Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/w5qj-z2m1JRF-njRne4oB4W-e9o.roa
File: w5qj-z2m1JRF-njRne4oB4W-e9o.roa (raw, json)
Hash identifier: IXbY7IICYtJ76FhoBTIBdubTyCkfYROVm3C6I0mMu6A=
Subject key identifier: C3:9A:A3:FB:3D:A6:D4:94:45:FA:78:D1:9D:EE:28:07:85:BE:7B:DA
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F176BB2E433E5ED803610B8C356B209A
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/w5qj-z2m1JRF-njRne4oB4W-e9o.roa
Signing time: Thu 08 Dec 2022 11:20:01 +0000
ROA not before: Thu 08 Dec 2022 11:20:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8263
IP address blocks: 109.188.0.0/16 maxlen: 24
212.14.160.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
195.230.64.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
178.176.225.0/24 maxlen: 24
178.176.224.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
178.176.226.0/24 maxlen: 24
212.119.160.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
178.23.144.0/21 maxlen: 24
212.44.64.0/19 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:76:bb:2e:43:3e:5e:d8:03:61:0b:8c:35:6b:20:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 11:20:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c39aa3fb3da6d49445fa78d19dee280785be7bda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d8:b5:56:9d:ab:e8:53:c2:0f:50:1a:d4:48:
19:4d:40:d9:24:7d:0d:26:7b:0b:d9:24:c0:5d:53:
3d:52:84:19:ed:a6:f8:12:86:04:9a:70:c2:d2:da:
03:3c:7d:43:eb:c1:1f:fb:aa:cf:2b:fe:4c:05:83:
15:29:77:f1:6a:89:59:e4:17:11:e1:2f:95:07:9c:
96:76:07:75:01:fd:b5:b9:40:08:71:b3:a1:f2:09:
81:99:0d:2a:ae:b5:8f:b9:9d:56:52:55:02:64:72:
ba:5e:f1:c2:04:95:ee:09:b3:17:02:45:da:e6:16:
20:77:8e:be:ce:69:a6:21:a2:d9:2d:ac:5f:c0:d5:
ad:63:f3:4d:5c:89:d4:6c:51:80:23:54:68:a0:f4:
d1:26:d0:e8:da:fb:e1:dd:5d:22:63:42:d3:44:a2:
2f:c8:9f:30:9d:6a:b4:b4:22:66:55:ea:27:0b:60:
76:41:ff:48:93:dd:c2:80:16:ae:a5:ba:de:7f:33:
51:0e:b7:b3:b9:49:26:ef:6a:11:f0:a5:96:35:27:
d0:fa:13:63:ad:1a:04:d9:82:5a:12:01:e8:e4:cf:
b9:23:e7:4b:48:e1:63:70:58:41:16:c8:bb:32:4c:
27:d5:c4:f2:84:d4:20:98:9f:78:1e:58:e2:53:00:
15:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:9A:A3:FB:3D:A6:D4:94:45:FA:78:D1:9D:EE:28:07:85:BE:7B:DA
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/w5qj-z2m1JRF-njRne4oB4W-e9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.224.0-178.176.226.255
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
21:c8:a3:10:b8:12:fb:5f:ac:9b:34:59:ce:2d:50:8f:bf:d9:
a2:86:28:03:a8:92:8d:45:9b:d5:51:a1:1d:2f:30:2b:53:ab:
a9:e2:bc:48:bc:18:07:9a:d7:ec:29:6c:64:66:80:82:18:b6:
c0:0e:f5:db:67:b3:1c:f2:35:d6:18:de:2b:bb:89:a6:23:49:
0b:71:e2:25:2a:cc:c3:53:6b:dc:be:78:1f:15:a8:f9:eb:26:
76:91:2f:b8:57:21:92:3d:90:21:43:94:f5:4f:da:db:76:bf:
32:90:7b:3a:46:25:ba:35:f2:d6:5f:0c:cb:10:64:16:a7:8b:
88:36:ad:37:36:3c:dc:35:a3:2c:3b:32:28:d7:83:d2:32:ca:
71:dd:be:b7:11:38:3d:5c:a0:c6:ba:ea:9c:70:fa:79:a5:87:
da:2c:6b:8a:b2:e4:a7:45:a9:8b:dc:ce:bb:08:de:74:6e:7c:
0a:9c:4c:58:a2:99:78:90:8a:09:e9:b2:d0:25:a5:31:d0:dc:
54:82:ca:55:ea:aa:94:71:e3:93:83:48:df:82:f1:b2:ff:21:
df:b4:8c:ce:fc:12:9c:de:46:0c:4b:1c:dd:45:8e:a3:cc:1c:
45:77:b2:ac:d7:6c:88:5d:f3:6e:0c:3c:9c:10:16:ad:34:6a:
6c:df:3c:08
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYTxdrsuQz5e2ANhC4w1ayCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTEyMDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzlhYTNmYjNkYTZkNDk0NDVmYTc4ZDE5ZGVlMjgwNzg1YmU3YmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdi1Vp2r6FPCD1Aa1EgZTUDZJH0N
JnsL2STAXVM9UoQZ7ab4EoYEmnDC0toDPH1D68Ef+6rPK/5MBYMVKXfxaolZ5BcR
4S+VB5yWdgd1Af21uUAIcbOh8gmBmQ0qrrWPuZ1WUlUCZHK6XvHCBJXuCbMXAkXa
5hYgd46+zmmmIaLZLaxfwNWtY/NNXInUbFGAI1RooPTRJtDo2vvh3V0iY0LTRKIv
yJ8wnWq0tCJmVeonC2B2Qf9Ik93CgBaupbrefzNRDrezuUkm72oR8KWWNSfQ+hNj
rRoE2YJaEgHo5M+5I+dLSOFjcFhBFsi7Mkwn1cTyhNQgmJ94HljiUwAVNwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFMOao/s9ptSURfp40Z3uKAeFvnvaMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvdzVxai16Mm0xSlJGLW5qUm5lNG9CNFctZTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDAwBt
vAMEBoDMQAMEA7IXkDAMAwQFsrDgAwQAsrDiAwQCuQMgAwQCudKMAwQDvF6oAwMA
vKIDBALByeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXU
LEADBAXURWADBAXUd6ADBAXVmqADBAXVqCADBAbV80ADBATZc1AwDQYJKoZIhvcN
AQELBQADggEBACHIoxC4EvtfrJs0Wc4tUI+/2aKGKAOoko1Fm9VRoR0vMCtTq6ni
vEi8GAea1+wpbGRmgIIYtsAO9dtnsxzyNdYY3iu7iaYjSQtx4iUqzMNTa9y+eB8V
qPnrJnaRL7hXIZI9kCFDlPVP2tt2vzKQezpGJbo18tZfDMsQZBani4g2rTc2PNw1
oyw7MijXg9IyynHdvrcROD1coMa66pxw+nmlh9osa4qy5KdFqYvczrsI3nRufAqc
TFiimXiQignpstAlpTHQ3FSCylXqqpRx45ODSN+C8bL/Id+0jM78EpzeRgxLHN1F
jqPMHEV3sqzXbIhd824MPJwQFq00amzfPAg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:13 2025 by rpki-client