Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/wO2T4hBeJ1UsfeQqVvz8iw7AsRE.roa
File: wO2T4hBeJ1UsfeQqVvz8iw7AsRE.roa (raw, json)
Hash identifier: CpWHLRHrAucYxWZaGME6j/5jBAnUepnpjC8/o7dh+Qc=
Subject key identifier: C0:ED:93:E2:10:5E:27:55:2C:7D:E4:2A:56:FC:FC:8B:0E:C0:B1:11
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018506171BDD6E9C09FFFD026E8A20392512
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/wO2T4hBeJ1UsfeQqVvz8iw7AsRE.roa
Signing time: Mon 12 Dec 2022 11:27:35 +0000
ROA not before: Mon 12 Dec 2022 11:27:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31224
IP address blocks: 178.176.104.0/21 maxlen: 21
83.149.32.0/22 maxlen: 22
83.149.36.0/22 maxlen: 22
83.149.34.0/24 maxlen: 24
83.149.37.0/24 maxlen: 24
83.149.39.0/24 maxlen: 24
85.26.192.0/22 maxlen: 22
178.178.88.0/22 maxlen: 22
178.178.92.0/22 maxlen: 22
31.173.96.0/24 maxlen: 24
31.173.97.0/24 maxlen: 24
31.173.102.0/24 maxlen: 24
31.173.99.0/24 maxlen: 24
31.173.103.0/24 maxlen: 24
31.173.100.0/24 maxlen: 24
31.173.100.0/23 maxlen: 23
31.173.101.0/24 maxlen: 24
178.176.112.0/24 maxlen: 24
178.176.113.0/24 maxlen: 24
83.169.216.0/24 maxlen: 24
31.173.123.0/24 maxlen: 24
31.173.122.0/24 maxlen: 24
31.173.121.0/24 maxlen: 24
31.173.125.0/24 maxlen: 24
31.173.120.0/24 maxlen: 24
31.173.124.0/24 maxlen: 24
31.173.127.0/24 maxlen: 24
31.173.126.0/24 maxlen: 24
78.25.88.0/22 maxlen: 22
46.229.132.0/22 maxlen: 22
128.204.68.0/24 maxlen: 24
128.204.69.0/24 maxlen: 24
37.29.44.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:17:1b:dd:6e:9c:09:ff:fd:02:6e:8a:20:39:25:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 11:27:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c0ed93e2105e27552c7de42a56fcfc8b0ec0b111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fe:69:b2:b8:74:99:7a:c8:bf:23:5d:b4:78:
a3:27:9d:65:f7:5a:17:ff:8a:d1:6f:80:19:71:37:
1b:e9:84:5f:3d:47:28:1a:39:bb:e1:7e:bd:02:07:
43:ab:c0:8b:f3:17:c0:a2:84:6f:38:00:7f:a3:99:
5b:3b:27:73:f2:09:86:c8:c5:45:5e:4f:77:8e:b0:
3c:69:56:61:30:62:3e:9b:99:a1:00:9d:04:71:d5:
d0:ae:3f:39:fa:89:7d:00:ea:77:01:c3:e8:31:eb:
e9:b3:7d:10:c7:fc:c5:c7:d8:36:7a:89:4f:31:ed:
d1:f5:21:d4:7c:b1:83:28:8b:c0:9f:29:29:bb:c4:
d2:58:c1:97:4a:bb:5c:e7:5a:c2:8b:6a:57:4b:ab:
f4:63:08:88:44:93:f0:6f:d4:65:68:86:14:79:ab:
36:cb:12:cf:d3:b4:b5:29:fe:5b:85:5d:dc:5c:b4:
2c:f4:b9:98:ba:b6:68:f1:86:80:32:42:1b:4e:db:
50:6e:2c:fa:ae:c1:f7:fe:76:8e:21:59:63:8b:f9:
54:63:7d:3e:ff:46:16:85:f4:95:39:a1:41:cb:61:
ff:5b:da:9b:0e:c7:f1:28:40:6d:5a:63:bd:ad:14:
b5:a7:69:57:cf:b4:24:02:4e:e9:07:5e:e1:fd:d6:
2c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:ED:93:E2:10:5E:27:55:2C:7D:E4:2A:56:FC:FC:8B:0E:C0:B1:11
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/wO2T4hBeJ1UsfeQqVvz8iw7AsRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.96.0/23
31.173.99.0-31.173.103.255
31.173.120.0/21
37.29.44.0/22
46.229.132.0/22
78.25.88.0/22
83.149.32.0/21
83.169.216.0/24
85.26.192.0/22
128.204.68.0/23
178.176.104.0-178.176.113.255
178.178.88.0/21
Signature Algorithm: sha256WithRSAEncryption
7f:44:ae:0f:8f:ad:5c:5a:ac:34:20:61:ea:78:1c:5d:f7:5f:
8e:8d:50:2a:f5:c1:fa:fb:42:fe:85:f1:a7:42:1c:0d:a6:19:
e8:13:c2:a3:13:4f:70:86:ea:f9:f4:bd:e0:4c:0f:b9:7a:1c:
86:e8:b7:6d:62:d9:f1:9b:3d:ae:65:e4:a7:a0:cb:ed:30:ea:
1e:ef:53:fd:f5:c3:90:a4:2f:39:ab:3f:84:23:da:95:08:3e:
b1:9a:a9:0f:d9:94:d7:bf:e6:f3:ec:be:0e:b7:be:97:24:12:
2a:5c:0a:c4:16:2c:1d:90:ed:c1:33:52:2e:a7:c1:ce:96:8a:
c3:df:71:e0:6d:03:f2:2f:73:50:b6:14:79:8b:f4:f5:d5:72:
1f:8d:ea:5e:a1:8e:d9:5b:53:b4:7f:2c:d4:1f:8d:89:b6:65:
ea:1a:d0:cd:db:cb:64:12:29:06:ae:3d:3f:cc:91:ea:f0:ba:
ea:45:3e:69:f5:13:12:71:98:f6:68:7d:86:ad:5a:3f:1d:ca:
0a:72:f4:8a:58:c2:27:13:c6:80:5b:4f:50:42:62:3a:c2:f3:
6b:b3:25:c5:53:2f:ca:fd:80:6c:fd:26:99:36:59:97:a7:7a:
13:a2:66:6b:29:21:cb:75:ff:e2:2a:ff:a6:b6:9a:f4:ea:e5:
20:19:68:de
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYUGFxvdbpwJ//0CboogOSUSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTEyNzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGVkOTNlMjEwNWUyNzU1MmM3ZGU0MmE1NmZjZmM4YjBlYzBiMTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnf5psrh0mXrIvyNdtHijJ51l91oX
/4rRb4AZcTcb6YRfPUcoGjm74X69AgdDq8CL8xfAooRvOAB/o5lbOydz8gmGyMVF
Xk93jrA8aVZhMGI+m5mhAJ0EcdXQrj85+ol9AOp3AcPoMevps30Qx/zFx9g2eolP
Me3R9SHUfLGDKIvAnykpu8TSWMGXSrtc51rCi2pXS6v0YwiIRJPwb9RlaIYUeas2
yxLP07S1Kf5bhV3cXLQs9LmYurZo8YaAMkIbTttQbiz6rsH3/naOIVlji/lUY30+
/0YWhfSVOaFBy2H/W9qbDsfxKEBtWmO9rRS1p2lXz7QkAk7pB17h/dYs3QIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFMDtk+IQXidVLH3kKlb8/IsOwLERMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvd08yVDRoQmVKMVVzZmVRcVZ2ejhpdzdBc1JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQBH61gMAwD
BAAfrWMDBAMfrWADBAMfrXgDBAIlHSwDBAIu5YQDBAJOGVgDBANTlSADBABTqdgD
BAJVGsADBAGAzEQwDAMEA7KwaAMEAbKwcAMEA7KyWDANBgkqhkiG9w0BAQsFAAOC
AQEAf0SuD4+tXFqsNCBh6ngcXfdfjo1QKvXB+vtC/oXxp0IcDaYZ6BPCoxNPcIbq
+fS94EwPuXochui3bWLZ8Zs9rmXkp6DL7TDqHu9T/fXDkKQvOas/hCPalQg+sZqp
D9mU17/m8+y+Dre+lyQSKlwKxBYsHZDtwTNSLqfBzpaKw99x4G0D8i9zULYUeYv0
9dVyH43qXqGO2VtTtH8s1B+NibZl6hrQzdvLZBIpBq49P8yR6vC66kU+afUTEnGY
9mh9hq1aPx3KCnL0iljCJxPGgFtPUEJiOsLza7MlxVMvyv2AbP0mmTZZl6d6E6Jm
aykhy3X/4ir/praa9OrlIBlo3g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:34 2025 by rpki-client