Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/7bdafb-4951-43b3-aef0-b5438b92c99b/1/naSt5Kd5Qt5oSxCxFIG_NoUJ0l4.roa
File: naSt5Kd5Qt5oSxCxFIG_NoUJ0l4.roa (raw, json)
Hash identifier: lzM4oeFQ1z9Mbcgy+yDU9/VXyYg6CfdlXNU9oNIEmII=
Subject key identifier: 9D:A4:AD:E4:A7:79:42:DE:68:4B:10:B1:14:81:BF:36:85:09:D2:5E
Certificate issuer: /CN=0013ca9a0ae71b10d29dba0cb3ecab5f10df5179
Certificate serial: 018389AEAAD39A8723B799FC939A40E0A215
Authority key identifier: 00:13:CA:9A:0A:E7:1B:10:D2:9D:BA:0C:B3:EC:AB:5F:10:DF:51:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ABPKmgrnGxDSnboMs-yrXxDfUXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/7bdafb-4951-43b3-aef0-b5438b92c99b/1/naSt5Kd5Qt5oSxCxFIG_NoUJ0l4.roa
Signing time: Thu 29 Sep 2022 14:37:48 +0000
ROA not before: Thu 29 Sep 2022 14:37:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39425
IP address blocks: 37.156.37.0/24 maxlen: 24
89.40.133.0/24 maxlen: 27
89.43.240.0/22 maxlen: 23
89.43.246.0/24 maxlen: 24
89.43.240.0/21 maxlen: 24
89.43.244.0/23 maxlen: 24
89.43.247.0/24 maxlen: 24
188.241.121.0/24 maxlen: 24
89.37.186.0/23 maxlen: 23
92.114.88.0/22 maxlen: 22
94.176.186.0/23 maxlen: 23
89.35.4.0/23 maxlen: 23
188.241.111.0/24 maxlen: 24
89.46.24.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:89:ae:aa:d3:9a:87:23:b7:99:fc:93:9a:40:e0:a2:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0013ca9a0ae71b10d29dba0cb3ecab5f10df5179
Validity
Not Before: Sep 29 14:37:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9da4ade4a77942de684b10b11481bf368509d25e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a4:31:72:91:2a:d3:7b:6c:7a:16:c5:af:44:
3a:c9:76:40:df:b6:3c:84:3e:6a:c5:64:04:9b:a3:
82:18:17:53:eb:7d:21:08:40:23:62:d8:8a:ee:10:
43:ff:a4:b4:64:84:45:01:16:6d:f1:0b:04:0d:c9:
21:d9:b6:83:14:97:a6:e0:af:d5:fa:b9:99:23:7d:
ab:2b:c9:c6:f5:e3:a2:3b:42:e2:1c:ec:d8:eb:7a:
4f:c3:12:40:83:d7:01:f6:5f:c1:3b:f2:3a:ec:3b:
d1:ec:3c:dc:b1:dd:3a:57:b9:a9:d7:63:44:93:01:
a8:6a:64:65:b8:ad:ff:09:af:f4:07:e2:7d:d9:41:
6f:29:d6:2d:ee:1e:a5:e5:84:6d:fc:ed:61:7d:29:
7b:ce:40:b7:e8:56:90:9a:70:b6:b3:ae:ab:44:59:
7c:f2:2b:93:29:37:38:d3:1b:bd:7f:4f:f5:47:9f:
b2:5c:e6:53:e0:7e:b2:0d:b0:74:ff:de:3a:c7:ae:
0d:4a:c7:b9:68:49:75:7b:0f:9f:ca:38:14:21:49:
b9:a5:d8:b0:9f:c0:6c:88:4e:5e:b6:f3:aa:e4:dd:
e7:04:e9:5b:b4:24:0a:0d:bb:ba:c2:32:ce:15:74:
e8:77:22:ab:2d:27:f5:71:f2:de:1c:15:d4:8b:b0:
a2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A4:AD:E4:A7:79:42:DE:68:4B:10:B1:14:81:BF:36:85:09:D2:5E
X509v3 Authority Key Identifier:
keyid:00:13:CA:9A:0A:E7:1B:10:D2:9D:BA:0C:B3:EC:AB:5F:10:DF:51:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABPKmgrnGxDSnboMs-yrXxDfUXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/7bdafb-4951-43b3-aef0-b5438b92c99b/1/naSt5Kd5Qt5oSxCxFIG_NoUJ0l4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/7bdafb-4951-43b3-aef0-b5438b92c99b/1/ABPKmgrnGxDSnboMs-yrXxDfUXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.37.0/24
89.35.4.0/23
89.37.186.0/23
89.40.133.0/24
89.43.240.0/21
89.46.24.0/21
92.114.88.0/22
94.176.186.0/23
188.241.111.0/24
188.241.121.0/24
Signature Algorithm: sha256WithRSAEncryption
23:44:26:a7:41:00:82:57:b4:c2:f6:ca:28:72:16:f2:cf:f8:
93:cb:ad:df:b4:89:e3:07:5a:ed:03:24:2d:44:21:0a:b2:bf:
90:5d:9b:c9:6a:45:bd:af:c1:aa:44:6a:e6:ba:4c:37:88:3e:
fd:02:58:e6:e8:2b:e9:1f:7d:dd:d7:ba:6b:0b:b1:08:e3:23:
32:5a:49:26:a0:e9:fc:23:f3:f5:c7:a3:d6:4b:b0:c9:a0:35:
8c:de:01:07:f6:e8:2b:04:68:6d:97:43:8d:e5:d5:37:90:90:
18:9e:3c:99:db:0d:4e:49:72:42:06:91:d3:1e:34:e5:a8:38:
84:1c:4b:25:10:9b:ae:7f:d5:c5:3a:dc:28:46:81:0a:28:d7:
18:fb:f9:ba:a3:93:bf:a9:bc:fa:a4:fb:b0:94:2f:80:10:0d:
dd:98:29:e0:41:78:92:a3:65:2c:55:af:86:24:60:9f:08:c3:
8a:31:99:74:87:c7:5e:7f:9d:08:37:bf:f9:51:62:70:0a:08:
27:97:6b:94:f2:51:86:6e:7e:21:cc:82:d4:d7:8d:e6:af:e5:
0a:0e:9f:c1:92:a1:e1:e6:10:d2:7f:a5:b3:87:10:a6:6a:d8:
b5:d0:53:a0:3b:c3:e0:12:a8:3c:c5:46:0b:aa:25:77:3e:fa:
0c:6d:64:6d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYOJrqrTmocjt5n8k5pA4KIVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMTNjYTlhMGFlNzFiMTBkMjlkYmEwY2IzZWNhYjVmMTBk
ZjUxNzkwHhcNMjIwOTI5MTQzNzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGE0YWRlNGE3Nzk0MmRlNjg0YjEwYjExNDgxYmYzNjg1MDlkMjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6QxcpEq03tsehbFr0Q6yXZA37Y8
hD5qxWQEm6OCGBdT630hCEAjYtiK7hBD/6S0ZIRFARZt8QsEDckh2baDFJem4K/V
+rmZI32rK8nG9eOiO0LiHOzY63pPwxJAg9cB9l/BO/I67DvR7Dzcsd06V7mp12NE
kwGoamRluK3/Ca/0B+J92UFvKdYt7h6l5YRt/O1hfSl7zkC36FaQmnC2s66rRFl8
8iuTKTc40xu9f0/1R5+yXOZT4H6yDbB0/946x64NSse5aEl1ew+fyjgUIUm5pdiw
n8BsiE5etvOq5N3nBOlbtCQKDbu6wjLOFXTodyKrLSf1cfLeHBXUi7CiJQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJ2kreSneULeaEsQsRSBvzaFCdJeMB8GA1UdIwQY
MBaAFAATypoK5xsQ0p26DLPsq18Q31F5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUJQS21ncm5HeERTbmJvTXMteXJYeERmVVhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi83YmRhZmItNDk1MS00M2IzLWFlZjAt
YjU0MzhiOTJjOTliLzEvbmFTdDVLZDVRdDVvU3hDeEZJR19Ob1VKMGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi83YmRhZmItNDk1MS00M2IzLWFlZjAtYjU0MzhiOTJjOTli
LzEvQUJQS21ncm5HeERTbmJvTXMteXJYeERmVVhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAJZwlAwQB
WSMEAwQBWSW6AwQAWSiFAwQDWSvwAwQDWS4YAwQCXHJYAwQBXrC6AwQAvPFvAwQA
vPF5MA0GCSqGSIb3DQEBCwUAA4IBAQAjRCanQQCCV7TC9soochbyz/iTy63ftInj
B1rtAyQtRCEKsr+QXZvJakW9r8GqRGrmukw3iD79Aljm6CvpH33d17prC7EI4yMy
WkkmoOn8I/P1x6PWS7DJoDWM3gEH9ugrBGhtl0ON5dU3kJAYnjyZ2w1OSXJCBpHT
HjTlqDiEHEslEJuuf9XFOtwoRoEKKNcY+/m6o5O/qbz6pPuwlC+AEA3dmCngQXiS
o2UsVa+GJGCfCMOKMZl0h8def50IN7/5UWJwCggnl2uU8lGGbn4hzILU143mr+UK
Dp/BkqHh5hDSf6WzhxCmati10FOgO8PgEqg8xUYLqiV3PvoMbWRt
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:33:01 2025 by rpki-client