Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/sv5nGVd6UGm9ThofMNg6aEhTGuc.roa
File: sv5nGVd6UGm9ThofMNg6aEhTGuc.roa (raw, json)
Hash identifier: XZFrN3/YPEraXZU90vVIgYQTcg0bSMftnAkLKQPICN8=
Subject key identifier: B2:FE:67:19:57:7A:50:69:BD:4E:1A:1F:30:D8:3A:68:48:53:1A:E7
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F146372F12EDA7B7F25B467E56B37134
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/sv5nGVd6UGm9ThofMNg6aEhTGuc.roa
Signing time: Thu 08 Dec 2022 10:27:01 +0000
ROA not before: Thu 08 Dec 2022 10:27:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24767
IP address blocks: 109.188.0.0/16 maxlen: 24
212.69.96.0/19 maxlen: 24
212.14.160.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
195.230.64.0/19 maxlen: 24
109.74.112.0/20 maxlen: 24
188.94.168.0/21 maxlen: 24
195.16.96.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
178.23.144.0/21 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
109.124.64.0/18 maxlen: 24
128.204.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:46:37:2f:12:ed:a7:b7:f2:5b:46:7e:56:b3:71:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 10:27:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2fe6719577a5069bd4e1a1f30d83a6848531ae7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:eb:bc:47:81:4e:4c:59:1d:15:96:a5:95:e6:
ac:5d:66:dd:f0:0c:fb:0c:77:72:2b:36:f9:18:93:
d5:3c:a6:b0:46:b2:1d:52:1e:71:9f:da:9c:d3:a3:
31:f6:a9:8f:cc:c6:3e:22:33:6f:e9:f6:89:55:59:
7e:bb:af:eb:60:89:1d:30:0f:3d:e6:d9:87:ce:30:
3b:14:ec:9b:40:93:bf:44:6f:c1:34:25:a7:08:54:
72:37:74:00:d5:f9:18:6d:23:42:49:3a:d7:f6:60:
c9:ba:96:00:e8:9a:a2:e3:17:f7:df:8f:bc:f3:12:
0a:71:18:d5:15:70:2f:10:63:d0:3e:96:e1:9a:af:
bb:9d:51:01:ed:01:89:8d:64:ae:38:c8:09:33:8b:
30:ce:a5:03:da:ab:89:9a:8b:68:bf:60:8d:32:8c:
88:1f:63:18:2f:74:f0:30:79:72:f6:f7:50:c3:d1:
8e:a4:b3:0f:e7:4c:8a:fb:91:88:0b:5a:d5:5f:fb:
93:d7:45:71:8d:46:31:98:26:15:03:6c:a6:b3:ac:
46:ca:35:a1:10:ef:5f:18:b0:d1:f9:fb:cf:fa:bc:
1e:bd:62:28:f5:55:77:e4:06:a1:2b:3d:8e:5a:7a:
5a:f8:ab:7d:34:5a:9f:a9:83:d9:da:07:58:3a:8f:
91:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:FE:67:19:57:7A:50:69:BD:4E:1A:1F:30:D8:3A:68:48:53:1A:E7
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/sv5nGVd6UGm9ThofMNg6aEhTGuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
34:71:ac:9a:20:63:c1:70:7c:9e:97:51:07:86:86:5f:1b:f4:
5f:ec:2d:6b:7a:6c:ed:f8:f3:1e:60:2e:e4:e8:58:5e:a7:c5:
2a:c5:97:09:e0:74:47:94:4d:23:f6:b5:c5:9f:3c:4f:7e:9b:
97:a6:0a:aa:d6:b3:bb:0e:76:f7:71:e2:8b:ab:e2:42:3a:95:
5a:b9:b1:0c:fb:85:b8:b9:09:d9:ca:34:9e:00:9a:3d:58:44:
82:d3:05:83:4c:37:14:96:09:1f:99:0c:bc:05:5e:7c:33:9a:
34:38:47:5d:e3:80:49:9a:0a:18:8c:12:d5:36:0f:d2:f3:ec:
74:0f:db:8a:a0:47:1d:14:61:aa:56:0b:a8:a6:23:4c:a7:14:
c5:13:40:04:1b:30:42:95:ee:01:b3:4a:cb:21:9f:64:f5:9f:
d5:05:21:94:e9:95:07:34:01:be:a2:4e:e9:a3:a0:b0:7c:b5:
d3:11:df:75:ea:07:65:0e:d5:47:49:a3:0b:ef:a7:79:cd:ac:
04:85:d8:d4:ed:b1:52:19:02:4f:80:83:0f:9d:33:7a:ab:24:
d1:70:fc:97:86:56:05:33:6b:8c:e8:53:80:20:f1:4a:be:01:
65:01:3b:75:ad:a0:56:2a:b6:dc:a7:7f:0c:94:f6:cc:ac:35:
e2:7d:6b:3c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYTxRjcvEu2nt/JbRn5Ws3E0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTAyNzAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmZlNjcxOTU3N2E1MDY5YmQ0ZTFhMWYzMGQ4M2E2ODQ4NTMxYWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+u8R4FOTFkdFZalleasXWbd8Az7
DHdyKzb5GJPVPKawRrIdUh5xn9qc06Mx9qmPzMY+IjNv6faJVVl+u6/rYIkdMA89
5tmHzjA7FOybQJO/RG/BNCWnCFRyN3QA1fkYbSNCSTrX9mDJupYA6Jqi4xf334+8
8xIKcRjVFXAvEGPQPpbhmq+7nVEB7QGJjWSuOMgJM4swzqUD2quJmotov2CNMoyI
H2MYL3TwMHly9vdQw9GOpLMP50yK+5GIC1rVX/uT10VxjUYxmCYVA2yms6xGyjWh
EO9fGLDR+fvP+rwevWIo9VV35AahKz2OWnpa+Kt9NFqfqYPZ2gdYOo+RTQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFLL+ZxlXelBpvU4aHzDYOmhIUxrnMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvc3Y1bkdWZDZVR205VGhvZk1OZzZhRWhUR3VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBARt
SnADBAZtfEADAwBtvAMEBoDMQAMEA7IXkAMEArkDIAMEArnSjAMEA7xeqAMDALyi
AwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxA
AwQF1EVgAwQF1HegAwQF1ZqgAwQF1aggAwQG1fNAAwQE2XNQMA0GCSqGSIb3DQEB
CwUAA4IBAQA0cayaIGPBcHyel1EHhoZfG/Rf7C1remzt+PMeYC7k6Fhep8UqxZcJ
4HRHlE0j9rXFnzxPfpuXpgqq1rO7Dnb3ceKLq+JCOpVaubEM+4W4uQnZyjSeAJo9
WESC0wWDTDcUlgkfmQy8BV58M5o0OEdd44BJmgoYjBLVNg/S8+x0D9uKoEcdFGGq
VguopiNMpxTFE0AEGzBCle4Bs0rLIZ9k9Z/VBSGU6ZUHNAG+ok7po6CwfLXTEd91
6gdlDtVHSaML76d5zawEhdjU7bFSGQJPgIMPnTN6qyTRcPyXhlYFM2uM6FOAIPFK
vgFlATt1raBWKrbcp38MlPbMrDXifWs8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:38 2025 by rpki-client