Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/NYE-nDj1NJWyZ3H1FRqtfegAeFI.roa
File: NYE-nDj1NJWyZ3H1FRqtfegAeFI.roa (raw, json)
Hash identifier: dOb/9JiIFZKhLQdj6CAvY9FggKhcEtK+x1ZAeZ6S1ck=
Subject key identifier: 35:81:3E:9C:38:F5:34:95:B2:67:71:F5:15:1A:AD:7D:E8:00:78:52
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 0189D6FB44A64E7FE35847EAAD9CA6D1E88B
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/NYE-nDj1NJWyZ3H1FRqtfegAeFI.roa
Signing time: Tue 08 Aug 2023 21:08:58 +0000
ROA not before: Tue 08 Aug 2023 21:08:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 85.153.56.0/24 maxlen: 24
85.115.204.0/24 maxlen: 24
85.115.207.0/24 maxlen: 24
85.153.7.0/24 maxlen: 24
85.153.6.0/24 maxlen: 24
85.153.8.0/24 maxlen: 24
85.153.125.0/24 maxlen: 24
85.153.124.0/24 maxlen: 24
85.153.120.0/24 maxlen: 24
85.153.119.0/24 maxlen: 24
85.153.121.0/24 maxlen: 24
85.153.123.0/24 maxlen: 24
85.153.122.0/24 maxlen: 24
85.153.126.0/24 maxlen: 24
85.153.75.0/24 maxlen: 24
85.153.73.0/24 maxlen: 24
85.153.72.0/24 maxlen: 24
85.153.74.0/24 maxlen: 24
85.153.83.0/24 maxlen: 24
85.153.82.0/24 maxlen: 24
85.153.84.0/22 maxlen: 22
85.153.80.0/24 maxlen: 24
85.153.81.0/24 maxlen: 24
85.153.88.0/22 maxlen: 22
85.153.92.0/24 maxlen: 24
85.153.93.0/24 maxlen: 24
85.153.95.0/24 maxlen: 24
85.153.94.0/24 maxlen: 24
85.153.104.0/22 maxlen: 22
85.153.108.0/22 maxlen: 22
85.153.113.0/24 maxlen: 24
85.153.118.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d6:fb:44:a6:4e:7f:e3:58:47:ea:ad:9c:a6:d1:e8:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Aug 8 21:08:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=35813e9c38f53495b26771f5151aad7de8007852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8c:b1:90:7c:87:ce:61:1e:35:4d:98:1c:6c:
00:58:95:2b:d1:7f:42:f0:91:88:17:d0:22:0b:e2:
24:4e:e6:1a:89:ff:40:eb:a8:e5:a7:09:42:c6:9c:
f3:19:64:49:9b:8e:fe:47:6d:ad:bd:cb:f4:09:ae:
f4:8c:eb:e5:32:f5:a8:34:f8:78:14:94:ab:54:da:
46:01:0d:93:d1:c1:d1:14:ce:5f:fa:b8:6f:41:91:
6b:fc:0e:1f:3c:65:e1:76:5a:77:89:89:c7:b8:0b:
5a:68:d6:82:0d:c8:d5:1e:6a:fe:48:dc:99:e3:13:
de:6b:9e:7e:17:4a:6b:e1:0e:e0:b8:c3:dd:8b:9f:
78:d1:60:c7:24:e6:6a:85:d0:fc:ba:18:16:19:5e:
06:33:a2:53:8c:84:92:d5:5c:d7:f1:8c:0a:42:56:
0c:35:10:b9:91:8d:17:0e:88:43:03:6b:17:fa:21:
f9:4c:18:1b:9a:71:7e:e5:7a:75:6a:c8:29:3f:a2:
53:3f:46:f2:b0:99:b8:52:92:e7:54:99:aa:7c:67:
4b:ab:ea:c5:77:94:8a:0f:ea:87:33:26:20:7e:3a:
05:a6:68:25:6f:ae:16:26:24:58:c0:91:24:5d:fc:
31:d8:d0:dc:5c:42:00:05:4d:f5:53:13:1f:b7:59:
79:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:81:3E:9C:38:F5:34:95:B2:67:71:F5:15:1A:AD:7D:E8:00:78:52
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/NYE-nDj1NJWyZ3H1FRqtfegAeFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.204.0/24
85.115.207.0/24
85.153.6.0-85.153.8.255
85.153.56.0/24
85.153.72.0/22
85.153.80.0/20
85.153.104.0/21
85.153.113.0/24
85.153.118.0-85.153.126.255
Signature Algorithm: sha256WithRSAEncryption
7c:69:0b:f9:dd:dc:d9:77:bd:18:02:13:07:a9:1b:b3:4c:6d:
78:ef:74:99:73:04:f9:4b:78:b9:e9:8d:8b:33:0a:22:2f:83:
f4:6f:82:65:c5:aa:4c:7d:08:4e:c7:a2:35:c4:78:33:2a:39:
1b:cd:19:34:8a:04:d9:9e:ea:8a:1a:1e:e6:27:bb:85:b1:a5:
02:48:f8:0a:9c:d9:99:5b:5f:6a:bc:c8:3b:d8:d4:98:ac:99:
64:5d:5f:fb:f3:6c:c1:7b:51:db:9f:69:bf:8d:bb:4c:72:3f:
8c:8b:a8:cd:e0:73:8e:d1:68:52:1c:bf:60:9a:7e:7b:e2:db:
f8:4a:7f:bb:49:c4:c4:89:bc:a9:50:c6:ae:ee:d0:28:37:76:
aa:de:59:7b:a0:57:21:4a:bb:b9:1f:48:f7:d2:3b:e8:34:ce:
81:ed:3b:ae:43:b2:13:1a:e7:d5:b1:3e:a8:53:4b:0a:60:1d:
67:77:5b:ed:47:11:52:98:37:4e:71:ae:5b:fd:b2:4a:c9:10:
b3:7a:d9:99:66:6f:f6:12:e3:43:6e:8a:86:7d:94:81:4e:20:
e2:1e:d8:f4:18:9b:60:0e:22:0e:fb:b3:5f:a7:f0:f5:0c:c4:
55:90:ef:fa:9b:d1:86:2a:17:af:b7:9e:4d:13:3f:09:5d:73:
78:ee:22:9b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYnW+0SmTn/jWEfqrZym0eiLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjMwODA4MjEwODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTgxM2U5YzM4ZjUzNDk1YjI2NzcxZjUxNTFhYWQ3ZGU4MDA3ODUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoyxkHyHzmEeNU2YHGwAWJUr0X9C
8JGIF9AiC+IkTuYaif9A66jlpwlCxpzzGWRJm47+R22tvcv0Ca70jOvlMvWoNPh4
FJSrVNpGAQ2T0cHRFM5f+rhvQZFr/A4fPGXhdlp3iYnHuAtaaNaCDcjVHmr+SNyZ
4xPea55+F0pr4Q7guMPdi5940WDHJOZqhdD8uhgWGV4GM6JTjISS1VzX8YwKQlYM
NRC5kY0XDohDA2sX+iH5TBgbmnF+5Xp1asgpP6JTP0bysJm4UpLnVJmqfGdLq+rF
d5SKD+qHMyYgfjoFpmglb64WJiRYwJEkXfwx2NDcXEIABU31UxMft1l5jwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFDWBPpw49TSVsmdx9RUarX3oAHhSMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvTllFLW5EajFOSld5WjNIMUZScXRmZWdBZUZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAVXPMAwQA
VXPPMAwDBAFVmQYDBABVmQgDBABVmTgDBAJVmUgDBARVmVADBANVmWgDBABVmXEw
DAMEAVWZdgMEAFWZfjANBgkqhkiG9w0BAQsFAAOCAQEAfGkL+d3c2Xe9GAITB6kb
s0xteO90mXME+Ut4uemNizMKIi+D9G+CZcWqTH0ITseiNcR4Myo5G80ZNIoE2Z7q
ihoe5ie7hbGlAkj4CpzZmVtfarzIO9jUmKyZZF1f+/NswXtR259pv427THI/jIuo
zeBzjtFoUhy/YJp+e+Lb+Ep/u0nExIm8qVDGru7QKDd2qt5Ze6BXIUq7uR9I99I7
6DTOge07rkOyExrn1bE+qFNLCmAdZ3db7UcRUpg3TnGuW/2ySskQs3rZmWZv9hLj
Q26Khn2UgU4g4h7Y9BibYA4iDvuzX6fw9QzEVZDv+pvRhioXr7eeTRM/CV1zeO4i
mw==
-----END CERTIFICATE-----
Generated at Tue Apr 29 05:12:33 2025 by rpki-client