Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/oq6p3446zGcz1o-HDprrtWq2FXQ.roa
File: oq6p3446zGcz1o-HDprrtWq2FXQ.roa (raw, json)
Hash identifier: xjLsY3CaM+m4hbR2Zk6ylMbOdnacrxbm7IdafdfCyC4=
Subject key identifier: A2:AE:A9:DF:8E:3A:CC:67:33:D6:8F:87:0E:9A:EB:B5:6A:B6:15:74
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185F315C7985E208DC2E4C7BEDA54923855
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/oq6p3446zGcz1o-HDprrtWq2FXQ.roa
Signing time: Fri 27 Jan 2023 11:56:08 +0000
ROA not before: Fri 27 Jan 2023 11:56:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25159
IP address blocks: 195.16.96.0/19 maxlen: 19
193.201.228.0/22 maxlen: 22
109.188.112.0/23 maxlen: 23
109.188.114.0/24 maxlen: 24
195.16.110.0/23 maxlen: 23
195.16.114.0/23 maxlen: 23
85.26.144.0/20 maxlen: 20
109.188.64.0/19 maxlen: 19
109.188.96.0/21 maxlen: 21
78.25.119.0/24 maxlen: 24
94.25.131.0/24 maxlen: 24
94.25.144.0/20 maxlen: 20
94.25.164.0/24 maxlen: 24
94.25.160.0/24 maxlen: 24
212.69.106.0/24 maxlen: 24
94.25.172.0/22 maxlen: 22
94.25.168.0/22 maxlen: 22
212.69.113.0/24 maxlen: 24
212.69.114.0/24 maxlen: 24
188.170.25.0/24 maxlen: 24
188.170.32.0/21 maxlen: 21
188.170.40.0/21 maxlen: 21
37.28.176.0/21 maxlen: 21
178.177.0.0/18 maxlen: 18
178.177.3.0/24 maxlen: 24
78.25.112.0/22 maxlen: 22
78.25.116.0/23 maxlen: 23
78.25.118.0/24 maxlen: 24
94.25.176.0/21 maxlen: 21
212.69.125.0/24 maxlen: 24
94.25.184.0/21 maxlen: 21
128.204.78.0/23 maxlen: 23
128.204.76.0/22 maxlen: 22
37.29.32.0/21 maxlen: 21
128.204.76.0/23 maxlen: 23
178.176.52.0/22 maxlen: 22
178.176.72.0/21 maxlen: 21
31.173.0.0/21 maxlen: 21
195.230.70.0/23 maxlen: 23
31.173.8.0/21 maxlen: 21
178.176.0.0/19 maxlen: 19
213.243.109.0/24 maxlen: 24
213.243.116.0/24 maxlen: 24
83.229.254.0/24 maxlen: 24
178.176.32.0/21 maxlen: 21
178.176.40.0/21 maxlen: 21
31.173.72.0/21 maxlen: 21
31.173.80.0/21 maxlen: 21
31.173.88.0/21 maxlen: 21
188.170.0.0/19 maxlen: 19
188.170.24.0/24 maxlen: 24
31.173.16.0/21 maxlen: 21
31.173.24.0/21 maxlen: 21
195.230.91.0/24 maxlen: 24
195.230.92.0/24 maxlen: 24
31.173.32.0/19 maxlen: 19
31.173.60.0/24 maxlen: 24
31.173.64.0/21 maxlen: 21
62.64.0.0/20 maxlen: 20
83.229.211.0/24 maxlen: 24
46.229.128.0/22 maxlen: 22
83.222.212.0/22 maxlen: 22
83.222.216.0/21 maxlen: 21
2a03:d000:4100::/40 maxlen: 40
2a03:d000:4000::/36 maxlen: 36
2a03:d000:4400::/40 maxlen: 40
2a03:d000:4300::/40 maxlen: 40
2a03:d000:4200::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f3:15:c7:98:5e:20:8d:c2:e4:c7:be:da:54:92:38:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 27 11:56:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2aea9df8e3acc6733d68f870e9aebb56ab61574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:60:ae:60:6b:49:e0:cf:90:db:56:b6:a0:fc:
c0:91:ce:25:9d:49:a5:c0:00:57:73:dc:6a:c6:e4:
bf:34:94:07:fc:5b:52:32:68:9b:5c:df:61:34:70:
32:c5:0c:de:99:54:ce:8b:a2:25:1a:8a:8e:e6:74:
0a:fe:50:d6:9e:39:35:85:36:61:25:5d:e6:0c:5b:
51:a6:0c:f6:ab:5e:e9:0e:e2:61:c5:c9:e5:20:d5:
f9:73:3c:ae:01:58:1f:ee:f9:de:eb:17:2d:91:0e:
d2:56:f8:a1:ee:96:a3:ee:63:f1:92:cd:45:cf:99:
c2:ea:b3:af:75:b5:5e:3c:9f:66:5f:3c:f3:a0:fe:
c0:d0:7f:71:56:b7:d5:fa:de:7f:98:f9:d4:0a:1e:
4d:d0:12:7d:8f:8f:2a:3f:06:4a:56:33:03:6f:c9:
70:6f:07:a4:0b:f7:b0:dd:7f:37:42:a3:3e:d9:e9:
08:4e:b5:ee:a8:53:1e:e8:1a:03:4a:b5:28:5f:bb:
64:0c:5b:2c:fd:d5:75:24:4b:90:b8:aa:a7:14:ac:
65:5a:b0:25:0a:ad:ab:c6:e4:bf:39:95:6d:69:0d:
10:93:eb:e5:f5:a0:e9:aa:81:ba:3e:49:f4:0b:96:
52:f2:cd:18:d7:c2:b1:d2:71:16:ee:e9:b5:0b:8a:
04:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:AE:A9:DF:8E:3A:CC:67:33:D6:8F:87:0E:9A:EB:B5:6A:B6:15:74
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/oq6p3446zGcz1o-HDprrtWq2FXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.0.0-31.173.95.255
37.28.176.0/21
37.29.32.0/21
46.229.128.0/22
62.64.0.0/20
78.25.112.0/21
83.222.212.0-83.222.223.255
83.229.211.0/24
83.229.254.0/24
85.26.144.0/20
94.25.131.0/24
94.25.144.0-94.25.160.255
94.25.164.0/24
94.25.168.0-94.25.191.255
109.188.64.0-109.188.103.255
109.188.112.0-109.188.114.255
128.204.76.0/22
178.176.0.0-178.176.47.255
178.176.52.0/22
178.176.72.0/21
178.177.0.0/18
188.170.0.0-188.170.47.255
193.201.228.0/22
195.16.96.0/19
195.230.70.0/23
195.230.91.0-195.230.92.255
212.69.106.0/24
212.69.113.0-212.69.114.255
212.69.125.0/24
213.243.109.0/24
213.243.116.0/24
IPv6:
2a03:d000:4000::/36
Signature Algorithm: sha256WithRSAEncryption
21:5a:af:c2:56:55:43:8f:d6:05:2c:9f:6c:36:a6:38:0a:56:
3f:28:97:72:23:a0:f2:7b:c1:7b:97:f3:3b:4d:4a:7b:a2:67:
df:93:31:35:81:15:ef:0a:b0:0a:1d:86:3b:46:8b:16:50:01:
d5:e5:c7:e9:45:05:6e:7a:79:a1:9c:a4:57:55:0e:a3:95:f1:
db:d0:9c:be:de:83:3d:eb:06:16:3c:80:d8:54:6a:8b:53:5a:
f2:85:9b:65:87:94:11:dd:e5:ea:92:64:7d:4f:7d:6c:9c:e7:
f2:0a:91:e0:b2:b8:0d:0b:e7:6f:b0:03:c7:28:e2:b7:7c:b6:
e7:fa:b5:d6:75:1e:51:f4:db:bf:58:43:06:17:9a:b3:e3:8d:
16:3d:3f:bc:c9:dc:56:64:1e:cc:ea:c0:68:e4:32:c5:f5:9b:
44:61:61:10:98:c4:85:c7:53:86:7e:c8:65:32:3f:17:de:5d:
9c:8c:7f:dd:ad:c8:17:82:a3:06:16:83:0d:d9:5b:9f:cd:fe:
18:82:0c:d6:e3:14:bf:20:ad:82:5c:95:38:92:ad:4a:c9:d2:
fb:d5:03:2d:e3:ca:65:d5:35:2e:cc:79:f3:74:14:a9:53:87:
bd:52:ab:1e:de:77:c7:10:a5:87:23:e6:25:1d:de:c2:c1:2a:
10:36:14:d6
-----BEGIN CERTIFICATE-----
MIIGGDCCBQCgAwIBAgISAYXzFceYXiCNwuTHvtpUkjhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTI3MTE1NjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmFlYTlkZjhlM2FjYzY3MzNkNjhmODcwZTlhZWJiNTZhYjYxNTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGCuYGtJ4M+Q21a2oPzAkc4lnUml
wABXc9xqxuS/NJQH/FtSMmibXN9hNHAyxQzemVTOi6IlGoqO5nQK/lDWnjk1hTZh
JV3mDFtRpgz2q17pDuJhxcnlINX5czyuAVgf7vne6xctkQ7SVvih7paj7mPxks1F
z5nC6rOvdbVePJ9mXzzzoP7A0H9xVrfV+t5/mPnUCh5N0BJ9j48qPwZKVjMDb8lw
bwekC/ew3X83QqM+2ekITrXuqFMe6BoDSrUoX7tkDFss/dV1JEuQuKqnFKxlWrAl
Cq2rxuS/OZVtaQ0Qk+vl9aDpqoG6Pkn0C5ZS8s0Y18Kx0nEW7um1C4oE/QIDAQAB
o4IDJDCCAyAwHQYDVR0OBBYEFKKuqd+OOsxnM9aPhw6a67VqthV0MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvb3E2cDM0NDZ6R2N6MW8tSERwcnJ0V3EyRlhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOAYIKwYBBQUHAQcBAf8EggEnMIIBIzCCAQ8EAgABMIIB
BzALAwMAH60DBAUfrUADBAMlHLADBAMlHSADBAIu5YADBAQ+QAADBANOGXAwDAME
AlPe1AMEBVPewAMEAFPl0wMEAFPl/gMEBFUakAMEAF4ZgzAMAwQEXhmQAwQAXhmg
AwQAXhmkMAwDBANeGagDBAZeGYAwDAMEBm28QAMEA228YDAMAwQEbbxwAwQAbbxy
AwQCgMxMMAsDAwSysAMEBLKwIAMEArKwNAMEA7KwSAMEBrKxADALAwMBvKoDBAS8
qiADBALByeQDBAXDEGADBAHD5kYwDAMEAMPmWwMEAMPmXAMEANRFajAMAwQA1EVx
AwQA1EVyAwQA1EV9AwQA1fNtAwQA1fN0MA4EAgACMAgDBgQqA9AAQDANBgkqhkiG
9w0BAQsFAAOCAQEAIVqvwlZVQ4/WBSyfbDamOApWPyiXciOg8nvBe5fzO01Ke6Jn
35MxNYEV7wqwCh2GO0aLFlAB1eXH6UUFbnp5oZykV1UOo5Xx29Ccvt6DPesGFjyA
2FRqi1Na8oWbZYeUEd3l6pJkfU99bJzn8gqR4LK4DQvnb7ADxyjit3y25/q11nUe
UfTbv1hDBheas+ONFj0/vMncVmQezOrAaOQyxfWbRGFhEJjEhcdThn7IZTI/F95d
nIx/3a3IF4KjBhaDDdlbn83+GIIM1uMUvyCtglyVOJKtSsnS+9UDLePKZdU1Lsx5
83QUqVOHvVKrHt53xxClhyPmJR3ewsEqEDYU1g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:58 2025 by rpki-client