Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/slXW-wQyp07SxYDtOpqNfUBtZWk.roa
File: slXW-wQyp07SxYDtOpqNfUBtZWk.roa (raw, json)
Hash identifier: D/8gm6x2Fa6SiKKjmaz3TqTUTSi3ZXQ5QaDfi3E42Ps=
Subject key identifier: B2:55:D6:FB:04:32:A7:4E:D2:C5:80:ED:3A:9A:8D:7D:40:6D:65:69
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01856ED4E53F85F8085891E4517FFAB2EB71
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/slXW-wQyp07SxYDtOpqNfUBtZWk.roa
Signing time: Sun 01 Jan 2023 19:35:24 +0000
ROA not before: Sun 01 Jan 2023 19:35:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31205
IP address blocks: 188.170.247.0/24 maxlen: 24
85.26.226.0/24 maxlen: 24
85.26.224.0/24 maxlen: 24
85.26.230.0/24 maxlen: 24
85.26.229.0/24 maxlen: 24
85.26.228.0/24 maxlen: 24
85.26.231.0/24 maxlen: 24
85.26.227.0/24 maxlen: 24
185.210.142.0/23 maxlen: 23
185.210.140.0/23 maxlen: 23
178.176.240.0/22 maxlen: 22
178.176.244.0/22 maxlen: 22
78.25.92.0/23 maxlen: 23
78.25.94.0/23 maxlen: 23
37.29.86.0/23 maxlen: 23
188.170.240.0/22 maxlen: 22
31.173.240.0/23 maxlen: 23
128.204.66.0/24 maxlen: 24
31.173.242.0/23 maxlen: 23
128.204.67.0/24 maxlen: 24
31.173.244.0/22 maxlen: 22
83.149.50.0/24 maxlen: 24
83.149.49.0/24 maxlen: 24
83.149.48.0/24 maxlen: 24
83.149.51.0/24 maxlen: 24
178.176.48.0/24 maxlen: 24
83.169.252.0/22 maxlen: 22
83.169.248.0/22 maxlen: 22
188.162.0.0/24 maxlen: 24
188.162.4.0/22 maxlen: 22
188.162.2.0/23 maxlen: 23
188.162.1.0/24 maxlen: 24
188.162.8.0/23 maxlen: 23
188.162.10.0/23 maxlen: 23
46.232.202.0/23 maxlen: 23
188.162.12.0/23 maxlen: 23
188.162.14.0/23 maxlen: 23
46.232.200.0/24 maxlen: 24
188.162.81.0/24 maxlen: 24
188.162.85.0/24 maxlen: 24
188.162.79.0/24 maxlen: 24
188.162.83.0/24 maxlen: 24
188.162.80.0/24 maxlen: 24
188.162.84.0/24 maxlen: 24
188.162.89.0/24 maxlen: 24
188.162.86.0/24 maxlen: 24
188.162.87.0/24 maxlen: 24
188.162.92.0/22 maxlen: 22
188.162.78.0/24 maxlen: 24
188.162.72.0/22 maxlen: 22
188.162.76.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:e5:3f:85:f8:08:58:91:e4:51:7f:fa:b2:eb:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 19:35:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b255d6fb0432a74ed2c580ed3a9a8d7d406d6569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:48:98:01:40:3d:4a:d3:1c:db:03:c6:f5:a7:
95:90:30:b0:6f:6d:23:45:df:8d:98:ce:a8:5d:96:
b3:25:e6:1e:a3:f0:18:4e:3f:50:a1:01:5c:38:92:
a7:8b:67:83:96:8e:54:c4:eb:ef:bf:1c:25:c3:5f:
8c:52:34:fa:5d:28:27:8e:eb:91:31:31:8c:6e:be:
5c:7c:72:8f:11:ac:ed:c6:ab:35:c8:b7:c7:f9:17:
86:6a:13:31:22:fa:90:3d:e4:42:f7:5d:7c:d4:72:
55:79:75:11:20:05:6a:bf:00:d3:69:e7:73:71:9c:
32:3c:86:70:1b:c5:53:96:31:ca:11:e8:18:ea:c5:
13:06:e5:39:39:5a:c3:44:fa:f9:30:1b:29:c1:2b:
fc:8c:39:fa:0e:bd:cf:87:2c:8e:89:83:88:9e:7e:
21:73:e9:7d:5f:82:5a:49:b5:5d:a0:d3:97:8b:76:
66:52:dc:91:67:0f:d6:08:35:d1:1b:aa:18:77:17:
fa:21:05:4a:31:e9:60:b4:13:49:6f:69:e5:b9:b8:
4c:6f:14:bb:0c:f3:8e:12:42:7b:ec:36:fc:ca:87:
39:fd:a0:22:16:35:39:11:ab:b2:c2:6e:7f:56:5e:
d9:42:e3:69:13:47:8e:ee:12:1e:1c:21:2a:94:37:
6e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:55:D6:FB:04:32:A7:4E:D2:C5:80:ED:3A:9A:8D:7D:40:6D:65:69
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/slXW-wQyp07SxYDtOpqNfUBtZWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.240.0/21
37.29.86.0/23
46.232.200.0/24
46.232.202.0/23
78.25.92.0/22
83.149.48.0/22
83.169.248.0/21
85.26.224.0/24
85.26.226.0-85.26.231.255
128.204.66.0/23
178.176.48.0/24
178.176.240.0/21
185.210.140.0/22
188.162.0.0/20
188.162.72.0-188.162.81.255
188.162.83.0-188.162.87.255
188.162.89.0/24
188.162.92.0/22
188.170.240.0/22
188.170.247.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:c7:70:be:07:b5:98:62:eb:09:1d:1a:14:fb:28:72:58:e0:
f0:60:f2:7a:9c:d5:df:1f:d6:0d:93:46:b7:44:c0:8a:3d:b0:
cb:3a:92:39:a6:3d:1c:65:fd:99:06:94:e6:f9:23:54:65:0e:
36:5e:a3:f2:fe:66:ab:4c:3e:38:15:a4:b4:32:82:48:17:67:
0a:2f:3b:95:09:4c:e2:9f:9e:6c:6d:65:c0:01:50:d7:81:c5:
02:16:a0:72:27:20:6c:ca:53:77:a2:f9:8c:23:9c:6e:96:a4:
ec:27:ba:1f:13:55:b4:a9:0e:37:22:58:51:f0:f0:2c:0a:d6:
93:10:c2:7f:b7:22:02:7c:8e:59:0a:4d:74:07:19:30:68:7b:
63:20:d4:81:c3:0a:35:64:d3:78:e5:39:c8:3d:39:aa:09:05:
06:60:26:5b:8d:ca:86:ea:7a:8d:a0:56:25:e0:01:1f:71:75:
4b:ba:78:ec:fe:52:5e:ff:61:08:a7:71:98:b3:f2:f4:e5:eb:
3f:47:26:50:4e:1a:47:74:de:88:f7:e4:b4:39:80:f1:5f:60:
7a:7b:33:2c:9e:02:0a:a1:a7:f9:62:44:1d:49:02:4c:35:8b:
3e:57:ec:c8:84:81:f7:5f:ba:fa:f7:7f:8c:6e:87:5d:83:52:
26:e3:b8:33
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAYVu1OU/hfgIWJHkUX/6sutxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTAxMTkzNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjU1ZDZmYjA0MzJhNzRlZDJjNTgwZWQzYTlhOGQ3ZDQwNmQ2NTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUiYAUA9StMc2wPG9aeVkDCwb20j
Rd+NmM6oXZazJeYeo/AYTj9QoQFcOJKni2eDlo5UxOvvvxwlw1+MUjT6XSgnjuuR
MTGMbr5cfHKPEaztxqs1yLfH+ReGahMxIvqQPeRC91181HJVeXURIAVqvwDTaedz
cZwyPIZwG8VTljHKEegY6sUTBuU5OVrDRPr5MBspwSv8jDn6Dr3PhyyOiYOInn4h
c+l9X4JaSbVdoNOXi3ZmUtyRZw/WCDXRG6oYdxf6IQVKMelgtBNJb2nlubhMbxS7
DPOOEkJ77Db8yoc5/aAiFjU5Eauywm5/Vl7ZQuNpE0eO7hIeHCEqlDdu1wIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFLJV1vsEMqdO0sWA7TqajX1AbWVpMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvc2xYVy13UXlwMDdTeFlEdE9wcU5mVUJ0WldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBAMf
rfADBAElHVYDBAAu6MgDBAEu6MoDBAJOGVwDBAJTlTADBANTqfgDBABVGuAwDAME
AVUa4gMEA1Ua4AMEAYDMQgMEALKwMAMEA7Kw8AMEArnSjAMEBLyiADAMAwQDvKJI
AwQBvKJQMAwDBAC8olMDBAO8olADBAC8olkDBAK8olwDBAK8qvADBAC8qvcwDQYJ
KoZIhvcNAQELBQADggEBAD3HcL4HtZhi6wkdGhT7KHJY4PBg8nqc1d8f1g2TRrdE
wIo9sMs6kjmmPRxl/ZkGlOb5I1RlDjZeo/L+ZqtMPjgVpLQygkgXZwovO5UJTOKf
nmxtZcABUNeBxQIWoHInIGzKU3ei+YwjnG6WpOwnuh8TVbSpDjciWFHw8CwK1pMQ
wn+3IgJ8jlkKTXQHGTBoe2Mg1IHDCjVk03jlOcg9OaoJBQZgJluNyobqeo2gViXg
AR9xdUu6eOz+Ul7/YQincZiz8vTl6z9HJlBOGkd03oj35LQ5gPFfYHp7MyyeAgqh
p/liRB1JAkw1iz5X7MiEgfdfuvr3f4xuh12DUibjuDM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:55:30 2025 by rpki-client