAMEA7xeqAMDALyiAwQCwcnkAwQFwwWAAwQFwxBgAwQB
w050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1HegAwQF1ZqgAwQF
1aggAwQG1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IBAQCEi19hIX1o2FtTHWnl
xf91ibSwgUfCRrR5M1b8aKktupthBFKWT1FBcRX/hhKjbteWRKOgw3gTdSR6Yxwt
boeebw8QUj6QOtUrdyRfMNnOU11YIyDw/AM1kNOP9udhIuVdBIue2WCZr3be0SsF
SDNBWc/BMKYA/ps32gchkWkRBQIAp7hUQN7RWNs2OKs2qRVIdBba7dlS8TjGTL6+
Mso0qJv3Dvtqwz2kM5AL1pAdZ3HwktNzvfH3HNdgBBFaZuXFHnBF4lRK7u0LbLxH
vVq7lO2KbN9IPD+M5z3xlaBw1/TPoKkTme1Es6s78hd+iYj9BALlce332QvopYdy
/tkc
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:23 2025 by rpki-client