Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/okGUDZcwWASJXzqfJIQ8EO5YAUg.roa
File: okGUDZcwWASJXzqfJIQ8EO5YAUg.roa (raw, json)
Hash identifier: QOoGvok+JKEseH1YmA7g8CGTIlcWyU6aNPdX99q01YE=
Subject key identifier: A2:41:94:0D:97:30:58:04:89:5F:3A:9F:24:84:3C:10:EE:58:01:48
Certificate issuer: /CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Certificate serial: 01856F6704FD7E458E18A7A465EE0386AEC6
Authority key identifier: 36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/okGUDZcwWASJXzqfJIQ8EO5YAUg.roa
Signing time: Sun 01 Jan 2023 22:15:00 +0000
ROA not before: Sun 01 Jan 2023 22:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62419
IP address blocks: 185.90.104.0/22 maxlen: 24
185.90.104.0/24 maxlen: 24
185.90.105.0/24 maxlen: 24
185.90.106.0/24 maxlen: 24
185.90.107.0/24 maxlen: 24
62.201.192.0/24 maxlen: 24
62.201.206.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:04:fd:7e:45:8e:18:a7:a4:65:ee:03:86:ae:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3692fedf59c60d3254e37a9c8ecde11c9ba1282a
Validity
Not Before: Jan 1 22:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a241940d97305804895f3a9f24843c10ee580148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:6d:61:5e:0e:bc:20:41:80:84:a1:c4:40:03:
88:aa:71:33:ba:7f:c5:53:fc:27:28:f0:be:65:29:
a1:03:99:9f:fd:bd:9f:9c:a8:09:a8:64:df:e9:b1:
3c:3d:c2:55:30:7d:a9:f2:46:0b:4b:d7:bd:f6:5a:
08:84:93:45:ce:7e:3c:72:80:6d:70:c5:9e:d1:95:
bb:0a:0c:73:f7:82:f7:6e:20:95:2c:51:9a:00:f5:
0a:31:50:75:8c:4e:dc:6d:19:b1:3f:8c:32:7f:d1:
df:a9:52:8a:5f:04:d0:e7:81:bc:1c:34:90:a2:07:
dc:d2:1f:3c:38:21:e0:08:17:b9:bb:fb:de:48:6b:
9f:be:2c:c4:e5:3f:b4:31:39:2a:33:ff:04:48:dc:
d7:51:6a:c4:d5:8d:67:2c:d8:b6:7e:74:95:58:e5:
86:31:2f:51:5b:f7:aa:6d:1c:13:a9:58:f5:2b:47:
26:1d:b2:66:a1:c0:e1:75:42:e9:1f:9e:a6:35:95:
2b:84:15:f8:22:a2:49:db:c2:1d:4f:e8:3a:92:3f:
92:9d:a1:b3:28:d8:f0:52:b7:40:94:ca:32:5f:d0:
9d:d9:d6:a7:f2:88:0e:1d:88:14:39:73:ed:5b:51:
1c:9b:9a:e4:dd:cf:6d:7c:8f:18:79:d4:51:60:c6:
88:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:41:94:0D:97:30:58:04:89:5F:3A:9F:24:84:3C:10:EE:58:01:48
X509v3 Authority Key Identifier:
keyid:36:92:FE:DF:59:C6:0D:32:54:E3:7A:9C:8E:CD:E1:1C:9B:A1:28:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpL-31nGDTJU43qcjs3hHJuhKCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/okGUDZcwWASJXzqfJIQ8EO5YAUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/5c5ad0-d2da-40db-95d1-e7be5e30ad2d/1/NpL-31nGDTJU43qcjs3hHJuhKCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.192.0/24
62.201.206.0/24
185.90.104.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:d4:34:d3:bf:1d:e7:ad:d8:26:ac:57:4d:a0:26:c0:64:60:
53:78:6e:09:1b:5b:d3:f3:8a:7e:53:61:2e:6f:d4:0c:8c:de:
29:8c:89:0f:3d:35:06:a1:69:66:7e:d5:7c:aa:cb:53:b3:db:
2d:d0:20:53:6e:13:70:84:97:ee:c0:07:42:f0:c3:5c:9c:91:
03:2d:96:00:cc:cd:be:0b:f0:60:30:33:43:26:f6:1c:e1:e9:
5f:1e:8a:67:81:69:93:5e:db:33:48:ed:59:fb:39:b7:10:0f:
59:4c:3c:09:91:5d:3d:92:81:09:f1:00:7a:35:c8:12:65:4f:
4b:34:09:1f:cb:78:d4:4a:c5:7e:0b:b2:17:b0:ff:af:81:72:
b9:59:5d:6a:c3:4b:05:cc:55:b7:76:f0:e6:7a:5d:68:38:72:
cb:ff:da:be:43:85:16:e2:28:f8:5c:fc:10:3a:de:cf:4a:f1:
a2:13:ba:5a:0f:3c:e9:68:1a:ad:a2:69:db:f6:bc:47:1c:6e:
66:12:65:99:17:1f:a1:a5:f3:de:3d:9d:12:91:4f:9c:86:fe:
21:c2:4f:b3:7b:47:ae:ff:b9:1a:bd:6a:f8:fc:3a:da:ed:1c:
1a:1f:3c:48:53:f8:45:e3:ac:d4:bc:41:00:7d:6b:13:db:b3:
27:48:6c:89
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvZwT9fkWOGKekZe4Dhq7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTJmZWRmNTljNjBkMzI1NGUzN2E5YzhlY2RlMTFjOWJh
MTI4MmEwHhcNMjMwMTAxMjIxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjQxOTQwZDk3MzA1ODA0ODk1ZjNhOWYyNDg0M2MxMGVlNTgwMTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg21hXg68IEGAhKHEQAOIqnEzun/F
U/wnKPC+ZSmhA5mf/b2fnKgJqGTf6bE8PcJVMH2p8kYLS9e99loIhJNFzn48coBt
cMWe0ZW7Cgxz94L3biCVLFGaAPUKMVB1jE7cbRmxP4wyf9HfqVKKXwTQ54G8HDSQ
ogfc0h88OCHgCBe5u/veSGufvizE5T+0MTkqM/8ESNzXUWrE1Y1nLNi2fnSVWOWG
MS9RW/eqbRwTqVj1K0cmHbJmocDhdULpH56mNZUrhBX4IqJJ28IdT+g6kj+SnaGz
KNjwUrdAlMoyX9Cd2dan8ogOHYgUOXPtW1Ecm5rk3c9tfI8YedRRYMaI3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKJBlA2XMFgEiV86nySEPBDuWAFIMB8GA1UdIwQY
MBaAFDaS/t9Zxg0yVON6nI7N4RyboSgqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEt
ZTdiZTVlMzBhZDJkLzEvb2tHVURaY3dXQVNKWHpxZkpJUThFTzVZQVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi81YzVhZDAtZDJkYS00MGRiLTk1ZDEtZTdiZTVlMzBhZDJk
LzEvTnBMLTMxbkdEVEpVNDNxY2pzM2hISnVoS0NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPsnAAwQA
PsnOAwQCuVpoMA0GCSqGSIb3DQEBCwUAA4IBAQCL1DTTvx3nrdgmrFdNoCbAZGBT
eG4JG1vT84p+U2Eub9QMjN4pjIkPPTUGoWlmftV8qstTs9st0CBTbhNwhJfuwAdC
8MNcnJEDLZYAzM2+C/BgMDNDJvYc4elfHopngWmTXtszSO1Z+zm3EA9ZTDwJkV09
koEJ8QB6NcgSZU9LNAkfy3jUSsV+C7IXsP+vgXK5WV1qw0sFzFW3dvDmel1oOHLL
/9q+Q4UW4ij4XPwQOt7PSvGiE7paDzzpaBqtomnb9rxHHG5mEmWZFx+hpfPePZ0S
kU+chv4hwk+ze0eu/7kavWr4/Dra7RwaHzxIU/hF46zUvEEAfWsT27MnSGyJ
-----END CERTIFICATE-----
Generated at Mon Apr 14 13:20:27 2025 by rpki-client