Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/k9bGLFrcN7Shgjrcy-SyRLX097U.roa
File: k9bGLFrcN7Shgjrcy-SyRLX097U.roa (raw, json)
Hash identifier: 5uATIVHBoxVIs4hu2wisjGv7G6oGZ4D8VMvq2ILu5Ug=
Subject key identifier: 93:D6:C6:2C:5A:DC:37:B4:A1:82:3A:DC:CB:E4:B2:44:B5:F4:F7:B5
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0189DE5EC0D8E9343A9C04A2EEB9AFDB9222
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/k9bGLFrcN7Shgjrcy-SyRLX097U.roa
Signing time: Thu 10 Aug 2023 07:34:58 +0000
ROA not before: Thu 10 Aug 2023 07:34:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20632
IP address blocks: 84.204.230.0/24 maxlen: 24
212.14.160.0/19 maxlen: 19
84.204.160.0/20 maxlen: 20
82.196.64.0/19 maxlen: 19
84.204.176.0/21 maxlen: 21
79.171.8.0/21 maxlen: 21
81.24.128.0/20 maxlen: 20
84.204.188.0/22 maxlen: 22
84.204.192.0/18 maxlen: 18
109.124.108.0/22 maxlen: 22
217.195.64.0/19 maxlen: 19
109.124.64.0/18 maxlen: 18
213.168.32.0/19 maxlen: 19
84.204.0.0/17 maxlen: 17
213.172.0.0/19 maxlen: 19
93.153.128.0/17 maxlen: 17
93.153.144.0/21 maxlen: 21
109.74.112.0/20 maxlen: 20
93.153.158.0/24 maxlen: 24
93.153.162.0/24 maxlen: 24
93.153.161.0/24 maxlen: 24
195.144.224.0/19 maxlen: 19
212.119.160.0/19 maxlen: 19
80.247.176.0/20 maxlen: 20
81.3.128.0/18 maxlen: 18
91.193.212.0/22 maxlen: 22
84.204.132.0/22 maxlen: 22
94.25.248.0/21 maxlen: 21
84.204.138.0/24 maxlen: 24
84.204.136.0/24 maxlen: 24
84.204.139.0/24 maxlen: 24
213.182.160.0/19 maxlen: 19
84.204.140.0/22 maxlen: 22
84.204.144.0/20 maxlen: 20
212.44.64.0/19 maxlen: 19
195.5.128.0/19 maxlen: 19
82.140.64.0/18 maxlen: 18
82.140.93.0/24 maxlen: 24
95.137.0.0/17 maxlen: 17
46.47.192.0/18 maxlen: 18
62.182.128.0/21 maxlen: 21
2a03:d000:9009::/48 maxlen: 48
2a03:d000:9008::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:de:5e:c0:d8:e9:34:3a:9c:04:a2:ee:b9:af:db:92:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Aug 10 07:34:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93d6c62c5adc37b4a1823adccbe4b244b5f4f7b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:19:ef:aa:b2:5b:43:c4:b5:4f:e4:94:4d:38:
74:21:56:9c:3a:44:dd:f7:ad:58:20:50:d3:5e:32:
bb:c9:1a:02:1f:32:9c:48:9a:f6:7d:3d:5c:1b:97:
38:49:3f:f9:cf:ec:bb:0f:74:e6:0d:83:f6:ad:a5:
a5:82:c1:33:95:a9:cc:6b:3c:96:da:32:58:69:6b:
99:69:00:74:36:55:3b:77:2b:96:7e:eb:34:57:48:
79:2a:38:40:e1:11:d8:86:a5:16:85:89:28:0f:70:
e4:5b:0f:cc:1d:a3:97:06:c2:3a:f1:c1:1a:fd:77:
a3:b9:aa:95:60:e7:46:db:b2:39:9c:d7:ee:cf:a7:
61:ec:b8:11:36:17:28:60:cb:41:58:8e:27:08:4e:
10:c0:0a:fc:29:7c:05:29:ea:42:ee:43:10:4e:49:
ca:b7:dd:84:6c:76:70:71:35:a9:48:68:15:eb:86:
07:f7:5e:10:a9:81:79:e3:54:75:e3:5c:c9:0f:e9:
22:19:a0:ad:2a:5a:82:c7:c2:97:95:61:f3:61:80:
50:50:34:60:91:15:f6:60:31:86:17:f6:63:2e:11:
22:bc:0e:ef:b6:42:7b:a2:d6:5a:f3:ce:bb:17:19:
bd:5f:5b:15:4c:83:b6:e2:6b:99:d0:70:32:3d:2f:
46:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:D6:C6:2C:5A:DC:37:B4:A1:82:3A:DC:CB:E4:B2:44:B5:F4:F7:B5
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/k9bGLFrcN7Shgjrcy-SyRLX097U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.192.0/18
62.182.128.0/21
79.171.8.0/21
80.247.176.0/20
81.3.128.0/18
81.24.128.0/20
82.140.64.0/18
82.196.64.0/19
84.204.0.0/17
84.204.132.0-84.204.136.255
84.204.138.0-84.204.183.255
84.204.188.0-84.204.255.255
91.193.212.0/22
93.153.128.0/17
94.25.248.0/21
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
195.5.128.0/19
195.144.224.0/19
212.14.160.0/19
212.44.64.0/19
212.119.160.0/19
213.168.32.0/19
213.172.0.0/19
213.182.160.0/19
217.195.64.0/19
IPv6:
2a03:d000:9008::/47
Signature Algorithm: sha256WithRSAEncryption
1b:af:ac:a3:28:8f:d1:74:58:a2:8b:53:42:aa:ca:d1:26:a6:
40:02:b1:80:21:ee:f4:0c:70:91:b2:6e:f2:9a:d9:bc:b0:7a:
dd:8f:dc:b4:53:52:e9:ee:f0:f5:88:c2:a3:70:97:dd:c9:29:
75:f4:cb:a2:be:ae:46:32:29:f5:14:93:3c:f9:ba:f4:ea:97:
cd:a0:8c:7e:60:0e:67:8c:2d:4d:b6:5f:31:d7:62:62:df:e3:
97:1b:99:a0:8d:04:ce:eb:b8:65:bd:92:5b:17:09:96:ca:ae:
6c:5a:d2:02:8c:66:48:58:8d:0b:2e:39:e3:e4:8b:48:0e:58:
d9:21:60:3b:12:f2:11:50:8f:9f:22:c2:06:37:7c:e6:e7:b1:
a7:12:6e:8b:7c:6c:c9:18:63:78:64:60:e4:a9:58:b4:f3:56:
21:41:37:80:df:8f:07:aa:a9:f7:e0:46:bd:f6:df:ee:34:ce:
35:79:30:e8:76:ca:f0:fa:55:46:83:83:25:40:54:08:6c:5c:
b1:49:6c:ae:90:23:10:7e:af:42:6d:ea:1a:94:20:36:af:ff:
97:b6:2f:18:76:9d:70:3d:84:1c:da:b2:f5:16:ac:78:e4:0c:
0c:9a:a7:1d:81:e9:58:14:30:4b:05:17:32:7d:1e:b7:37:8d:
56:bf:fd:15
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAYneXsDY6TQ6nASi7rmv25IiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwODEwMDczNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2Q2YzYyYzVhZGMzN2I0YTE4MjNhZGNjYmU0YjI0NGI1ZjRmN2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghnvqrJbQ8S1T+SUTTh0IVacOkTd
961YIFDTXjK7yRoCHzKcSJr2fT1cG5c4ST/5z+y7D3TmDYP2raWlgsEzlanMazyW
2jJYaWuZaQB0NlU7dyuWfus0V0h5KjhA4RHYhqUWhYkoD3DkWw/MHaOXBsI68cEa
/XejuaqVYOdG27I5nNfuz6dh7LgRNhcoYMtBWI4nCE4QwAr8KXwFKepC7kMQTknK
t92EbHZwcTWpSGgV64YH914QqYF541R141zJD+kiGaCtKlqCx8KXlWHzYYBQUDRg
kRX2YDGGF/ZjLhEivA7vtkJ7otZa8867Fxm9X1sVTIO24muZ0HAyPS9GPwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFJPWxixa3De0oYI63MvkskS19Pe1MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvazliR0xGcmNON1NoZ2pyY3ktU3lSTFgwOTdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCBwAQCAAEwgbkDBAYu
L8ADBAM+toADBANPqwgDBARQ97ADBAZRA4ADBARRGIADBAZSjEADBAVSxEADBAdU
zAAwDAMEAlTMhAMEAFTMiDAMAwQBVMyKAwQDVMywMAsDBAJUzLwDAwBUzAMEAlvB
1AMEB12ZgAMEA14Z+AMEB1+JAAMEBG1KcAMEBm18QAMEBcMFgAMEBcOQ4AMEBdQO
oAMEBdQsQAMEBdR3oAMEBdWoIAMEBdWsAAMEBdW2oAMEBdnDQDAPBAIAAjAJAwcB
KgPQAJAIMA0GCSqGSIb3DQEBCwUAA4IBAQAbr6yjKI/RdFiii1NCqsrRJqZAArGA
Ie70DHCRsm7ymtm8sHrdj9y0U1Lp7vD1iMKjcJfdySl19Muivq5GMin1FJM8+br0
6pfNoIx+YA5njC1Ntl8x12Ji3+OXG5mgjQTO67hlvZJbFwmWyq5sWtICjGZIWI0L
Ljnj5ItIDljZIWA7EvIRUI+fIsIGN3zm57GnEm6LfGzJGGN4ZGDkqVi081YhQTeA
348Hqqn34Ea99t/uNM41eTDodsrw+lVGg4MlQFQIbFyxSWyukCMQfq9CbeoalCA2
r/+Xti8Ydp1wPYQc2rL1Fqx45AwMmqcdgelYFDBLBRcyfR63N41Wv/0V
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:29 2025 by rpki-client