Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/0pLKBNZ-gRfBdbZ-US2f3OIv3FI.roa
File: 0pLKBNZ-gRfBdbZ-US2f3OIv3FI.roa (raw, json)
Hash identifier: z2hjJHqUNd0QJdLY7xBKfE0gh7zoyaeBQVA8hTTjU9I=
Subject key identifier: D2:92:CA:04:D6:7E:81:17:C1:75:B6:7E:51:2D:9F:DC:E2:2F:DC:52
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 018775C4E3CBCA53B920509CBF39176A949D
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/0pLKBNZ-gRfBdbZ-US2f3OIv3FI.roa
Signing time: Wed 12 Apr 2023 14:00:50 +0000
ROA not before: Wed 12 Apr 2023 14:00:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41032
IP address blocks: 185.90.104.0/24 maxlen: 24
185.90.105.0/24 maxlen: 24
185.90.107.0/24 maxlen: 24
185.90.106.0/24 maxlen: 24
62.201.237.0/24 maxlen: 24
62.201.248.0/24 maxlen: 24
62.201.250.0/24 maxlen: 24
62.201.249.0/24 maxlen: 24
62.201.192.0/24 maxlen: 24
62.201.196.0/24 maxlen: 24
62.201.197.0/24 maxlen: 24
62.201.199.0/24 maxlen: 24
62.201.203.0/24 maxlen: 24
62.201.202.0/24 maxlen: 24
62.201.205.0/24 maxlen: 24
62.201.204.0/24 maxlen: 24
62.201.200.0/24 maxlen: 24
62.201.201.0/24 maxlen: 24
62.201.206.0/24 maxlen: 24
62.201.210.0/24 maxlen: 24
62.201.209.0/24 maxlen: 24
62.201.211.0/24 maxlen: 24
62.201.207.0/24 maxlen: 24
62.201.208.0/24 maxlen: 24
62.201.216.0/24 maxlen: 24
2a02:b60:2000::/35 maxlen: 35
2a02:b60:2000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:75:c4:e3:cb:ca:53:b9:20:50:9c:bf:39:17:6a:94:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Apr 12 14:00:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d292ca04d67e8117c175b67e512d9fdce22fdc52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:da:e0:2a:66:c4:f0:1c:d2:60:f8:63:53:63:
7c:7c:24:db:7d:62:0a:1f:16:a4:9a:da:47:79:4d:
1d:ce:ea:bf:23:52:1b:3a:45:11:38:46:a3:2a:eb:
75:b5:57:37:cc:1f:48:52:44:0d:15:7c:58:de:58:
5b:68:0e:b9:29:fb:54:60:cb:98:e0:c9:8a:56:b5:
3f:f5:fb:97:1e:d4:58:fc:58:2d:7c:51:a2:80:b5:
6c:b6:0a:c3:2e:c0:9f:df:e1:8d:4e:bf:49:c4:30:
99:60:4f:fb:56:a0:56:9a:15:34:ec:ba:8f:71:74:
9e:35:ba:92:ee:a6:37:31:3a:7e:33:48:82:8f:5c:
89:57:36:e4:ce:c8:ba:27:46:e6:3f:4e:b6:bd:09:
d1:00:e1:24:71:cf:02:00:af:8d:a0:e9:5e:d8:a2:
fa:0f:51:1c:a3:21:ef:dd:8a:19:f0:43:93:c6:be:
cd:99:e0:d2:5d:77:45:ef:f0:03:c2:34:3c:ae:d4:
57:a6:9f:5e:71:05:31:bb:cf:5c:23:5b:b2:77:07:
79:5f:91:93:ae:2a:c0:61:97:5a:f1:65:2c:21:92:
6e:b2:57:a7:02:d0:2e:99:40:59:30:73:ea:20:e1:
70:65:65:99:37:87:37:9a:1b:9d:28:1e:68:e3:41:
82:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:92:CA:04:D6:7E:81:17:C1:75:B6:7E:51:2D:9F:DC:E2:2F:DC:52
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/0pLKBNZ-gRfBdbZ-US2f3OIv3FI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/24
62.201.196.0/23
62.201.199.0-62.201.211.255
62.201.216.0/24
62.201.237.0/24
62.201.248.0-62.201.250.255
185.90.104.0/22
IPv6:
2a02:b60:2000::/35
Signature Algorithm: sha256WithRSAEncryption
02:e5:fc:c4:7a:8a:5e:17:a0:76:1b:51:47:82:8b:7e:80:04:
78:20:02:07:e1:94:55:2a:27:63:c9:5c:31:f0:fe:9a:9a:65:
cc:69:bf:ae:5e:65:54:76:0f:96:09:2b:d5:8e:7b:0f:38:53:
3b:30:d7:60:80:3d:4e:7c:8d:30:0c:69:92:7c:fc:fa:90:5b:
2a:72:ca:70:10:55:55:3c:41:f5:70:c8:e6:91:d0:55:ec:ae:
98:f1:04:ed:a7:36:1e:59:c5:5b:c5:fc:8f:c7:63:f5:ca:86:
4e:d8:23:fc:6b:ad:dd:b0:20:90:fc:1c:e6:8e:0d:18:3e:d1:
4c:cc:1f:65:86:e4:17:b8:6a:64:df:ff:23:b5:56:67:0c:4a:
13:fd:1a:09:1d:c9:b4:ef:5c:00:52:e8:ca:78:f0:39:95:e5:
ad:e0:3e:d3:51:b1:89:15:72:e1:ab:c3:57:be:78:94:c0:60:
d2:a6:b9:1c:a1:74:c8:e1:de:23:ff:bb:ef:8c:e4:fd:1a:8f:
14:c4:9c:10:5b:e6:f6:94:9a:3a:90:85:da:aa:bf:5d:1e:11:
18:e3:45:92:d8:66:24:a2:24:3e:86:0e:15:80:9e:c9:16:9d:
72:5e:ae:f3:bd:21:f0:85:b2:9e:2a:8f:41:2e:2a:e6:07:f4:
77:7e:74:74
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYd1xOPLylO5IFCcvzkXapSdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTJmZWRmNTljNjBkMzI1NGUzN2E5YzhlY2RlMTFjOWJh
MTI4MmEwHhcNMjMwNDEyMTQwMDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjkyY2EwNGQ2N2U4MTE3YzE3NWI2N2U1MTJkOWZkY2UyMmZkYzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9rgKmbE8BzSYPhjU2N8fCTbfWIK
HxakmtpHeU0dzuq/I1IbOkUROEajKut1tVc3zB9IUkQNFXxY3lhbaA65KftUYMuY
4MmKVrU/9fuXHtRY/FgtfFGigLVstgrDLsCf3+GNTr9JxDCZYE/7VqBWmhU07LqP
cXSeNbqS7qY3MTp+M0iCj1yJVzbkzsi6J0bmP062vQnRAOEkcc8CAK+NoOle2KL6
D1EcoyHv3YoZ8EOTxr7NmeDSXXdF7/ADwjQ8rtRXpp9ecQUxu89cI1uydwd5X5GT
rirAYZda8WUsIZJuslenAtAumUBZMHPqIOFwZWWZN4c3mhudKB5o40GC0wIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFNKSygTWfoEXwXW2flEtn9ziL9xSMB8GA1UdIwQY
MBaAFDaS/t9Zxg0yVON6nI7N4RyboSgqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEt
ZTdiZTVlMzBhZDJkLzEvMHBMS0JOWi1nUmZCZGJaLVVTMmYzT0l2M0ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEtZTdiZTVlMzBhZDJk
LzEvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBABAIAATA6AwQAPsnAAwQB
PsnEMAwDBAA+yccDBAI+ydADBAA+ydgDBAA+ye0wDAMEAz7J+AMEAD7J+gMEArla
aDAOBAIAAjAIAwYFKgILYCAwDQYJKoZIhvcNAQELBQADggEBAALl/MR6il4XoHYb
UUeCi36ABHggAgfhlFUqJ2PJXDHw/pqaZcxpv65eZVR2D5YJK9WOew84Uzsw12CA
PU58jTAMaZJ8/PqQWypyynAQVVU8QfVwyOaR0FXsrpjxBO2nNh5ZxVvF/I/HY/XK
hk7YI/xrrd2wIJD8HOaODRg+0UzMH2WG5Be4amTf/yO1VmcMShP9GgkdybTvXABS
6Mp48DmV5a3gPtNRsYkVcuGrw1e+eJTAYNKmuRyhdMjh3iP/u++M5P0ajxTEnBBb
5vaUmjqQhdqqv10eERjjRZLYZiSiJD6GDhWAnskWnXJervO9IfCFsp4qj0EuKuYH
9Hd+dHQ=
-----END CERTIFICATE-----
Generated at Mon Apr 14 13:01:19 2025 by rpki-client