Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/nwZ0Qig8qLeWhkjYIC_hjEj7INI.roa
File: nwZ0Qig8qLeWhkjYIC_hjEj7INI.roa (raw, json)
Hash identifier: b9a23DJrWaj0sQiUo4xsO4Vd0humb3DTFievxQLd9TU=
Subject key identifier: 9F:06:74:42:28:3C:A8:B7:96:86:48:D8:20:2F:E1:8C:48:FB:20:D2
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F127239BE71FF0B212A086910910FC4D
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/nwZ0Qig8qLeWhkjYIC_hjEj7INI.roa
Signing time: Thu 08 Dec 2022 09:53:04 +0000
ROA not before: Thu 08 Dec 2022 09:53:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35298
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.16.96.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 22
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
178.176.154.0/23 maxlen: 23
31.173.176.0/20 maxlen: 20
94.25.128.0/17 maxlen: 24
212.69.96.0/19 maxlen: 24
109.74.112.0/20 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
37.29.76.0/22 maxlen: 22
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:27:23:9b:e7:1f:f0:b2:12:a0:86:91:09:10:fc:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 09:53:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f067442283ca8b7968648d8202fe18c48fb20d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5c:d4:31:1b:a3:d7:65:79:b6:72:34:c0:bd:
dd:f3:7b:a7:98:ed:08:f7:13:6f:8c:e5:1a:13:5d:
dc:fb:fa:bc:2a:ba:f4:44:a3:50:7b:72:97:c8:c5:
14:e3:6b:21:76:82:e4:28:aa:7f:37:5c:f6:f2:5b:
10:b8:03:e3:d9:8d:12:81:91:d7:49:58:f5:d9:0d:
61:94:ef:52:15:8c:75:4e:6b:8b:4c:30:94:fd:ae:
7e:d2:a1:88:05:d4:cb:90:7d:41:1e:b5:21:91:12:
e6:13:e5:39:65:89:f1:32:a2:2b:8a:7d:ba:8b:ef:
24:73:a1:b8:9b:94:a9:66:4e:cc:24:13:be:b8:2c:
b7:fb:5f:13:c4:8f:1c:22:70:d6:9d:1b:4b:6a:1a:
e6:e5:54:d7:9a:10:0d:40:66:3f:33:b0:8f:83:51:
f3:78:3a:9d:b3:f6:44:81:2e:83:15:58:2a:96:79:
da:13:ef:db:14:6b:4d:a1:4b:6f:2d:01:3e:e5:8d:
0f:c5:a6:94:fc:6e:f6:28:75:de:60:0d:4c:77:ad:
3f:08:39:c0:12:66:71:71:68:f7:d6:24:ef:f5:c6:
bc:25:f2:5e:2e:e1:1d:0d:0c:47:43:15:2a:70:4c:
08:2e:14:29:ee:a0:2c:c5:5f:54:7a:cf:93:03:dc:
5b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:06:74:42:28:3C:A8:B7:96:86:48:D8:20:2F:E1:8C:48:FB:20:D2
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/nwZ0Qig8qLeWhkjYIC_hjEj7INI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.176.0/20
37.29.76.0/22
78.41.100.0/22
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.154.0/23
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
54:29:a7:75:42:0b:d9:fa:56:95:fd:e7:4b:21:ab:5e:ec:f5:
3c:a5:6f:69:2e:7b:ac:7b:b8:d5:55:cb:6c:18:c5:7b:5a:56:
09:e9:66:cc:74:03:b4:95:92:1b:f7:28:29:0b:21:07:45:85:
23:5f:cd:d6:3c:cc:71:0c:72:30:b4:4f:62:1e:d3:ec:51:05:
8d:46:d1:db:1c:b1:31:5f:6d:65:37:36:e9:5e:93:e5:9f:fc:
70:f8:d6:8b:a7:14:07:9a:c4:48:67:8a:d0:8d:ee:8d:f4:6b:
51:92:52:c6:63:da:4c:d6:84:ad:af:2b:94:76:24:13:da:9d:
28:c9:c6:2d:8b:69:1f:0c:38:5c:ea:c4:c4:eb:6c:f5:e7:32:
2e:5d:ff:e0:37:b0:3c:0c:33:59:37:f5:2d:07:3c:db:32:5f:
95:71:7e:35:d3:ba:e1:53:3a:cd:d7:c4:72:86:4d:cf:33:e8:
c9:43:e1:ec:f2:ef:bc:f0:23:02:ef:fc:b4:2a:65:61:39:32:
c2:25:ab:32:77:26:a5:20:4d:63:78:16:9e:d1:56:cd:34:89:
b7:d0:0c:7d:91:a2:d5:84:a0:23:87:b0:66:82:74:fe:b8:4b:
6c:7c:6c:78:46:51:06:20:28:d7:12:8b:30:96:4e:6b:0c:dd:
34:4b:6e:b8
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYTxJyOb5x/wshKghpEJEPxNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MDk1MzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjA2NzQ0MjI4M2NhOGI3OTY4NjQ4ZDgyMDJmZTE4YzQ4ZmIyMGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFzUMRuj12V5tnI0wL3d83unmO0I
9xNvjOUaE13c+/q8Krr0RKNQe3KXyMUU42shdoLkKKp/N1z28lsQuAPj2Y0SgZHX
SVj12Q1hlO9SFYx1TmuLTDCU/a5+0qGIBdTLkH1BHrUhkRLmE+U5ZYnxMqIrin26
i+8kc6G4m5SpZk7MJBO+uCy3+18TxI8cInDWnRtLahrm5VTXmhANQGY/M7CPg1Hz
eDqds/ZEgS6DFVgqlnnaE+/bFGtNoUtvLQE+5Y0PxaaU/G72KHXeYA1Md60/CDnA
EmZxcWj31iTv9ca8JfJeLuEdDQxHQxUqcEwILhQp7qAsxV9Ues+TA9xblQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFJ8GdEIoPKi3loZI2CAv4YxI+yDSMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvbndaMFFpZzhxTGVXaGtqWUlDX2hqRWo3SU5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBswQCAAEwgawDBAQf
rbADBAIlHUwDBAJOKWQDBAdeGYADBAdfiQADBARtSnADBAZtfEADAwBtvAMEBoDM
QAMEA7IXkAMEAbKwmgMEArkDIAMEArnSjAMEA7xeqAMDALyiAwQCwcnkAwQFwwWA
AwQFwxBgAwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1Heg
AwQF1ZqgAwQF1aggAwQG1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IBAQBUKad1
QgvZ+laV/edLIate7PU8pW9pLnuse7jVVctsGMV7WlYJ6WbMdAO0lZIb9ygpCyEH
RYUjX83WPMxxDHIwtE9iHtPsUQWNRtHbHLExX21lNzbpXpPln/xw+NaLpxQHmsRI
Z4rQje6N9GtRklLGY9pM1oStryuUdiQT2p0oycYti2kfDDhc6sTE62z15zIuXf/g
N7A8DDNZN/UtBzzbMl+VcX4107rhUzrN18Ryhk3PM+jJQ+Hs8u+88CMC7/y0KmVh
OTLCJasydyalIE1jeBae0VbNNIm30Ax9kaLVhKAjh7BmgnT+uEtsfGx4RlEGICjX
Eoswlk5rDN00S264
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:43 2025 by rpki-client