Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/NY_rHaisNNTyMd-VPO0YMT0ieSU.roa
File: NY_rHaisNNTyMd-VPO0YMT0ieSU.roa (raw, json)
Hash identifier: zpbmneYektQjYH7rkix/Cy6dpymlx9TwwbDci/FoPbA=
Subject key identifier: 35:8F:EB:1D:A8:AC:34:D4:F2:31:DF:95:3C:ED:18:31:3D:22:79:25
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 018766F2D208C1EEE297592CA0A979B1EAE5
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/NY_rHaisNNTyMd-VPO0YMT0ieSU.roa
Signing time: Sun 09 Apr 2023 16:56:42 +0000
ROA not before: Sun 09 Apr 2023 16:56:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3265
IP address blocks: 82.92.0.0/14 maxlen: 14
195.64.80.0/20 maxlen: 20
194.109.0.0/16 maxlen: 16
62.251.0.0/17 maxlen: 17
83.160.0.0/14 maxlen: 14
82.161.0.0/16 maxlen: 16
83.68.0.0/20 maxlen: 20
213.84.0.0/16 maxlen: 16
80.100.0.0/15 maxlen: 15
83.68.16.0/21 maxlen: 21
83.68.24.0/22 maxlen: 22
83.68.31.0/24 maxlen: 24
83.68.28.0/24 maxlen: 24
83.68.29.0/24 maxlen: 24
62.216.0.0/19 maxlen: 19
213.222.0.0/19 maxlen: 19
212.238.0.0/16 maxlen: 16
80.126.0.0/15 maxlen: 15
2001:888::/32 maxlen: 32
2001:888::/29 maxlen: 29
2001:888::/30 maxlen: 30
2001:980::/30 maxlen: 30
2001:980::/29 maxlen: 29
2001:980::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:66:f2:d2:08:c1:ee:e2:97:59:2c:a0:a9:79:b1:ea:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Apr 9 16:56:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=358feb1da8ac34d4f231df953ced18313d227925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:49:f7:5a:d9:63:f3:bc:d8:1d:1e:8a:a5:b7:
c1:83:e1:3e:c6:33:19:89:33:bc:76:f0:44:b3:bd:
9e:8f:1d:13:7c:38:b8:69:91:cc:0b:86:bb:c4:4a:
ff:b3:b2:cc:90:6c:d8:8d:c4:bd:29:ae:43:1f:80:
f0:f4:ae:a8:43:81:88:d6:0f:fd:93:0c:b7:b2:be:
56:43:4e:63:57:f2:ad:27:cf:20:00:f7:91:31:0d:
f9:9f:a7:ab:b5:87:fc:fe:4e:58:28:3a:47:07:c8:
eb:44:57:a6:41:71:fa:ab:8d:ec:a5:7a:7c:21:79:
6a:b1:8b:6b:04:de:85:5f:89:de:e8:7a:43:fa:3d:
74:c4:79:a7:02:ae:c1:c2:af:c8:79:1d:14:f8:58:
33:6a:37:03:62:d7:71:b6:9d:59:c6:e1:08:e6:8c:
2f:01:03:8b:d1:1b:39:d0:bc:09:46:c1:c1:a9:ec:
d5:2d:49:fe:a4:e3:07:b3:70:8d:24:06:aa:5c:04:
b6:b8:08:27:d8:45:c6:57:bd:15:0c:21:0b:fc:25:
6e:b3:24:8b:88:b1:2f:90:a9:a6:25:36:56:c3:ea:
de:8f:22:7b:55:63:c0:7b:c8:08:ba:92:86:75:a6:
c9:3b:a4:9a:58:9f:ce:98:b4:fb:ed:cf:62:1a:d8:
80:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:8F:EB:1D:A8:AC:34:D4:F2:31:DF:95:3C:ED:18:31:3D:22:79:25
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/NY_rHaisNNTyMd-VPO0YMT0ieSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.216.0.0/19
62.251.0.0/17
80.100.0.0/15
80.126.0.0/15
82.92.0.0/14
82.161.0.0/16
83.68.0.0-83.68.29.255
83.68.31.0/24
83.160.0.0/14
194.109.0.0/16
195.64.80.0/20
212.238.0.0/16
213.84.0.0/16
213.222.0.0/19
IPv6:
2001:888::/29
2001:980::/29
Signature Algorithm: sha256WithRSAEncryption
58:7e:d9:88:21:59:40:da:4a:67:b4:89:22:33:07:b7:99:16:
23:fb:58:d1:5b:7b:05:5c:31:b6:6a:e0:ad:03:ff:6f:bb:01:
c6:5b:a1:81:d4:95:bf:fd:af:80:25:29:1a:a1:ad:c8:4e:29:
8c:63:86:ee:40:78:e4:be:e9:bc:a5:d9:20:51:6e:a7:3e:b8:
78:3e:77:44:63:6f:ed:24:f8:d0:3c:0a:a8:1c:1a:15:ea:65:
8d:5b:21:51:89:0e:11:97:32:e1:60:41:50:13:bb:47:53:20:
c7:a2:4b:df:f4:99:45:fc:f8:6f:0d:af:b7:31:48:8b:3f:8d:
85:8e:db:16:f4:29:40:b9:f2:51:b0:91:be:87:2a:8e:a3:fa:
4c:f7:eb:e6:20:fc:3a:ec:99:14:22:f7:32:e0:16:63:90:2d:
3b:8d:11:b6:b7:e7:30:a8:35:5a:3c:46:ea:ef:39:92:f3:26:
20:a9:f4:88:fa:bb:0e:da:ee:51:8d:49:5f:95:1b:bd:cb:f4:
cd:8d:e6:f2:df:63:c0:13:d6:53:92:34:c9:ad:e9:7d:5f:47:
11:4d:ec:3f:42:99:25:df:be:fd:f5:e6:37:da:b2:30:b2:ae:
ef:52:ec:05:87:99:5c:6f:67:70:38:2e:97:7e:99:66:16:9d:
90:85:c7:d9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAYdm8tIIwe7il1ksoKl5serlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjMwNDA5MTY1NjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNThmZWIxZGE4YWMzNGQ0ZjIzMWRmOTUzY2VkMTgzMTNkMjI3OTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kn3Wtlj87zYHR6KpbfBg+E+xjMZ
iTO8dvBEs72ejx0TfDi4aZHMC4a7xEr/s7LMkGzYjcS9Ka5DH4Dw9K6oQ4GI1g/9
kwy3sr5WQ05jV/KtJ88gAPeRMQ35n6ertYf8/k5YKDpHB8jrRFemQXH6q43spXp8
IXlqsYtrBN6FX4ne6HpD+j10xHmnAq7Bwq/IeR0U+FgzajcDYtdxtp1ZxuEI5owv
AQOL0Rs50LwJRsHBqezVLUn+pOMHs3CNJAaqXAS2uAgn2EXGV70VDCEL/CVusySL
iLEvkKmmJTZWw+rejyJ7VWPAe8gIupKGdabJO6SaWJ/OmLT77c9iGtiAowIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFDWP6x2orDTU8jHflTztGDE9InklMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvTllfckhhaXNOTlR5TWQtVlBPMFlNVDBpZVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwWQQCAAEwUwMEBT7YAAME
Bz77AAMDAVBkAwMBUH4DAwJSXAMDAFKhMAsDAwJTRAMEAVNEHAMEAFNEHwMDAlOg
AwMAwm0DBATDQFADAwDU7gMDANVUAwQF1d4AMBQEAgACMA4DBQMgAQiIAwUDIAEJ
gDANBgkqhkiG9w0BAQsFAAOCAQEAWH7ZiCFZQNpKZ7SJIjMHt5kWI/tY0Vt7BVwx
tmrgrQP/b7sBxluhgdSVv/2vgCUpGqGtyE4pjGOG7kB45L7pvKXZIFFupz64eD53
RGNv7ST40DwKqBwaFepljVshUYkOEZcy4WBBUBO7R1Mgx6JL3/SZRfz4bw2vtzFI
iz+NhY7bFvQpQLnyUbCRvocqjqP6TPfr5iD8OuyZFCL3MuAWY5AtO40RtrfnMKg1
WjxG6u85kvMmIKn0iPq7DtruUY1JX5Ubvcv0zY3m8t9jwBPWU5I0ya3pfV9HEU3s
P0KZJd++/fXmN9qyMLKu71LsBYeZXG9ncDgul36ZZhadkIXH2Q==
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:26:18 2025 by rpki-client