Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/trIbzAmwT0hpGUz_9Pe1vF--Smo.roa
File: trIbzAmwT0hpGUz_9Pe1vF--Smo.roa (raw, json)
Hash identifier: M4ss64cMnswfjlkHtdLEoBoLDhta/InmhwnFg5snvRM=
Subject key identifier: B6:B2:1B:CC:09:B0:4F:48:69:19:4C:FF:F4:F7:B5:BC:5F:BE:4A:6A
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F1C2B8F553946F13895C3E7DF5AE9F7E
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/trIbzAmwT0hpGUz_9Pe1vF--Smo.roa
Signing time: Thu 08 Dec 2022 12:43:01 +0000
ROA not before: Thu 08 Dec 2022 12:43:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24767
IP address blocks: 212.69.96.0/19 maxlen: 24
212.14.160.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
195.230.64.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
195.16.96.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
178.23.144.0/21 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:c2:b8:f5:53:94:6f:13:89:5c:3e:7d:f5:ae:9f:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 12:43:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6b21bcc09b04f4869194cfff4f7b5bc5fbe4a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0a:99:cf:4d:5b:e7:76:0c:cd:6b:f2:42:cc:
42:d5:fb:30:28:1c:ee:57:92:06:2b:c0:eb:21:74:
d3:f4:e4:71:e5:ff:7b:e0:38:b8:ca:62:95:65:28:
72:d9:11:58:0f:75:ab:01:86:37:7e:b7:bd:70:d0:
c7:e7:0f:e3:7c:ca:5f:38:8b:51:94:d1:c5:43:58:
6a:4a:7d:5a:17:65:95:a6:04:5c:e1:b2:0b:a9:56:
b3:09:2d:36:55:8e:29:37:a8:d8:db:1d:41:62:1c:
0b:1f:dc:64:88:26:ed:07:24:1c:0d:e6:3e:ba:b8:
2f:6e:ce:5e:a6:37:a8:0b:29:e3:64:5d:b4:a4:3e:
cd:e6:14:b9:c2:00:1c:80:f3:df:4c:50:9b:2b:32:
db:75:d1:ca:2f:f7:58:0b:01:3d:6c:19:9f:25:46:
88:0e:96:fc:ed:71:6e:13:a6:38:a4:0f:23:01:4f:
cd:59:83:ba:7a:e0:94:e6:67:20:23:7d:f7:64:c8:
c8:fa:ce:96:de:c0:80:03:69:04:47:a3:de:76:0a:
b2:77:28:84:14:56:4d:2a:1e:08:86:53:cb:2a:88:
77:44:51:61:cc:57:99:57:44:6e:d0:f3:ac:c2:66:
72:57:05:22:13:07:72:7a:4c:50:ce:73:05:b3:09:
d4:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:B2:1B:CC:09:B0:4F:48:69:19:4C:FF:F4:F7:B5:BC:5F:BE:4A:6A
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/trIbzAmwT0hpGUz_9Pe1vF--Smo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
3e:23:9e:11:50:be:2f:33:b4:fe:ac:ac:b9:6b:ac:8a:2c:23:
bb:be:2c:2e:0d:12:a6:06:ce:54:61:2e:a7:b3:b6:78:89:8c:
b6:ef:92:bf:1b:83:d9:97:7f:e1:35:77:77:ea:87:b7:10:45:
32:09:34:56:8d:dc:96:f5:46:97:48:ef:94:11:43:58:95:f9:
71:0c:43:47:7c:8b:56:43:f3:b6:e0:e8:cd:d8:43:46:be:f0:
cc:e4:a7:e2:ba:9e:ff:ff:62:69:87:65:ac:b3:4a:f5:f7:b5:
f1:25:b9:bd:14:a8:b8:b2:d2:f9:87:52:ef:96:69:55:28:6b:
7d:5d:4c:2b:8d:70:37:1c:60:dc:db:92:f4:bc:65:10:50:da:
37:b6:cc:4f:72:d8:07:82:af:b4:bc:6a:f3:d2:26:77:8c:c7:
f0:4b:c5:73:7e:08:60:c2:ba:c6:46:ab:31:00:12:98:11:ac:
6e:1e:f0:4d:28:8f:b2:a8:07:b9:f0:bb:26:e2:e5:20:6f:65:
77:a5:8b:00:22:af:22:cd:88:93:33:c4:ca:7c:93:b1:19:4b:
8d:11:cd:52:91:4a:f7:41:6f:fd:de:58:17:e3:d9:0e:6f:1f:
b9:c9:dd:a9:de:38:a9:6b:87:9c:a3:35:f5:45:ed:ae:fe:79:
e2:1d:1c:a3
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAYTxwrj1U5RvE4lcPn31rp9+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTI0MzAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmIyMWJjYzA5YjA0ZjQ4NjkxOTRjZmZmNGY3YjViYzVmYmU0YTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgqZz01b53YMzWvyQsxC1fswKBzu
V5IGK8DrIXTT9ORx5f974Di4ymKVZShy2RFYD3WrAYY3fre9cNDH5w/jfMpfOItR
lNHFQ1hqSn1aF2WVpgRc4bILqVazCS02VY4pN6jY2x1BYhwLH9xkiCbtByQcDeY+
urgvbs5epjeoCynjZF20pD7N5hS5wgAcgPPfTFCbKzLbddHKL/dYCwE9bBmfJUaI
Dpb87XFuE6Y4pA8jAU/NWYO6euCU5mcgI333ZMjI+s6W3sCAA2kER6PedgqydyiE
FFZNKh4IhlPLKoh3RFFhzFeZV0Ru0POswmZyVwUiEwdyekxQznMFswnUlwIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFLayG8wJsE9IaRlM//T3tbxfvkpqMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvdHJJYnpBbXdUMGhwR1V6XzlQZTF2Ri0tU21vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MH0EAgABMHcDBAaAzEAD
BAOyF5ADBAK5AyADBAK50owDBAO8XqgDAwC8ogMEAsHJ5AMEBcMFgAMEBcMQYAME
AcNOdAMEAMOVbwMEBcPmQAMEBdQOoAMEBdQsQAMEBdRFYAMEBdR3oAMEBdWaoAME
BdWoIAMEBtXzQAMEBNlzUDANBgkqhkiG9w0BAQsFAAOCAQEAPiOeEVC+LzO0/qys
uWusiiwju74sLg0SpgbOVGEup7O2eImMtu+SvxuD2Zd/4TV3d+qHtxBFMgk0Vo3c
lvVGl0jvlBFDWJX5cQxDR3yLVkPztuDozdhDRr7wzOSn4rqe//9iaYdlrLNK9fe1
8SW5vRSouLLS+YdS75ZpVShrfV1MK41wNxxg3NuS9LxlEFDaN7bMT3LYB4KvtLxq
89Imd4zH8EvFc34IYMK6xkarMQASmBGsbh7wTSiPsqgHufC7JuLlIG9ld6WLACKv
Is2IkzPEynyTsRlLjRHNUpFK90Fv/d5YF+PZDm8fucndqd44qWuHnKM19UXtrv55
4h0cow==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:02 2025 by rpki-client