Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/nVXJoMmhScA5rcl-eJxUpklJ7WI.roa
File: nVXJoMmhScA5rcl-eJxUpklJ7WI.roa (raw, json)
Hash identifier: 0h3VSCBKnIhf/66HzvrAUK+Dr6NwmjIJmIwOVVyC/bg=
Subject key identifier: 9D:55:C9:A0:C9:A1:49:C0:39:AD:C9:7E:78:9C:54:A6:49:49:ED:62
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 01856F6703E20D75B546664BA23E4B4EEAC2
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/nVXJoMmhScA5rcl-eJxUpklJ7WI.roa
Signing time: Sun 01 Jan 2023 22:15:00 +0000
ROA not before: Sun 01 Jan 2023 22:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44217
IP address blocks: 62.201.228.0/22 maxlen: 22
62.201.229.0/24 maxlen: 24
62.201.227.0/24 maxlen: 24
62.201.228.0/24 maxlen: 24
62.201.232.0/24 maxlen: 24
62.201.233.0/24 maxlen: 24
62.201.230.0/24 maxlen: 24
62.201.231.0/24 maxlen: 24
62.201.232.0/22 maxlen: 22
62.201.236.0/24 maxlen: 24
62.201.234.0/24 maxlen: 24
62.201.235.0/24 maxlen: 24
62.201.239.0/24 maxlen: 24
62.201.240.0/24 maxlen: 24
62.201.237.0/24 maxlen: 24
62.201.238.0/24 maxlen: 24
62.201.240.0/21 maxlen: 21
62.201.243.0/24 maxlen: 24
62.201.241.0/24 maxlen: 24
62.201.242.0/24 maxlen: 24
62.201.242.0/23 maxlen: 24
62.201.246.0/24 maxlen: 24
62.201.244.0/23 maxlen: 23
62.201.253.0/24 maxlen: 24
62.201.251.0/24 maxlen: 24
62.201.252.0/22 maxlen: 24
62.201.247.0/24 maxlen: 24
62.201.248.0/23 maxlen: 23
62.201.250.0/24 maxlen: 24
62.201.248.0/24 maxlen: 24
62.201.249.0/24 maxlen: 24
62.201.254.0/23 maxlen: 24
89.33.66.0/23 maxlen: 23
62.201.192.0/23 maxlen: 23
62.201.194.0/24 maxlen: 24
62.201.195.0/24 maxlen: 24
62.201.192.0/18 maxlen: 18
62.201.193.0/24 maxlen: 24
62.201.200.0/22 maxlen: 22
62.201.201.0/24 maxlen: 24
62.201.202.0/24 maxlen: 24
62.201.200.0/24 maxlen: 24
62.201.204.0/24 maxlen: 24
62.201.205.0/24 maxlen: 24
62.201.203.0/24 maxlen: 24
62.201.204.0/23 maxlen: 23
62.201.206.0/23 maxlen: 23
62.201.212.0/24 maxlen: 24
62.201.208.0/24 maxlen: 24
62.201.209.0/24 maxlen: 24
62.201.208.0/22 maxlen: 22
62.201.207.0/24 maxlen: 24
62.201.211.0/24 maxlen: 24
62.201.212.0/22 maxlen: 22
62.201.210.0/24 maxlen: 24
62.201.213.0/24 maxlen: 24
62.201.215.0/24 maxlen: 24
62.201.216.0/24 maxlen: 24
62.201.214.0/24 maxlen: 24
62.201.218.0/24 maxlen: 24
62.201.219.0/24 maxlen: 24
62.201.217.0/24 maxlen: 24
62.201.221.0/24 maxlen: 24
62.201.222.0/24 maxlen: 24
62.201.220.0/22 maxlen: 22
62.201.220.0/24 maxlen: 24
62.201.225.0/24 maxlen: 24
62.201.224.0/22 maxlen: 22
62.201.226.0/24 maxlen: 24
62.201.223.0/24 maxlen: 24
62.201.224.0/24 maxlen: 24
185.1.98.0/24 maxlen: 24
2a02:b60:2010::/48 maxlen: 48
2a02:b60::/64 maxlen: 64
2a02:b60:2000::/48 maxlen: 48
2a02:b60:4000::/48 maxlen: 48
2a02:b60:2000:3::/64 maxlen: 64
2a02:b60:4005::/48 maxlen: 48
2a02:b60:0:f::/64 maxlen: 64
2a02:b60:4000::/34 maxlen: 34
2a02:b60:2000::/35 maxlen: 35
2a02:b60::/32 maxlen: 32
2a02:b60:20::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:03:e2:0d:75:b5:46:66:4b:a2:3e:4b:4e:ea:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Jan 1 22:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d55c9a0c9a149c039adc97e789c54a64949ed62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:52:dc:b6:e6:47:83:8c:b8:95:e6:ae:9b:01:
25:e8:f7:52:d1:3d:91:21:ff:26:2e:ef:89:a0:f3:
f7:41:19:3c:7a:7e:2b:d4:e3:63:e1:55:09:8a:a4:
af:ee:dc:66:a1:2e:63:ca:f9:8a:d1:b6:8e:91:1b:
53:ca:82:0a:d0:55:2c:d6:0d:db:92:b0:e3:42:2d:
b0:30:db:bd:a6:60:e7:b2:c0:f7:f2:f2:b1:28:f2:
7f:d5:d3:9c:bb:7d:79:8e:03:72:93:9f:f6:28:73:
80:61:2a:b2:31:d4:2d:d7:49:e1:8d:19:98:06:7a:
0d:ab:a0:96:46:23:15:15:28:28:1b:8d:1e:77:04:
4b:58:de:aa:f8:8c:af:14:d2:54:a2:9f:29:f5:60:
1f:fc:73:a9:d0:c3:90:68:00:d3:91:e8:29:81:cc:
c7:38:76:31:d5:cb:b2:22:81:41:1e:44:ff:7a:9f:
af:2e:fd:3c:39:fa:13:6e:0e:6c:89:01:b9:40:3b:
b2:92:1e:80:a3:00:cd:12:06:3c:80:e4:ec:e4:ce:
93:ab:ff:09:d0:ae:bc:36:da:d3:7b:71:ef:39:94:
30:01:c0:b9:84:0f:12:fe:46:8b:90:0d:e5:77:a4:
1c:24:a7:78:dd:0e:d0:fe:a8:59:e2:82:cf:7e:12:
17:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:55:C9:A0:C9:A1:49:C0:39:AD:C9:7E:78:9C:54:A6:49:49:ED:62
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/nVXJoMmhScA5rcl-eJxUpklJ7WI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/18
89.33.66.0/23
185.1.98.0/24
IPv6:
2a02:b60::/32
Signature Algorithm: sha256WithRSAEncryption
83:7a:9d:99:b6:c9:6a:a4:b5:cd:f3:70:04:7e:60:aa:26:5e:
db:6c:1a:0f:1d:8a:be:9e:47:77:e9:71:35:4e:8f:eb:b2:ce:
c7:a6:ca:b7:88:d9:07:48:90:3f:e9:d9:3a:91:94:a5:42:25:
d8:b2:04:e0:4a:4c:44:1e:66:eb:ed:8e:db:e8:f0:12:84:85:
67:b7:91:6a:f0:f2:e0:8b:14:c2:d7:43:b8:2b:b2:06:99:a5:
6f:1e:97:10:6b:63:0e:d6:49:1c:2e:fa:24:da:0c:c6:8d:e9:
a5:8f:57:ac:c6:bf:1a:96:0e:e8:9a:90:c5:c2:d6:08:9e:4d:
dc:b3:41:e8:0c:b1:ec:ac:27:10:7d:d0:91:d9:ae:91:88:33:
54:bb:0c:7e:94:46:7b:26:06:5d:ae:f9:dd:57:88:9c:f2:58:
74:a7:74:61:c9:45:7f:ba:b5:a3:66:15:bb:9c:e4:ed:c9:c9:
0b:e9:8d:7d:79:f2:4d:46:51:29:cb:62:71:82:ae:d0:ef:ce:
cf:57:dc:94:f4:cf:04:cc:63:5a:2e:1a:a8:c3:75:fc:2b:34:
47:b2:de:0c:d0:4f:39:81:7e:d6:75:fe:31:1b:40:87:93:37:
76:41:af:dc:d7:c0:bf:75:f4:23:d1:ed:7f:c8:8d:6a:3d:65:
ab:37:15:e2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVvZwPiDXW1RmZLoj5LTurCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTJmZWRmNTljNjBkMzI1NGUzN2E5YzhlY2RlMTFjOWJh
MTI4MmEwHhcNMjMwMTAxMjIxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDU1YzlhMGM5YTE0OWMwMzlhZGM5N2U3ODljNTRhNjQ5NDllZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFLctuZHg4y4leaumwEl6PdS0T2R
If8mLu+JoPP3QRk8en4r1ONj4VUJiqSv7txmoS5jyvmK0baOkRtTyoIK0FUs1g3b
krDjQi2wMNu9pmDnssD38vKxKPJ/1dOcu315jgNyk5/2KHOAYSqyMdQt10nhjRmY
BnoNq6CWRiMVFSgoG40edwRLWN6q+IyvFNJUop8p9WAf/HOp0MOQaADTkegpgczH
OHYx1cuyIoFBHkT/ep+vLv08OfoTbg5siQG5QDuykh6AowDNEgY8gOTs5M6Tq/8J
0K68NtrTe3HvOZQwAcC5hA8S/kaLkA3ld6QcJKd43Q7Q/qhZ4oLPfhIXdQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJ1VyaDJoUnAOa3JfnicVKZJSe1iMB8GA1UdIwQY
MBaAFDaS/t9Zxg0yVON6nI7N4RyboSgqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEt
ZTdiZTVlMzBhZDJkLzEvblZYSm9NbWhTY0E1cmNsLWVKeFVwa2xKN1dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEtZTdiZTVlMzBhZDJk
LzEvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGPsnAAwQB
WSFCAwQAuQFiMA0EAgACMAcDBQAqAgtgMA0GCSqGSIb3DQEBCwUAA4IBAQCDep2Z
tslqpLXN83AEfmCqJl7bbBoPHYq+nkd36XE1To/rss7Hpsq3iNkHSJA/6dk6kZSl
QiXYsgTgSkxEHmbr7Y7b6PAShIVnt5Fq8PLgixTC10O4K7IGmaVvHpcQa2MO1kkc
Lvok2gzGjemlj1esxr8alg7ompDFwtYInk3cs0HoDLHsrCcQfdCR2a6RiDNUuwx+
lEZ7JgZdrvndV4ic8lh0p3RhyUV/urWjZhW7nOTtyckL6Y19efJNRlEpy2Jxgq7Q
787PV9yU9M8EzGNaLhqow3X8KzRHst4M0E85gX7Wdf4xG0CHkzd2Qa/c18C/dfQj
0e1/yI1qPWWrNxXi
-----END CERTIFICATE-----
Generated at Mon Apr 14 13:18:07 2025 by rpki-client