Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/nZSR2i7UsddWNwk0i9VQXtTB2U4.roa
File: nZSR2i7UsddWNwk0i9VQXtTB2U4.roa (raw, json)
Hash identifier: L196b3mhHkWSQZ67gEqTLvYxVlcu8QLuXTsCY4/UqNQ=
Subject key identifier: 9D:94:91:DA:2E:D4:B1:D7:56:37:09:34:8B:D5:50:5E:D4:C1:D9:4E
Certificate issuer: /CN=898825d2f064989b38c781f2a8535189a26928c3
Certificate serial: 01856E2692ABA5185E5D89833DD6558D561C
Authority key identifier: 89:88:25:D2:F0:64:98:9B:38:C7:81:F2:A8:53:51:89:A2:69:28:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/nZSR2i7UsddWNwk0i9VQXtTB2U4.roa
Signing time: Sun 01 Jan 2023 16:24:59 +0000
ROA not before: Sun 01 Jan 2023 16:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28831
IP address blocks: 185.107.148.0/23 maxlen: 23
185.107.150.0/23 maxlen: 23
62.169.32.0/21 maxlen: 21
62.169.42.0/24 maxlen: 24
62.169.40.0/21 maxlen: 21
62.169.48.0/21 maxlen: 21
62.169.49.0/24 maxlen: 24
62.169.56.0/21 maxlen: 21
62.169.63.0/24 maxlen: 24
62.169.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:92:ab:a5:18:5e:5d:89:83:3d:d6:55:8d:56:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=898825d2f064989b38c781f2a8535189a26928c3
Validity
Not Before: Jan 1 16:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d9491da2ed4b1d7563709348bd5505ed4c1d94e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:30:54:c9:06:d0:99:7b:a1:e5:61:7e:0a:20:
5f:c2:2a:cb:2c:a3:1c:c7:d6:10:2c:c4:15:f3:1d:
5c:7c:6f:eb:9a:d4:23:f5:14:54:47:2c:0a:75:0b:
aa:fb:36:35:1e:b4:99:02:4f:bb:d1:fa:20:b4:c7:
9f:92:ea:e8:e4:d0:36:b6:c3:c1:bf:4d:da:34:20:
c6:50:62:f0:d4:b3:ba:fd:3b:11:5a:d1:e1:fc:92:
1e:f1:f4:9d:aa:31:15:22:0d:a1:cc:48:e1:ab:53:
f8:77:94:ee:7a:78:cb:57:fa:1f:21:42:e0:69:8d:
fd:2d:6d:82:e2:fc:2f:a1:3a:b8:db:64:f5:a1:e7:
99:62:94:ba:e6:21:62:b7:32:11:b2:6e:e5:9b:9e:
f9:aa:7e:65:19:f1:2e:69:5a:37:24:06:73:c7:1a:
08:a8:47:ec:d4:84:13:92:7e:ee:e1:01:13:17:c5:
14:5b:48:2b:94:e7:54:59:70:25:6c:76:11:3d:de:
eb:f7:9a:ab:e2:bd:08:9d:9f:f0:b0:5b:3b:b0:d7:
ce:d1:f2:65:0b:87:5a:8e:31:ba:8f:d1:31:7c:0a:
9c:5b:47:11:a0:28:8b:8b:d7:ea:84:7e:f5:d5:b6:
3d:0e:04:cc:eb:74:88:0b:9c:6a:9c:38:9b:10:b8:
8e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:94:91:DA:2E:D4:B1:D7:56:37:09:34:8B:D5:50:5E:D4:C1:D9:4E
X509v3 Authority Key Identifier:
keyid:89:88:25:D2:F0:64:98:9B:38:C7:81:F2:A8:53:51:89:A2:69:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYgl0vBkmJs4x4HyqFNRiaJpKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/nZSR2i7UsddWNwk0i9VQXtTB2U4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0aa4d0-05e4-4802-99d8-ecae41446b77/1/iYgl0vBkmJs4x4HyqFNRiaJpKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.169.32.0/19
185.107.148.0/22
Signature Algorithm: sha256WithRSAEncryption
57:75:ee:e3:71:16:33:98:72:9d:b6:54:e2:b7:e7:19:55:a0:
fb:3c:24:9e:10:6d:9f:07:a7:0e:d5:e6:6d:80:8f:ff:b7:96:
d5:57:7f:8a:a8:fa:c9:41:09:86:d2:dd:21:82:88:ef:3c:73:
47:52:bd:cd:e4:39:c6:39:33:ac:15:8f:b7:42:d7:e0:e1:f8:
8a:a0:b3:b6:c3:13:e3:07:af:02:b8:c0:80:77:ee:88:a7:73:
55:51:d7:dd:c7:3d:12:24:5e:c5:42:af:07:42:a5:5b:2d:9d:
fb:c3:c6:a6:d0:48:11:2d:13:e9:f8:80:5d:9f:cf:63:6b:f5:
4d:94:03:1f:e9:57:1d:06:e6:36:52:81:21:1a:43:1b:fe:3c:
28:c3:fa:df:4e:c3:e3:04:10:69:88:34:7d:44:96:19:ef:46:
17:09:6d:4e:cb:9e:78:9f:2c:0a:de:7f:93:ea:ec:8c:aa:4d:
7c:22:35:95:1f:51:b5:4c:41:5b:62:8a:32:57:c2:d7:4e:4c:
d0:5f:89:b5:d7:f6:d0:3f:37:08:03:19:58:17:ec:2f:b0:68:
54:36:00:4a:a4:b8:2f:8e:6c:0b:52:5d:e5:54:8d:01:b5:fe:
1b:70:ba:6d:63:4d:09:6f:15:e4:4e:74:b4:25:78:c3:81:10:
de:92:af:ec
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuJpKrpRheXYmDPdZVjVYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ODgyNWQyZjA2NDk4OWIzOGM3ODFmMmE4NTM1MTg5YTI2
OTI4YzMwHhcNMjMwMTAxMTYyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDk0OTFkYTJlZDRiMWQ3NTYzNzA5MzQ4YmQ1NTA1ZWQ0YzFkOTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3zBUyQbQmXuh5WF+CiBfwirLLKMc
x9YQLMQV8x1cfG/rmtQj9RRURywKdQuq+zY1HrSZAk+70fogtMefkuro5NA2tsPB
v03aNCDGUGLw1LO6/TsRWtHh/JIe8fSdqjEVIg2hzEjhq1P4d5TuenjLV/ofIULg
aY39LW2C4vwvoTq422T1oeeZYpS65iFitzIRsm7lm575qn5lGfEuaVo3JAZzxxoI
qEfs1IQTkn7u4QETF8UUW0grlOdUWXAlbHYRPd7r95qr4r0InZ/wsFs7sNfO0fJl
C4dajjG6j9ExfAqcW0cRoCiLi9fqhH711bY9DgTM63SIC5xqnDibELiOHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ2Ukdou1LHXVjcJNIvVUF7UwdlOMB8GA1UdIwQY
MBaAFImIJdLwZJibOMeB8qhTUYmiaSjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wYWE0ZDAtMDVlNC00ODAyLTk5ZDgt
ZWNhZTQxNDQ2Yjc3LzEvblpTUjJpN1VzZGRXTndrMGk5VlFYdFRCMlU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wYWE0ZDAtMDVlNC00ODAyLTk5ZDgtZWNhZTQxNDQ2Yjc3
LzEvaVlnbDB2QmttSnM0eDRIeXFGTlJpYUpwS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFPqkgAwQC
uWuUMA0GCSqGSIb3DQEBCwUAA4IBAQBXde7jcRYzmHKdtlTit+cZVaD7PCSeEG2f
B6cO1eZtgI//t5bVV3+KqPrJQQmG0t0hgojvPHNHUr3N5DnGOTOsFY+3Qtfg4fiK
oLO2wxPjB68CuMCAd+6Ip3NVUdfdxz0SJF7FQq8HQqVbLZ37w8am0EgRLRPp+IBd
n89ja/VNlAMf6VcdBuY2UoEhGkMb/jwow/rfTsPjBBBpiDR9RJYZ70YXCW1Oy554
nywK3n+T6uyMqk18IjWVH1G1TEFbYooyV8LXTkzQX4m11/bQPzcIAxlYF+wvsGhU
NgBKpLgvjmwLUl3lVI0Btf4bcLptY00JbxXkTnS0JXjDgRDekq/s
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:22 2025 by rpki-client