Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/kuKQSw9n0v9HNt8OaKnDya-Mn1Q.roa
File: kuKQSw9n0v9HNt8OaKnDya-Mn1Q.roa (raw, json)
Hash identifier: I73eQAdB2p0grGLqG/GKYIE2IEiIP+ccHwx69XjuSMU=
Subject key identifier: 92:E2:90:4B:0F:67:D2:FF:47:36:DF:0E:68:A9:C3:C9:AF:8C:9F:54
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 0187799CF461041B4F7B5F27DEFDEC46D34D
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/kuKQSw9n0v9HNt8OaKnDya-Mn1Q.roa
Signing time: Thu 13 Apr 2023 07:55:41 +0000
ROA not before: Thu 13 Apr 2023 07:55:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41032
IP address blocks: 185.90.104.0/24 maxlen: 24
185.90.105.0/24 maxlen: 24
185.90.107.0/24 maxlen: 24
185.90.106.0/24 maxlen: 24
62.201.237.0/24 maxlen: 24
62.201.248.0/24 maxlen: 24
62.201.250.0/24 maxlen: 24
62.201.249.0/24 maxlen: 24
62.201.192.0/24 maxlen: 24
62.201.196.0/24 maxlen: 24
62.201.199.0/24 maxlen: 24
62.201.203.0/24 maxlen: 24
62.201.202.0/24 maxlen: 24
62.201.205.0/24 maxlen: 24
62.201.204.0/24 maxlen: 24
62.201.200.0/24 maxlen: 24
62.201.201.0/24 maxlen: 24
62.201.206.0/24 maxlen: 24
62.201.210.0/24 maxlen: 24
62.201.209.0/24 maxlen: 24
62.201.211.0/24 maxlen: 24
62.201.207.0/24 maxlen: 24
62.201.208.0/24 maxlen: 24
62.201.216.0/24 maxlen: 24
2a02:b60:2000::/35 maxlen: 35
2a02:b60:2000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:79:9c:f4:61:04:1b:4f:7b:5f:27:de:fd:ec:46:d3:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Apr 13 07:55:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92e2904b0f67d2ff4736df0e68a9c3c9af8c9f54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5a:44:29:e4:3c:13:ef:06:28:36:29:0b:3d:
3b:40:f6:7b:d8:1c:9f:2a:b6:02:6b:ea:74:7a:a2:
e6:27:8e:f7:c3:00:f3:1b:1c:9a:24:d1:cb:b7:b6:
af:99:20:d0:c6:6a:03:77:18:b8:ff:a4:0a:97:b4:
b9:13:39:0b:ae:26:07:8c:d3:48:33:ad:3c:13:65:
11:0c:25:51:c8:ee:14:8d:45:e8:b9:2d:22:eb:85:
e9:0c:48:7e:ab:2d:43:98:2e:8d:ed:95:ca:ef:30:
3a:a5:66:6a:ea:5a:f2:d6:ec:86:4e:95:b6:66:27:
7f:06:65:4d:14:04:f1:40:0c:8b:f2:d4:c9:e2:ae:
aa:3f:7f:3d:03:c2:74:5c:a5:11:13:47:71:ff:54:
6e:1b:f2:93:d6:5a:35:7a:40:9d:4f:d6:14:26:98:
51:ad:4a:d5:04:cc:74:22:b3:8c:e3:82:05:b1:03:
92:18:bc:5d:7a:cf:e8:26:23:ca:ab:76:89:69:57:
13:b3:d8:44:ec:56:80:23:a2:7c:e5:d3:dc:d3:fb:
a5:2a:88:9d:46:0b:d1:65:5f:48:c4:f7:2b:ce:d4:
97:b3:c4:dc:42:37:91:31:e4:64:fb:ff:c0:4c:cf:
70:3a:c8:d2:3b:8f:4c:0b:f4:29:b7:18:14:62:7b:
e0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:E2:90:4B:0F:67:D2:FF:47:36:DF:0E:68:A9:C3:C9:AF:8C:9F:54
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/kuKQSw9n0v9HNt8OaKnDya-Mn1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/24
62.201.196.0/24
62.201.199.0-62.201.211.255
62.201.216.0/24
62.201.237.0/24
62.201.248.0-62.201.250.255
185.90.104.0/22
IPv6:
2a02:b60:2000::/35
Signature Algorithm: sha256WithRSAEncryption
3f:bf:95:79:f8:e9:53:c6:38:57:05:bb:f0:34:e7:4e:a0:76:
d5:d9:18:50:a2:07:a9:ce:9b:d1:19:43:ea:8c:47:f6:4f:e1:
5b:70:d8:5d:71:ff:86:3e:a5:09:f5:53:a6:32:77:f3:bf:bc:
a9:98:de:cf:93:7a:4b:2f:ef:33:d1:5b:09:29:2f:2a:e7:47:
be:2d:62:25:d1:99:9f:07:ff:75:c4:1a:78:7e:17:ae:5e:e1:
9b:39:ce:8c:4e:10:89:15:52:fa:a9:97:a0:79:8e:b8:5f:d8:
ba:82:34:82:65:3f:f3:6f:01:a1:a0:5b:b7:b7:5e:ff:64:86:
09:e8:24:7f:8e:8b:a7:13:53:9d:7a:9d:84:60:9a:03:45:57:
f4:7b:45:82:8e:72:88:f6:7c:c2:9f:0f:22:d5:9e:91:7e:3b:
8c:b4:af:9d:5e:e1:95:4c:ff:c8:10:e4:c6:24:f0:aa:52:bd:
e1:82:3b:43:43:96:9c:5e:36:6d:f0:75:c7:41:11:d8:d9:3d:
f0:f6:f4:14:1e:cd:09:4a:48:6a:82:8c:88:5f:6a:6f:9a:1c:
98:61:e0:2a:a6:3b:af:ba:48:1f:a1:d1:2c:5f:f2:91:b2:aa:
d4:af:73:f5:b7:7d:eb:a0:1c:68:c8:77:0d:b6:85:e4:b7:5d:
3e:b8:88:72
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYd5nPRhBBtPe18n3v3sRtNNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTJmZWRmNTljNjBkMzI1NGUzN2E5YzhlY2RlMTFjOWJh
MTI4MmEwHhcNMjMwNDEzMDc1NTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmUyOTA0YjBmNjdkMmZmNDczNmRmMGU2OGE5YzNjOWFmOGM5ZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFpEKeQ8E+8GKDYpCz07QPZ72Byf
KrYCa+p0eqLmJ473wwDzGxyaJNHLt7avmSDQxmoDdxi4/6QKl7S5EzkLriYHjNNI
M608E2URDCVRyO4UjUXouS0i64XpDEh+qy1DmC6N7ZXK7zA6pWZq6lry1uyGTpW2
Zid/BmVNFATxQAyL8tTJ4q6qP389A8J0XKURE0dx/1RuG/KT1lo1ekCdT9YUJphR
rUrVBMx0IrOM44IFsQOSGLxdes/oJiPKq3aJaVcTs9hE7FaAI6J85dPc0/ulKoid
RgvRZV9IxPcrztSXs8TcQjeRMeRk+//ATM9wOsjSO49MC/QptxgUYnvgAQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFJLikEsPZ9L/RzbfDmipw8mvjJ9UMB8GA1UdIwQY
MBaAFDaS/t9Zxg0yVON6nI7N4RyboSgqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEt
ZTdiZTVlMzBhZDJkLzEva3VLUVN3OW4wdjlITnQ4T2FLbkR5YS1NbjFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEtZTdiZTVlMzBhZDJk
LzEvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBABAIAATA6AwQAPsnAAwQA
PsnEMAwDBAA+yccDBAI+ydADBAA+ydgDBAA+ye0wDAMEAz7J+AMEAD7J+gMEArla
aDAOBAIAAjAIAwYFKgILYCAwDQYJKoZIhvcNAQELBQADggEBAD+/lXn46VPGOFcF
u/A0506gdtXZGFCiB6nOm9EZQ+qMR/ZP4Vtw2F1x/4Y+pQn1U6Yyd/O/vKmY3s+T
eksv7zPRWwkpLyrnR74tYiXRmZ8H/3XEGnh+F65e4Zs5zoxOEIkVUvqpl6B5jrhf
2LqCNIJlP/NvAaGgW7e3Xv9khgnoJH+Oi6cTU516nYRgmgNFV/R7RYKOcoj2fMKf
DyLVnpF+O4y0r51e4ZVM/8gQ5MYk8KpSveGCO0NDlpxeNm3wdcdBEdjZPfD29BQe
zQlKSGqCjIhfam+aHJhh4CqmO6+6SB+h0Sxf8pGyqtSvc/W3feugHGjIdw22heS3
XT64iHI=
-----END CERTIFICATE-----
Generated at Mon Apr 14 13:15:48 2025 by rpki-client