Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/l1IndzIQkcV3_nMHJqRToqG7sA4.roa
File: l1IndzIQkcV3_nMHJqRToqG7sA4.roa (raw, json)
Hash identifier: 0QJ14Mg3Mn6G/7XUrerjuZTxlnF+d0OOhdb+mPvNMa0=
Subject key identifier: 97:52:27:77:32:10:91:C5:77:FE:73:07:26:A4:53:A2:A1:BB:B0:0E
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 018C32B5740766360D2407DDF7352AD67335
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/l1IndzIQkcV3_nMHJqRToqG7sA4.roa
Signing time: Mon 04 Dec 2023 02:43:21 +0000
ROA not before: Mon 04 Dec 2023 02:43:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44217
IP address blocks: 62.201.228.0/22 maxlen: 22
62.201.229.0/24 maxlen: 24
62.201.227.0/24 maxlen: 24
62.201.228.0/24 maxlen: 24
62.201.232.0/24 maxlen: 24
62.201.233.0/24 maxlen: 24
62.201.230.0/24 maxlen: 24
62.201.231.0/24 maxlen: 24
62.201.232.0/22 maxlen: 22
62.201.236.0/24 maxlen: 24
62.201.234.0/24 maxlen: 24
62.201.235.0/24 maxlen: 24
62.201.239.0/24 maxlen: 24
62.201.240.0/24 maxlen: 24
62.201.238.0/24 maxlen: 24
62.201.240.0/21 maxlen: 21
62.201.243.0/24 maxlen: 24
62.201.241.0/24 maxlen: 24
62.201.242.0/24 maxlen: 24
62.201.242.0/23 maxlen: 24
62.201.246.0/24 maxlen: 24
62.201.244.0/23 maxlen: 23
62.201.253.0/24 maxlen: 24
62.201.251.0/24 maxlen: 24
62.201.252.0/22 maxlen: 24
62.201.247.0/24 maxlen: 24
62.201.248.0/23 maxlen: 23
62.201.250.0/24 maxlen: 24
62.201.248.0/24 maxlen: 24
62.201.249.0/24 maxlen: 24
62.201.254.0/23 maxlen: 24
89.33.66.0/23 maxlen: 23
62.201.192.0/23 maxlen: 23
62.201.197.0/24 maxlen: 24
62.201.194.0/24 maxlen: 24
62.201.195.0/24 maxlen: 24
62.201.192.0/18 maxlen: 18
62.201.193.0/24 maxlen: 24
62.201.200.0/22 maxlen: 22
62.201.201.0/24 maxlen: 24
62.201.202.0/24 maxlen: 24
62.201.200.0/24 maxlen: 24
62.201.204.0/24 maxlen: 24
62.201.205.0/24 maxlen: 24
62.201.203.0/24 maxlen: 24
62.201.204.0/23 maxlen: 23
62.201.206.0/23 maxlen: 23
62.201.212.0/24 maxlen: 24
62.201.208.0/24 maxlen: 24
62.201.209.0/24 maxlen: 24
62.201.208.0/22 maxlen: 22
62.201.207.0/24 maxlen: 24
62.201.211.0/24 maxlen: 24
62.201.212.0/22 maxlen: 22
62.201.210.0/24 maxlen: 24
62.201.213.0/24 maxlen: 24
62.201.215.0/24 maxlen: 24
62.201.216.0/24 maxlen: 24
62.201.214.0/24 maxlen: 24
62.201.218.0/24 maxlen: 24
62.201.219.0/24 maxlen: 24
62.201.217.0/24 maxlen: 24
62.201.221.0/24 maxlen: 24
62.201.222.0/24 maxlen: 24
62.201.220.0/22 maxlen: 22
62.201.220.0/24 maxlen: 24
62.201.225.0/24 maxlen: 24
62.201.224.0/22 maxlen: 22
62.201.226.0/24 maxlen: 24
62.201.223.0/24 maxlen: 24
62.201.224.0/24 maxlen: 24
185.1.98.0/24 maxlen: 24
2a02:b60:2010::/48 maxlen: 48
2a02:b60::/64 maxlen: 64
2a02:b60:2000::/48 maxlen: 48
2a02:b60:4000::/48 maxlen: 48
2a02:b60:2000:3::/64 maxlen: 64
2a02:b60:4005::/48 maxlen: 48
2a02:b60:0:f::/64 maxlen: 64
2a02:b60:4000::/34 maxlen: 34
2a02:b60:2000::/35 maxlen: 35
2a02:b60::/32 maxlen: 32
2a02:b60:20::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:32:b5:74:07:66:36:0d:24:07:dd:f7:35:2a:d6:73:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Dec 4 02:43:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97522777321091c577fe730726a453a2a1bbb00e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:b2:4b:92:51:e2:55:1d:0d:57:fa:07:86:0b:
8b:52:1c:d5:84:ad:9b:06:71:76:9c:a8:5f:38:e0:
43:d3:5a:65:1e:9d:0c:a4:db:72:5b:af:52:85:32:
ee:bf:46:bc:bf:c0:00:19:19:5c:1a:83:1d:44:79:
e9:bb:d1:c1:96:e0:fc:d9:ef:12:26:59:80:8c:28:
19:15:0e:aa:88:fd:61:ee:bd:b6:b3:79:40:95:a6:
46:c4:08:e8:33:b9:e7:b2:64:c8:a1:4d:e8:68:e1:
a8:bb:12:be:c9:d8:43:99:5c:23:09:45:4f:1f:a2:
32:6b:c4:2c:61:11:16:77:e7:37:25:70:02:3a:75:
29:d1:f5:f3:9c:96:86:2f:a4:1f:60:b4:af:60:5b:
dc:99:57:c0:5e:bb:9d:ed:7c:37:93:8a:ca:64:d4:
50:82:c6:4f:9d:c0:fa:bc:54:4e:24:37:80:8d:5a:
4e:98:23:c1:6a:7d:ab:82:36:b4:a5:7e:dc:a4:c3:
7f:97:3c:68:48:e7:21:e7:5b:63:49:b0:e9:9e:61:
cd:25:00:af:dc:f4:09:cd:d4:6a:c0:20:af:2c:d7:
b9:de:38:c9:39:8b:1f:88:34:07:a5:7d:9e:1f:09:
6e:8e:2e:79:51:97:d4:3a:f7:77:d1:b7:11:6f:f4:
64:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:52:27:77:32:10:91:C5:77:FE:73:07:26:A4:53:A2:A1:BB:B0:0E
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/l1IndzIQkcV3_nMHJqRToqG7sA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/18
89.33.66.0/23
185.1.98.0/24
IPv6:
2a02:b60::/32
Signature Algorithm: sha256WithRSAEncryption
11:65:a8:2e:a2:5a:3b:f9:3c:c6:f0:e0:50:a1:0a:ad:cc:ed:
25:c1:c9:0b:94:8b:8d:ba:2c:c8:8d:a6:4d:32:3c:68:28:c9:
6c:e8:aa:b7:ab:40:df:30:85:87:a2:77:9b:f0:0c:e6:1c:9c:
d1:a5:d8:30:c0:e3:bc:6d:7d:96:37:06:1b:05:f3:ba:7b:08:
f5:9a:dc:a2:c9:95:53:96:17:e1:78:9c:fc:b3:b6:2e:97:2f:
4e:91:0e:ee:5d:d9:8a:d9:ab:d4:2e:fa:31:cc:c1:23:fb:80:
b6:c6:69:a6:eb:22:f6:bc:5f:22:65:ed:86:85:be:8f:c5:2b:
db:15:e9:8f:ef:a2:7e:81:08:f8:62:21:bc:1b:14:79:55:8e:
a0:86:5a:5d:51:6a:34:56:6e:8a:b3:0c:54:ca:5e:6a:1d:01:
73:60:31:66:c6:3b:b1:89:db:c7:fb:39:5a:fa:bf:7e:9e:4d:
61:52:2f:a6:98:1b:d1:37:73:60:d0:14:85:af:07:97:ba:d5:
6b:d7:ef:c1:1f:0d:18:a8:6a:ac:ed:38:29:4d:d4:3a:df:25:
51:88:b1:e5:57:e4:0e:df:7d:51:be:52:b4:fb:1f:76:1d:e2:
86:83:91:ec:a3:9e:4a:59:0f:e8:7a:b4:46:b0:fa:19:53:09:
43:3e:d3:64
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYwytXQHZjYNJAfd9zUq1nM1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTJmZWRmNTljNjBkMzI1NGUzN2E5YzhlY2RlMTFjOWJh
MTI4MmEwHhcNMjMxMjA0MDI0MzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzUyMjc3NzMyMTA5MWM1NzdmZTczMDcyNmE0NTNhMmExYmJiMDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6rJLklHiVR0NV/oHhguLUhzVhK2b
BnF2nKhfOOBD01plHp0MpNtyW69ShTLuv0a8v8AAGRlcGoMdRHnpu9HBluD82e8S
JlmAjCgZFQ6qiP1h7r22s3lAlaZGxAjoM7nnsmTIoU3oaOGouxK+ydhDmVwjCUVP
H6Iya8QsYREWd+c3JXACOnUp0fXznJaGL6QfYLSvYFvcmVfAXrud7Xw3k4rKZNRQ
gsZPncD6vFROJDeAjVpOmCPBan2rgja0pX7cpMN/lzxoSOch51tjSbDpnmHNJQCv
3PQJzdRqwCCvLNe53jjJOYsfiDQHpX2eHwluji55UZfUOvd30bcRb/RkYwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJdSJ3cyEJHFd/5zByakU6Khu7AOMB8GA1UdIwQY
MBaAFDaS/t9Zxg0yVON6nI7N4RyboSgqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEt
ZTdiZTVlMzBhZDJkLzEvbDFJbmR6SVFrY1YzX25NSEpxUlRvcUc3c0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEtZTdiZTVlMzBhZDJk
LzEvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGPsnAAwQB
WSFCAwQAuQFiMA0EAgACMAcDBQAqAgtgMA0GCSqGSIb3DQEBCwUAA4IBAQARZagu
olo7+TzG8OBQoQqtzO0lwckLlIuNuizIjaZNMjxoKMls6Kq3q0DfMIWHoneb8Azm
HJzRpdgwwOO8bX2WNwYbBfO6ewj1mtyiyZVTlhfheJz8s7Yuly9OkQ7uXdmK2avU
LvoxzMEj+4C2xmmm6yL2vF8iZe2Ghb6PxSvbFemP76J+gQj4YiG8GxR5VY6ghlpd
UWo0Vm6KswxUyl5qHQFzYDFmxjuxidvH+zla+r9+nk1hUi+mmBvRN3Ng0BSFrweX
utVr1+/BHw0YqGqs7TgpTdQ63yVRiLHlV+QO331RvlK0+x92HeKGg5Hso55KWQ/o
erRGsPoZUwlDPtNk
-----END CERTIFICATE-----
Generated at Mon Apr 14 13:20:28 2025 by rpki-client