Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ppFhxF7oVKoFfP7r3nIeJLo5W2g.roa
File: ppFhxF7oVKoFfP7r3nIeJLo5W2g.roa (raw, json)
Hash identifier: pSm34ROeLitPJoC2U4DZurvkUWUCO8o0hb7zvDiRWiE=
Subject key identifier: A6:91:61:C4:5E:E8:54:AA:05:7C:FE:EB:DE:72:1E:24:BA:39:5B:68
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505E128985385946CF789E52063B6366F
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ppFhxF7oVKoFfP7r3nIeJLo5W2g.roa
Signing time: Mon 12 Dec 2022 10:28:40 +0000
ROA not before: Mon 12 Dec 2022 10:28:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31205
IP address blocks: 188.170.247.0/24 maxlen: 24
83.149.50.0/24 maxlen: 24
83.149.49.0/24 maxlen: 24
83.149.48.0/24 maxlen: 24
83.149.51.0/24 maxlen: 24
178.176.48.0/24 maxlen: 24
83.169.252.0/22 maxlen: 22
83.169.248.0/22 maxlen: 22
85.26.226.0/24 maxlen: 24
85.26.224.0/24 maxlen: 24
85.26.230.0/24 maxlen: 24
85.26.229.0/24 maxlen: 24
85.26.228.0/24 maxlen: 24
85.26.231.0/24 maxlen: 24
85.26.227.0/24 maxlen: 24
188.162.0.0/16 maxlen: 24
46.232.202.0/23 maxlen: 23
46.232.200.0/24 maxlen: 24
185.210.142.0/23 maxlen: 23
185.210.140.0/23 maxlen: 23
178.176.240.0/22 maxlen: 22
178.176.244.0/22 maxlen: 22
78.25.92.0/23 maxlen: 23
78.25.94.0/23 maxlen: 23
37.29.86.0/23 maxlen: 23
188.170.240.0/22 maxlen: 22
31.173.240.0/23 maxlen: 23
128.204.66.0/24 maxlen: 24
31.173.242.0/23 maxlen: 23
128.204.67.0/24 maxlen: 24
31.173.244.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:e1:28:98:53:85:94:6c:f7:89:e5:20:63:b6:36:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 10:28:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a69161c45ee854aa057cfeebde721e24ba395b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:15:3b:b2:35:52:86:bf:70:e8:95:2b:72:73:
35:c2:52:de:62:cc:78:f7:2e:85:f3:02:ae:6c:20:
a9:45:51:2d:b4:04:23:af:14:46:1f:8f:4d:12:85:
d4:f0:b0:c2:89:d8:c0:9f:28:a3:c2:99:03:1c:66:
17:5f:56:b4:b7:65:02:d7:4d:92:3b:b6:df:35:39:
0f:f4:5a:c1:c1:b0:88:1a:a4:fc:db:f4:b8:57:56:
be:72:f6:2f:c5:e9:05:3f:78:b5:6b:cb:a5:aa:0d:
16:4e:91:57:e8:cd:44:67:07:46:77:1e:cf:aa:79:
da:62:90:25:08:f5:14:41:59:7b:58:68:b3:98:af:
0f:bb:24:3e:f3:4c:1d:94:6c:7b:f2:59:e6:ac:68:
94:79:36:f3:12:5a:f9:10:ca:5c:8d:83:11:ee:72:
ff:fb:b2:4c:92:b0:c7:9c:a3:04:9c:94:cf:e0:ad:
b2:26:f0:c7:16:d4:3e:f0:a1:7c:c0:c6:55:de:09:
15:d9:55:57:77:e5:9b:fa:1c:b3:67:a7:40:54:78:
3d:81:a1:dc:2b:92:e0:4f:c8:6c:7d:8a:21:a6:ff:
c1:8a:f8:ea:d0:c5:17:e2:08:6c:42:7c:e0:2e:32:
4c:12:fa:fd:93:d4:67:b7:9b:e1:53:43:d1:33:75:
e7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:91:61:C4:5E:E8:54:AA:05:7C:FE:EB:DE:72:1E:24:BA:39:5B:68
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ppFhxF7oVKoFfP7r3nIeJLo5W2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.240.0/21
37.29.86.0/23
46.232.200.0/24
46.232.202.0/23
78.25.92.0/22
83.149.48.0/22
83.169.248.0/21
85.26.224.0/24
85.26.226.0-85.26.231.255
128.204.66.0/23
178.176.48.0/24
178.176.240.0/21
185.210.140.0/22
188.162.0.0/16
188.170.240.0/22
188.170.247.0/24
Signature Algorithm: sha256WithRSAEncryption
44:c6:a0:32:9d:04:73:51:93:45:ff:54:64:fd:83:72:3c:d3:
5a:45:af:e7:59:b2:7c:8d:26:cc:54:c8:29:ea:aa:ae:06:45:
d2:e4:a8:3b:b7:fc:b5:39:62:23:1e:ed:0b:5a:15:3a:9e:5e:
b2:4a:41:ff:41:fa:ad:30:7d:b5:76:03:9a:a3:9f:87:57:3d:
fe:35:17:22:dd:96:b9:fe:4c:55:00:b1:26:39:c5:a7:97:1d:
02:90:e4:d0:76:fc:7d:c0:80:de:e8:bb:ff:07:b5:cc:58:8f:
eb:29:0e:b3:61:67:0f:a4:b2:57:ab:41:35:91:88:96:cb:16:
96:be:33:69:f7:70:87:6a:a9:ba:48:23:2c:3d:1a:c5:0d:dd:
90:23:16:45:1a:1a:86:2d:19:ad:ba:ae:a3:8a:1c:b3:c4:1a:
87:20:d5:f4:b5:50:68:ee:6f:24:2f:50:34:d8:f3:68:07:c8:
1b:5c:e2:af:14:f9:c1:63:e8:5d:ef:29:52:5b:51:77:f6:85:
d8:e0:b8:ec:5d:4d:8d:44:32:e5:bf:83:a5:f1:72:36:6b:93:
fb:03:73:1a:e7:43:c6:2c:46:12:90:6e:cf:29:ed:4a:cd:c3:
04:2b:4b:23:31:e5:8a:0f:22:1c:16:6f:33:97:7e:c4:8c:a2:
2f:3a:40:86
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAYUF4SiYU4WUbPeJ5SBjtjZvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTAyODQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjkxNjFjNDVlZTg1NGFhMDU3Y2ZlZWJkZTcyMWUyNGJhMzk1YjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBU7sjVShr9w6JUrcnM1wlLeYsx4
9y6F8wKubCCpRVEttAQjrxRGH49NEoXU8LDCidjAnyijwpkDHGYXX1a0t2UC102S
O7bfNTkP9FrBwbCIGqT82/S4V1a+cvYvxekFP3i1a8ulqg0WTpFX6M1EZwdGdx7P
qnnaYpAlCPUUQVl7WGizmK8PuyQ+80wdlGx78lnmrGiUeTbzElr5EMpcjYMR7nL/
+7JMkrDHnKMEnJTP4K2yJvDHFtQ+8KF8wMZV3gkV2VVXd+Wb+hyzZ6dAVHg9gaHc
K5LgT8hsfYohpv/Bivjq0MUX4ghsQnzgLjJMEvr9k9Rnt5vhU0PRM3XnhwIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFKaRYcRe6FSqBXz+695yHiS6OVtoMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvcHBGaHhGN29WS29GZlA3cjNuSWVKTG81VzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wbQQCAAEwZwMEAx+t8AME
ASUdVgMEAC7oyAMEAS7oygMEAk4ZXAMEAlOVMAMEA1Op+AMEAFUa4DAMAwQBVRri
AwQDVRrgAwQBgMxCAwQAsrAwAwQDsrDwAwQCudKMAwMAvKIDBAK8qvADBAC8qvcw
DQYJKoZIhvcNAQELBQADggEBAETGoDKdBHNRk0X/VGT9g3I801pFr+dZsnyNJsxU
yCnqqq4GRdLkqDu3/LU5YiMe7QtaFTqeXrJKQf9B+q0wfbV2A5qjn4dXPf41FyLd
lrn+TFUAsSY5xaeXHQKQ5NB2/H3AgN7ou/8HtcxYj+spDrNhZw+kslerQTWRiJbL
Fpa+M2n3cIdqqbpIIyw9GsUN3ZAjFkUaGoYtGa26rqOKHLPEGocg1fS1UGjubyQv
UDTY82gHyBtc4q8U+cFj6F3vKVJbUXf2hdjguOxdTY1EMuW/g6XxcjZrk/sDcxrn
Q8YsRhKQbs8p7UrNwwQrSyMx5YoPIhwWbzOXfsSMoi86QIY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:26 2024 by rpki-client on console-fra.rpki-client.org