Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/uB2hwA3IJcLRFryI-xNIJVFFwto.roa
File: uB2hwA3IJcLRFryI-xNIJVFFwto.roa (raw, json)
Hash identifier: SBdY3rI9n9voQqo7n8He22UT/8A3rBpJ1ZwBj+auCsU=
Subject key identifier: B8:1D:A1:C0:0D:C8:25:C2:D1:16:BC:88:FB:13:48:25:51:45:C2:DA
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505E12A1A88024B0E170F5BFF119B1650
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/uB2hwA3IJcLRFryI-xNIJVFFwto.roa
Signing time: Mon 12 Dec 2022 10:28:40 +0000
ROA not before: Mon 12 Dec 2022 10:28:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31213
IP address blocks: 85.26.128.0/20 maxlen: 20
85.26.208.0/22 maxlen: 22
85.26.212.0/22 maxlen: 22
109.188.128.0/17 maxlen: 17
85.26.216.0/22 maxlen: 22
85.26.220.0/22 maxlen: 22
188.170.80.0/21 maxlen: 21
78.25.120.0/22 maxlen: 22
188.170.92.0/22 maxlen: 22
188.162.0.0/16 maxlen: 24
37.28.160.0/21 maxlen: 21
85.26.248.0/22 maxlen: 22
85.26.252.0/22 maxlen: 22
37.28.168.0/21 maxlen: 21
78.25.96.0/21 maxlen: 21
78.25.104.0/22 maxlen: 22
188.170.68.0/24 maxlen: 24
188.170.65.0/24 maxlen: 24
188.170.66.0/24 maxlen: 24
188.170.67.0/24 maxlen: 24
78.25.108.0/22 maxlen: 22
188.170.72.0/21 maxlen: 21
94.25.228.0/23 maxlen: 23
94.25.232.0/21 maxlen: 21
37.29.71.0/24 maxlen: 24
37.29.68.0/23 maxlen: 23
37.29.70.0/24 maxlen: 24
83.149.0.0/21 maxlen: 21
128.204.74.0/24 maxlen: 24
128.204.75.0/24 maxlen: 24
94.25.208.0/22 maxlen: 22
37.29.48.0/21 maxlen: 21
37.29.56.0/21 maxlen: 21
94.25.216.0/21 maxlen: 21
94.25.224.0/21 maxlen: 21
37.29.64.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:e1:2a:1a:88:02:4b:0e:17:0f:5b:ff:11:9b:16:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 10:28:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b81da1c00dc825c2d116bc88fb1348255145c2da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ca:40:31:e9:bc:c8:b4:19:76:87:ce:4f:0b:
ec:ba:23:a4:cf:37:46:4c:50:f1:0b:3d:6b:8b:17:
79:2a:37:9b:04:21:b0:02:51:e1:fe:0e:1b:a0:68:
5c:87:e1:b5:68:7c:98:78:1f:97:e7:6b:91:3a:7e:
67:47:85:68:4c:72:89:3f:ed:a0:2f:56:20:13:4a:
c7:b6:bf:c9:27:54:1a:e1:1f:0b:8d:cc:d6:43:1a:
f2:4a:d9:68:83:01:b3:b1:28:72:9a:4c:63:3d:8f:
ea:d5:08:a0:f3:d3:88:25:bb:85:b2:0c:8e:61:fc:
fc:30:5c:25:fd:d7:d6:69:47:21:fc:7b:b8:ed:48:
c7:a8:a9:b8:67:f9:93:2d:2e:28:1d:9b:96:a9:ca:
e2:33:d0:12:f5:60:83:fb:ee:b6:6b:7c:46:77:5f:
a6:de:48:8f:53:49:73:77:6f:0c:04:a1:5c:11:4d:
ea:c4:08:4d:66:64:ec:7b:31:e2:e5:3f:0c:d0:ca:
d5:1a:f7:94:8e:4b:ca:43:84:8f:67:0e:ae:c0:dd:
96:f4:d9:11:20:29:47:bd:39:27:30:7b:d6:90:94:
52:20:fa:bd:7e:cb:57:10:63:ab:a4:d6:ac:62:1f:
e0:80:64:98:94:c6:8f:be:32:d8:f7:99:9b:f1:60:
4f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:1D:A1:C0:0D:C8:25:C2:D1:16:BC:88:FB:13:48:25:51:45:C2:DA
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/uB2hwA3IJcLRFryI-xNIJVFFwto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/20
37.29.48.0-37.29.71.255
78.25.96.0/20
78.25.120.0/22
83.149.0.0/21
85.26.128.0/20
85.26.208.0/20
85.26.248.0/21
94.25.208.0/22
94.25.216.0-94.25.239.255
109.188.128.0/17
128.204.74.0/23
188.162.0.0/16
188.170.65.0-188.170.68.255
188.170.72.0-188.170.87.255
188.170.92.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:06:e9:f6:69:b9:fc:bc:90:91:29:af:c3:0e:c5:d6:a7:31:
da:42:35:e6:54:c6:93:02:45:b3:6f:f7:57:5a:8a:ad:6d:ce:
61:74:2d:fc:24:5a:1d:a2:2d:3f:f3:9a:08:99:d7:20:87:90:
0f:b8:97:b5:63:3b:53:13:aa:e4:ec:b2:1b:8b:22:36:75:68:
e4:29:5b:34:33:92:69:a5:d4:06:4a:b7:b4:35:94:ab:8d:07:
a4:f9:63:ef:6f:be:fa:b9:87:d9:94:af:10:13:29:88:1a:15:
89:2a:8b:4a:c7:06:01:83:08:27:57:08:2b:9f:05:52:71:d9:
f9:58:a7:32:7c:2b:f9:ab:ce:a6:9b:fb:75:e6:36:87:c5:78:
33:8e:1c:cd:14:5b:64:5d:3a:64:53:d5:79:92:32:73:13:f5:
80:46:f8:40:15:64:95:ec:13:fd:5e:c0:83:68:65:c0:9d:2a:
4f:f6:6a:83:bf:75:3e:52:fd:d3:4c:1c:11:c3:f4:6a:0c:89:
24:1f:4d:ff:f1:da:19:a9:ab:70:6d:34:40:2d:40:d8:5a:c2:
ab:65:b6:a1:1d:75:34:5d:a9:61:5b:dd:81:65:6c:21:01:fd:
eb:7e:db:ba:f5:45:a2:38:84:da:95:e0:e7:34:43:6f:83:ec:
4a:cf:d1:59
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAYUF4SoaiAJLDhcPW/8RmxZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTAyODQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODFkYTFjMDBkYzgyNWMyZDExNmJjODhmYjEzNDgyNTUxNDVjMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArspAMem8yLQZdofOTwvsuiOkzzdG
TFDxCz1rixd5KjebBCGwAlHh/g4boGhch+G1aHyYeB+X52uROn5nR4VoTHKJP+2g
L1YgE0rHtr/JJ1Qa4R8LjczWQxryStlogwGzsShymkxjPY/q1Qig89OIJbuFsgyO
Yfz8MFwl/dfWaUch/Hu47UjHqKm4Z/mTLS4oHZuWqcriM9AS9WCD++62a3xGd1+m
3kiPU0lzd28MBKFcEU3qxAhNZmTsezHi5T8M0MrVGveUjkvKQ4SPZw6uwN2W9NkR
IClHvTknMHvWkJRSIPq9fstXEGOrpNasYh/ggGSYlMaPvjLY95mb8WBPtQIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFLgdocANyCXC0Ra8iPsTSCVRRcLaMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvdUIyaHdBM0lKY0xSRnJ5SS14TklKVkZGd3RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDCBhQQCAAEwfwMEBCUc
oDAMAwQEJR0wAwQDJR1AAwQEThlgAwQCThl4AwQDU5UAAwQEVRqAAwQEVRrQAwQD
VRr4AwQCXhnQMAwDBANeGdgDBAReGeADBAdtvIADBAGAzEoDAwC8ojAMAwQAvKpB
AwQAvKpEMAwDBAO8qkgDBAO8qlADBAK8qlwwDQYJKoZIhvcNAQELBQADggEBAA0G
6fZpufy8kJEpr8MOxdanMdpCNeZUxpMCRbNv91daiq1tzmF0LfwkWh2iLT/zmgiZ
1yCHkA+4l7VjO1MTquTsshuLIjZ1aOQpWzQzkmml1AZKt7Q1lKuNB6T5Y+9vvvq5
h9mUrxATKYgaFYkqi0rHBgGDCCdXCCufBVJx2flYpzJ8K/mrzqab+3XmNofFeDOO
HM0UW2RdOmRT1XmSMnMT9YBG+EAVZJXsE/1ewINoZcCdKk/2aoO/dT5S/dNMHBHD
9GoMiSQfTf/x2hmpq3BtNEAtQNhawqtltqEddTRdqWFb3YFlbCEB/et+27r1RaI4
hNqV4Oc0Q2+D7ErP0Vk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:45 2025 by rpki-client