Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/u_5Z9B3pdaqb60ZmUrIbm7JlexU.roa
File: u_5Z9B3pdaqb60ZmUrIbm7JlexU.roa (raw, json)
Hash identifier: dRGLpnL+88YLy3daRXzSz8sbf4jPHl9Bh+dCu8OVZz8=
Subject key identifier: BB:FE:59:F4:1D:E9:75:AA:9B:EB:46:66:52:B2:1B:9B:B2:65:7B:15
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F1C2B7FD274BB59A84E25C534F47F698
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/u_5Z9B3pdaqb60ZmUrIbm7JlexU.roa
Signing time: Thu 08 Dec 2022 12:43:00 +0000
ROA not before: Thu 08 Dec 2022 12:43:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20632
IP address blocks: 84.204.230.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
84.204.160.0/20 maxlen: 20
84.204.176.0/21 maxlen: 21
79.171.8.0/21 maxlen: 21
84.204.188.0/22 maxlen: 22
84.204.192.0/18 maxlen: 18
193.201.228.0/22 maxlen: 24
109.124.108.0/22 maxlen: 22
217.195.64.0/19 maxlen: 19
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 18
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
84.204.0.0/17 maxlen: 17
93.153.128.0/17 maxlen: 17
93.153.144.0/21 maxlen: 21
212.69.96.0/19 maxlen: 24
93.153.158.0/24 maxlen: 24
93.153.162.0/24 maxlen: 24
93.153.161.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 20
84.204.132.0/22 maxlen: 22
94.25.248.0/21 maxlen: 21
84.204.139.0/24 maxlen: 24
84.204.138.0/24 maxlen: 24
84.204.136.0/24 maxlen: 24
84.204.140.0/22 maxlen: 22
84.204.144.0/20 maxlen: 20
195.5.128.0/19 maxlen: 24
82.140.64.0/18 maxlen: 18
128.204.64.0/18 maxlen: 24
82.140.93.0/24 maxlen: 24
95.137.0.0/17 maxlen: 17
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
82.196.64.0/19 maxlen: 19
81.24.128.0/20 maxlen: 20
195.78.116.0/23 maxlen: 24
213.172.0.0/19 maxlen: 19
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
195.144.224.0/19 maxlen: 19
81.3.128.0/18 maxlen: 18
213.182.160.0/19 maxlen: 19
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
46.47.192.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:c2:b7:fd:27:4b:b5:9a:84:e2:5c:53:4f:47:f6:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 12:43:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bbfe59f41de975aa9beb466652b21b9bb2657b15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:92:97:9b:89:bc:b4:89:7a:93:5f:7a:49:28:
5b:1b:36:28:af:20:38:8d:0b:5f:53:c3:2c:ae:2a:
dc:69:09:9a:76:b1:c1:30:83:cc:87:d1:e7:a9:b0:
e4:42:b6:34:39:c8:b6:b8:21:49:e9:c5:8c:18:06:
9b:76:2e:6e:e2:9b:66:49:b5:3d:c2:7a:db:ea:d6:
eb:5b:c8:30:c0:21:0b:a8:23:50:a0:9d:79:c1:47:
af:49:4f:4b:fc:b7:3f:fb:61:8d:29:a2:8f:cc:15:
09:a5:47:3d:c6:7a:7c:79:17:d0:d3:70:cc:dd:ff:
12:5f:6f:96:47:53:85:59:16:0e:56:72:b0:03:88:
fa:1f:28:d4:91:54:e0:b2:f1:99:62:ec:76:05:a1:
c8:4c:a0:a6:e8:0e:9b:87:d4:66:13:b6:87:47:cb:
9f:8d:94:2c:0c:24:f0:96:17:8b:b1:97:cb:49:ab:
e7:0f:5f:24:46:04:15:fd:a3:06:e1:5b:e9:5e:be:
b5:a7:3e:f9:7e:e6:a8:7a:e7:ec:64:64:90:53:56:
b1:2d:3a:8f:c2:70:0f:3a:7a:36:e3:ab:f7:63:45:
be:9b:2f:81:a4:38:51:4e:d3:b7:c6:25:96:7b:01:
5d:6a:fa:48:1c:4d:49:83:89:6b:65:6a:be:5c:ab:
f6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:FE:59:F4:1D:E9:75:AA:9B:EB:46:66:52:B2:1B:9B:B2:65:7B:15
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/u_5Z9B3pdaqb60ZmUrIbm7JlexU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.192.0/18
79.171.8.0/21
80.247.176.0/20
81.3.128.0/18
81.24.128.0/20
82.140.64.0/18
82.196.64.0/19
84.204.0.0/17
84.204.132.0-84.204.136.255
84.204.138.0-84.204.183.255
84.204.188.0-84.204.255.255
93.153.128.0/17
94.25.248.0/21
95.137.0.0/17
109.124.64.0/18
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.144.224.0/19
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.172.0.0/19
213.182.160.0/19
213.243.64.0/18
217.115.80.0/20
217.195.64.0/19
Signature Algorithm: sha256WithRSAEncryption
80:23:f2:ea:96:95:89:2c:37:74:e2:0e:ee:5c:0e:3c:4c:cf:
1c:d6:4b:65:1e:3f:0d:5c:d3:99:82:a4:3a:72:78:78:74:d1:
d9:94:e3:4f:73:fd:5c:ad:b9:fc:11:46:95:7f:46:9e:8d:22:
21:2d:91:f6:36:25:30:01:03:87:29:b0:fc:3c:4c:5e:0c:20:
1c:14:77:18:0d:a8:d4:d2:e5:d3:2a:f0:ec:59:1f:72:6a:8e:
ad:8d:e7:c7:10:0c:c6:22:34:16:38:33:08:f6:a5:2a:d4:e7:
38:92:c7:2d:91:5e:25:db:50:a7:09:85:ce:13:82:d6:5e:b9:
85:a7:08:99:f1:95:5e:c5:58:e0:8e:a3:e7:09:d5:7a:5d:e4:
74:48:80:d8:82:c5:a4:1d:4a:7d:14:69:6e:56:62:15:46:24:
59:bd:20:b0:45:ec:a3:69:2e:de:d1:1c:2d:24:0d:f0:d4:4e:
91:17:64:43:92:31:df:e9:7e:59:d0:6f:af:29:ba:3c:30:28:
8d:b3:8c:84:78:c0:39:37:9f:f5:9e:8a:43:ed:03:32:93:92:
7b:01:16:90:a6:69:e9:51:35:1b:05:22:64:1e:ee:76:88:40:
68:dc:dd:b2:92:af:9a:5c:f1:dd:d9:d2:28:4f:61:c3:9c:42:
91:80:db:d6
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISAYTxwrf9J0u1moTiXFNPR/aYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTI0MzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmZlNTlmNDFkZTk3NWFhOWJlYjQ2NjY1MmIyMWI5YmIyNjU3YjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZKXm4m8tIl6k196SShbGzYoryA4
jQtfU8MsrircaQmadrHBMIPMh9HnqbDkQrY0Oci2uCFJ6cWMGAabdi5u4ptmSbU9
wnrb6tbrW8gwwCELqCNQoJ15wUevSU9L/Lc/+2GNKaKPzBUJpUc9xnp8eRfQ03DM
3f8SX2+WR1OFWRYOVnKwA4j6HyjUkVTgsvGZYux2BaHITKCm6A6bh9RmE7aHR8uf
jZQsDCTwlheLsZfLSavnD18kRgQV/aMG4VvpXr61pz75fuaoeufsZGSQU1axLTqP
wnAPOno246v3Y0W+my+BpDhRTtO3xiWWewFdavpIHE1Jg4lrZWq+XKv2ywIDAQAB
o4IDDTCCAwkwHQYDVR0OBBYEFLv+WfQd6XWqm+tGZlKyG5uyZXsVMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvdV81WjlCM3BkYXFiNjBabVVySWJtN0psZXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIQYIKwYBBQUHAQcBAf8EggEQMIIBDDCCAQgEAgABMIIB
AAMEBi4vwAMEA0+rCAMEBFD3sAMEBlEDgAMEBFEYgAMEBlKMQAMEBVLEQAMEB1TM
ADAMAwQCVMyEAwQAVMyIMAwDBAFUzIoDBANUzLAwCwMEAlTMvAMDAFTMAwQHXZmA
AwQDXhn4AwQHX4kAAwQGbXxAAwQGgMxAAwQDsheQAwQCuQMgAwQCudKMAwQDvF6o
AwMAvKIDBALByeQDBAXDBYADBAXDEGADBAHDTnQDBAXDkOADBADDlW8DBAXD5kAD
BAXUDqADBAXULEADBAXURWADBAXUd6ADBAXVmqADBAXVqCADBAXVrAADBAXVtqAD
BAbV80ADBATZc1ADBAXZw0AwDQYJKoZIhvcNAQELBQADggEBAIAj8uqWlYksN3Ti
Du5cDjxMzxzWS2UePw1c05mCpDpyeHh00dmU409z/VytufwRRpV/Rp6NIiEtkfY2
JTABA4cpsPw8TF4MIBwUdxgNqNTS5dMq8OxZH3Jqjq2N58cQDMYiNBY4Mwj2pSrU
5ziSxy2RXiXbUKcJhc4TgtZeuYWnCJnxlV7FWOCOo+cJ1Xpd5HRIgNiCxaQdSn0U
aW5WYhVGJFm9ILBF7KNpLt7RHC0kDfDUTpEXZEOSMd/pflnQb68pujwwKI2zjIR4
wDk3n/WeikPtAzKTknsBFpCmaelRNRsFImQe7naIQGjc3bKSr5pc8d3Z0ihPYcOc
QpGA29Y=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:44:56 2025 by rpki-client