Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/1-a2TzxtIQXwD0DBnIU7BcSbZUdg.roa
File: 1-a2TzxtIQXwD0DBnIU7BcSbZUdg.roa (raw, json)
Hash identifier: a4G2rmjEXxrQpEUy2QaPQCc2xfByiaVCei0LXekComE=
Subject key identifier: F9:AD:93:CF:1B:48:41:7C:03:D0:30:67:21:4E:C1:71:26:D9:51:D8
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 37B4A8DA
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/1-a2TzxtIQXwD0DBnIU7BcSbZUdg.roa
Signing time: Wed 09 Mar 2022 10:55:57 +0000
ROA not before: Wed 09 Mar 2022 10:55:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41032
IP address blocks: 185.90.104.0/24 maxlen: 24
185.90.105.0/24 maxlen: 24
185.90.107.0/24 maxlen: 24
185.90.106.0/24 maxlen: 24
62.201.237.0/24 maxlen: 24
62.201.248.0/24 maxlen: 24
62.201.250.0/24 maxlen: 24
62.201.249.0/24 maxlen: 24
62.201.192.0/24 maxlen: 24
62.201.196.0/24 maxlen: 24
62.201.199.0/24 maxlen: 24
62.201.203.0/24 maxlen: 24
62.201.202.0/24 maxlen: 24
62.201.205.0/24 maxlen: 24
62.201.204.0/24 maxlen: 24
62.201.200.0/24 maxlen: 24
62.201.201.0/24 maxlen: 24
62.201.206.0/24 maxlen: 24
62.201.210.0/24 maxlen: 24
62.201.209.0/24 maxlen: 24
62.201.211.0/24 maxlen: 24
62.201.207.0/24 maxlen: 24
62.201.208.0/24 maxlen: 24
62.201.216.0/24 maxlen: 24
2a02:b60:2000::/35 maxlen: 35
2a02:b60:2000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 934586586 (0x37b4a8da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Mar 9 10:55:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9ad93cf1b48417c03d03067214ec17126d951d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:18:85:d9:65:ac:30:74:d5:de:b2:e9:6d:fe:
fd:5f:f3:25:d4:73:5d:82:ae:40:4a:8a:d9:ca:7b:
2c:a4:a0:c8:77:1f:81:30:77:da:a0:64:73:ea:d2:
6b:d7:6a:a3:78:be:20:d4:ac:21:a0:7d:b0:93:67:
4f:8d:2d:32:b1:52:59:7c:47:dd:24:23:69:12:0b:
0c:dc:46:79:90:a4:c5:9d:20:76:86:bc:9a:ee:d4:
90:29:33:c0:cf:6f:08:f4:bd:2e:12:e5:51:06:5e:
43:05:07:3e:e2:50:fe:3a:58:e2:08:2c:f6:14:39:
d1:41:c9:02:82:17:8e:88:de:eb:5d:ae:b0:d2:75:
0d:f2:98:6a:bb:a8:d2:bb:bd:ef:13:d5:f3:fa:78:
7d:be:d5:21:6f:71:78:48:56:85:7a:4f:8a:b5:31:
83:b0:8c:83:62:05:a2:d3:3b:6c:85:3a:33:77:a5:
7d:5a:fa:25:99:d3:7f:8a:f1:94:d4:f0:ed:13:8e:
66:96:5b:ab:6c:4c:84:cb:a3:1b:63:d8:cb:fd:ab:
84:1f:e7:10:ad:0d:11:db:04:d4:e8:ee:e9:a9:fe:
be:f7:cb:59:62:ac:73:70:f4:3c:a2:a1:17:39:3c:
67:84:32:28:bf:02:79:61:28:f9:a4:1e:86:fc:2d:
57:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AD:93:CF:1B:48:41:7C:03:D0:30:67:21:4E:C1:71:26:D9:51:D8
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/1-a2TzxtIQXwD0DBnIU7BcSbZUdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/24
62.201.196.0/24
62.201.199.0-62.201.211.255
62.201.216.0/24
62.201.237.0/24
62.201.248.0-62.201.250.255
185.90.104.0/22
IPv6:
2a02:b60:2000::/35
Signature Algorithm: sha256WithRSAEncryption
e8:fd:9d:5b:17:b6:10:53:01:1d:6e:28:57:87:ee:11:ed:67:
bb:5e:2c:61:26:ae:51:87:09:e3:e3:2f:34:74:60:23:8b:38:
45:d5:ea:ee:49:b0:3a:5a:1b:5b:61:ac:95:aa:b5:86:1b:97:
82:8e:ef:59:4c:b6:ad:02:db:2a:8f:1c:cc:c2:e6:f5:10:05:
54:a4:c3:f5:86:86:b0:1f:e2:d5:8e:6b:d6:8a:f2:25:86:2b:
19:c7:22:7d:24:3a:84:36:92:a3:d3:3a:41:d9:f9:9d:80:8d:
fd:c4:fa:d6:a7:48:5c:59:f7:27:3e:e1:ab:fc:fa:3e:c9:8b:
93:19:bb:aa:82:4f:fe:aa:c5:a6:b5:05:02:cc:56:f2:5d:9a:
7a:83:34:cb:65:82:ae:c2:c0:e2:04:bb:56:44:0d:24:09:c6:
12:5d:4a:5e:3b:46:3c:29:db:a4:0f:5f:e8:8a:98:ca:1d:31:
dc:57:5f:78:7a:5e:cb:78:79:31:e7:7c:e2:51:d0:e5:0e:88:
06:ff:d7:99:7b:eb:14:3a:92:1f:57:75:08:7a:cf:1b:39:31:
f6:bd:1e:33:19:fb:19:bf:48:c4:3a:37:33:2a:0b:bb:3a:a4:
41:a9:72:3d:3e:0a:f7:ca:4e:83:91:38:19:66:74:7d:fb:cd:
9e:5d:1a:66
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIEN7So2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjkyZmVkZjU5YzYwZDMyNTRlMzdhOWM4ZWNkZTExYzliYTEyODJhMB4XDTIyMDMw
OTEwNTU1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjlhZDkzY2YxYjQ4
NDE3YzAzZDAzMDY3MjE0ZWMxNzEyNmQ5NTFkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMEYhdllrDB01d6y6W3+/V/zJdRzXYKuQEqK2cp7LKSgyHcf
gTB32qBkc+rSa9dqo3i+INSsIaB9sJNnT40tMrFSWXxH3SQjaRILDNxGeZCkxZ0g
doa8mu7UkCkzwM9vCPS9LhLlUQZeQwUHPuJQ/jpY4ggs9hQ50UHJAoIXjoje612u
sNJ1DfKYaruo0ru97xPV8/p4fb7VIW9xeEhWhXpPirUxg7CMg2IFotM7bIU6M3el
fVr6JZnTf4rxlNTw7ROOZpZbq2xMhMujG2PYy/2rhB/nEK0NEdsE1Oju6an+vvfL
WWKsc3D0PKKhFzk8Z4QyKL8CeWEo+aQehvwtV6kCAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBT5rZPPG0hBfAPQMGchTsFxJtlR2DAfBgNVHSMEGDAWgBQ2kv7fWcYNMlTj
epyOzeEcm6EoKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05wTC0zMW5HRFRKVTQzcWNqczNoSEp1aEtDby5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzIvNWM1YWQwLWQyZGEtNDBkYi05NWQxLWU3YmU1ZTMwYWQyZC8x
LzEtYTJUenh0SVFYd0QwREJuSVU3QmNTYlpVZGcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2My
LzVjNWFkMC1kMmRhLTQwZGItOTVkMS1lN2JlNWUzMGFkMmQvMS9OcEwtMzFuR0RU
SlU0M3FjanMzaEhKdWhLQ28uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
YwYIKwYBBQUHAQcBAf8EVDBSMEAEAgABMDoDBAA+ycADBAA+ycQwDAMEAD7JxwME
Aj7J0AMEAD7J2AMEAD7J7TAMAwQDPsn4AwQAPsn6AwQCuVpoMA4EAgACMAgDBgUq
AgtgIDANBgkqhkiG9w0BAQsFAAOCAQEA6P2dWxe2EFMBHW4oV4fuEe1nu14sYSau
UYcJ4+MvNHRgI4s4RdXq7kmwOlobW2Gslaq1hhuXgo7vWUy2rQLbKo8czMLm9RAF
VKTD9YaGsB/i1Y5r1oryJYYrGccifSQ6hDaSo9M6Qdn5nYCN/cT61qdIXFn3Jz7h
q/z6PsmLkxm7qoJP/qrFprUFAsxW8l2aeoM0y2WCrsLA4gS7VkQNJAnGEl1KXjtG
PCnbpA9f6IqYyh0x3FdfeHpey3h5Med84lHQ5Q6IBv/XmXvrFDqSH1d1CHrPGzkx
9r0eMxn7Gb9IxDo3MyoLuzqkQalyPT4K98pOg5E4GWZ0ffvNnl0aZg==
-----END CERTIFICATE-----
Generated at Mon Apr 14 13:06:26 2025 by rpki-client