Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/NKIp8yXXcTulL7wYVOh2hdG3onE.roa
File: NKIp8yXXcTulL7wYVOh2hdG3onE.roa (raw, json)
Hash identifier: PqZqpO0QB/6BbaXQg1CZyiwojEiUOoWi2IGc69WlUGg=
Subject key identifier: 34:A2:29:F3:25:D7:71:3B:A5:2F:BC:18:54:E8:76:85:D1:B7:A2:71
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 011F5C83
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/NKIp8yXXcTulL7wYVOh2hdG3onE.roa
Signing time: Thu 03 Feb 2022 10:20:38 +0000
ROA not before: Thu 03 Feb 2022 10:20:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 95.210.192.0/20 maxlen: 20
5.61.192.0/21 maxlen: 21
95.210.0.0/22 maxlen: 22
95.210.0.0/16 maxlen: 16
88.202.121.0/24 maxlen: 24
95.210.142.0/24 maxlen: 24
5.175.64.0/20 maxlen: 20
176.227.128.0/20 maxlen: 20
84.254.129.0/24 maxlen: 24
84.254.131.0/24 maxlen: 24
84.254.128.0/18 maxlen: 18
95.210.94.0/24 maxlen: 24
95.210.105.0/24 maxlen: 24
88.202.0.0/17 maxlen: 17
95.210.110.0/24 maxlen: 24
213.209.160.0/19 maxlen: 19
95.210.36.0/24 maxlen: 24
95.210.34.0/24 maxlen: 24
95.210.68.0/24 maxlen: 24
2a00:ca0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18832515 (0x11f5c83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Feb 3 10:20:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34a229f325d7713ba52fbc1854e87685d1b7a271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e7:5e:64:ba:8b:8e:d2:47:2f:62:2b:4f:28:
ba:8f:b8:d1:e7:f5:16:d3:12:19:12:ed:2e:54:97:
65:62:5f:5c:3f:c4:ac:6d:af:57:ec:bf:84:1d:11:
2b:8c:3b:f8:8a:8d:e2:fd:5e:7b:b6:db:af:52:26:
52:83:ab:e3:65:b6:56:46:7c:7d:cf:a6:f0:71:2c:
6d:d9:1b:aa:fd:55:ca:86:20:5a:b9:7c:9e:32:0d:
b8:36:e3:ae:44:c9:f8:3b:77:0f:7d:42:0b:91:d6:
64:65:21:55:9d:1b:ea:98:b8:40:bb:80:52:05:44:
33:82:06:d5:b4:fe:93:29:e0:df:a5:42:5b:37:01:
33:2c:bd:03:bd:b4:bf:66:5c:db:2c:d6:6f:45:c8:
49:3a:7b:93:f8:41:7c:2f:74:4c:42:7f:34:5b:31:
7c:f1:e7:87:10:17:04:8f:7e:4f:d5:b0:d5:7a:33:
b7:b8:0b:42:b1:e9:10:95:1f:7f:a2:2c:d9:21:82:
8b:49:c7:9d:06:66:d4:fb:0d:d7:19:6c:a5:50:fa:
e2:e5:ce:1c:d9:11:a2:19:bd:74:58:c3:f6:90:85:
e7:a4:49:f6:97:37:0e:e9:8d:04:cc:4d:2d:6b:92:
32:e7:77:f4:5b:73:8d:c4:e1:64:55:69:b5:f4:f8:
2c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A2:29:F3:25:D7:71:3B:A5:2F:BC:18:54:E8:76:85:D1:B7:A2:71
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/NKIp8yXXcTulL7wYVOh2hdG3onE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.192.0/21
5.175.64.0/20
84.254.128.0/18
88.202.0.0/17
95.210.0.0/16
176.227.128.0/20
213.209.160.0/19
IPv6:
2a00:ca0::/32
Signature Algorithm: sha256WithRSAEncryption
02:4d:b9:87:01:5f:20:5d:d0:11:f7:c0:16:90:00:f2:85:a9:
80:08:73:15:78:93:a9:fa:4d:c6:36:1c:30:75:54:49:34:b4:
4b:23:74:3b:02:92:20:9d:98:2d:7e:f3:86:2c:82:c6:ad:bb:
1f:1b:d8:42:a1:75:18:41:2c:bc:bf:83:84:77:bb:12:b9:18:
14:41:10:fc:06:05:ae:1b:f7:c1:9e:b8:de:26:d2:de:8b:65:
fc:23:0a:61:06:ae:86:16:3b:f5:e8:04:f3:9a:72:6b:4b:22:
5b:39:0a:d8:ed:ad:19:49:17:d9:0e:cf:56:1b:98:be:0e:2d:
c1:26:2b:bb:33:69:ac:93:83:a0:6c:49:bb:4f:42:18:4b:e1:
d7:18:b2:bd:a9:6b:4c:03:79:d0:fd:b0:11:d8:56:50:9b:0e:
5a:6f:36:a6:15:95:e6:1f:55:3f:85:d5:85:90:90:ab:91:77:
47:41:38:47:d0:d7:37:f8:f9:32:51:72:12:29:71:9f:e5:8e:
3c:28:55:b3:62:d9:45:0e:ff:f8:e2:3d:f9:cd:1f:91:ca:e8:
4f:4d:c4:46:7d:e5:30:21:c1:aa:c8:d5:6d:2b:b0:01:57:4a:
f0:e9:91:48:37:bd:b5:5e:5f:3f:bf:37:7b:08:83:7c:f0:57:
4b:0e:7d:e2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEAR9cgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzU1NzAyNDY3NzcwZWQ2OWIzNjdiNzdiYmU2NDBiYzZkYjQxNTNlMB4XDTIyMDIw
MzEwMjAzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzRhMjI5ZjMyNWQ3
NzEzYmE1MmZiYzE4NTRlODc2ODVkMWI3YTI3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbnXmS6i47SRy9iK08ouo+40ef1FtMSGRLtLlSXZWJfXD/E
rG2vV+y/hB0RK4w7+IqN4v1ee7bbr1ImUoOr42W2VkZ8fc+m8HEsbdkbqv1VyoYg
Wrl8njINuDbjrkTJ+Dt3D31CC5HWZGUhVZ0b6pi4QLuAUgVEM4IG1bT+kyng36VC
WzcBMyy9A720v2Zc2yzWb0XISTp7k/hBfC90TEJ/NFsxfPHnhxAXBI9+T9Ww1Xoz
t7gLQrHpEJUff6Is2SGCi0nHnQZm1PsN1xlspVD64uXOHNkRohm9dFjD9pCF56RJ
9pc3DumNBMxNLWuSMud39FtzjcThZFVptfT4LG0CAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBQ0oinzJddxO6UvvBhU6HaF0beicTAfBgNVHSMEGDAWgBTHVXAkZ3cO1ps2
e3e75kC8bbQVPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gxVndKR2QzRHRhYk5udDN1LVpBdkcyMEZUNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvMjQzZjkxLTg3NDctNDk4MS05Y2JmLTFkMzczNDk5OTI0ZS8x
L05LSXA4eVhYY1R1bEw3d1lWT2gyaGRHM29uRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
MjQzZjkxLTg3NDctNDk4MS05Y2JmLTFkMzczNDk5OTI0ZS8xL3gxVndKR2QzRHRh
Yk5udDN1LVpBdkcyMEZUNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwLwQCAAEwKQMEAwU9wAMEBAWvQAMEBlT+gAMEB1jK
AAMDAF/SAwQEsOOAAwQF1dGgMA0EAgACMAcDBQAqAAygMA0GCSqGSIb3DQEBCwUA
A4IBAQACTbmHAV8gXdAR98AWkADyhamACHMVeJOp+k3GNhwwdVRJNLRLI3Q7ApIg
nZgtfvOGLILGrbsfG9hCoXUYQSy8v4OEd7sSuRgUQRD8BgWuG/fBnrjeJtLei2X8
IwphBq6GFjv16ATzmnJrSyJbOQrY7a0ZSRfZDs9WG5i+Di3BJiu7M2msk4OgbEm7
T0IYS+HXGLK9qWtMA3nQ/bAR2FZQmw5abzamFZXmH1U/hdWFkJCrkXdHQThH0Nc3
+PkyUXISKXGf5Y48KFWzYtlFDv/44j35zR+RyuhPTcRGfeUwIcGqyNVtK7ABV0rw
6ZFIN721Xl8/vzd7CIN88FdLDn3i
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:57:08 2025 by rpki-client