Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/xY4Apl7s30tCOy4kG597HEJ0e10.roa
File: xY4Apl7s30tCOy4kG597HEJ0e10.roa (raw, json)
Hash identifier: SYtC+vXzz2fIHN14SrxD7DqI59EldkZ1pQ8rrtKYPC8=
Subject key identifier: C5:8E:00:A6:5E:EC:DF:4B:42:3B:2E:24:1B:9F:7B:1C:42:74:7B:5D
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185056150B1EEBC685AFBB1D09E8AE22EDF
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/xY4Apl7s30tCOy4kG597HEJ0e10.roa
Signing time: Mon 12 Dec 2022 08:09:01 +0000
ROA not before: Mon 12 Dec 2022 08:09:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25159
IP address blocks: 195.16.96.0/19 maxlen: 24
193.201.228.0/22 maxlen: 24
109.188.112.0/23 maxlen: 23
109.188.114.0/24 maxlen: 24
85.26.144.0/20 maxlen: 20
109.188.64.0/19 maxlen: 19
213.154.160.0/19 maxlen: 24
109.188.96.0/21 maxlen: 21
78.25.119.0/24 maxlen: 24
94.25.131.0/24 maxlen: 24
94.25.144.0/20 maxlen: 20
212.69.96.0/19 maxlen: 24
94.25.164.0/24 maxlen: 24
94.25.160.0/24 maxlen: 24
94.25.172.0/22 maxlen: 22
94.25.168.0/22 maxlen: 22
188.170.25.0/24 maxlen: 24
188.170.32.0/21 maxlen: 21
188.170.40.0/21 maxlen: 21
37.28.176.0/21 maxlen: 21
212.119.160.0/19 maxlen: 24
178.177.0.0/18 maxlen: 18
178.177.3.0/24 maxlen: 24
78.25.112.0/22 maxlen: 22
78.25.116.0/23 maxlen: 23
78.25.118.0/24 maxlen: 24
94.25.176.0/21 maxlen: 21
94.25.184.0/21 maxlen: 21
195.5.128.0/19 maxlen: 24
128.204.78.0/23 maxlen: 23
128.204.76.0/22 maxlen: 22
37.29.32.0/21 maxlen: 21
128.204.76.0/23 maxlen: 23
178.176.52.0/22 maxlen: 22
178.176.72.0/21 maxlen: 21
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
31.173.0.0/21 maxlen: 21
195.149.111.0/24 maxlen: 24
31.173.8.0/21 maxlen: 21
178.176.0.0/19 maxlen: 19
213.243.109.0/24 maxlen: 24
213.243.116.0/24 maxlen: 24
83.229.254.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
178.176.32.0/21 maxlen: 21
178.176.40.0/21 maxlen: 21
31.173.72.0/21 maxlen: 21
31.173.80.0/21 maxlen: 21
31.173.88.0/21 maxlen: 21
188.170.0.0/19 maxlen: 19
188.170.24.0/24 maxlen: 24
31.173.16.0/21 maxlen: 21
31.173.24.0/21 maxlen: 21
31.173.32.0/19 maxlen: 19
31.173.60.0/24 maxlen: 24
31.173.64.0/21 maxlen: 21
188.162.0.0/16 maxlen: 24
62.64.0.0/20 maxlen: 20
83.229.211.0/24 maxlen: 24
46.229.128.0/22 maxlen: 22
212.44.64.0/19 maxlen: 24
83.222.212.0/22 maxlen: 22
83.222.216.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:61:50:b1:ee:bc:68:5a:fb:b1:d0:9e:8a:e2:2e:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 08:09:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c58e00a65eecdf4b423b2e241b9f7b1c42747b5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:83:db:6b:9a:b6:0b:7b:03:d9:ba:9b:9b:8b:
53:70:5f:d3:07:49:f4:05:bc:95:54:9f:ff:ee:c6:
79:07:90:c6:9f:d0:6c:76:98:b0:5e:ae:e3:ff:c9:
b4:d4:a6:c0:f7:1c:77:fb:20:95:01:07:bd:ba:74:
92:e0:c2:58:67:df:67:dd:15:d5:1e:29:f2:3a:44:
7d:40:49:e7:3e:97:e4:70:7d:9c:cf:2d:bb:8c:cc:
e3:57:14:fa:46:b4:cf:e2:1b:6f:e9:7f:ce:3b:0b:
ec:0e:aa:48:fd:95:bc:11:df:34:c6:f5:67:26:ba:
a5:57:25:54:89:33:35:e1:35:6a:fe:7b:8f:c0:30:
d2:9b:f1:74:0d:a3:26:e2:b0:0e:ea:16:37:27:b2:
d5:71:13:04:84:fa:a5:3f:5a:09:b7:ec:4e:1b:85:
7c:8e:14:7c:53:78:b4:6e:97:91:ee:00:36:84:96:
dc:74:c6:0e:b3:f0:8a:83:b8:7f:d1:ca:5d:d9:81:
b9:03:06:d5:7a:a2:e0:5a:2f:ee:16:d9:64:d8:41:
32:a8:1e:28:53:a3:63:33:30:30:72:4d:04:d6:44:
72:b8:fd:c7:08:38:4f:fa:a2:89:c5:e8:33:f2:1b:
4a:20:a6:21:00:98:c1:62:f6:2f:54:b2:22:6e:f1:
32:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:8E:00:A6:5E:EC:DF:4B:42:3B:2E:24:1B:9F:7B:1C:42:74:7B:5D
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/xY4Apl7s30tCOy4kG597HEJ0e10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.0.0-31.173.95.255
37.28.176.0/21
37.29.32.0/21
46.229.128.0/22
62.64.0.0/20
78.25.112.0/21
83.222.212.0-83.222.223.255
83.229.211.0/24
83.229.254.0/24
85.26.144.0/20
94.25.131.0/24
94.25.144.0-94.25.160.255
94.25.164.0/24
94.25.168.0-94.25.191.255
109.188.64.0-109.188.103.255
109.188.112.0-109.188.114.255
128.204.76.0/22
178.176.0.0-178.176.47.255
178.176.52.0/22
178.176.72.0/21
178.177.0.0/18
188.162.0.0/16
188.170.0.0-188.170.47.255
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.243.109.0/24
213.243.116.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:ca:a3:a1:80:b6:cd:7e:cf:d2:d1:f1:88:94:9a:3f:42:d0:
74:47:ec:0c:91:37:2c:de:bd:a9:2c:08:eb:b8:1a:9c:b3:38:
d6:23:1c:5d:eb:e5:d7:b7:a5:80:7a:d3:3e:e8:d4:3f:3a:c3:
18:a2:51:ca:ce:67:27:f6:b3:e8:18:8f:e2:f7:f7:ec:04:71:
65:68:8b:a1:ee:6f:a0:b5:da:9c:1d:67:64:42:30:e9:0f:c3:
48:ac:39:9f:c8:4e:de:50:99:2b:7e:56:7e:e0:a4:6e:36:23:
dc:37:3a:30:5f:67:21:a4:18:e8:b3:3d:5b:e4:71:49:d7:db:
4b:5e:8c:4a:db:0c:33:b9:7b:2a:1a:28:ed:a2:88:5c:3c:a4:
9c:5c:1a:62:39:6b:e4:a7:36:88:23:27:3c:bf:5d:ca:2b:c7:
9d:ab:00:6a:ae:ed:89:e0:fc:83:c2:ff:1c:c3:11:60:83:c5:
6f:dc:f1:cf:c6:95:dd:3b:f3:2d:82:e3:4f:7d:f7:f7:cd:5f:
14:9b:38:1f:42:b8:8e:cc:70:2c:c9:8d:b0:1c:62:2b:18:53:
f6:da:26:81:22:0c:ff:db:ce:e1:24:b1:a4:c0:fc:0a:2a:c5:
9b:2d:93:77:8c:3a:b2:71:72:2a:0c:ef:38:67:14:3f:8a:38:
63:95:62:38
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAYUFYVCx7rxoWvux0J6K4i7fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDgwOTAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNThlMDBhNjVlZWNkZjRiNDIzYjJlMjQxYjlmN2IxYzQyNzQ3YjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIPba5q2C3sD2bqbm4tTcF/TB0n0
BbyVVJ//7sZ5B5DGn9BsdpiwXq7j/8m01KbA9xx3+yCVAQe9unSS4MJYZ99n3RXV
HinyOkR9QEnnPpfkcH2czy27jMzjVxT6RrTP4htv6X/OOwvsDqpI/ZW8Ed80xvVn
JrqlVyVUiTM14TVq/nuPwDDSm/F0DaMm4rAO6hY3J7LVcRMEhPqlP1oJt+xOG4V8
jhR8U3i0bpeR7gA2hJbcdMYOs/CKg7h/0cpd2YG5AwbVeqLgWi/uFtlk2EEyqB4o
U6NjMzAwck0E1kRyuP3HCDhP+qKJxegz8htKIKYhAJjBYvYvVLIibvEyJQIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFMWOAKZe7N9LQjsuJBufexxCdHtdMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEveFk0QXBsN3MzMHRDT3k0a0c1OTdIRUowZTEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCCARwEAgABMIIB
FDALAwMAH60DBAUfrUADBAMlHLADBAMlHSADBAIu5YADBAQ+QAADBANOGXAwDAME
AlPe1AMEBVPewAMEAFPl0wMEAFPl/gMEBFUakAMEAF4ZgzAMAwQEXhmQAwQAXhmg
AwQAXhmkMAwDBANeGagDBAZeGYAwDAMEBm28QAMEA228YDAMAwQEbbxwAwQAbbxy
AwQCgMxMMAsDAwSysAMEBLKwIAMEArKwNAMEA7KwSAMEBrKxAAMDALyiMAsDAwG8
qgMEBLyqIAMEAsHJ5AMEBcMFgAMEBcMQYAMEAcNOdAMEAMOVbwMEBcPmQAMEBdQO
oAMEBdQsQAMEBdRFYAMEBdR3oAMEBdWaoAMEANXzbQMEANXzdDANBgkqhkiG9w0B
AQsFAAOCAQEAXcqjoYC2zX7P0tHxiJSaP0LQdEfsDJE3LN69qSwI67ganLM41iMc
Xevl17elgHrTPujUPzrDGKJRys5nJ/az6BiP4vf37ARxZWiLoe5voLXanB1nZEIw
6Q/DSKw5n8hO3lCZK35WfuCkbjYj3Dc6MF9nIaQY6LM9W+RxSdfbS16MStsMM7l7
Khoo7aKIXDyknFwaYjlr5Kc2iCMnPL9dyivHnasAaq7tieD8g8L/HMMRYIPFb9zx
z8aV3TvzLYLjT333981fFJs4H0K4jsxwLMmNsBxiKxhT9tomgSIM/9vO4SSxpMD8
CirFmy2Td4w6snFyKgzvOGcUP4o4Y5ViOA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:02:51 2025 by rpki-client