Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/Kbk2PXLvouhTwWimSXmiDSIdjIw.roa
File: Kbk2PXLvouhTwWimSXmiDSIdjIw.roa (raw, json)
Hash identifier: heLm4IxJTu5ENcbiMCrPt/SRLvobDaef7X+ZHJB5Aa4=
Subject key identifier: 29:B9:36:3D:72:EF:A2:E8:53:C1:68:A6:49:79:A2:0D:22:1D:8C:8C
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 3772B1A3
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/Kbk2PXLvouhTwWimSXmiDSIdjIw.roa
Signing time: Tue 08 Feb 2022 07:07:48 +0000
ROA not before: Tue 08 Feb 2022 07:07:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44217
IP address blocks: 62.201.228.0/22 maxlen: 22
62.201.229.0/24 maxlen: 24
62.201.227.0/24 maxlen: 24
62.201.228.0/24 maxlen: 24
62.201.232.0/24 maxlen: 24
62.201.233.0/24 maxlen: 24
62.201.230.0/24 maxlen: 24
62.201.231.0/24 maxlen: 24
62.201.232.0/22 maxlen: 22
62.201.236.0/24 maxlen: 24
62.201.234.0/24 maxlen: 24
62.201.235.0/24 maxlen: 24
62.201.239.0/24 maxlen: 24
62.201.240.0/24 maxlen: 24
62.201.237.0/24 maxlen: 24
62.201.238.0/24 maxlen: 24
62.201.240.0/21 maxlen: 21
62.201.243.0/24 maxlen: 24
62.201.241.0/24 maxlen: 24
62.201.242.0/24 maxlen: 24
62.201.242.0/23 maxlen: 24
62.201.246.0/24 maxlen: 24
62.201.244.0/23 maxlen: 23
62.201.253.0/24 maxlen: 24
62.201.251.0/24 maxlen: 24
62.201.252.0/22 maxlen: 24
62.201.247.0/24 maxlen: 24
62.201.248.0/23 maxlen: 23
62.201.250.0/24 maxlen: 24
62.201.248.0/24 maxlen: 24
62.201.249.0/24 maxlen: 24
62.201.254.0/23 maxlen: 24
89.33.66.0/23 maxlen: 23
62.201.192.0/23 maxlen: 23
62.201.194.0/24 maxlen: 24
62.201.195.0/24 maxlen: 24
62.201.192.0/18 maxlen: 18
62.201.193.0/24 maxlen: 24
62.201.200.0/22 maxlen: 22
62.201.201.0/24 maxlen: 24
62.201.202.0/24 maxlen: 24
62.201.200.0/24 maxlen: 24
62.201.204.0/24 maxlen: 24
62.201.205.0/24 maxlen: 24
62.201.203.0/24 maxlen: 24
62.201.204.0/23 maxlen: 23
62.201.206.0/23 maxlen: 23
62.201.212.0/24 maxlen: 24
62.201.208.0/24 maxlen: 24
62.201.209.0/24 maxlen: 24
62.201.208.0/22 maxlen: 22
62.201.207.0/24 maxlen: 24
62.201.211.0/24 maxlen: 24
62.201.212.0/22 maxlen: 22
62.201.210.0/24 maxlen: 24
62.201.213.0/24 maxlen: 24
62.201.215.0/24 maxlen: 24
62.201.216.0/24 maxlen: 24
62.201.214.0/24 maxlen: 24
62.201.218.0/24 maxlen: 24
62.201.219.0/24 maxlen: 24
62.201.217.0/24 maxlen: 24
62.201.221.0/24 maxlen: 24
62.201.222.0/24 maxlen: 24
62.201.220.0/22 maxlen: 22
62.201.220.0/24 maxlen: 24
62.201.225.0/24 maxlen: 24
62.201.224.0/22 maxlen: 22
62.201.226.0/24 maxlen: 24
62.201.223.0/24 maxlen: 24
62.201.224.0/24 maxlen: 24
2a02:b60:2010::/48 maxlen: 48
2a02:b60::/64 maxlen: 64
2a02:b60:2000::/48 maxlen: 48
2a02:b60:4000::/48 maxlen: 48
2a02:b60:2000:3::/64 maxlen: 64
2a02:b60:0:f::/64 maxlen: 64
2a02:b60:4000::/34 maxlen: 34
2a02:b60:2000::/35 maxlen: 35
2a02:b60::/32 maxlen: 32
2a02:b60:20::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 930263459 (0x3772b1a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Feb 8 07:07:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29b9363d72efa2e853c168a64979a20d221d8c8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5c:89:ee:4c:b7:e9:55:e5:f5:45:15:ed:bc:
e0:ed:47:c0:d4:a1:18:8d:8e:ab:b0:9e:04:aa:28:
89:2c:0d:c5:b6:cc:89:e0:af:47:f9:fa:9e:c0:64:
ac:b1:25:59:00:7f:0c:e2:41:69:fb:fc:7d:92:d8:
4a:2a:a0:ba:5b:47:6c:c3:bb:ed:05:73:7e:24:eb:
30:53:77:91:76:aa:de:95:e5:71:97:6b:fe:58:6f:
98:e0:39:1f:49:b8:a3:cd:79:42:a4:a5:62:9a:a1:
07:bd:11:42:34:6c:60:25:f3:ae:07:96:af:d7:36:
67:46:c1:71:76:29:c2:75:07:48:ac:7e:ef:f1:bb:
b4:0b:21:fc:a6:02:54:b2:48:7a:65:33:5c:92:80:
e8:23:fd:7e:9b:a3:72:0e:77:a6:2f:18:56:f0:4d:
04:f1:a1:a1:df:1b:a5:a0:99:94:e3:7b:e9:e5:ca:
77:b7:16:d8:c3:76:f8:36:75:dd:4e:c8:64:45:47:
4a:f8:57:2d:c9:e1:44:73:17:30:e6:9d:4e:63:f0:
f5:cf:4d:f0:8b:e1:17:57:17:0b:60:49:be:cf:d6:
08:aa:74:75:cc:75:ea:76:12:8e:c6:df:c4:34:2c:
49:41:ea:06:e5:c6:56:05:9c:24:c5:3c:b1:33:9d:
20:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B9:36:3D:72:EF:A2:E8:53:C1:68:A6:49:79:A2:0D:22:1D:8C:8C
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/Kbk2PXLvouhTwWimSXmiDSIdjIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/18
89.33.66.0/23
IPv6:
2a02:b60::/32
Signature Algorithm: sha256WithRSAEncryption
02:a6:60:3a:8d:64:ed:f1:2e:98:76:2f:f9:9f:1b:36:bb:6d:
47:88:2a:a2:71:5a:10:8c:d0:bf:41:18:9f:71:fe:9d:de:26:
3b:01:6b:75:38:67:69:d4:bf:7a:b1:d2:d5:bb:04:ca:27:7b:
c4:28:8c:62:30:d6:52:09:4d:70:01:60:26:b2:00:fd:3a:3b:
ec:f1:6d:67:3e:77:e7:90:f6:91:fc:fb:c5:90:1c:85:d6:7b:
03:81:06:10:5f:2c:3f:4d:97:12:30:b6:4f:db:4e:d1:04:0c:
fe:55:de:dd:e3:dd:af:2f:38:e4:18:4c:fe:61:74:d5:38:15:
dc:e5:32:e5:00:d5:b8:01:62:49:68:0e:fa:44:e3:4a:26:0e:
65:ad:19:27:f7:6a:32:ad:63:13:60:b8:8c:b0:c2:21:ab:db:
d6:d3:5d:54:80:df:0f:48:d7:62:e5:dc:bc:07:a8:d9:c1:13:
90:fe:cb:7d:2e:19:05:98:03:ca:e4:a8:59:ba:29:ec:da:b2:
bd:d8:b8:09:38:9d:40:7f:a2:bd:dd:47:ca:6a:d2:38:38:39:
55:91:2b:2b:75:82:ef:15:7b:40:00:b6:f6:be:52:4a:68:25:
2e:81:84:2b:1d:db:bc:03:0f:64:3a:b8:e8:d5:82:e6:d9:ee:
9b:e9:27:b0
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEN3KxozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjkyZmVkZjU5YzYwZDMyNTRlMzdhOWM4ZWNkZTExYzliYTEyODJhMB4XDTIyMDIw
ODA3MDc0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjliOTM2M2Q3MmVm
YTJlODUzYzE2OGE2NDk3OWEyMGQyMjFkOGM4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxcie5Mt+lV5fVFFe284O1HwNShGI2Oq7CeBKooiSwNxbbM
ieCvR/n6nsBkrLElWQB/DOJBafv8fZLYSiqgultHbMO77QVzfiTrMFN3kXaq3pXl
cZdr/lhvmOA5H0m4o815QqSlYpqhB70RQjRsYCXzrgeWr9c2Z0bBcXYpwnUHSKx+
7/G7tAsh/KYCVLJIemUzXJKA6CP9fpujcg53pi8YVvBNBPGhod8bpaCZlON76eXK
d7cW2MN2+DZ13U7IZEVHSvhXLcnhRHMXMOadTmPw9c9N8IvhF1cXC2BJvs/WCKp0
dcx16nYSjsbfxDQsSUHqBuXGVgWcJMU8sTOdIDsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQpuTY9cu+i6FPBaKZJeaINIh2MjDAfBgNVHSMEGDAWgBQ2kv7fWcYNMlTj
epyOzeEcm6EoKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05wTC0zMW5HRFRKVTQzcWNqczNoSEp1aEtDby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzIvNWM1YWQwLWQyZGEtNDBkYi05NWQxLWU3YmU1ZTMwYWQyZC8x
L0tiazJQWEx2b3VoVHdXaW1TWG1pRFNJZGpJdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIv
NWM1YWQwLWQyZGEtNDBkYi05NWQxLWU3YmU1ZTMwYWQyZC8xL05wTC0zMW5HRFRK
VTQzcWNqczNoSEp1aEtDby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBj7JwAMEAVkhQjANBAIAAjAHAwUA
KgILYDANBgkqhkiG9w0BAQsFAAOCAQEAAqZgOo1k7fEumHYv+Z8bNrttR4gqonFa
EIzQv0EYn3H+nd4mOwFrdThnadS/erHS1bsEyid7xCiMYjDWUglNcAFgJrIA/To7
7PFtZz5355D2kfz7xZAchdZ7A4EGEF8sP02XEjC2T9tO0QQM/lXe3ePdry845BhM
/mF01TgV3OUy5QDVuAFiSWgO+kTjSiYOZa0ZJ/dqMq1jE2C4jLDCIavb1tNdVIDf
D0jXYuXcvAeo2cETkP7LfS4ZBZgDyuSoWbop7Nqyvdi4CTidQH+ivd1HymrSODg5
VZErK3WC7xV7QAC29r5SSmglLoGEKx3bvAMPZDq46NWC5tnum+knsA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 13:20:28 2025 by rpki-client