Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/v1fJySo41nToaQyHHYHfmPYWKGU.roa
File: v1fJySo41nToaQyHHYHfmPYWKGU.roa (raw, json)
Hash identifier: EyyTfoY5dx6/P36MC2RGoNxSOfnR5N7nJ5wjVzWQLtU=
Subject key identifier: BF:57:C9:C9:2A:38:D6:74:E8:69:0C:87:1D:81:DF:98:F6:16:28:65
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185F2D373A8D286199B1041FA92F704420A
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/v1fJySo41nToaQyHHYHfmPYWKGU.roa
Signing time: Fri 27 Jan 2023 10:43:42 +0000
ROA not before: Fri 27 Jan 2023 10:43:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12714
IP address blocks: 109.106.213.0/24 maxlen: 24
109.106.214.0/24 maxlen: 24
217.19.104.0/23 maxlen: 23
178.211.1.0/24 maxlen: 24
93.91.224.0/24 maxlen: 24
95.129.92.0/23 maxlen: 23
93.91.232.0/23 maxlen: 23
2a00:d18::/32 maxlen: 32
2a00:16d0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f2:d3:73:a8:d2:86:19:9b:10:41:fa:92:f7:04:42:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 27 10:43:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf57c9c92a38d674e8690c871d81df98f6162865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:03:6b:a5:c7:ba:a5:a1:85:e2:3a:3e:2c:6f:
50:39:fc:a9:e4:e3:03:40:12:01:18:5c:a6:c6:21:
98:dc:5c:90:d0:b8:62:cd:8d:0a:a5:bb:5a:d7:9b:
c9:4f:30:10:d7:36:f1:93:c4:13:30:68:e9:95:61:
55:d6:aa:0b:03:dd:9f:6c:8e:02:e7:80:09:b0:14:
f7:05:af:47:9f:fb:5f:ac:e8:4f:69:d7:33:a1:36:
08:e0:3c:94:56:61:d8:1a:ee:eb:5d:bc:8b:71:1d:
b4:0c:ed:48:f5:34:6b:26:98:2e:fc:49:04:55:a4:
07:db:f9:86:22:8f:7b:70:af:8d:9c:77:fa:b3:ad:
32:49:78:47:a4:48:4c:eb:14:f0:14:bc:42:da:8b:
6d:4c:e3:51:1d:a7:ef:9f:05:49:5f:34:f7:e4:97:
6a:d5:ea:58:ec:0c:c2:89:2f:7c:33:89:cc:0b:9c:
38:e8:0b:20:c4:35:4a:79:be:af:0c:78:82:c5:79:
b2:ad:48:dd:7d:cf:3b:d0:93:65:0b:9d:6a:15:15:
97:22:46:ba:69:0e:a6:ba:c6:39:ab:97:97:53:62:
66:c0:3a:f5:2f:8d:18:cc:15:83:f2:81:9c:24:01:
86:42:05:f8:6b:4c:4f:ff:86:6b:ef:d7:c6:00:7c:
1d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:57:C9:C9:2A:38:D6:74:E8:69:0C:87:1D:81:DF:98:F6:16:28:65
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/v1fJySo41nToaQyHHYHfmPYWKGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.91.224.0/24
93.91.232.0/23
95.129.92.0/23
109.106.213.0-109.106.214.255
178.211.1.0/24
217.19.104.0/23
IPv6:
2a00:d18::/32
2a00:16d0::/32
Signature Algorithm: sha256WithRSAEncryption
a2:f3:c7:38:26:21:24:fd:61:22:4d:06:60:0a:ed:fe:fa:f9:
e7:1a:94:3e:d1:33:a4:1a:d4:b2:b6:2f:cd:46:15:e9:d1:da:
9d:88:c7:a6:4c:d8:9a:70:39:6b:7d:2c:b7:2f:81:55:a9:71:
b0:75:e9:58:d5:66:05:4a:86:0f:e7:21:61:05:d4:53:c6:76:
f4:eb:c4:f7:d8:61:51:56:ec:96:64:5c:f5:fa:10:48:8c:65:
fe:89:46:9d:c1:52:78:13:c7:dc:07:dc:cc:34:be:32:f2:d6:
38:a4:8d:18:7b:07:38:45:83:73:f4:7b:0b:fe:50:ec:3d:d2:
cc:65:e0:1f:13:11:f2:6c:a2:5a:5e:43:99:2c:ef:a7:68:9e:
73:b4:c9:3d:a1:97:59:89:3f:82:8f:5b:19:16:0d:a4:a4:36:
3a:b1:0e:4b:85:af:1b:c2:a9:d9:95:14:d9:1a:0d:48:33:3d:
c3:b6:30:b5:41:fd:40:04:4a:f1:4e:60:f1:54:ab:12:b3:5b:
a9:e6:06:80:e5:8a:fd:83:41:97:a8:ce:30:8d:cd:ff:b9:11:
42:d6:a3:09:0b:ae:14:a0:19:b2:73:30:54:00:87:65:a4:21:
3d:e9:a9:d2:79:6c:1f:2d:a0:a9:b0:66:54:25:8f:a0:92:97:
6d:a4:54:e3
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYXy03Oo0oYZmxBB+pL3BEIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTI3MTA0MzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjU3YzljOTJhMzhkNjc0ZTg2OTBjODcxZDgxZGY5OGY2MTYyODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQNrpce6paGF4jo+LG9QOfyp5OMD
QBIBGFymxiGY3FyQ0LhizY0Kpbta15vJTzAQ1zbxk8QTMGjplWFV1qoLA92fbI4C
54AJsBT3Ba9Hn/tfrOhPadczoTYI4DyUVmHYGu7rXbyLcR20DO1I9TRrJpgu/EkE
VaQH2/mGIo97cK+NnHf6s60ySXhHpEhM6xTwFLxC2ottTONRHafvnwVJXzT35Jdq
1epY7AzCiS98M4nMC5w46AsgxDVKeb6vDHiCxXmyrUjdfc870JNlC51qFRWXIka6
aQ6musY5q5eXU2JmwDr1L40YzBWD8oGcJAGGQgX4a0xP/4Zr79fGAHwdzQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFL9XyckqONZ06GkMhx2B35j2FihlMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvdjFmSnlTbzQxblRvYVF5SEhZSGZtUFlXS0dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAyBAIAATAsAwQAXVvgAwQB
XVvoAwQBX4FcMAwDBABtatUDBABtatYDBACy0wEDBAHZE2gwFAQCAAIwDgMFACoA
DRgDBQAqABbQMA0GCSqGSIb3DQEBCwUAA4IBAQCi88c4JiEk/WEiTQZgCu3++vnn
GpQ+0TOkGtSyti/NRhXp0dqdiMemTNiacDlrfSy3L4FVqXGwdelY1WYFSoYP5yFh
BdRTxnb068T32GFRVuyWZFz1+hBIjGX+iUadwVJ4E8fcB9zMNL4y8tY4pI0Yewc4
RYNz9HsL/lDsPdLMZeAfExHybKJaXkOZLO+naJ5ztMk9oZdZiT+Cj1sZFg2kpDY6
sQ5Lha8bwqnZlRTZGg1IMz3DtjC1Qf1ABErxTmDxVKsSs1up5gaA5Yr9g0GXqM4w
jc3/uRFC1qMJC64UoBmyczBUAIdlpCE96anSeWwfLaCpsGZUJY+gkpdtpFTj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:10 2025 by rpki-client