Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ojQy-MsPQ2ujw1Qabpuv383qYuk.roa
File: ojQy-MsPQ2ujw1Qabpuv383qYuk.roa (raw, json)
Hash identifier: FVDmf4pJjM9xFLNDKi6SvhM39lCEbb1MhUms3oXag5s=
Subject key identifier: A2:34:32:F8:CB:0F:43:6B:A3:C3:54:1A:6E:9B:AF:DF:CD:EA:62:E9
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F14BC14282B219B3C057D410BAE01B6A
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ojQy-MsPQ2ujw1Qabpuv383qYuk.roa
Signing time: Thu 08 Dec 2022 10:33:04 +0000
ROA not before: Thu 08 Dec 2022 10:33:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47395
IP address blocks: 94.25.128.0/18 maxlen: 18
109.188.0.0/16 maxlen: 24
212.69.96.0/19 maxlen: 24
212.14.160.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
195.230.64.0/19 maxlen: 24
195.16.96.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
178.23.144.0/21 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
109.124.64.0/18 maxlen: 24
128.204.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:4b:c1:42:82:b2:19:b3:c0:57:d4:10:ba:e0:1b:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 10:33:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a23432f8cb0f436ba3c3541a6e9bafdfcdea62e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:03:a6:5b:45:ac:b8:24:37:73:15:f7:52:9e:
d7:ad:3c:f6:d8:10:8a:60:f6:24:67:65:85:d9:e9:
04:71:69:09:ac:7b:c1:32:74:9c:e9:8c:5a:dc:a3:
83:cf:e5:99:72:31:31:80:90:c8:9a:b9:63:f6:ae:
c5:ca:4d:94:a9:63:f8:95:17:1a:eb:74:e0:72:a0:
84:0e:16:e1:16:ef:af:f0:dd:3a:7c:3b:ad:fd:b7:
57:e7:21:68:4d:9f:7f:c9:6e:b0:a3:00:2f:d1:f9:
0a:2d:4d:25:52:dc:4f:2d:a1:d9:ab:2a:0f:93:ea:
4a:a4:30:c8:f4:f0:d7:a7:09:ae:eb:60:66:0d:c6:
7d:b5:cc:e5:8d:ad:25:ef:d5:d8:de:aa:ef:8d:41:
e0:ee:57:ce:f2:e2:87:68:ce:cf:a0:50:7c:86:64:
6e:e6:5e:82:b0:25:c2:81:9b:7f:50:0e:5d:5d:ed:
b7:26:d9:f2:c6:5b:6a:12:32:a7:04:f3:b4:1c:8f:
d1:1d:ac:d2:03:4e:a6:f7:5f:ac:d6:26:da:e6:0d:
e6:e4:da:0d:74:0a:69:3f:ad:7a:20:27:9a:c9:f8:
bd:01:5e:6a:04:3b:7a:d8:ff:84:06:1a:24:ed:ae:
c6:1b:e5:0e:3d:14:aa:01:66:5e:2b:f3:18:55:5c:
ce:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:34:32:F8:CB:0F:43:6B:A3:C3:54:1A:6E:9B:AF:DF:CD:EA:62:E9
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ojQy-MsPQ2ujw1Qabpuv383qYuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.25.128.0/18
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
2c:d5:29:d2:43:fb:1f:66:c9:8b:53:7e:d6:6f:dd:a7:44:f9:
38:a4:24:c4:aa:cf:74:38:bd:d4:bb:77:2e:d5:7d:ec:ef:aa:
d3:4b:7c:62:1e:cd:7e:c0:b1:f9:62:e1:c5:f5:ad:d6:51:1f:
4d:28:d3:c8:b6:d3:33:e7:d8:d9:8f:46:88:c8:ad:d8:76:0e:
cc:19:82:c0:e7:98:b2:95:89:b4:71:c5:0e:dc:3f:57:e7:3e:
be:cf:b1:68:eb:f1:8f:f5:18:ae:a9:30:be:5a:14:46:8a:6c:
27:f3:3f:3d:fa:b9:f1:aa:c0:35:39:61:92:1a:ba:1c:45:e6:
a6:e8:74:be:76:09:c9:56:ed:58:da:a1:38:fb:54:ee:c7:c5:
4a:5d:1a:f0:dc:5e:91:7a:98:8c:27:52:28:32:3f:23:03:8b:
1d:fd:d6:6d:ff:ec:0f:67:9a:bf:a5:77:45:13:eb:16:df:46:
73:22:f6:c9:69:19:5f:fa:86:ce:f0:10:90:e9:29:d9:f2:45:
58:ef:ac:4c:02:56:42:ef:7f:57:0c:a9:4a:20:8e:71:d3:9c:
06:3a:82:d0:d7:f4:46:d8:bf:4b:c0:2d:f5:9b:7a:7b:6d:09:
5f:32:0d:d4:52:b3:4f:11:ec:16:ed:81:a3:ef:ab:65:14:38:
14:c5:45:00
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYTxS8FCgrIZs8BX1BC64BtqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTAzMzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjM0MzJmOGNiMGY0MzZiYTNjMzU0MWE2ZTliYWZkZmNkZWE2MmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6wOmW0WsuCQ3cxX3Up7XrTz22BCK
YPYkZ2WF2ekEcWkJrHvBMnSc6Yxa3KODz+WZcjExgJDImrlj9q7Fyk2UqWP4lRca
63TgcqCEDhbhFu+v8N06fDut/bdX5yFoTZ9/yW6wowAv0fkKLU0lUtxPLaHZqyoP
k+pKpDDI9PDXpwmu62BmDcZ9tczlja0l79XY3qrvjUHg7lfO8uKHaM7PoFB8hmRu
5l6CsCXCgZt/UA5dXe23JtnyxltqEjKnBPO0HI/RHazSA06m91+s1iba5g3m5NoN
dAppP616ICeayfi9AV5qBDt62P+EBhok7a7GG+UOPRSqAWZeK/MYVVzOBwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFKI0MvjLD0Nro8NUGm6br9/N6mLpMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvb2pReS1Nc1BRMnVqdzFRYWJwdXYzODNxWXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAZe
GYADBAZtfEADAwBtvAMEBoDMQAMEA7IXkAMEArkDIAMEArnSjAMEA7xeqAMDALyi
AwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxA
AwQF1EVgAwQF1HegAwQF1ZqgAwQF1aggAwQG1fNAAwQE2XNQMA0GCSqGSIb3DQEB
CwUAA4IBAQAs1SnSQ/sfZsmLU37Wb92nRPk4pCTEqs90OL3Uu3cu1X3s76rTS3xi
Hs1+wLH5YuHF9a3WUR9NKNPIttMz59jZj0aIyK3Ydg7MGYLA55iylYm0ccUO3D9X
5z6+z7Fo6/GP9RiuqTC+WhRGimwn8z89+rnxqsA1OWGSGrocReam6HS+dgnJVu1Y
2qE4+1Tux8VKXRrw3F6RepiMJ1IoMj8jA4sd/dZt/+wPZ5q/pXdFE+sW30ZzIvbJ
aRlf+obO8BCQ6SnZ8kVY76xMAlZC739XDKlKII5x05wGOoLQ1/RG2L9LwC31m3p7
bQlfMg3UUrNPEewW7YGj76tlFDgUxUUA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:55 2025 by rpki-client