Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/N_m_KT409iKEqohzvllBcclqXGU.roa
File: N_m_KT409iKEqohzvllBcclqXGU.roa (raw, json)
Hash identifier: dEcDOvglOUYEJmHYCkpPYeoCnTzuf1aWPjBwGUljWEA=
Subject key identifier: 37:F9:BF:29:3E:34:F6:22:84:AA:88:73:BE:59:41:71:C9:6A:5C:65
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 099C8834
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/N_m_KT409iKEqohzvllBcclqXGU.roa
Signing time: Sat 01 Jan 2022 05:04:11 +0000
ROA not before: Sat 01 Jan 2022 05:04:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201337
IP address blocks: 84.236.137.0/24 maxlen: 24
178.156.75.0/24 maxlen: 24
84.236.184.0/24 maxlen: 24
185.25.198.0/24 maxlen: 24
185.25.196.0/24 maxlen: 24
185.25.196.0/22 maxlen: 22
185.25.197.0/24 maxlen: 24
185.25.199.0/24 maxlen: 24
84.236.189.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161253428 (0x99c8834)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 1 05:04:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=37f9bf293e34f62284aa8873be594171c96a5c65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:90:7a:57:52:ea:c3:d2:ff:0b:07:fd:4d:41:
f0:38:19:3e:f9:6e:cd:7d:9d:1e:7e:8d:59:13:cf:
c3:80:ae:04:4f:85:d5:98:a6:ea:95:5f:8e:e5:c8:
d6:cc:32:61:f2:11:db:1b:57:44:fc:a2:8a:c6:fd:
92:60:4a:e5:84:3d:32:d1:28:c4:b9:b6:d7:54:2f:
02:e2:1b:a3:92:7d:00:fb:14:6e:fd:15:66:16:46:
88:71:e0:d2:f8:f6:33:7e:81:d7:8d:03:e5:42:b3:
08:5d:43:99:37:b6:13:b9:ba:f9:50:36:20:ee:60:
9b:b2:f7:34:3c:ff:cb:cc:ba:c1:0f:25:2c:2d:86:
bf:06:99:02:31:64:3c:46:1d:65:64:d8:8c:4a:ab:
ab:2d:f5:f0:20:8a:73:80:5d:63:25:26:85:ca:1f:
9c:95:4b:b9:22:a2:2c:9f:2e:59:98:06:df:88:04:
31:24:37:c4:42:98:c0:36:ae:38:df:1f:8e:b5:90:
e3:50:7d:c5:12:fc:e5:70:b8:88:58:d3:cc:da:25:
86:a7:26:0e:0e:c8:d1:77:72:ef:92:81:2e:c3:5a:
b6:0c:86:b4:2d:11:10:f6:5e:65:80:3f:70:de:3f:
94:72:80:a7:5d:35:c1:e9:2b:60:8f:14:a2:87:28:
e7:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:F9:BF:29:3E:34:F6:22:84:AA:88:73:BE:59:41:71:C9:6A:5C:65
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/N_m_KT409iKEqohzvllBcclqXGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.236.137.0/24
84.236.184.0/24
84.236.189.0/24
178.156.75.0/24
185.25.196.0/22
Signature Algorithm: sha256WithRSAEncryption
16:62:9a:6a:90:f9:bf:43:89:37:ca:2a:0f:12:d5:c1:38:f0:
a7:56:82:3a:d1:c5:f3:f4:7e:3c:0e:2d:1b:1c:aa:2e:76:c8:
24:ea:3a:6b:b6:90:9e:57:3c:20:4c:c6:fc:e4:67:df:13:90:
e2:1b:88:1b:99:81:29:bd:f3:d9:26:f9:da:e1:f0:a4:7d:d9:
03:74:98:91:ef:bc:4a:18:d4:53:61:b8:39:6b:66:24:bd:9c:
2f:06:46:9c:21:24:fd:62:8c:fc:9e:a7:f3:b0:c0:b8:96:4e:
61:be:34:24:f7:39:b2:0f:55:f0:8d:51:10:54:d5:59:e4:7e:
d0:10:ee:4e:3c:e3:f6:f3:33:98:ed:62:af:b5:d8:95:c9:b7:
bb:e6:22:93:b8:3c:d8:8c:3c:fe:f9:34:12:77:5b:4f:df:fc:
8a:9b:8c:5b:b5:f5:60:1c:32:7e:3e:3e:bf:bf:00:58:e7:c1:
fe:21:4c:a6:89:fb:fc:ae:7f:fe:b5:77:c7:ca:23:4f:8b:e3:
e1:59:f2:69:69:a1:33:87:c3:6e:ea:e1:85:db:26:50:d3:e5:
82:10:66:0f:9f:44:60:c6:3a:b4:f5:a4:11:0e:0d:c0:e2:7f:
31:c4:2b:9d:11:1e:b0:8c:8a:72:4a:da:7b:65:56:b9:68:65:
0c:bc:97:61
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECZyINDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWFmMTdiMDAxNWRiYjdjZDk5MmYyNmNkZmYwMWM0ZTI2MjBiNzNlMB4XDTIyMDEw
MTA1MDQxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzdmOWJmMjkzZTM0
ZjYyMjg0YWE4ODczYmU1OTQxNzFjOTZhNWM2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN2QeldS6sPS/wsH/U1B8DgZPvluzX2dHn6NWRPPw4CuBE+F
1Zim6pVfjuXI1swyYfIR2xtXRPyiisb9kmBK5YQ9MtEoxLm211QvAuIbo5J9APsU
bv0VZhZGiHHg0vj2M36B140D5UKzCF1DmTe2E7m6+VA2IO5gm7L3NDz/y8y6wQ8l
LC2GvwaZAjFkPEYdZWTYjEqrqy318CCKc4BdYyUmhcofnJVLuSKiLJ8uWZgG34gE
MSQ3xEKYwDauON8fjrWQ41B9xRL85XC4iFjTzNolhqcmDg7I0Xdy75KBLsNatgyG
tC0REPZeZYA/cN4/lHKAp101wekrYI8Uooco530CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQ3+b8pPjT2IoSqiHO+WUFxyWpcZTAfBgNVHSMEGDAWgBTarxewAV27fNmS
8mzf8BxOJiC3PjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJxOFhzQUZkdTN6Wmt2SnMzX0FjVGlZZ3R6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvYzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8x
L05fbV9LVDQwOWlLRXFvaHp2bGxCY2NscVhHVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
Yzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8xLzJxOFhzQUZkdTN6
Wmt2SnMzX0FjVGlZZ3R6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFTsiQMEAFTsuAMEAFTsvQMEALKc
SwMEArkZxDANBgkqhkiG9w0BAQsFAAOCAQEAFmKaapD5v0OJN8oqDxLVwTjwp1aC
OtHF8/R+PA4tGxyqLnbIJOo6a7aQnlc8IEzG/ORn3xOQ4huIG5mBKb3z2Sb52uHw
pH3ZA3SYke+8ShjUU2G4OWtmJL2cLwZGnCEk/WKM/J6n87DAuJZOYb40JPc5sg9V
8I1REFTVWeR+0BDuTjzj9vMzmO1ir7XYlcm3u+Yik7g82Iw8/vk0EndbT9/8ipuM
W7X1YBwyfj4+v78AWOfB/iFMpon7/K5//rV3x8ojT4vj4VnyaWmhM4fDburhhdsm
UNPlghBmD59EYMY6tPWkEQ4NwOJ/McQrnREesIyKckrae2VWuWhlDLyXYQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:18:20 2025 by rpki-client