Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/s5GHcarDsY3tqSJMbvvi9ddNEIU.roa
File: s5GHcarDsY3tqSJMbvvi9ddNEIU.roa (raw, json)
Hash identifier: lnVrWLMWbA1qnSEBECRloPPl93usW75+Des1CqtLl5g=
Subject key identifier: B3:91:87:71:AA:C3:B1:8D:ED:A9:22:4C:6E:FB:E2:F5:D7:4D:10:85
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01850561553D01F30F1793E02E10AEE3A358
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/s5GHcarDsY3tqSJMbvvi9ddNEIU.roa
Signing time: Mon 12 Dec 2022 08:09:02 +0000
ROA not before: Mon 12 Dec 2022 08:09:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31205
IP address blocks: 212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.16.96.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
188.170.247.0/24 maxlen: 24
83.149.50.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
83.149.49.0/24 maxlen: 24
83.149.48.0/24 maxlen: 24
83.149.51.0/24 maxlen: 24
178.176.48.0/24 maxlen: 24
193.201.228.0/22 maxlen: 24
83.169.252.0/22 maxlen: 22
83.169.248.0/22 maxlen: 22
85.26.226.0/24 maxlen: 24
85.26.224.0/24 maxlen: 24
85.26.230.0/24 maxlen: 24
85.26.229.0/24 maxlen: 24
85.26.228.0/24 maxlen: 24
85.26.231.0/24 maxlen: 24
85.26.227.0/24 maxlen: 24
213.154.160.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
46.232.202.0/23 maxlen: 23
46.232.200.0/24 maxlen: 24
185.210.142.0/23 maxlen: 23
185.210.140.0/23 maxlen: 23
212.119.160.0/19 maxlen: 24
178.176.240.0/22 maxlen: 22
178.176.244.0/22 maxlen: 22
78.25.92.0/23 maxlen: 23
78.25.94.0/23 maxlen: 23
37.29.86.0/23 maxlen: 23
188.170.240.0/22 maxlen: 22
31.173.240.0/23 maxlen: 23
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
128.204.66.0/24 maxlen: 24
31.173.242.0/23 maxlen: 23
128.204.67.0/24 maxlen: 24
31.173.244.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:61:55:3d:01:f3:0f:17:93:e0:2e:10:ae:e3:a3:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 08:09:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3918771aac3b18deda9224c6efbe2f5d74d1085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:94:24:42:f9:33:be:98:b2:26:1e:c9:90:d7:
0a:ed:93:68:8f:62:cd:b8:b8:40:10:cd:80:07:ed:
f1:87:fd:83:d6:a0:e3:1a:ef:d8:ca:53:ef:e5:df:
f3:cd:32:29:5a:46:5d:af:bb:d2:7b:cf:e2:af:c8:
3d:25:c4:f9:09:d5:45:2d:f2:6b:f1:f9:f4:1d:49:
b9:d5:fc:77:7d:2d:98:33:ea:e8:1a:9b:d2:c0:ad:
22:44:3d:22:dd:50:24:b5:16:31:a4:7a:b7:c2:87:
1d:4f:eb:ae:01:0c:ea:f2:b9:67:fc:76:76:dc:37:
e1:04:ad:90:a9:0c:60:8c:da:18:1a:34:c9:4f:c4:
17:03:9b:b9:b8:d1:15:ad:28:b7:09:f8:65:cb:9f:
71:97:66:c1:68:d6:7e:d0:81:ba:20:5f:90:df:4a:
4b:c7:48:97:53:85:6f:15:da:5e:81:64:5c:0a:4b:
2d:ef:54:77:14:87:bc:b6:b5:bf:b5:3d:71:c7:4d:
55:94:c1:ca:0d:78:d4:d7:d2:aa:c3:d4:37:35:ba:
64:cb:9e:75:4b:36:34:4a:57:0e:d9:66:5f:db:55:
bc:15:9d:40:7f:7e:65:51:e9:e8:3c:5c:fe:6c:1e:
16:c1:cd:35:94:0f:bd:4d:3d:f0:7f:47:a1:4b:a6:
c0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:91:87:71:AA:C3:B1:8D:ED:A9:22:4C:6E:FB:E2:F5:D7:4D:10:85
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/s5GHcarDsY3tqSJMbvvi9ddNEIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.240.0/21
37.29.86.0/23
46.232.200.0/24
46.232.202.0/23
78.25.92.0/22
83.149.48.0/22
83.169.248.0/21
85.26.224.0/24
85.26.226.0-85.26.231.255
128.204.66.0/23
178.176.48.0/24
178.176.240.0/21
185.210.140.0/22
188.162.0.0/16
188.170.240.0/22
188.170.247.0/24
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
Signature Algorithm: sha256WithRSAEncryption
67:4a:bd:12:c5:9e:37:54:1c:95:b1:b3:09:f7:0e:3b:57:84:
09:fa:b0:ad:5f:17:c0:5c:3d:86:21:2e:2d:67:52:58:c1:a5:
f9:9d:17:4a:a8:f1:dd:13:1a:04:c7:83:17:a6:d7:ab:03:62:
b8:e7:8c:4f:3c:bf:8c:d9:e3:2b:e0:24:3a:ee:66:73:a7:f8:
16:a3:56:4a:2a:05:2d:97:f6:2b:c0:6a:da:9b:ea:17:fb:2d:
ee:61:b0:bb:0b:e9:29:ae:8f:66:6f:50:72:7e:5f:7c:1c:57:
5e:3c:57:5e:2c:d5:75:fb:2b:7d:69:95:25:5d:68:87:26:b3:
41:32:f7:a0:04:b9:35:6b:71:5b:b2:3d:67:b0:41:d5:c1:b2:
2e:05:b6:5b:b6:46:56:6c:b8:07:b0:e8:d3:05:44:b9:7c:f0:
3a:b6:ad:49:24:cf:01:26:22:f8:78:33:51:2e:8f:31:fb:6d:
da:92:ed:6a:12:50:4b:56:3c:e7:bb:7f:8b:cb:ad:b6:bb:67:
24:19:b8:ac:f8:30:da:11:6b:3d:bf:41:9d:76:e6:e5:34:49:
15:f2:fe:89:bd:85:39:6d:fe:46:18:86:6e:37:06:01:c6:ab:
77:d6:13:8c:52:e3:c4:b3:67:f5:40:3a:e4:30:50:f3:cc:77:
e1:b1:3b:ea
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgISAYUFYVU9AfMPF5PgLhCu46NYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDgwOTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzkxODc3MWFhYzNiMThkZWRhOTIyNGM2ZWZiZTJmNWQ3NGQxMDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5QkQvkzvpiyJh7JkNcK7ZNoj2LN
uLhAEM2AB+3xh/2D1qDjGu/YylPv5d/zzTIpWkZdr7vSe8/ir8g9JcT5CdVFLfJr
8fn0HUm51fx3fS2YM+roGpvSwK0iRD0i3VAktRYxpHq3wocdT+uuAQzq8rln/HZ2
3DfhBK2QqQxgjNoYGjTJT8QXA5u5uNEVrSi3Cfhly59xl2bBaNZ+0IG6IF+Q30pL
x0iXU4VvFdpegWRcCkst71R3FIe8trW/tT1xx01VlMHKDXjU19Kqw9Q3Nbpky551
SzY0SlcO2WZf21W8FZ1Af35lUenoPFz+bB4Wwc01lA+9TT3wf0ehS6bAawIDAQAB
o4ICsTCCAq0wHQYDVR0OBBYEFLORh3Gqw7GN7akiTG774vXXTRCFMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvczVHSGNhckRzWTN0cVNKTWJ2dmk5ZGRORUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHGBggrBgEFBQcBBwEB/wSBtjCBszCBsAQCAAEwgakDBAMf
rfADBAElHVYDBAAu6MgDBAEu6MoDBAJOGVwDBAJTlTADBANTqfgDBABVGuAwDAME
AVUa4gMEA1Ua4AMEAYDMQgMEALKwMAMEA7Kw8AMEArnSjAMDALyiAwQCvKrwAwQA
vKr3AwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF
1CxAAwQF1EVgAwQF1HegAwQF1ZqgMA0GCSqGSIb3DQEBCwUAA4IBAQBnSr0SxZ43
VByVsbMJ9w47V4QJ+rCtXxfAXD2GIS4tZ1JYwaX5nRdKqPHdExoEx4MXpterA2K4
54xPPL+M2eMr4CQ67mZzp/gWo1ZKKgUtl/YrwGram+oX+y3uYbC7C+kpro9mb1By
fl98HFdePFdeLNV1+yt9aZUlXWiHJrNBMvegBLk1a3Fbsj1nsEHVwbIuBbZbtkZW
bLgHsOjTBUS5fPA6tq1JJM8BJiL4eDNRLo8x+23aku1qElBLVjznu3+Ly622u2ck
Gbis+DDaEWs9v0GddublNEkV8v6JvYU5bf5GGIZuNwYBxqt31hOMUuPEs2f1QDrk
MFDzzHfhsTvq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:36 2024 by rpki-client on console-ams.rpki-client.org