Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/xU0Zd1f8WGs_KiRadVz1Bm0pgww.roa
File: xU0Zd1f8WGs_KiRadVz1Bm0pgww.roa (raw, json)
Hash identifier: mwwNDUzH/mWFEZpHV3CDZMp0eqW/Iz3Vp2bXyR/g7PU=
Subject key identifier: C5:4D:19:77:57:FC:58:6B:3F:2A:24:5A:75:5C:F5:06:6D:29:83:0C
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F176BCCC5FEE9456271E9C8C83CC6991
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/xU0Zd1f8WGs_KiRadVz1Bm0pgww.roa
Signing time: Thu 08 Dec 2022 11:20:01 +0000
ROA not before: Thu 08 Dec 2022 11:20:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24767
IP address blocks: 109.188.0.0/16 maxlen: 24
212.69.96.0/19 maxlen: 24
212.14.160.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
195.230.64.0/19 maxlen: 24
188.94.168.0/21 maxlen: 24
195.16.96.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
212.119.160.0/19 maxlen: 24
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
178.23.144.0/21 maxlen: 24
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:76:bc:cc:5f:ee:94:56:27:1e:9c:8c:83:cc:69:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 11:20:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c54d197757fc586b3f2a245a755cf5066d29830c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b9:1a:0b:42:0d:37:68:97:b1:4b:02:55:3e:
a6:e0:42:8c:a8:d2:c6:f3:a5:56:78:6d:e4:94:ba:
72:a2:8e:ea:df:e7:26:9e:f2:9c:c4:0f:92:f1:36:
71:0d:10:a3:fa:f8:bb:08:8b:05:5b:7e:14:a3:db:
66:4e:b1:85:05:23:bc:51:24:cc:bf:df:44:95:5f:
7c:bb:a6:70:7c:cb:49:62:54:11:d1:50:ce:ef:87:
c6:11:9d:37:28:b0:ad:4d:38:a3:e6:72:1f:9e:3b:
8f:97:61:ed:0c:83:de:c5:08:5d:c9:76:f9:54:cc:
b1:fb:d0:54:eb:7d:d8:a2:fa:8e:dc:61:59:c5:f9:
35:14:28:f5:9b:a5:06:45:1e:40:e9:9e:eb:c9:5f:
7f:af:88:66:1c:7f:26:50:83:93:60:f0:f9:9f:92:
89:d0:e1:be:88:d7:91:20:bc:96:86:7f:2e:2c:df:
2c:eb:54:df:ed:b6:57:3d:d4:92:c3:b1:19:08:ac:
99:42:00:69:db:0d:1c:d0:90:55:9d:87:4b:7c:88:
75:fd:5d:0e:5b:8d:53:c4:83:06:00:5b:98:66:0c:
91:84:2a:6d:f2:63:cf:49:1f:84:de:5e:fe:c0:25:
a6:2a:ac:4a:0c:b9:54:ce:99:5a:29:ab:dd:ca:27:
17:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:4D:19:77:57:FC:58:6B:3F:2A:24:5A:75:5C:F5:06:6D:29:83:0C
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/xU0Zd1f8WGs_KiRadVz1Bm0pgww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
36:ef:41:72:61:ee:73:8c:61:24:10:74:d6:3b:78:36:b8:94:
d8:f5:f9:b1:6d:a6:e3:26:c7:bd:63:9f:0b:43:4e:ba:7d:24:
7b:c8:75:85:99:fb:e6:5b:08:94:8f:b7:6a:f9:d3:66:34:ef:
69:20:82:08:41:69:5d:cb:10:03:8c:49:86:bf:ca:0d:04:c5:
cf:ea:84:3a:28:d8:e6:b5:e6:e8:f8:40:92:8a:cc:51:d9:f0:
9c:91:e4:66:55:73:2e:f8:3b:d5:ab:eb:70:46:2b:3e:9e:99:
ee:df:eb:f6:95:c5:83:6a:6a:fb:37:65:fe:96:d9:a4:64:ae:
f1:65:60:77:6a:b7:38:f0:d1:ae:4b:a9:1d:66:ab:65:0b:79:
f3:51:19:32:a1:cf:22:e5:8b:57:ad:95:44:19:e3:c2:3a:4c:
ce:1d:d3:fa:b6:a2:d8:be:91:68:bc:65:b5:35:c4:60:0d:be:
09:ba:2e:d0:13:d6:40:24:d0:b4:6d:81:5a:8f:ca:8b:78:c7:
8b:75:a7:b1:94:3c:88:9c:81:66:86:90:94:ad:b5:ac:e1:eb:
84:ed:d3:88:d3:46:d4:20:a8:41:c1:34:01:d5:08:f2:7d:51:
59:a7:d7:11:55:20:02:47:80:af:01:4c:15:6b:dd:fe:f0:aa:
c4:24:72:bd
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYTxdrzMX+6UVicenIyDzGmRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTEyMDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTRkMTk3NzU3ZmM1ODZiM2YyYTI0NWE3NTVjZjUwNjZkMjk4MzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7kaC0INN2iXsUsCVT6m4EKMqNLG
86VWeG3klLpyoo7q3+cmnvKcxA+S8TZxDRCj+vi7CIsFW34Uo9tmTrGFBSO8USTM
v99ElV98u6ZwfMtJYlQR0VDO74fGEZ03KLCtTTij5nIfnjuPl2HtDIPexQhdyXb5
VMyx+9BU633YovqO3GFZxfk1FCj1m6UGRR5A6Z7ryV9/r4hmHH8mUIOTYPD5n5KJ
0OG+iNeRILyWhn8uLN8s61Tf7bZXPdSSw7EZCKyZQgBp2w0c0JBVnYdLfIh1/V0O
W41TxIMGAFuYZgyRhCpt8mPPSR+E3l7+wCWmKqxKDLlUzplaKavdyicXrwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFMVNGXdX/FhrPyokWnVc9QZtKYMMMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEveFUwWmQxZjhXR3NfS2lSYWRWejFCbTBwZ3d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMDAG28
AwQGgMxAAwQDsheQAwQCuQMgAwQCudKMAwQDvF6oAwMAvKIDBALByeQDBAXDBYAD
BAXDEGADBAHDTnQDBADDlW8DBAXD5kADBAXUDqADBAXULEADBAXURWADBAXUd6AD
BAXVmqADBAXVqCADBAbV80ADBATZc1AwDQYJKoZIhvcNAQELBQADggEBADbvQXJh
7nOMYSQQdNY7eDa4lNj1+bFtpuMmx71jnwtDTrp9JHvIdYWZ++ZbCJSPt2r502Y0
72kggghBaV3LEAOMSYa/yg0Exc/qhDoo2Oa15uj4QJKKzFHZ8JyR5GZVcy74O9Wr
63BGKz6eme7f6/aVxYNqavs3Zf6W2aRkrvFlYHdqtzjw0a5LqR1mq2ULefNRGTKh
zyLli1etlUQZ48I6TM4d0/q2oti+kWi8ZbU1xGANvgm6LtAT1kAk0LRtgVqPyot4
x4t1p7GUPIicgWaGkJSttazh64Tt04jTRtQgqEHBNAHVCPJ9UVmn1xFVIAJHgK8B
TBVr3f7wqsQkcr0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:54 2025 by rpki-client