Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/rWld6wJtGa92mpBuaGM35a_-DKY.roa
File: rWld6wJtGa92mpBuaGM35a_-DKY.roa (raw, json)
Hash identifier: fQ8WryGMeDRb2yKSkMZSBavd3Sfgy4qbGiiK8/0GTFA=
Subject key identifier: AD:69:5D:EB:02:6D:19:AF:76:9A:90:6E:68:63:37:E5:AF:FE:0C:A6
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184D29A7C318C136CC70D2FC90BFB32FDAD
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/rWld6wJtGa92mpBuaGM35a_-DKY.roa
Signing time: Fri 02 Dec 2022 11:30:50 +0000
ROA not before: Fri 02 Dec 2022 11:30:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31213
IP address blocks: 109.188.0.0/16 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/17 maxlen: 24
79.171.8.0/21 maxlen: 24
193.201.228.0/22 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
78.25.120.0/22 maxlen: 22
188.170.80.0/21 maxlen: 21
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
188.170.92.0/22 maxlen: 22
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
37.28.160.0/21 maxlen: 21
37.28.168.0/21 maxlen: 21
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
78.25.96.0/21 maxlen: 21
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
78.25.104.0/22 maxlen: 22
188.170.66.0/24 maxlen: 24
188.170.68.0/24 maxlen: 24
188.170.65.0/24 maxlen: 24
188.170.67.0/24 maxlen: 24
78.25.108.0/22 maxlen: 22
188.170.72.0/21 maxlen: 21
37.29.71.0/24 maxlen: 24
37.29.68.0/23 maxlen: 23
37.29.70.0/24 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
37.29.48.0/21 maxlen: 21
95.137.0.0/17 maxlen: 24
37.29.56.0/21 maxlen: 21
37.29.64.0/22 maxlen: 22
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
81.24.128.0/20 maxlen: 24
78.41.100.0/22 maxlen: 24
195.78.116.0/23 maxlen: 24
83.169.192.0/18 maxlen: 24
109.74.112.0/20 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.149.0.0/21 maxlen: 21
83.222.192.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
212.44.64.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:9a:7c:31:8c:13:6c:c7:0d:2f:c9:0b:fb:32:fd:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 2 11:30:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad695deb026d19af769a906e686337e5affe0ca6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7b:70:2f:22:c9:de:f0:d3:bf:93:27:4a:d3:
de:28:cd:e5:51:ab:73:fc:c6:a8:e4:df:d8:05:44:
bf:b9:7b:10:27:f1:9d:d8:c3:a5:40:d5:45:ea:ae:
14:85:c2:eb:e5:af:fa:91:2d:2e:be:f3:7b:74:4d:
fc:10:48:b7:fe:47:ac:18:19:87:cd:bd:19:dc:cd:
51:96:38:ed:cd:0b:28:61:d6:7f:35:56:7c:0e:87:
91:c7:d3:19:3f:dc:0f:07:ef:10:4b:c0:34:da:1a:
62:5b:33:e6:2b:cd:73:c3:90:ec:4f:11:58:b5:6b:
4f:9a:da:64:8e:94:76:93:97:2f:90:39:29:c5:b5:
6e:fe:7d:80:9d:c0:c6:6e:e9:94:93:7a:d9:bf:89:
d0:1b:20:7d:c5:cc:95:ee:aa:82:a9:08:40:d0:c1:
33:58:cd:fe:4c:dd:bd:93:81:99:ba:26:14:0d:79:
db:59:af:0e:46:dd:dc:17:86:db:fc:1e:51:f7:49:
5e:91:86:06:56:5f:b4:7a:6e:fe:66:3b:8b:75:4f:
d8:c9:fb:7b:cd:a0:87:5b:13:ea:39:6f:5c:15:bd:
73:93:55:9c:e0:44:9f:0f:56:d5:be:96:03:f2:29:
bd:c0:57:13:a1:0f:ba:50:b2:01:1e:ff:38:23:ea:
21:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:69:5D:EB:02:6D:19:AF:76:9A:90:6E:68:63:37:E5:AF:FE:0C:A6
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/rWld6wJtGa92mpBuaGM35a_-DKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/20
37.29.48.0-37.29.71.255
78.25.96.0/20
78.25.120.0/22
78.41.100.0/22
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.149.0.0/21
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
188.170.65.0-188.170.68.255
188.170.72.0-188.170.87.255
188.170.92.0/22
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
49:b1:80:3c:fc:9b:8b:97:77:51:a8:94:f1:65:a1:33:54:9d:
be:b9:d1:ed:75:8c:16:76:92:6f:d1:82:7b:99:b7:5b:91:59:
6f:4a:c7:46:93:f8:63:ed:4a:f7:dc:32:11:36:e6:7a:76:21:
9f:9f:1d:23:bd:49:ad:c4:e8:88:fd:7c:55:6e:12:4a:fe:e9:
7e:1d:69:81:be:db:8a:46:52:7c:3c:72:9b:a2:3f:f7:33:31:
48:78:a1:14:fa:b1:7d:0e:8d:4b:25:a0:8c:ef:47:fc:35:76:
6a:7b:ee:e8:18:31:6f:1b:92:32:80:6c:1b:fe:a5:1a:91:25:
33:47:87:f3:76:d9:74:1a:27:7b:73:86:22:20:c1:cf:b3:b8:
a5:51:d9:de:51:0e:e8:60:ff:89:78:11:3a:09:65:c5:d7:62:
bf:0c:c9:e8:c1:c3:2e:9e:09:84:5b:a6:1e:59:69:88:b3:22:
06:ed:e5:d9:2f:ea:de:ec:21:a8:17:89:cf:67:51:fb:08:21:
cd:8d:dc:0e:1b:1f:be:15:06:4d:9b:56:d5:8c:e5:3f:f3:8c:
a9:5d:9b:8d:38:02:49:dc:4d:7a:48:61:fd:51:9b:58:8f:35:
3e:5a:47:36:8d:c8:8c:a3:86:5e:39:25:e8:7b:f0:54:28:8c:
8a:6f:81:e6
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgISAYTSmnwxjBNsxw0vyQv7Mv2tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjAyMTEzMDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDY5NWRlYjAyNmQxOWFmNzY5YTkwNmU2ODYzMzdlNWFmZmUwY2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHtwLyLJ3vDTv5MnStPeKM3lUatz
/Mao5N/YBUS/uXsQJ/Gd2MOlQNVF6q4UhcLr5a/6kS0uvvN7dE38EEi3/kesGBmH
zb0Z3M1RljjtzQsoYdZ/NVZ8DoeRx9MZP9wPB+8QS8A02hpiWzPmK81zw5DsTxFY
tWtPmtpkjpR2k5cvkDkpxbVu/n2AncDGbumUk3rZv4nQGyB9xcyV7qqCqQhA0MEz
WM3+TN29k4GZuiYUDXnbWa8ORt3cF4bb/B5R90lekYYGVl+0em7+ZjuLdU/Yyft7
zaCHWxPqOW9cFb1zk1Wc4ESfD1bVvpYD8im9wFcToQ+6ULIBHv84I+oh4QIDAQAB
o4IDKzCCAycwHQYDVR0OBBYEFK1pXesCbRmvdpqQbmhjN+Wv/gymMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvcldsZDZ3SnRHYTkybXBCdWFHTTM1YV8tREtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPwYIKwYBBQUHAQcBAf8EggEuMIIBKjCCASYEAgABMIIB
HgMEBCUcoDAMAwQEJR0wAwQDJR1AAwQEThlgAwQCThl4AwQCTilkAwQDT6sIAwQE
UPewAwQEURiAAwQDU5UAAwQGU6nAAwQFU97AAwQHU+WAAwQHVRqAAwQFVm3AAwQC
W8HUAwQHXZmAAwQHXhmAAwQHX4kAAwQEbUpwAwQGbXxAAwMAbbwDBAaAzEADBAOy
F5ADBAK5AyADBAK50owDBAO8XqgDAwC8ojAMAwQAvKpBAwQAvKpEMAwDBAO8qkgD
BAO8qlADBAK8qlwDBALByeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kAD
BAXUDqADBAXULEADBAXURWADBAXUd6ADBAXVmqADBAXVqCADBAbV80ADBATZc1Aw
DQYJKoZIhvcNAQELBQADggEBAEmxgDz8m4uXd1GolPFloTNUnb650e11jBZ2km/R
gnuZt1uRWW9Kx0aT+GPtSvfcMhE25np2IZ+fHSO9Sa3E6Ij9fFVuEkr+6X4daYG+
24pGUnw8cpuiP/czMUh4oRT6sX0OjUsloIzvR/w1dmp77ugYMW8bkjKAbBv+pRqR
JTNHh/N22XQaJ3tzhiIgwc+zuKVR2d5RDuhg/4l4EToJZcXXYr8MyejBwy6eCYRb
ph5ZaYizIgbt5dkv6t7sIagXic9nUfsIIc2N3A4bH74VBk2bVtWM5T/zjKldm404
AkncTXpIYf1Rm1iPNT5aRzaNyIyjhl45Jeh78FQojIpvgeY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:42 2025 by rpki-client