Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/xFZi1D3AItWr0b6EouBw6uwkUEE.roa
File: xFZi1D3AItWr0b6EouBw6uwkUEE.roa (raw, json)
Hash identifier: HraeMfu+1TXLY+jaw8GM1a8FeIa8iThyPdNH2/aKQU8=
Subject key identifier: C4:56:62:D4:3D:C0:22:D5:AB:D1:BE:84:A2:E0:70:EA:EC:24:50:41
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01882E173A990D0A876DB3D5F19DAB19984D
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/xFZi1D3AItWr0b6EouBw6uwkUEE.roa
Signing time: Thu 18 May 2023 09:00:54 +0000
ROA not before: Thu 18 May 2023 09:00:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50928
IP address blocks: 46.29.192.0/21 maxlen: 21
46.29.199.0/24 maxlen: 24
46.29.194.0/24 maxlen: 24
46.29.195.0/24 maxlen: 24
46.29.196.0/24 maxlen: 24
188.170.244.0/24 maxlen: 24
188.170.244.0/23 maxlen: 23
188.170.245.0/24 maxlen: 24
188.170.251.0/24 maxlen: 24
188.170.252.0/24 maxlen: 24
188.170.249.0/24 maxlen: 24
188.170.250.0/24 maxlen: 24
188.170.248.0/24 maxlen: 24
178.23.144.0/21 maxlen: 21
178.23.149.0/24 maxlen: 24
178.23.151.0/24 maxlen: 24
178.23.148.0/24 maxlen: 24
178.23.150.0/24 maxlen: 24
178.176.250.0/24 maxlen: 24
178.176.248.0/24 maxlen: 24
178.176.253.0/24 maxlen: 24
178.176.251.0/24 maxlen: 24
178.176.252.0/24 maxlen: 24
178.176.249.0/24 maxlen: 24
178.176.254.0/24 maxlen: 24
37.29.81.0/24 maxlen: 24
37.29.83.0/24 maxlen: 24
37.29.80.0/22 maxlen: 22
37.29.80.0/24 maxlen: 24
37.29.82.0/24 maxlen: 24
31.173.248.0/21 maxlen: 21
31.173.252.0/24 maxlen: 24
31.173.249.0/24 maxlen: 24
31.173.251.0/24 maxlen: 24
31.173.248.0/24 maxlen: 24
31.173.253.0/24 maxlen: 24
31.173.250.0/24 maxlen: 24
31.173.254.0/24 maxlen: 24
2a00:9780:300::/40 maxlen: 40
2a00:9780:500::/40 maxlen: 40
2a00:9780:800::/40 maxlen: 40
2a00:9780::/40 maxlen: 40
2a00:9780:600::/40 maxlen: 40
2a00:9780:100::/40 maxlen: 40
2a00:9780:900::/40 maxlen: 40
2a00:9780:400::/40 maxlen: 40
2a00:9780:700::/40 maxlen: 40
2a00:9780:200::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2e:17:3a:99:0d:0a:87:6d:b3:d5:f1:9d:ab:19:98:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: May 18 09:00:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c45662d43dc022d5abd1be84a2e070eaec245041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0a:c4:c2:1b:b4:24:df:a0:8c:f1:04:42:72:
e9:7c:24:e5:95:af:fb:fc:b8:ae:5d:22:ba:b4:3e:
96:7f:98:4c:d6:be:ca:e8:cb:0f:fe:5d:21:18:ba:
fe:56:6d:57:7a:09:f7:bc:88:ef:bd:00:24:b3:0c:
68:dd:0d:7d:13:7b:35:d2:5e:14:55:78:41:52:ce:
76:1d:cf:57:b0:0d:f7:76:9c:22:a9:56:18:22:6a:
86:1f:52:d8:13:31:97:61:79:92:0d:bb:3f:1d:af:
23:77:0a:25:53:b4:81:92:ee:22:ab:9b:c0:b7:15:
25:80:7f:b3:a8:7f:0a:80:d7:93:bd:95:05:d1:0c:
00:15:f8:45:02:d8:33:35:ea:27:03:65:bd:1d:df:
a6:3c:32:05:56:35:e1:4f:93:48:47:4f:32:e5:b0:
9f:6f:16:8a:e6:e0:4e:d2:8b:ad:76:bf:db:23:40:
d9:9c:bc:15:e6:73:d8:62:5a:7e:c7:f4:65:3b:fe:
54:77:94:20:c1:91:e9:b4:17:e8:39:1d:04:4e:78:
7f:03:86:6a:7a:ad:b6:b0:67:9d:e4:7b:e2:53:bf:
44:d7:e7:a7:d8:f2:af:39:9e:4f:80:95:f4:90:9e:
93:f4:78:30:2d:97:f0:75:7e:10:8b:27:cc:fb:d3:
ec:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:56:62:D4:3D:C0:22:D5:AB:D1:BE:84:A2:E0:70:EA:EC:24:50:41
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/xFZi1D3AItWr0b6EouBw6uwkUEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.248.0/21
37.29.80.0/22
46.29.192.0/21
178.23.144.0/21
178.176.248.0-178.176.254.255
188.170.244.0/23
188.170.248.0-188.170.252.255
IPv6:
2a00:9780::-2a00:9780:9ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
74:1c:7e:e0:d1:5b:95:0a:13:c3:b3:ca:08:ae:cb:06:fa:70:
c0:f4:9e:3e:a0:6b:75:7a:f1:0e:28:f6:5c:78:3d:0a:d9:08:
e9:30:05:42:9a:3e:67:5b:29:c1:11:50:c0:d8:51:62:42:ac:
ef:de:74:e3:e6:75:ec:46:a9:8d:4b:50:d1:a2:76:5b:29:18:
14:4a:95:f5:fb:f4:e0:56:98:59:40:b3:05:f5:ad:f8:16:6d:
10:16:b2:08:3e:6e:55:9c:08:ad:2d:10:69:7c:79:d8:c3:93:
c6:38:e7:20:d2:c8:11:45:24:06:e0:87:0d:47:91:93:6e:62:
fd:05:22:4d:d9:a5:45:6f:e7:9c:11:09:ac:73:e6:e8:7c:f8:
f6:a2:8e:39:fe:26:0d:41:60:54:a5:30:4b:44:0e:be:06:0b:
51:15:ee:ba:ee:ce:67:50:59:5a:55:00:f5:51:5f:91:83:43:
6f:d7:75:50:b9:53:fa:27:79:96:6c:b1:7f:1a:b4:f6:e1:3f:
4e:da:52:ad:54:41:e1:91:41:5a:a6:c4:c8:74:26:88:4b:61:
15:c7:c1:e2:c4:eb:b8:aa:35:21:db:ed:23:fd:e2:d2:03:a9:
02:c0:c8:52:eb:57:27:7c:eb:b2:71:ab:98:c3:a0:df:49:6c:
a6:84:12:0c
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYguFzqZDQqHbbPV8Z2rGZhNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwNTE4MDkwMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDU2NjJkNDNkYzAyMmQ1YWJkMWJlODRhMmUwNzBlYWVjMjQ1MDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwrEwhu0JN+gjPEEQnLpfCTlla/7
/LiuXSK6tD6Wf5hM1r7K6MsP/l0hGLr+Vm1Xegn3vIjvvQAkswxo3Q19E3s10l4U
VXhBUs52Hc9XsA33dpwiqVYYImqGH1LYEzGXYXmSDbs/Ha8jdwolU7SBku4iq5vA
txUlgH+zqH8KgNeTvZUF0QwAFfhFAtgzNeonA2W9Hd+mPDIFVjXhT5NIR08y5bCf
bxaK5uBO0outdr/bI0DZnLwV5nPYYlp+x/RlO/5Ud5QgwZHptBfoOR0ETnh/A4Zq
eq22sGed5HviU79E1+en2PKvOZ5PgJX0kJ6T9HgwLZfwdX4QiyfM+9PsuQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFMRWYtQ9wCLVq9G+hKLgcOrsJFBBMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEveEZaaTFEM0FJdFdyMGI2RW91Qnc2dXdrVUVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBABAIAATA6AwQDH634AwQC
JR1QAwQDLh3AAwQDsheQMAwDBAOysPgDBACysP4DBAG8qvQwDAMEA7yq+AMEALyq
/DAXBAIAAjARMA8DBQcqAJeAAwYBKgCXgAgwDQYJKoZIhvcNAQELBQADggEBAHQc
fuDRW5UKE8Ozygiuywb6cMD0nj6ga3V68Q4o9lx4PQrZCOkwBUKaPmdbKcERUMDY
UWJCrO/edOPmdexGqY1LUNGidlspGBRKlfX79OBWmFlAswX1rfgWbRAWsgg+blWc
CK0tEGl8edjDk8Y45yDSyBFFJAbghw1HkZNuYv0FIk3ZpUVv55wRCaxz5uh8+Pai
jjn+Jg1BYFSlMEtEDr4GC1EV7rruzmdQWVpVAPVRX5GDQ2/XdVC5U/oneZZssX8a
tPbhP07aUq1UQeGRQVqmxMh0JohLYRXHweLE67iqNSHb7SP94tIDqQLAyFLrVyd8
67Jxq5jDoN9JbKaEEgw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:24 2025 by rpki-client