Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/_1ZdgRkq0OuGEv92ACxpGgo0aIo.roa
File: _1ZdgRkq0OuGEv92ACxpGgo0aIo.roa (raw, json)
Hash identifier: +mrLbO5FpdH7Zvxzg+cAO/Ut2xTnlL+toOXEUQS2LiI=
Subject key identifier: FF:56:5D:81:19:2A:D0:EB:86:12:FF:76:00:2C:69:1A:0A:34:68:8A
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 370F0488
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/_1ZdgRkq0OuGEv92ACxpGgo0aIo.roa
Signing time: Sat 01 Jan 2022 11:55:03 +0000
ROA not before: Sat 01 Jan 2022 11:55:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62419
IP address blocks: 185.90.104.0/22 maxlen: 24
185.90.104.0/24 maxlen: 24
185.90.105.0/24 maxlen: 24
185.90.106.0/24 maxlen: 24
185.90.107.0/24 maxlen: 24
62.201.192.0/24 maxlen: 24
62.201.206.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 923731080 (0x370f0488)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Jan 1 11:55:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff565d81192ad0eb8612ff76002c691a0a34688a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fb:8c:ce:50:ee:08:b5:bc:b9:1e:22:ce:42:
0b:3d:a5:66:87:26:fa:f6:6b:35:c4:fd:5f:f2:66:
8c:96:8b:1d:48:0a:98:bd:d4:d2:b7:72:b2:7b:1a:
e3:01:2e:59:6b:73:ab:6e:55:2a:1f:dd:c6:ed:fd:
94:76:3d:fb:1f:8a:de:2b:c7:57:e9:1e:a8:23:6d:
61:c3:1b:40:d2:12:dc:84:eb:9f:9e:c3:9c:a2:33:
8f:2c:02:ac:c3:ea:a1:9b:3d:d0:ee:8b:43:a1:38:
ad:5c:83:7b:77:01:41:77:96:ec:2f:78:44:9a:9f:
8b:a9:93:e9:25:d8:50:e3:b6:b9:cf:55:f6:cd:51:
60:5b:f2:ce:ed:a7:d4:be:27:55:a7:69:8c:c1:d0:
fa:8a:e7:26:b3:4b:6a:fb:67:6f:2f:f1:84:3e:f0:
6a:50:76:bb:76:40:75:14:53:b8:bb:22:8f:85:8b:
0c:1f:68:1f:57:36:ea:49:e2:8b:fe:ab:69:84:65:
fe:17:0f:a2:33:d0:75:53:5c:d2:e8:f8:69:79:fb:
2d:30:ca:2b:fe:0d:29:8b:26:83:e0:8e:06:04:ca:
a8:ca:2d:28:0f:8a:04:dc:fd:b8:37:fe:38:dc:75:
f6:b2:e3:27:3a:52:6b:4f:93:62:d8:3e:e1:7c:78:
e0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:56:5D:81:19:2A:D0:EB:86:12:FF:76:00:2C:69:1A:0A:34:68:8A
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/_1ZdgRkq0OuGEv92ACxpGgo0aIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/24
62.201.206.0/24
185.90.104.0/22
Signature Algorithm: sha256WithRSAEncryption
61:a4:58:15:43:2b:e9:cb:f7:7a:e3:0e:ee:57:49:dc:76:48:
66:5d:ae:85:0a:bd:c3:a5:ec:88:a6:16:a2:91:05:38:f7:6d:
e4:c5:de:a9:98:6c:a2:d9:9d:10:d0:3a:55:54:ce:05:3b:eb:
ed:7a:8b:84:13:e8:54:f5:62:a3:79:4b:f1:2f:21:b4:49:e1:
d6:00:ee:bd:99:4f:6d:9f:34:ed:cb:65:fd:5c:b7:ac:d3:2b:
85:30:1c:a0:b6:3f:c6:2e:bf:9c:09:d1:62:eb:7e:21:12:f8:
9c:84:1c:f2:72:a6:cd:4a:46:de:30:19:34:e7:fe:13:42:7a:
d7:62:28:35:4a:82:47:f2:4f:9e:3c:d9:60:4f:dc:05:a6:41:
cd:0d:c2:da:e9:f9:20:7f:a6:61:ad:2c:a7:65:a4:68:f3:d1:
b4:68:e4:21:f8:52:0d:50:f1:f8:82:eb:4e:7f:6d:94:ea:ce:
55:7b:85:5e:ae:87:d0:af:db:d4:af:a0:ee:ed:77:14:0d:75:
31:0a:91:5d:96:11:a3:58:3f:fe:76:4a:9b:dd:06:cc:51:f0:
64:f8:06:f0:e6:49:a6:9b:a7:58:e9:cc:a8:d1:b2:b9:12:6e:
b8:ea:e7:60:73:80:40:54:c5:b7:f6:a1:3d:09:d0:57:2b:b5:
86:6a:10:31
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIENw8EiDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjkyZmVkZjU5YzYwZDMyNTRlMzdhOWM4ZWNkZTExYzliYTEyODJhMB4XDTIyMDEw
MTExNTUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmY1NjVkODExOTJh
ZDBlYjg2MTJmZjc2MDAyYzY5MWEwYTM0Njg4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKb7jM5Q7gi1vLkeIs5CCz2lZocm+vZrNcT9X/JmjJaLHUgK
mL3U0rdysnsa4wEuWWtzq25VKh/dxu39lHY9+x+K3ivHV+keqCNtYcMbQNIS3ITr
n57DnKIzjywCrMPqoZs90O6LQ6E4rVyDe3cBQXeW7C94RJqfi6mT6SXYUOO2uc9V
9s1RYFvyzu2n1L4nVadpjMHQ+ornJrNLavtnby/xhD7walB2u3ZAdRRTuLsij4WL
DB9oH1c26knii/6raYRl/hcPojPQdVNc0uj4aXn7LTDKK/4NKYsmg+COBgTKqMot
KA+KBNz9uDf+ONx19rLjJzpSa0+TYtg+4Xx44PsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBT/Vl2BGSrQ64YS/3YALGkaCjRoijAfBgNVHSMEGDAWgBQ2kv7fWcYNMlTj
epyOzeEcm6EoKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05wTC0zMW5HRFRKVTQzcWNqczNoSEp1aEtDby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzIvNWM1YWQwLWQyZGEtNDBkYi05NWQxLWU3YmU1ZTMwYWQyZC8x
L18xWmRnUmtxME91R0V2OTJBQ3hwR2dvMGFJby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIv
NWM1YWQwLWQyZGEtNDBkYi05NWQxLWU3YmU1ZTMwYWQyZC8xL05wTC0zMW5HRFRK
VTQzcWNqczNoSEp1aEtDby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAD7JwAMEAD7JzgMEArlaaDANBgkq
hkiG9w0BAQsFAAOCAQEAYaRYFUMr6cv3euMO7ldJ3HZIZl2uhQq9w6XsiKYWopEF
OPdt5MXeqZhsotmdENA6VVTOBTvr7XqLhBPoVPVio3lL8S8htEnh1gDuvZlPbZ80
7ctl/Vy3rNMrhTAcoLY/xi6/nAnRYut+IRL4nIQc8nKmzUpG3jAZNOf+E0J612Io
NUqCR/JPnjzZYE/cBaZBzQ3C2un5IH+mYa0sp2WkaPPRtGjkIfhSDVDx+ILrTn9t
lOrOVXuFXq6H0K/b1K+g7u13FA11MQqRXZYRo1g//nZKm90GzFHwZPgG8OZJppun
WOnMqNGyuRJuuOrnYHOAQFTFt/ahPQnQVyu1hmoQMQ==
-----END CERTIFICATE-----
Generated at Mon Apr 14 13:03:37 2025 by rpki-client