Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/NN2P150qa6koTjXVsQboZg8AKNQ.roa
File: NN2P150qa6koTjXVsQboZg8AKNQ.roa (raw, json)
Hash identifier: 7oUk0JaSia/YW5bOIgGJ6owXAorMPj2Gtw46gzxUWtg=
Subject key identifier: 34:DD:8F:D7:9D:2A:6B:A9:28:4E:35:D5:B1:06:E8:66:0F:00:28:D4
Certificate issuer: /CN=384872e817b3a45f98d4b15b65dd452b5da2d611
Certificate serial: 0189BA96E39B399D6A81B29B497261255EED
Authority key identifier: 38:48:72:E8:17:B3:A4:5F:98:D4:B1:5B:65:DD:45:2B:5D:A2:D6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OEhy6BezpF-Y1LFbZd1FK12i1hE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/NN2P150qa6koTjXVsQboZg8AKNQ.roa
Signing time: Thu 03 Aug 2023 08:49:58 +0000
ROA not before: Thu 03 Aug 2023 08:49:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56329
IP address blocks: 194.233.152.0/21 maxlen: 21
88.202.240.0/20 maxlen: 20
188.95.40.0/21 maxlen: 21
195.180.16.0/20 maxlen: 20
195.180.32.0/21 maxlen: 21
195.180.48.0/20 maxlen: 20
213.18.128.0/18 maxlen: 18
216.213.128.0/18 maxlen: 18
194.233.224.0/20 maxlen: 20
83.151.200.0/21 maxlen: 21
82.163.184.0/21 maxlen: 21
88.202.128.0/19 maxlen: 19
212.237.220.0/22 maxlen: 22
185.82.156.0/22 maxlen: 22
82.163.144.0/20 maxlen: 20
46.227.144.0/21 maxlen: 21
88.202.192.0/20 maxlen: 20
185.111.224.0/22 maxlen: 22
212.132.32.0/19 maxlen: 19
88.202.232.0/22 maxlen: 22
185.147.88.0/22 maxlen: 22
88.212.164.0/22 maxlen: 22
88.212.168.0/21 maxlen: 21
88.212.176.0/21 maxlen: 21
88.212.184.0/22 maxlen: 22
78.143.192.0/19 maxlen: 19
82.163.252.0/22 maxlen: 22
2a06:61c0::/29 maxlen: 29
2a02:fb8::/32 maxlen: 32
2a00:d200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:96:e3:9b:39:9d:6a:81:b2:9b:49:72:61:25:5e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=384872e817b3a45f98d4b15b65dd452b5da2d611
Validity
Not Before: Aug 3 08:49:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=34dd8fd79d2a6ba9284e35d5b106e8660f0028d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:75:2b:8d:d0:ee:3e:21:53:47:d9:1f:55:d5:
83:94:1d:a4:5c:5b:e8:d4:bc:d9:72:5c:26:2d:cb:
89:70:86:b0:8a:64:33:e6:09:c8:eb:57:c6:00:ab:
34:eb:3d:66:16:0d:3b:4f:64:ec:b2:41:28:1f:d2:
58:c2:40:0c:cf:fd:4c:38:90:ef:ab:b8:cd:28:9d:
09:64:fb:42:86:f0:36:48:70:11:5c:b6:ad:f2:de:
3a:71:e6:9f:6e:85:da:e6:09:5b:f1:54:57:7d:2d:
be:26:43:27:cb:38:92:12:56:fa:48:42:0b:30:ef:
eb:5b:79:fe:0b:b8:3c:af:7f:80:01:40:48:45:f5:
0f:63:19:00:c9:30:23:a3:98:dd:b0:2a:37:b4:ca:
a9:51:02:b4:a9:b2:11:90:1f:23:d8:aa:69:d4:e0:
60:71:6e:af:08:44:a3:a4:ec:6a:c4:92:06:2f:b8:
7e:cf:35:81:fb:11:ec:f2:86:0a:71:0c:ca:9b:e4:
14:ee:6d:11:f0:ce:05:a0:aa:cf:01:37:34:e0:aa:
48:56:78:47:d8:61:5f:b7:a7:00:fd:d6:36:05:a2:
4a:c0:51:8f:21:f4:1f:41:58:76:98:0e:71:7b:3e:
4d:b9:85:95:79:8f:bc:30:61:ba:97:a8:33:61:0f:
08:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:DD:8F:D7:9D:2A:6B:A9:28:4E:35:D5:B1:06:E8:66:0F:00:28:D4
X509v3 Authority Key Identifier:
keyid:38:48:72:E8:17:B3:A4:5F:98:D4:B1:5B:65:DD:45:2B:5D:A2:D6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OEhy6BezpF-Y1LFbZd1FK12i1hE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/NN2P150qa6koTjXVsQboZg8AKNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/17e663-eb10-45ed-81f2-bfbe1bc15fc2/1/OEhy6BezpF-Y1LFbZd1FK12i1hE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.144.0/21
78.143.192.0/19
82.163.144.0/20
82.163.184.0/21
82.163.252.0/22
83.151.200.0/21
88.202.128.0/19
88.202.192.0/20
88.202.232.0/22
88.202.240.0/20
88.212.164.0-88.212.187.255
185.82.156.0/22
185.111.224.0/22
185.147.88.0/22
188.95.40.0/21
194.233.152.0/21
194.233.224.0/20
195.180.16.0-195.180.39.255
195.180.48.0/20
212.132.32.0/19
212.237.220.0/22
213.18.128.0/18
216.213.128.0/18
IPv6:
2a00:d200::/29
2a02:fb8::/32
2a06:61c0::/29
Signature Algorithm: sha256WithRSAEncryption
59:49:0a:fc:82:e5:95:0c:1f:18:5e:68:2f:91:7a:47:6b:98:
86:c2:39:39:e1:78:53:e4:cf:a1:fe:9a:30:c3:d8:48:10:7f:
58:86:5d:c9:f8:67:fa:94:74:25:43:02:01:47:ef:1d:d2:c4:
aa:7b:5e:74:ad:f2:6a:87:39:45:bb:4e:43:53:db:c9:b3:c8:
dc:93:21:2f:28:66:4b:90:1c:55:83:cf:ea:e0:ba:cf:fd:fe:
0e:a5:8f:e9:4c:e3:f8:99:c7:0e:79:78:a5:99:46:41:d1:6e:
2a:04:75:db:22:98:d8:95:de:6a:1a:8a:8c:fa:1f:c4:ba:00:
c0:13:67:6e:30:53:30:f3:eb:69:36:cf:d5:f4:8c:f4:d7:de:
7f:43:2d:b0:79:27:cd:7d:77:2a:4d:83:bc:39:8c:8c:a9:90:
75:72:8c:76:71:75:24:cf:eb:31:df:ac:b9:0d:e9:8b:e2:ad:
32:b3:3e:81:4c:2e:ec:d8:92:62:a6:36:93:4e:23:98:78:c4:
92:15:2d:d6:51:06:7f:ee:87:3f:f1:b1:d3:d7:07:ef:fb:dd:
c8:0c:a0:ff:db:b4:3a:f7:68:fa:cb:75:3e:95:ed:62:8a:f6:
23:31:93:dd:12:f5:50:a8:59:d9:db:7d:41:e1:1d:ef:20:1a:
0d:8d:d6:7c
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgISAYm6luObOZ1qgbKbSXJhJV7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NDg3MmU4MTdiM2E0NWY5OGQ0YjE1YjY1ZGQ0NTJiNWRh
MmQ2MTEwHhcNMjMwODAzMDg0OTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGRkOGZkNzlkMmE2YmE5Mjg0ZTM1ZDViMTA2ZTg2NjBmMDAyOGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3UrjdDuPiFTR9kfVdWDlB2kXFvo
1LzZclwmLcuJcIawimQz5gnI61fGAKs06z1mFg07T2TsskEoH9JYwkAMz/1MOJDv
q7jNKJ0JZPtChvA2SHARXLat8t46ceafboXa5glb8VRXfS2+JkMnyziSElb6SEIL
MO/rW3n+C7g8r3+AAUBIRfUPYxkAyTAjo5jdsCo3tMqpUQK0qbIRkB8j2Kpp1OBg
cW6vCESjpOxqxJIGL7h+zzWB+xHs8oYKcQzKm+QU7m0R8M4FoKrPATc04KpIVnhH
2GFft6cA/dY2BaJKwFGPIfQfQVh2mA5xez5NuYWVeY+8MGG6l6gzYQ8ISQIDAQAB
o4ICvzCCArswHQYDVR0OBBYEFDTdj9edKmupKE411bEG6GYPACjUMB8GA1UdIwQY
MBaAFDhIcugXs6RfmNSxW2XdRStdotYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0VoeTZCZXpwRi1ZMUxGYlpkMUZLMTJpMWhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8xN2U2NjMtZWIxMC00NWVkLTgxZjIt
YmZiZTFiYzE1ZmMyLzEvTk4yUDE1MHFhNmtvVGpYVnNRYm9aZzhBS05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8xN2U2NjMtZWIxMC00NWVkLTgxZjItYmZiZTFiYzE1ZmMy
LzEvT0VoeTZCZXpwRi1ZMUxGYlpkMUZLMTJpMWhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHUBggrBgEFBQcBBwEB/wSBxDCBwTCBoQQCAAEwgZoDBAMu
45ADBAVOj8ADBARSo5ADBANSo7gDBAJSo/wDBANTl8gDBAVYyoADBARYysADBAJY
yugDBARYyvAwDAMEAljUpAMEAljUuAMEArlSnAMEArlv4AMEArmTWAMEA7xfKAME
A8LpmAMEBMLp4DAMAwQEw7QQAwQDw7QgAwQEw7QwAwQF1IQgAwQC1O3cAwQG1RKA
AwQG2NWAMBsEAgACMBUDBQMqANIAAwUAKgIPuAMFAyoGYcAwDQYJKoZIhvcNAQEL
BQADggEBAFlJCvyC5ZUMHxheaC+RekdrmIbCOTnheFPkz6H+mjDD2EgQf1iGXcn4
Z/qUdCVDAgFH7x3SxKp7XnSt8mqHOUW7TkNT28mzyNyTIS8oZkuQHFWDz+rgus/9
/g6lj+lM4/iZxw55eKWZRkHRbioEddsimNiV3moaioz6H8S6AMATZ24wUzDz62k2
z9X0jPTX3n9DLbB5J819dypNg7w5jIypkHVyjHZxdSTP6zHfrLkN6YvirTKzPoFM
LuzYkmKmNpNOI5h4xJIVLdZRBn/uhz/xsdPXB+/73cgMoP/btDr3aPrLdT6V7WKK
9iMxk90S9VCoWdnbfUHhHe8gGg2N1nw=
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:00:56 2025 by rpki-client