Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/blEFeoa4x4bVkHV4SjwGGRvlT7E.roa
File: blEFeoa4x4bVkHV4SjwGGRvlT7E.roa (raw, json)
Hash identifier: LMwhxmtSnt8soUEq+LHtgicI/dACvwBUI4yBnzsfwIA=
Subject key identifier: 6E:51:05:7A:86:B8:C7:86:D5:90:75:78:4A:3C:06:19:1B:E5:4F:B1
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 01856F670376F63BC0747043510150559502
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/blEFeoa4x4bVkHV4SjwGGRvlT7E.roa
Signing time: Sun 01 Jan 2023 22:15:00 +0000
ROA not before: Sun 01 Jan 2023 22:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41032
IP address blocks: 185.90.104.0/24 maxlen: 24
185.90.105.0/24 maxlen: 24
185.90.107.0/24 maxlen: 24
185.90.106.0/24 maxlen: 24
62.201.237.0/24 maxlen: 24
62.201.248.0/24 maxlen: 24
62.201.250.0/24 maxlen: 24
62.201.249.0/24 maxlen: 24
62.201.192.0/24 maxlen: 24
62.201.196.0/24 maxlen: 24
62.201.197.0/24 maxlen: 24
62.201.199.0/24 maxlen: 24
62.201.203.0/24 maxlen: 24
62.201.202.0/24 maxlen: 24
62.201.205.0/24 maxlen: 24
62.201.204.0/24 maxlen: 24
62.201.200.0/24 maxlen: 24
62.201.201.0/24 maxlen: 24
62.201.206.0/24 maxlen: 24
62.201.210.0/24 maxlen: 24
62.201.209.0/24 maxlen: 24
62.201.211.0/24 maxlen: 24
62.201.207.0/24 maxlen: 24
62.201.208.0/24 maxlen: 24
62.201.216.0/24 maxlen: 24
2a02:b60:2000::/35 maxlen: 35
2a02:b60:2000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:03:76:f6:3b:c0:74:70:43:51:01:50:55:95:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Jan 1 22:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e51057a86b8c786d59075784a3c06191be54fb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6b:54:aa:06:a9:e3:54:5a:53:3b:5b:94:91:
38:59:85:b5:a5:f8:1d:20:44:3a:22:a2:90:f2:9a:
a2:ab:4c:75:75:f1:41:9d:36:22:98:62:0a:17:2e:
6a:81:e0:b0:7c:25:b5:d7:d7:3c:cc:66:33:c6:6a:
47:7c:6c:b1:35:d6:46:a5:67:53:ca:ec:fa:b0:b7:
a1:98:6d:52:1b:5d:06:24:45:6f:f6:76:a0:90:db:
f3:1d:64:fa:a1:dd:6c:ab:7f:12:bf:3a:9e:41:f0:
b1:d4:5b:b8:7d:88:24:7c:32:2c:e6:6f:e6:cf:e7:
4e:b7:b5:98:47:53:01:01:a7:d5:6c:55:50:6a:7f:
a2:de:bb:78:f6:84:db:44:f7:fd:5c:07:31:86:53:
ff:8e:66:ec:cf:a5:eb:73:d1:2a:47:0e:91:60:6a:
08:00:8b:46:e9:17:1c:bf:cc:f6:b2:98:85:24:62:
b4:dc:15:ed:1b:56:9f:b4:b7:59:98:64:39:e5:5f:
2c:34:70:0c:c2:9b:61:7f:9f:4c:67:30:d1:42:64:
50:e7:c2:83:6c:23:87:8e:54:c6:c7:c0:57:6a:7a:
8d:cd:f4:75:9c:2d:9a:6a:ba:fb:f3:3b:6e:2c:8e:
21:4b:f0:40:46:a1:39:a1:63:44:a5:20:5d:65:f6:
ea:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:51:05:7A:86:B8:C7:86:D5:90:75:78:4A:3C:06:19:1B:E5:4F:B1
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/blEFeoa4x4bVkHV4SjwGGRvlT7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/24
62.201.196.0/23
62.201.199.0-62.201.211.255
62.201.216.0/24
62.201.237.0/24
62.201.248.0-62.201.250.255
185.90.104.0/22
IPv6:
2a02:b60:2000::/35
Signature Algorithm: sha256WithRSAEncryption
cb:00:01:ac:95:3e:0e:48:ac:2a:e1:db:01:59:c2:cf:06:ed:
50:9f:2e:2c:e6:df:9c:ab:3d:db:9b:a5:83:f5:fa:f4:3c:1c:
6a:4b:d4:d7:2e:13:a5:d0:39:8e:c9:dd:a8:78:2d:29:19:6c:
cf:ba:30:0f:da:df:9c:6a:95:68:39:38:ef:04:c3:d9:c0:17:
d4:96:3d:57:a9:d0:92:0a:50:1e:f8:9f:10:44:78:d2:06:97:
a7:42:c7:29:1f:7a:8c:fe:2c:f0:49:4c:95:06:10:f6:d6:07:
31:1d:38:fd:3f:c7:bf:d7:17:38:01:3a:6b:e5:df:50:c6:53:
e1:5d:2c:1b:d3:55:0f:e2:d5:d5:a9:62:6e:c1:d5:b8:66:9b:
40:2f:3f:26:2e:2e:5f:e4:da:25:f7:06:db:f3:92:36:44:40:
b7:58:cd:9e:77:12:b4:1b:1c:2f:16:11:a6:32:83:73:5b:f8:
6c:92:a9:d1:ce:aa:37:75:2d:41:4f:f7:76:ee:dc:a8:35:e1:
97:dc:27:05:40:1b:37:12:33:31:74:32:d9:83:bd:07:93:28:
fb:c9:1a:89:f4:bb:71:7d:6f:4c:2c:aa:40:bc:2f:14:40:c6:
d2:fd:f1:f2:22:3e:c6:ee:77:60:62:4b:0d:8e:f7:ac:eb:12:
25:8e:db:66
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYVvZwN29jvAdHBDUQFQVZUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTJmZWRmNTljNjBkMzI1NGUzN2E5YzhlY2RlMTFjOWJh
MTI4MmEwHhcNMjMwMTAxMjIxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTUxMDU3YTg2YjhjNzg2ZDU5MDc1Nzg0YTNjMDYxOTFiZTU0ZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGtUqgap41RaUztblJE4WYW1pfgd
IEQ6IqKQ8pqiq0x1dfFBnTYimGIKFy5qgeCwfCW119c8zGYzxmpHfGyxNdZGpWdT
yuz6sLehmG1SG10GJEVv9nagkNvzHWT6od1sq38SvzqeQfCx1Fu4fYgkfDIs5m/m
z+dOt7WYR1MBAafVbFVQan+i3rt49oTbRPf9XAcxhlP/jmbsz6Xrc9EqRw6RYGoI
AItG6Rccv8z2spiFJGK03BXtG1aftLdZmGQ55V8sNHAMwpthf59MZzDRQmRQ58KD
bCOHjlTGx8BXanqNzfR1nC2aarr78ztuLI4hS/BARqE5oWNEpSBdZfbqswIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFG5RBXqGuMeG1ZB1eEo8Bhkb5U+xMB8GA1UdIwQY
MBaAFDaS/t9Zxg0yVON6nI7N4RyboSgqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEt
ZTdiZTVlMzBhZDJkLzEvYmxFRmVvYTR4NGJWa0hWNFNqd0dHUnZsVDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEtZTdiZTVlMzBhZDJk
LzEvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBABAIAATA6AwQAPsnAAwQB
PsnEMAwDBAA+yccDBAI+ydADBAA+ydgDBAA+ye0wDAMEAz7J+AMEAD7J+gMEArla
aDAOBAIAAjAIAwYFKgILYCAwDQYJKoZIhvcNAQELBQADggEBAMsAAayVPg5IrCrh
2wFZws8G7VCfLizm35yrPdubpYP1+vQ8HGpL1NcuE6XQOY7J3ah4LSkZbM+6MA/a
35xqlWg5OO8Ew9nAF9SWPVep0JIKUB74nxBEeNIGl6dCxykfeoz+LPBJTJUGEPbW
BzEdOP0/x7/XFzgBOmvl31DGU+FdLBvTVQ/i1dWpYm7B1bhmm0AvPyYuLl/k2iX3
BtvzkjZEQLdYzZ53ErQbHC8WEaYyg3Nb+GySqdHOqjd1LUFP93bu3Kg14ZfcJwVA
GzcSMzF0MtmDvQeTKPvJGon0u3F9b0wsqkC8LxRAxtL98fIiPsbud2BiSw2O96zr
EiWO22Y=
-----END CERTIFICATE-----
Generated at Mon Apr 14 12:58:57 2025 by rpki-client