Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/rs-HUqjpV9Z7Hf3Q850MHRmvPNE.roa
File: rs-HUqjpV9Z7Hf3Q850MHRmvPNE.roa (raw, json)
Hash identifier: XIWDfG9KkjkR6qEoPEqfoBCMruoXmXyu5XBh4pnPNqo=
Subject key identifier: AE:CF:87:52:A8:E9:57:D6:7B:1D:FD:D0:F3:9D:0C:1D:19:AF:3C:D1
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F243D6DAC4E2FBE7D154759F67AD5556
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/rs-HUqjpV9Z7Hf3Q850MHRmvPNE.roa
Signing time: Thu 08 Dec 2022 15:04:02 +0000
ROA not before: Thu 08 Dec 2022 15:04:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42891
IP address blocks: 212.14.160.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
212.119.160.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
91.193.212.0/22 maxlen: 22
193.201.228.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f2:43:d6:da:c4:e2:fb:e7:d1:54:75:9f:67:ad:55:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 15:04:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aecf8752a8e957d67b1dfdd0f39d0c1d19af3cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:63:a9:4c:4e:cf:dd:d7:53:04:68:fc:86:15:
a3:aa:12:d6:0d:32:4f:f5:8a:81:ca:13:0e:ce:15:
5f:93:61:47:bd:a7:3d:f5:16:07:e8:7b:a9:83:fd:
ec:57:3e:30:89:52:08:c9:03:30:ee:fa:3f:ee:ce:
21:f0:98:2f:57:5b:34:2d:a7:eb:57:8e:a1:4e:f5:
d0:0c:17:94:6b:02:c1:7e:2d:91:7e:2e:2f:bf:fc:
b7:b7:dd:b8:2e:5b:18:c0:5d:17:00:35:01:e9:5b:
09:68:ab:c0:5d:5d:29:c5:ea:cc:0f:1f:dd:9c:b3:
78:06:25:75:2b:17:51:12:f3:4a:ed:a4:37:f4:d4:
4d:f3:3c:5f:e1:9d:91:0e:c8:8f:d6:ad:1e:81:22:
fa:b9:6a:a9:1b:5d:6f:0b:7f:ef:01:c6:7a:f2:24:
8d:27:00:7a:0b:47:2f:10:27:a9:1c:04:06:a4:39:
24:3e:6d:1d:38:2d:b6:94:a1:f7:3b:12:1e:2d:81:
f4:3f:95:4c:25:0d:91:57:d9:7f:f9:e0:bd:3d:f5:
7b:f3:31:27:27:67:f6:20:d0:11:d0:77:f2:b9:0b:
b5:64:fa:2d:17:77:1e:10:26:14:df:3d:a1:f9:43:
14:ca:57:61:6a:c9:4e:bb:6b:59:98:9f:17:98:08:
c9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:CF:87:52:A8:E9:57:D6:7B:1D:FD:D0:F3:9D:0C:1D:19:AF:3C:D1
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/rs-HUqjpV9Z7Hf3Q850MHRmvPNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.212.0/22
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
33:96:54:3f:b8:29:f5:e5:a8:29:52:c1:b6:e7:2d:d3:ee:67:
76:15:80:1f:5a:c7:55:97:95:ca:e4:c2:31:4d:65:25:f9:f7:
2f:2c:2d:6c:b1:2e:b8:4f:73:c3:aa:c4:0a:14:6f:17:a6:39:
0f:53:e2:24:02:ca:9d:ce:47:c0:41:ea:4a:f4:41:ac:c1:21:
09:92:b1:76:20:11:bf:f2:4d:a1:55:35:83:dc:df:95:51:d2:
66:38:db:09:60:a8:2d:8a:5d:27:a9:90:8b:f5:95:be:df:19:
22:d1:40:47:9f:1f:f3:a9:cd:b5:18:3c:e8:b1:1f:ef:ea:40:
9b:94:20:33:5a:83:04:bc:01:06:6e:95:4c:48:2e:e7:53:ef:
39:46:73:32:e1:29:01:6a:fe:15:95:cc:49:47:8a:cf:2e:c6:
60:08:0b:41:1c:12:ce:86:09:09:f3:bb:dc:14:bb:f9:1a:9d:
cd:4d:70:72:34:6c:ae:f5:1c:50:90:27:1b:16:db:2b:7b:eb:
77:e4:56:c3:df:86:00:33:e5:3c:ed:29:e3:ce:c8:9c:12:e4:
bf:df:05:f9:92:6c:ab:a4:8e:af:7c:73:d2:12:11:53:a0:56:
70:b4:b3:2e:ff:30:20:44:a5:06:13:99:84:ac:35:62:f1:9b:
aa:28:44:75
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYTyQ9baxOL759FUdZ9nrVVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTUwNDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWNmODc1MmE4ZTk1N2Q2N2IxZGZkZDBmMzlkMGMxZDE5YWYzY2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2OpTE7P3ddTBGj8hhWjqhLWDTJP
9YqByhMOzhVfk2FHvac99RYH6Hupg/3sVz4wiVIIyQMw7vo/7s4h8JgvV1s0Lafr
V46hTvXQDBeUawLBfi2Rfi4vv/y3t924LlsYwF0XADUB6VsJaKvAXV0pxerMDx/d
nLN4BiV1KxdREvNK7aQ39NRN8zxf4Z2RDsiP1q0egSL6uWqpG11vC3/vAcZ68iSN
JwB6C0cvECepHAQGpDkkPm0dOC22lKH3OxIeLYH0P5VMJQ2RV9l/+eC9PfV78zEn
J2f2INAR0HfyuQu1ZPotF3ceECYU3z2h+UMUyldhaslOu2tZmJ8XmAjJmwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFK7Ph1Ko6VfWex390POdDB0ZrzzRMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvcnMtSFVxanBWOVo3SGYzUTg1ME1IUm12UE5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBlBAIAATBfAwQCW8HUAwMA
vKIDBALByeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXU
LEADBAXURWADBAXUd6ADBAXVmqADBAXVqCADBAbV80ADBATZc1AwDQYJKoZIhvcN
AQELBQADggEBADOWVD+4KfXlqClSwbbnLdPuZ3YVgB9ax1WXlcrkwjFNZSX59y8s
LWyxLrhPc8OqxAoUbxemOQ9T4iQCyp3OR8BB6kr0QazBIQmSsXYgEb/yTaFVNYPc
35VR0mY42wlgqC2KXSepkIv1lb7fGSLRQEefH/OpzbUYPOixH+/qQJuUIDNagwS8
AQZulUxILudT7zlGczLhKQFq/hWVzElHis8uxmAIC0EcEs6GCQnzu9wUu/kanc1N
cHI0bK71HFCQJxsW2yt763fkVsPfhgAz5TztKePOyJwS5L/fBfmSbKukjq98c9IS
EVOgVnC0sy7/MCBEpQYTmYSsNWLxm6ooRHU=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:48:37 2025 by rpki-client