Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/pItVFU5zGkgoYiBHg11AlB1kclQ.roa
File: pItVFU5zGkgoYiBHg11AlB1kclQ.roa (raw, json)
Hash identifier: GtZk2I76YflbI/ETksTO3sz6t/5OakSZd2DEiBuy5zs=
Subject key identifier: A4:8B:55:15:4E:73:1A:48:28:62:20:47:83:5D:40:94:1D:64:72:54
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0875EFEA
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/pItVFU5zGkgoYiBHg11AlB1kclQ.roa
Signing time: Sat 01 Jan 2022 04:02:31 +0000
ROA not before: Sat 01 Jan 2022 04:02:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25159
IP address blocks: 109.188.0.0/16 maxlen: 24
46.29.192.0/21 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.16.96.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
81.24.128.0/20 maxlen: 24
195.78.116.0/23 maxlen: 24
78.41.100.0/22 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
83.169.192.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
188.94.168.0/21 maxlen: 24
37.29.0.0/17 maxlen: 24
46.232.200.0/21 maxlen: 24
78.25.64.0/18 maxlen: 24
37.28.160.0/19 maxlen: 24
62.64.0.0/19 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
212.44.64.0/19 maxlen: 24
46.229.128.0/20 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141946858 (0x875efea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 04:02:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a48b55154e731a4828622047835d40941d647254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c7:bc:c4:68:cf:e4:9c:22:64:f6:7c:7e:e7:
e7:3d:bf:e7:90:5d:df:16:fa:67:dd:c1:2e:f1:a7:
48:e9:d2:da:9e:dc:39:6b:37:41:6d:e5:85:7a:5b:
d6:b2:94:50:8a:83:99:84:69:98:71:57:a6:c7:a1:
2c:0e:4d:76:d8:84:a6:88:46:47:b9:fe:85:11:ed:
09:65:61:4b:48:15:92:e3:c3:49:22:f5:1b:63:02:
74:e2:fb:d9:86:0a:32:c7:a2:94:f6:a7:31:a2:db:
fd:44:3f:71:e4:5b:cf:05:70:c4:b1:61:27:8a:0a:
20:2a:33:e4:1b:c9:61:aa:f8:9e:6a:8c:e4:98:ed:
42:60:f8:0d:4c:94:63:1a:fd:c9:07:67:1f:d8:b0:
39:52:b6:3c:26:60:69:0f:00:d4:77:05:fe:cd:92:
ad:b3:a7:2b:97:5d:58:f6:91:81:b4:7b:b7:ab:27:
c2:84:21:1e:c8:32:1e:b3:36:ae:34:32:fe:82:17:
5d:f4:72:6c:4d:d6:51:35:23:52:d0:d9:5f:07:3f:
2c:30:c2:89:d4:0c:12:78:c6:89:d0:e9:58:82:71:
d3:1b:8d:93:63:b8:27:07:2c:66:d1:77:9b:1e:76:
02:3d:3c:2b:cf:b3:a9:9d:de:5a:16:38:bc:ff:9a:
d9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:8B:55:15:4E:73:1A:48:28:62:20:47:83:5D:40:94:1D:64:72:54
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/pItVFU5zGkgoYiBHg11AlB1kclQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/19
37.29.0.0/17
46.29.192.0/21
46.229.128.0/20
46.232.200.0/21
62.64.0.0/19
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
59:c9:ed:d5:6c:e6:ca:f2:dc:6f:0d:72:06:b2:dc:fc:1d:e9:
96:ce:6b:69:79:44:62:a8:4e:37:f8:14:d6:27:ca:74:f1:94:
4d:31:37:d4:c2:ca:de:a6:0c:4b:c3:c8:fa:b5:79:39:cb:be:
5a:70:25:b3:e0:76:7e:0d:12:18:fa:c6:63:d7:30:d7:b4:ad:
55:f1:28:0b:7d:bf:d8:10:fa:77:fd:22:cb:2e:29:48:50:7a:
15:c6:4e:1c:62:ac:f2:85:03:01:1d:03:8d:96:1a:ac:f3:6f:
a7:99:b8:51:76:03:ab:dc:ea:cc:0f:c3:bb:bc:d1:d9:0d:f2:
31:c6:7d:6c:0f:16:d3:b6:ee:ad:25:23:57:dc:c2:75:af:0b:
53:f7:01:28:60:a9:eb:59:a6:12:27:29:4b:72:d3:6e:4d:71:
b1:a1:db:7b:7c:1d:93:bd:b6:7b:fc:31:49:a0:e3:bb:12:ce:
ac:d4:19:c8:49:76:ae:06:f5:c6:58:8c:87:ac:48:dc:00:ec:
39:97:ff:fd:84:66:ed:c4:24:1c:1f:0b:25:c9:8c:d6:c2:0d:
9d:1c:34:3c:9a:b3:7c:b3:87:95:0a:88:c3:ce:7b:72:bb:96:
55:a5:f2:af:4c:d6:e2:ae:1a:42:8c:26:48:92:ba:26:af:04:
ad:4e:82:79
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIECHXv6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MmQ3YzJhMTA3MmQ3MzUwN2FkYmY2NTA3ZGU2OGFhYWMwMTc4NWMwMB4XDTIyMDEw
MTA0MDIzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTQ4YjU1MTU0ZTcz
MWE0ODI4NjIyMDQ3ODM1ZDQwOTQxZDY0NzI1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/HvMRoz+ScImT2fH7n5z2/55Bd3xb6Z93BLvGnSOnS2p7c
OWs3QW3lhXpb1rKUUIqDmYRpmHFXpsehLA5NdtiEpohGR7n+hRHtCWVhS0gVkuPD
SSL1G2MCdOL72YYKMseilPanMaLb/UQ/ceRbzwVwxLFhJ4oKICoz5BvJYar4nmqM
5JjtQmD4DUyUYxr9yQdnH9iwOVK2PCZgaQ8A1HcF/s2SrbOnK5ddWPaRgbR7t6sn
woQhHsgyHrM2rjQy/oIXXfRybE3WUTUjUtDZXwc/LDDCidQMEnjGidDpWIJx0xuN
k2O4JwcsZtF3mx52Aj08K8+zqZ3eWhY4vP+a2csCAwEAAaOCAxMwggMPMB0GA1Ud
DgQWBBSki1UVTnMaSChiIEeDXUCUHWRyVDAfBgNVHSMEGDAWgBSS18KhBy1zUHrb
9lB95oqqwBeFwDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2t0ZkNvUWN0YzFCNjJfWlFmZWFLcXNBWGhjQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvOWNmZjdjLWYwNWEtNGUwMi1iZWE3LTg5ZTU2YzgwZDFkMC8x
L3BJdFZGVTV6R2tnb1lpQkhnMTFBbEIxa2NsUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
OWNmZjdjLWYwNWEtNGUwMi1iZWE3LTg5ZTU2YzgwZDFkMC8xL2t0ZkNvUWN0YzFC
NjJfWlFmZWFLcXNBWGhjQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AScGCCsGAQUFBwEHAQH/BIIBFjCCARIwggEOBAIAATCCAQYDBAUlHKADBAclHQAD
BAMuHcADBAQu5YADBAMu6MgDBAU+QAADBAVN6aADBAZOGUADBAJOKWQDBANPqwgD
BARQ97ADBARRGIADBAZTqcADBAVT3sADBAdT5YADBAdVGoADBAVWbcADBAJbwdQD
BAddmYADBAdeGYADBAdfiQADBARtSnADBAZtfEADAwBtvAMEBoDMQAMEA7IXkAME
ArkDIAMEArnSjAMEA7xeqAMDALyiAwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQA
w5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1HegAwQF1ZqgAwQF1aggAwQG
1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IBAQBZye3VbObK8txvDXIGstz8HemW
zmtpeURiqE43+BTWJ8p08ZRNMTfUwsrepgxLw8j6tXk5y75acCWz4HZ+DRIY+sZj
1zDXtK1V8SgLfb/YEPp3/SLLLilIUHoVxk4cYqzyhQMBHQONlhqs82+nmbhRdgOr
3OrMD8O7vNHZDfIxxn1sDxbTtu6tJSNX3MJ1rwtT9wEoYKnrWaYSJylLctNuTXGx
odt7fB2TvbZ7/DFJoOO7Es6s1BnISXauBvXGWIyHrEjcAOw5l//9hGbtxCQcHwsl
yYzWwg2dHDQ8mrN8s4eVCojDzntyu5ZVpfKvTNbirhpCjCZIkromrwStToJ5
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:36:09 2025 by rpki-client