Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/jTY6Md87s7cbmzqwHjCgal4oFuo.roa
File: jTY6Md87s7cbmzqwHjCgal4oFuo.roa (raw, json)
Hash identifier: c2WQny8uTud6g6JU+IX0bni9n9i6yWQmjzexS3LBQ/E=
Subject key identifier: 8D:36:3A:31:DF:3B:B3:B7:1B:9B:3A:B0:1E:30:A0:6A:5E:28:16:EA
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 087D35B0
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/jTY6Md87s7cbmzqwHjCgal4oFuo.roa
Signing time: Sat 01 Jan 2022 04:02:37 +0000
ROA not before: Sat 01 Jan 2022 04:02:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42891
IP address blocks: 109.188.0.0/16 maxlen: 24
46.29.192.0/21 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
81.24.128.0/20 maxlen: 24
79.171.8.0/21 maxlen: 24
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
46.232.200.0/21 maxlen: 24
37.29.0.0/17 maxlen: 24
62.64.0.0/19 maxlen: 24
78.25.64.0/18 maxlen: 24
37.28.160.0/19 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
46.229.128.0/20 maxlen: 24
195.5.128.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142423472 (0x87d35b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 04:02:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d363a31df3bb3b71b9b3ab01e30a06a5e2816ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:33:49:4b:91:50:1f:89:5a:eb:5a:76:da:76:
87:15:3a:45:9c:ed:54:b1:59:42:ea:65:5d:91:7c:
ff:39:5a:1b:d6:4c:37:9e:ab:29:7e:eb:71:89:f4:
90:e8:7c:dd:8c:d5:a2:69:a9:3a:36:21:b6:85:1c:
25:15:b6:53:71:52:9a:6d:67:36:9c:e4:0d:0d:bb:
c3:67:4f:aa:f8:c4:40:e1:44:20:b8:36:93:7d:7c:
25:f7:89:c3:e4:f3:3b:19:28:75:a6:be:0f:9b:99:
5d:4c:03:7c:8c:bd:75:b4:f7:63:ac:3a:aa:5c:bd:
dd:89:3e:d8:71:99:a2:3c:af:ee:82:a2:4f:a0:2f:
dd:24:d8:fe:b3:a7:0c:c7:0a:81:f7:01:a7:11:ce:
43:b2:b2:12:67:c0:54:78:a5:de:06:77:5e:fb:2e:
97:2d:74:3e:d4:59:8f:8b:26:b5:df:40:06:e1:3b:
51:1e:a6:c5:ee:1f:4f:8c:78:28:66:02:43:b6:43:
03:45:44:17:c3:79:09:63:e4:63:63:66:cc:f8:fb:
88:f7:7d:0e:30:1b:5a:68:be:25:7a:93:4d:92:4b:
09:ea:21:67:2d:ad:10:a6:53:93:f8:9c:4c:71:f9:
36:6f:90:97:7f:97:a3:13:77:7d:a9:dc:ca:69:25:
8e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:36:3A:31:DF:3B:B3:B7:1B:9B:3A:B0:1E:30:A0:6A:5E:28:16:EA
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/jTY6Md87s7cbmzqwHjCgal4oFuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/19
37.29.0.0/17
46.29.192.0/21
46.229.128.0/20
46.232.200.0/21
62.64.0.0/19
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
54:ad:6f:f5:1d:ad:89:2a:0f:d2:fb:86:9f:16:3f:83:ab:bd:
1f:ca:73:4f:45:09:03:52:4e:59:d9:c0:40:8d:af:c3:ee:33:
52:9e:58:e1:87:90:38:9b:12:74:ad:c7:ac:6a:99:7f:f3:be:
dd:65:6f:85:17:f5:6f:1a:01:18:42:04:d7:28:a2:a2:9f:a3:
e5:29:8d:83:f0:7c:28:75:25:44:e9:dc:36:51:55:75:81:e6:
bb:26:82:33:7f:04:15:32:71:ec:a8:b0:33:86:2f:ad:12:a2:
d8:d9:ef:f9:df:16:90:c8:d2:15:2f:d4:fc:f4:d5:c1:9a:3d:
95:38:3a:ee:f0:ba:58:04:8b:19:6b:25:53:35:2b:bb:da:a4:
ab:7b:16:f4:4c:fe:ff:b3:5c:1e:0e:e5:4c:b8:45:5a:fe:28:
d7:f3:48:0b:14:1e:0b:0a:4f:13:ac:a6:81:15:66:7b:87:26:
3f:31:1c:5b:80:89:16:e4:e5:0f:32:8d:d6:88:bb:3e:f0:22:
43:f0:13:76:68:3c:a4:96:76:ae:ba:7b:38:8a:f6:78:03:f8:
0f:c0:0c:f2:0a:b7:78:92:11:a9:86:39:18:27:0f:6a:7f:24:
8f:ab:79:af:0c:96:8b:55:70:0a:ba:46:bb:7c:0c:ae:e3:d7:
1a:07:80:21
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIECH01sDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MmQ3YzJhMTA3MmQ3MzUwN2FkYmY2NTA3ZGU2OGFhYWMwMTc4NWMwMB4XDTIyMDEw
MTA0MDIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGQzNjNhMzFkZjNi
YjNiNzFiOWIzYWIwMWUzMGEwNmE1ZTI4MTZlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOozSUuRUB+JWutadtp2hxU6RZztVLFZQuplXZF8/zlaG9ZM
N56rKX7rcYn0kOh83YzVommpOjYhtoUcJRW2U3FSmm1nNpzkDQ27w2dPqvjEQOFE
ILg2k318JfeJw+TzOxkodaa+D5uZXUwDfIy9dbT3Y6w6qly93Yk+2HGZojyv7oKi
T6Av3STY/rOnDMcKgfcBpxHOQ7KyEmfAVHil3gZ3Xvsuly10PtRZj4smtd9ABuE7
UR6mxe4fT4x4KGYCQ7ZDA0VEF8N5CWPkY2NmzPj7iPd9DjAbWmi+JXqTTZJLCeoh
Zy2tEKZTk/icTHH5Nm+Ql3+XoxN3fancymkljlMCAwEAAaOCAxMwggMPMB0GA1Ud
DgQWBBSNNjox3zuztxubOrAeMKBqXigW6jAfBgNVHSMEGDAWgBSS18KhBy1zUHrb
9lB95oqqwBeFwDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2t0ZkNvUWN0YzFCNjJfWlFmZWFLcXNBWGhjQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvOWNmZjdjLWYwNWEtNGUwMi1iZWE3LTg5ZTU2YzgwZDFkMC8x
L2pUWTZNZDg3czdjYm16cXdIakNnYWw0b0Z1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
OWNmZjdjLWYwNWEtNGUwMi1iZWE3LTg5ZTU2YzgwZDFkMC8xL2t0ZkNvUWN0YzFC
NjJfWlFmZWFLcXNBWGhjQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AScGCCsGAQUFBwEHAQH/BIIBFjCCARIwggEOBAIAATCCAQYDBAUlHKADBAclHQAD
BAMuHcADBAQu5YADBAMu6MgDBAU+QAADBAVN6aADBAZOGUADBAJOKWQDBANPqwgD
BARQ97ADBARRGIADBAZTqcADBAVT3sADBAdT5YADBAdVGoADBAVWbcADBAJbwdQD
BAddmYADBAdeGYADBAdfiQADBARtSnADBAZtfEADAwBtvAMEBoDMQAMEA7IXkAME
ArkDIAMEArnSjAMEA7xeqAMDALyiAwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQA
w5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1HegAwQF1ZqgAwQF1aggAwQG
1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IBAQBUrW/1Ha2JKg/S+4afFj+Dq70f
ynNPRQkDUk5Z2cBAja/D7jNSnljhh5A4mxJ0rcesapl/877dZW+FF/VvGgEYQgTX
KKKin6PlKY2D8HwodSVE6dw2UVV1gea7JoIzfwQVMnHsqLAzhi+tEqLY2e/53xaQ
yNIVL9T89NXBmj2VODru8LpYBIsZayVTNSu72qSrexb0TP7/s1weDuVMuEVa/ijX
80gLFB4LCk8TrKaBFWZ7hyY/MRxbgIkW5OUPMo3WiLs+8CJD8BN2aDyklnauuns4
ivZ4A/gPwAzyCrd4khGphjkYJw9qfySPq3mvDJaLVXAKuka7fAyu49caB4Ah
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:33:37 2025 by rpki-client