Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/yyDbi5Yh5Tv3d0HMsT82WYpK0rQ.roa
File: yyDbi5Yh5Tv3d0HMsT82WYpK0rQ.roa (raw, json)
Hash identifier: Cj1Gte/+q+n98FuFYA9My414XlKiyZXU7KtLfoD+5N0=
Subject key identifier: CB:20:DB:8B:96:21:E5:3B:F7:77:41:CC:B1:3F:36:59:8A:4A:D2:B4
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0185053F766ACF112F160B5163228C39AF29
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/yyDbi5Yh5Tv3d0HMsT82WYpK0rQ.roa
Signing time: Mon 12 Dec 2022 07:32:03 +0000
ROA not before: Mon 12 Dec 2022 07:32:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31213
IP address blocks: 212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/20 maxlen: 20
195.78.116.0/23 maxlen: 24
193.201.228.0/22 maxlen: 24
85.26.208.0/22 maxlen: 22
85.26.212.0/22 maxlen: 22
109.188.128.0/17 maxlen: 17
85.26.216.0/22 maxlen: 22
85.26.220.0/22 maxlen: 22
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
188.170.80.0/21 maxlen: 21
78.25.120.0/22 maxlen: 22
188.170.92.0/22 maxlen: 22
212.69.96.0/19 maxlen: 24
188.162.0.0/16 maxlen: 24
37.28.160.0/21 maxlen: 21
85.26.248.0/22 maxlen: 22
85.26.252.0/22 maxlen: 22
37.28.168.0/21 maxlen: 21
212.119.160.0/19 maxlen: 24
78.25.96.0/21 maxlen: 21
78.25.104.0/22 maxlen: 22
188.170.68.0/24 maxlen: 24
188.170.65.0/24 maxlen: 24
188.170.66.0/24 maxlen: 24
188.170.67.0/24 maxlen: 24
78.25.108.0/22 maxlen: 22
188.170.72.0/21 maxlen: 21
94.25.228.0/23 maxlen: 23
94.25.232.0/21 maxlen: 21
37.29.71.0/24 maxlen: 24
37.29.68.0/23 maxlen: 23
37.29.70.0/24 maxlen: 24
83.149.0.0/21 maxlen: 21
195.5.128.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
128.204.74.0/24 maxlen: 24
128.204.75.0/24 maxlen: 24
94.25.208.0/22 maxlen: 22
37.29.48.0/21 maxlen: 21
37.29.56.0/21 maxlen: 21
94.25.216.0/21 maxlen: 21
94.25.224.0/21 maxlen: 21
37.29.64.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:3f:76:6a:cf:11:2f:16:0b:51:63:22:8c:39:af:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 07:32:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb20db8b9621e53bf77741ccb13f36598a4ad2b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a4:f8:1a:db:01:03:e3:4a:a9:bc:49:eb:7c:
c8:e9:a0:a4:25:33:85:0e:39:ab:63:82:90:4a:06:
97:9b:ed:64:94:71:74:3b:f0:df:6b:cc:7a:56:6a:
c3:5c:e5:b1:72:57:27:8e:65:3e:e2:39:be:d4:fb:
dd:63:f0:fe:1f:f8:85:12:de:d0:cd:a3:d6:0a:4c:
14:da:3a:ca:97:07:6c:7a:06:33:51:68:94:b4:9f:
b3:a7:4e:3a:dc:64:e0:5c:ab:8e:ce:22:c7:3e:9f:
2c:1b:15:99:7b:f2:1e:65:fd:bb:17:6b:f9:83:4d:
49:76:be:4b:56:00:98:86:da:a8:68:8f:6d:3d:8e:
0e:22:fb:f7:47:38:4f:6d:a1:a2:b3:bc:ba:d6:54:
b8:bc:82:6d:99:bb:ab:da:a4:84:48:7f:4b:f4:a9:
bf:3f:55:2a:8f:f9:83:9c:18:80:d6:10:11:5b:3d:
81:41:e7:25:b5:8a:50:de:42:61:af:29:14:2a:55:
ff:af:54:90:f7:e0:26:ae:c2:55:4f:3a:da:98:e9:
2a:94:c5:23:6a:42:f8:93:21:50:c5:4d:c2:77:15:
3d:b7:bf:2f:2c:1c:59:67:6f:86:60:fb:5c:0d:14:
f6:0f:1d:47:66:6e:9b:5d:47:2b:d1:90:e9:83:7d:
e5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:20:DB:8B:96:21:E5:3B:F7:77:41:CC:B1:3F:36:59:8A:4A:D2:B4
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/yyDbi5Yh5Tv3d0HMsT82WYpK0rQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/20
37.29.48.0-37.29.71.255
78.25.96.0/20
78.25.120.0/22
83.149.0.0/21
85.26.128.0/20
85.26.208.0/20
85.26.248.0/21
94.25.208.0/22
94.25.216.0-94.25.239.255
109.188.128.0/17
128.204.74.0/23
188.162.0.0/16
188.170.65.0-188.170.68.255
188.170.72.0-188.170.87.255
188.170.92.0/22
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
Signature Algorithm: sha256WithRSAEncryption
35:4c:05:22:50:3e:df:74:53:46:5b:7a:f0:a0:16:cb:97:60:
9f:90:3e:9a:18:ad:25:3f:4e:50:34:2e:f6:a5:38:fd:b4:e5:
56:8b:8e:3c:53:11:f3:61:60:68:b7:bd:b1:d1:ac:c7:73:43:
96:9b:68:8d:09:d7:28:c3:d7:84:f3:1d:f8:72:a7:8d:a8:1e:
44:e3:1b:b2:29:3b:f7:be:fe:7e:f6:f1:bd:0a:61:78:9f:b1:
9d:2f:1c:54:1b:fa:36:bf:aa:bf:0a:52:87:e7:b7:5d:ee:86:
9f:3a:a5:14:89:87:d7:11:9e:f8:21:08:05:a2:fe:8d:b2:4e:
66:29:0d:93:91:11:d0:43:5e:eb:64:52:b1:fd:fc:12:85:6d:
0b:54:6a:53:39:6b:47:43:19:1b:66:7e:4d:b1:b7:0f:cd:a3:
36:29:09:fa:ab:c7:17:73:77:69:55:86:66:dd:b4:46:8b:c4:
c7:91:55:dd:f4:b5:5c:29:02:5c:f0:af:a8:f7:fd:65:2e:26:
2c:3d:44:9f:28:0e:75:b3:d1:af:6b:8c:57:db:37:0e:98:85:
b2:7a:04:76:1f:ad:95:42:64:37:5c:79:c2:ea:b8:ee:bd:72:
bc:cf:21:bb:ea:f2:ce:09:45:07:6c:78:09:65:7f:d6:b5:6d:
3d:a4:14:df
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAYUFP3ZqzxEvFgtRYyKMOa8pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMDczMjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjIwZGI4Yjk2MjFlNTNiZjc3NzQxY2NiMTNmMzY1OThhNGFkMmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16T4GtsBA+NKqbxJ63zI6aCkJTOF
DjmrY4KQSgaXm+1klHF0O/Dfa8x6VmrDXOWxclcnjmU+4jm+1PvdY/D+H/iFEt7Q
zaPWCkwU2jrKlwdsegYzUWiUtJ+zp0463GTgXKuOziLHPp8sGxWZe/IeZf27F2v5
g01Jdr5LVgCYhtqoaI9tPY4OIvv3RzhPbaGis7y61lS4vIJtmbur2qSESH9L9Km/
P1Uqj/mDnBiA1hARWz2BQecltYpQ3kJhrykUKlX/r1SQ9+AmrsJVTzramOkqlMUj
akL4kyFQxU3CdxU9t78vLBxZZ2+GYPtcDRT2Dx1HZm6bXUcr0ZDpg33l2QIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFMsg24uWIeU793dBzLE/NlmKStK0MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEveXlEYmk1WWg1VHYzZDBITXNUODJXWXBLMHJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHkBggrBgEFBQcBBwEB/wSB1DCB0TCBzgQCAAEwgccDBAQl
HKAwDAMEBCUdMAMEAyUdQAMEBE4ZYAMEAk4ZeAMEA1OVAAMEBFUagAMEBFUa0AME
A1Ua+AMEAl4Z0DAMAwQDXhnYAwQEXhngAwQHbbyAAwQBgMxKAwMAvKIwDAMEALyq
QQMEALyqRDAMAwQDvKpIAwQDvKpQAwQCvKpcAwQCwcnkAwQFwwWAAwQFwxBgAwQB
w050AwQAw5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1HegAwQF1ZqgAwQF
1aggMA0GCSqGSIb3DQEBCwUAA4IBAQA1TAUiUD7fdFNGW3rwoBbLl2CfkD6aGK0l
P05QNC72pTj9tOVWi448UxHzYWBot72x0azHc0OWm2iNCdcow9eE8x34cqeNqB5E
4xuyKTv3vv5+9vG9CmF4n7GdLxxUG/o2v6q/ClKH57dd7oafOqUUiYfXEZ74IQgF
ov6Nsk5mKQ2TkRHQQ17rZFKx/fwShW0LVGpTOWtHQxkbZn5NsbcPzaM2KQn6q8cX
c3dpVYZm3bRGi8THkVXd9LVcKQJc8K+o9/1lLiYsPUSfKA51s9Gva4xX2zcOmIWy
egR2H62VQmQ3XHnC6rjuvXK8zyG76vLOCUUHbHgJZX/WtW09pBTf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:22 2025 by rpki-client