Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/mjmB5gXWC9_PuYBFdJz2WeN4goE.roa
File: mjmB5gXWC9_PuYBFdJz2WeN4goE.roa (raw, json)
Hash identifier: c5gcMWtM7bCGHBv/vQw+n+n3GWzMuVt4lQhLwH+3wZE=
Subject key identifier: 9A:39:81:E6:05:D6:0B:DF:CF:B9:80:45:74:9C:F6:59:E3:78:82:81
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F1F51320BF099DBA2A77508285A05787
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/mjmB5gXWC9_PuYBFdJz2WeN4goE.roa
Signing time: Thu 08 Dec 2022 13:38:01 +0000
ROA not before: Thu 08 Dec 2022 13:38:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20632
IP address blocks: 84.204.230.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
84.204.160.0/20 maxlen: 20
84.204.176.0/21 maxlen: 21
79.171.8.0/21 maxlen: 21
84.204.188.0/22 maxlen: 22
84.204.192.0/18 maxlen: 18
193.201.228.0/22 maxlen: 24
109.124.108.0/22 maxlen: 22
217.195.64.0/19 maxlen: 19
109.124.64.0/18 maxlen: 18
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
84.204.0.0/17 maxlen: 17
93.153.128.0/17 maxlen: 17
93.153.144.0/21 maxlen: 21
212.69.96.0/19 maxlen: 24
93.153.158.0/24 maxlen: 24
93.153.162.0/24 maxlen: 24
93.153.161.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 20
84.204.132.0/22 maxlen: 22
94.25.248.0/21 maxlen: 21
84.204.139.0/24 maxlen: 24
84.204.138.0/24 maxlen: 24
84.204.136.0/24 maxlen: 24
84.204.140.0/22 maxlen: 22
84.204.144.0/20 maxlen: 20
195.5.128.0/19 maxlen: 24
82.140.64.0/18 maxlen: 18
82.140.93.0/24 maxlen: 24
95.137.0.0/17 maxlen: 17
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
82.196.64.0/19 maxlen: 19
81.24.128.0/20 maxlen: 20
195.78.116.0/23 maxlen: 24
213.172.0.0/19 maxlen: 19
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
195.144.224.0/19 maxlen: 19
81.3.128.0/18 maxlen: 18
213.182.160.0/19 maxlen: 19
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
46.47.192.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:f5:13:20:bf:09:9d:ba:2a:77:50:82:85:a0:57:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 13:38:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a3981e605d60bdfcfb98045749cf659e3788281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:67:36:19:56:dc:ae:fb:47:20:a9:d1:a5:a1:
86:7e:40:e7:0b:03:f2:d5:f7:3a:c6:b3:9e:c8:b7:
4e:9d:8d:24:49:6e:e7:21:93:66:1d:9a:f2:c6:6a:
e8:2e:04:64:b7:80:71:69:6c:83:78:12:17:1e:60:
32:bd:3b:2a:7b:6e:44:86:ce:fe:f5:ff:07:e4:39:
2c:0b:0a:9a:3d:55:fe:4a:1b:1e:4e:bf:98:12:f1:
52:f6:d8:4a:f7:6a:22:8a:93:23:15:28:1a:23:85:
98:e0:72:5c:d2:b5:1c:39:1e:69:65:27:b2:73:09:
6f:5c:8f:70:0e:a1:df:88:a8:ff:72:e2:81:e2:41:
2f:34:50:38:61:57:65:2f:04:16:eb:0a:c5:84:c9:
03:ba:c6:32:60:f4:a8:db:ae:e4:ba:6b:dc:75:ef:
61:01:57:bc:56:c8:98:27:67:04:f5:4b:4d:2f:74:
b5:08:70:a3:d8:dd:76:c7:9e:83:86:94:29:0f:55:
95:2d:31:02:a5:b7:15:e9:2b:6d:f9:cf:2b:04:c2:
ef:1e:83:c5:89:a5:ba:17:cb:78:8a:dd:4d:f4:03:
02:c8:e6:7d:3a:79:0c:87:fd:b0:e0:d0:21:9c:a2:
65:44:e4:3a:9f:1c:91:c4:de:c6:cd:3b:73:36:86:
86:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:39:81:E6:05:D6:0B:DF:CF:B9:80:45:74:9C:F6:59:E3:78:82:81
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/mjmB5gXWC9_PuYBFdJz2WeN4goE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.192.0/18
79.171.8.0/21
80.247.176.0/20
81.3.128.0/18
81.24.128.0/20
82.140.64.0/18
82.196.64.0/19
84.204.0.0/17
84.204.132.0-84.204.136.255
84.204.138.0-84.204.183.255
84.204.188.0-84.204.255.255
93.153.128.0/17
94.25.248.0/21
95.137.0.0/17
109.124.64.0/18
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.144.224.0/19
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.172.0.0/19
213.182.160.0/19
213.243.64.0/18
217.115.80.0/20
217.195.64.0/19
Signature Algorithm: sha256WithRSAEncryption
68:55:0b:13:51:40:b7:3f:24:be:0e:59:aa:b4:ee:c7:87:87:
1c:ad:06:05:53:48:15:4f:75:04:35:35:45:35:88:b8:b4:3b:
be:0a:9b:7a:ca:50:70:36:fd:15:9b:69:8c:84:89:fc:40:31:
f4:f0:4a:2d:14:53:27:9c:ba:58:0d:f1:cd:cd:1c:40:ce:a4:
09:10:17:0b:c5:07:10:f0:d9:4d:ab:e3:06:65:21:73:06:b9:
4e:ea:22:f2:b1:af:04:61:f6:a2:29:60:59:fc:ac:af:92:ef:
54:4d:ac:c5:03:62:ef:04:33:b6:ec:f1:51:d3:0a:35:b6:01:
52:82:d5:fd:d9:c5:52:20:16:f1:a4:5c:df:31:ec:34:53:8f:
bc:dc:a2:d3:50:c1:0b:50:c1:7d:b0:5e:5c:48:61:8c:da:5c:
06:b3:d4:ff:df:a2:a2:bf:39:ae:83:94:2c:de:34:6d:97:0b:
3f:97:d7:8d:8d:a0:87:c3:43:bf:62:6e:e5:c9:a0:8c:07:92:
a3:3f:74:c0:af:37:6c:ae:6c:80:89:f0:1f:56:5a:a5:84:c8:
be:10:ef:bf:63:23:db:31:f5:87:01:22:1c:7e:4f:aa:e3:8e:
4a:e2:07:6e:fa:cc:cd:49:04:4e:a0:a7:f4:92:97:8c:9f:b6:
a6:d8:e0:e4
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAYTx9RMgvwmduip3UIKFoFeHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTMzODAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTM5ODFlNjA1ZDYwYmRmY2ZiOTgwNDU3NDljZjY1OWUzNzg4MjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2c2GVbcrvtHIKnRpaGGfkDnCwPy
1fc6xrOeyLdOnY0kSW7nIZNmHZryxmroLgRkt4BxaWyDeBIXHmAyvTsqe25Ehs7+
9f8H5DksCwqaPVX+ShseTr+YEvFS9thK92oiipMjFSgaI4WY4HJc0rUcOR5pZSey
cwlvXI9wDqHfiKj/cuKB4kEvNFA4YVdlLwQW6wrFhMkDusYyYPSo267kumvcde9h
AVe8VsiYJ2cE9UtNL3S1CHCj2N12x56DhpQpD1WVLTECpbcV6Stt+c8rBMLvHoPF
iaW6F8t4it1N9AMCyOZ9OnkMh/2w4NAhnKJlROQ6nxyRxN7GzTtzNoaGlQIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFJo5geYF1gvfz7mARXSc9lnjeIKBMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvbWptQjVnWFdDOV9QdVlCRmRKejJXZU40Z29FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MIH7BAIAATCB9AME
Bi4vwAMEA0+rCAMEBFD3sAMEBlEDgAMEBFEYgAMEBlKMQAMEBVLEQAMEB1TMADAM
AwQCVMyEAwQAVMyIMAwDBAFUzIoDBANUzLAwCwMEAlTMvAMDAFTMAwQHXZmAAwQD
Xhn4AwQHX4kAAwQGbXxAAwQCuQMgAwQCudKMAwQDvF6oAwMAvKIDBALByeQDBAXD
BYADBAXDEGADBAHDTnQDBAXDkOADBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXU
RWADBAXUd6ADBAXVmqADBAXVqCADBAXVrAADBAXVtqADBAbV80ADBATZc1ADBAXZ
w0AwDQYJKoZIhvcNAQELBQADggEBAGhVCxNRQLc/JL4OWaq07seHhxytBgVTSBVP
dQQ1NUU1iLi0O74Km3rKUHA2/RWbaYyEifxAMfTwSi0UUyeculgN8c3NHEDOpAkQ
FwvFBxDw2U2r4wZlIXMGuU7qIvKxrwRh9qIpYFn8rK+S71RNrMUDYu8EM7bs8VHT
CjW2AVKC1f3ZxVIgFvGkXN8x7DRTj7zcotNQwQtQwX2wXlxIYYzaXAaz1P/foqK/
Oa6DlCzeNG2XCz+X142NoIfDQ79ibuXJoIwHkqM/dMCvN2yubICJ8B9WWqWEyL4Q
779jI9sx9YcBIhx+T6rjjkriB276zM1JBE6gp/SSl4yftqbY4OQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:46 2025 by rpki-client