Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/neKGyrTvb04SwWA1g8XCoHpBShA.roa
File: neKGyrTvb04SwWA1g8XCoHpBShA.roa (raw, json)
Hash identifier: dEhjoHoEuWB7yPo5gsoRZ7znO+yM4pSexFVyZNdAX7U=
Subject key identifier: 9D:E2:86:CA:B4:EF:6F:4E:12:C1:60:35:83:C5:C2:A0:7A:41:4A:10
Certificate issuer: /CN=3deb104463e920b45542b6af1a27d5950e86e9a0
Certificate serial: 043FF8BC
Authority key identifier: 3D:EB:10:44:63:E9:20:B4:55:42:B6:AF:1A:27:D5:95:0E:86:E9:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PesQRGPpILRVQravGifVlQ6G6aA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/neKGyrTvb04SwWA1g8XCoHpBShA.roa
Signing time: Sat 01 Jan 2022 11:58:56 +0000
ROA not before: Sat 01 Jan 2022 11:58:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43925
IP address blocks: 89.45.0.0/22 maxlen: 22
89.45.0.0/23 maxlen: 23
89.45.2.0/23 maxlen: 23
185.32.0.0/22 maxlen: 22
37.34.96.0/22 maxlen: 24
37.34.105.0/24 maxlen: 24
37.34.100.0/22 maxlen: 24
37.34.106.0/24 maxlen: 24
37.34.108.0/22 maxlen: 24
37.34.107.0/24 maxlen: 24
37.34.112.0/20 maxlen: 24
79.170.224.0/21 maxlen: 24
37.34.120.0/21 maxlen: 24
178.76.80.0/20 maxlen: 22
94.139.128.0/19 maxlen: 24
178.76.96.0/19 maxlen: 21
93.113.112.0/21 maxlen: 24
2a00:f900::/32 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 71301308 (0x43ff8bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3deb104463e920b45542b6af1a27d5950e86e9a0
Validity
Not Before: Jan 1 11:58:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9de286cab4ef6f4e12c1603583c5c2a07a414a10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:cf:76:c9:e4:eb:4a:9e:51:ac:02:4c:b5:fe:
b4:8f:2f:55:09:b9:c3:23:8c:99:97:89:0d:5c:d3:
df:87:b7:b6:da:85:5a:db:00:a3:b1:31:31:59:9d:
0c:1b:42:c9:f7:ef:78:35:d1:bb:1f:97:f9:e3:d5:
73:fb:ab:ac:2d:9c:b4:3e:61:d0:b3:99:88:63:eb:
58:b5:5c:06:fc:d8:49:f6:81:dc:ab:41:c8:7e:84:
a5:12:9c:4e:51:5d:11:2c:1f:0e:c3:ee:94:67:55:
c5:42:ad:fa:16:f6:8d:aa:f3:08:ba:b1:39:5d:42:
bf:a8:1e:62:54:36:6d:84:5a:71:7e:03:91:14:34:
e3:28:02:f2:bb:f6:0d:bf:56:2c:7f:6f:55:47:64:
e7:0f:13:88:5a:f4:9e:2c:8c:a9:03:b2:a5:78:63:
1b:66:77:e0:9b:83:c9:0d:46:dc:c1:63:c6:db:68:
a1:f7:4c:22:66:98:91:bf:1f:83:ae:cb:cb:43:a0:
fc:7f:b7:57:b7:2d:c8:65:ac:f0:1a:33:64:e6:0b:
3a:4e:3f:fd:2d:9c:69:fb:c4:13:21:2f:f0:72:4d:
c0:d5:49:09:ab:bb:9f:7e:46:cf:63:f0:fe:fb:9d:
04:ba:bc:54:9e:1e:a3:24:07:b3:8a:70:b4:e7:c3:
67:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:E2:86:CA:B4:EF:6F:4E:12:C1:60:35:83:C5:C2:A0:7A:41:4A:10
X509v3 Authority Key Identifier:
keyid:3D:EB:10:44:63:E9:20:B4:55:42:B6:AF:1A:27:D5:95:0E:86:E9:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PesQRGPpILRVQravGifVlQ6G6aA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/neKGyrTvb04SwWA1g8XCoHpBShA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/c686b3-e7a9-4f9c-842c-119d8bf717bb/1/PesQRGPpILRVQravGifVlQ6G6aA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.96.0/21
37.34.105.0-37.34.127.255
79.170.224.0/21
89.45.0.0/22
93.113.112.0/21
94.139.128.0/19
178.76.80.0-178.76.127.255
185.32.0.0/22
IPv6:
2a00:f900::/32
Signature Algorithm: sha256WithRSAEncryption
cb:80:e2:6f:61:c8:84:06:0a:25:0a:c4:c2:9b:a9:93:23:6d:
8f:d7:a0:07:7b:07:37:21:bb:62:3a:e7:fd:f3:e3:03:5a:0f:
42:86:0d:36:e3:f0:9d:f1:6e:8a:f3:42:21:7f:b6:8b:69:b1:
d7:72:d0:c6:91:1e:60:cc:59:e5:4e:21:49:d3:bf:f1:c0:31:
43:f7:43:66:a0:ef:f5:dc:e7:9c:cb:d8:b5:79:b7:17:db:50:
1b:6c:8d:35:85:e6:61:3a:60:6a:a6:f9:40:8e:02:8f:50:80:
ad:e0:f7:78:35:78:cd:26:f2:12:f3:20:ab:4e:36:e8:06:49:
52:d8:97:8f:18:a8:ff:89:53:ff:99:6e:5a:ed:93:c8:c5:5b:
00:d2:8d:86:10:fc:71:64:e5:03:40:da:d8:44:f6:f1:f8:7d:
3f:7b:a3:3d:07:ef:63:53:e1:a7:cb:a5:53:42:f3:c5:3b:24:
f3:f5:d2:a4:08:7e:61:ee:50:95:18:0a:87:52:cb:2a:ba:5b:
bc:33:a4:ed:df:0b:e6:1a:2c:c7:bf:3b:f3:5f:0f:6a:55:7a:
9e:b2:5c:f5:2f:bf:13:59:e2:b3:91:39:45:e3:5b:5b:45:b5:
b6:46:cb:c6:31:ce:13:3a:21:0a:a8:de:cf:b2:94:37:b1:66:
0f:56:b4:7f
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIEBD/4vDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZGViMTA0NDYzZTkyMGI0NTU0MmI2YWYxYTI3ZDU5NTBlODZlOWEwMB4XDTIyMDEw
MTExNTg1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWRlMjg2Y2FiNGVm
NmY0ZTEyYzE2MDM1ODNjNWMyYTA3YTQxNGExMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/Pdsnk60qeUawCTLX+tI8vVQm5wyOMmZeJDVzT34e3ttqF
WtsAo7ExMVmdDBtCyffveDXRux+X+ePVc/urrC2ctD5h0LOZiGPrWLVcBvzYSfaB
3KtByH6EpRKcTlFdESwfDsPulGdVxUKt+hb2jarzCLqxOV1Cv6geYlQ2bYRacX4D
kRQ04ygC8rv2Db9WLH9vVUdk5w8TiFr0niyMqQOypXhjG2Z34JuDyQ1G3MFjxtto
ofdMImaYkb8fg67Ly0Og/H+3V7ctyGWs8BozZOYLOk4//S2cafvEEyEv8HJNwNVJ
Cau7n35Gz2Pw/vudBLq8VJ4eoyQHs4pwtOfDZ8kCAwEAAaOCAlIwggJOMB0GA1Ud
DgQWBBSd4obKtO9vThLBYDWDxcKgekFKEDAfBgNVHSMEGDAWgBQ96xBEY+kgtFVC
tq8aJ9WVDobpoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Blc1FSR1BwSUxSVlFyYXZHaWZWbFE2RzZhQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvYzY4NmIzLWU3YTktNGY5Yy04NDJjLTExOWQ4YmY3MTdiYi8x
L25lS0d5clR2YjA0U3dXQTFnOFhDb0hwQlNoQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
YzY4NmIzLWU3YTktNGY5Yy04NDJjLTExOWQ4YmY3MTdiYi8xL1Blc1FSR1BwSUxS
VlFyYXZHaWZWbFE2RzZhQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBo
BggrBgEFBQcBBwEB/wRZMFcwRgQCAAEwQAMEAyUiYDAMAwQAJSJpAwQHJSIAAwQD
T6rgAwQCWS0AAwQDXXFwAwQFXouAMAwDBASyTFADBAeyTAADBAK5IAAwDQQCAAIw
BwMFACoA+QAwDQYJKoZIhvcNAQELBQADggEBAMuA4m9hyIQGCiUKxMKbqZMjbY/X
oAd7Bzchu2I65/3z4wNaD0KGDTbj8J3xborzQiF/totpsddy0MaRHmDMWeVOIUnT
v/HAMUP3Q2ag7/Xc55zL2LV5txfbUBtsjTWF5mE6YGqm+UCOAo9QgK3g93g1eM0m
8hLzIKtONugGSVLYl48YqP+JU/+Zblrtk8jFWwDSjYYQ/HFk5QNA2thE9vH4fT97
oz0H72NT4afLpVNC88U7JPP10qQIfmHuUJUYCodSyyq6W7wzpO3fC+YaLMe/O/Nf
D2pVep6yXPUvvxNZ4rOROUXjW1tFtbZGy8YxzhM6IQqo3s+ylDexZg9WtH8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:13:20 2025 by rpki-client