Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/nWQU_Dkob2Oiam_keqLQSxbCRUk.roa
File: nWQU_Dkob2Oiam_keqLQSxbCRUk.roa (raw, json)
Hash identifier: KmrOc5TwhV8ZYc8wI5BsMroW5WKfNBXVsbA6wgZl+uY=
Subject key identifier: 9D:64:14:FC:39:28:6F:63:A2:6A:6F:E4:7A:A2:D0:4B:16:C2:45:49
Certificate issuer: /CN=89da60f049dfba34be4b4e8418b9ff492125c449
Certificate serial: 018697FA4125D084DDBFA915734C5BF967F9
Authority key identifier: 89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/nWQU_Dkob2Oiam_keqLQSxbCRUk.roa
Signing time: Tue 28 Feb 2023 12:23:25 +0000
ROA not before: Tue 28 Feb 2023 12:23:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15802
IP address blocks: 5.30.32.0/19 maxlen: 19
94.201.251.0/24 maxlen: 24
5.30.64.0/19 maxlen: 19
87.201.176.0/22 maxlen: 22
87.201.180.0/22 maxlen: 22
87.201.184.0/22 maxlen: 22
94.201.196.0/22 maxlen: 22
5.30.0.0/19 maxlen: 19
5.30.8.0/22 maxlen: 22
91.73.216.0/23 maxlen: 23
5.30.0.0/15 maxlen: 15
5.32.64.0/19 maxlen: 19
91.72.204.0/24 maxlen: 24
5.32.96.0/19 maxlen: 19
91.72.205.0/24 maxlen: 24
91.72.206.0/24 maxlen: 24
5.32.0.0/17 maxlen: 19
94.203.204.0/22 maxlen: 22
5.32.32.0/19 maxlen: 19
94.200.156.0/24 maxlen: 24
80.227.200.0/22 maxlen: 22
94.200.248.0/22 maxlen: 22
91.73.0.0/20 maxlen: 20
5.31.96.0/19 maxlen: 19
94.203.44.0/23 maxlen: 23
94.206.152.0/23 maxlen: 23
94.203.62.0/23 maxlen: 23
5.31.128.0/20 maxlen: 20
5.31.128.0/19 maxlen: 19
94.206.181.0/24 maxlen: 24
5.31.144.0/20 maxlen: 20
5.31.64.0/19 maxlen: 19
94.206.112.0/23 maxlen: 23
94.200.0.0/13 maxlen: 19
5.31.224.0/19 maxlen: 19
5.31.160.0/19 maxlen: 19
5.31.160.0/20 maxlen: 20
87.200.0.0/15 maxlen: 19
80.227.0.0/16 maxlen: 19
91.72.0.0/14 maxlen: 19
5.31.192.0/19 maxlen: 19
5.30.160.0/19 maxlen: 19
5.30.96.0/19 maxlen: 19
5.30.128.0/19 maxlen: 19
91.74.78.0/23 maxlen: 23
5.31.0.0/19 maxlen: 19
213.132.32.0/19 maxlen: 19
5.31.32.0/19 maxlen: 19
94.206.74.0/23 maxlen: 23
5.30.192.0/19 maxlen: 19
5.30.224.0/19 maxlen: 19
94.206.16.0/23 maxlen: 23
94.206.21.0/24 maxlen: 24
2a00:f2e::/32 maxlen: 32
2a00:f2c::/32 maxlen: 32
2a00:f2d::/32 maxlen: 32
2a00:f29::/32 maxlen: 32
2a00:f2b::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:fa:41:25:d0:84:dd:bf:a9:15:73:4c:5b:f9:67:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89da60f049dfba34be4b4e8418b9ff492125c449
Validity
Not Before: Feb 28 12:23:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9d6414fc39286f63a26a6fe47aa2d04b16c24549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:15:24:dd:5b:d4:3f:88:c8:c5:41:09:98:8a:
c1:6e:35:27:b1:fa:a3:4c:99:10:60:49:fe:4e:08:
52:cf:7c:93:6d:eb:3d:ca:92:30:09:8c:65:c6:d5:
e9:95:7f:b9:3d:9d:22:17:1a:bc:79:24:9b:98:67:
cd:45:f0:b6:68:c0:b1:e1:4e:01:57:ec:93:f4:5a:
c2:28:f8:b1:81:f7:06:1f:60:c6:0e:49:50:5a:3c:
69:2c:31:ab:56:8e:da:74:8e:ce:1e:7b:ad:4e:35:
b9:1f:57:0d:f0:f3:28:40:99:e2:5f:3a:3b:46:92:
e5:eb:85:21:78:b0:66:87:cf:fb:44:51:b0:a1:31:
5c:1e:53:b7:e9:93:da:48:42:1e:35:09:4b:5b:79:
75:7b:fa:3f:18:6f:0f:6b:fc:2a:9b:3d:58:10:a1:
87:38:4b:8d:d4:08:85:a7:1a:f5:ec:31:fa:c0:13:
62:c9:a0:84:92:88:4a:2c:1f:77:98:57:d1:e4:8d:
e5:b6:9c:f2:b8:e5:6b:54:88:87:01:ed:32:de:7d:
b2:1f:b9:8c:e3:fd:c4:60:e7:a5:06:29:62:96:1b:
76:3a:e9:67:e0:8f:e8:eb:9d:46:9f:5d:a5:50:56:
7a:e0:06:64:42:29:94:3b:d7:b9:94:9c:61:e6:0d:
ff:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:64:14:FC:39:28:6F:63:A2:6A:6F:E4:7A:A2:D0:4B:16:C2:45:49
X509v3 Authority Key Identifier:
keyid:89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/nWQU_Dkob2Oiam_keqLQSxbCRUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/idpg8EnfujS-S06EGLn_SSElxEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.30.0.0-5.32.127.255
80.227.0.0/16
87.200.0.0/15
91.72.0.0/14
94.200.0.0/13
213.132.32.0/19
IPv6:
2a00:f29::/32
2a00:f2b::-2a00:f2e:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6e:9b:88:3a:5e:44:32:06:c1:62:45:ad:53:5d:6a:02:01:77:
0b:4b:38:f3:01:13:2c:97:de:fe:41:bb:6d:0e:9e:75:bb:06:
d0:9b:5b:c6:19:13:6f:ea:50:b2:2f:70:f2:63:8b:e1:45:6a:
1a:5d:be:59:06:11:6c:9d:93:02:1f:f3:1f:f2:9b:8a:3a:6f:
50:88:c1:87:23:70:2a:01:e2:30:52:6d:88:a8:68:d6:f1:bb:
89:60:60:3e:24:be:16:70:8a:a6:00:8d:b2:b2:f6:0a:05:a9:
ba:b6:0c:bb:19:4a:0f:24:9b:06:bb:47:14:a0:d1:11:5d:4d:
48:8a:77:f8:d7:a8:0f:52:0f:b4:68:75:cc:1d:ac:4b:3c:de:
14:00:fb:9e:40:5d:db:cf:03:e9:b8:a2:c5:14:90:bb:b6:2f:
a6:a0:35:4d:45:e0:74:b7:bf:39:44:52:db:b9:8d:8f:4e:82:
d5:56:4a:61:18:3b:3f:2f:e9:7e:af:6a:9b:a6:3b:25:e6:9b:
d6:0a:56:35:9c:fc:3d:cf:1b:b8:54:b6:04:f0:a9:c7:22:c2:
78:d5:a4:60:45:55:c5:84:92:f0:ad:f7:88:db:fb:c7:dd:f8:
c2:a6:06:01:88:1b:73:c5:f7:cc:ed:06:64:95:f4:74:4c:5b:
66:2e:f7:1c
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYaX+kEl0ITdv6kVc0xb+Wf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZGE2MGYwNDlkZmJhMzRiZTRiNGU4NDE4YjlmZjQ5MjEy
NWM0NDkwHhcNMjMwMjI4MTIyMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDY0MTRmYzM5Mjg2ZjYzYTI2YTZmZTQ3YWEyZDA0YjE2YzI0NTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhUk3VvUP4jIxUEJmIrBbjUnsfqj
TJkQYEn+TghSz3yTbes9ypIwCYxlxtXplX+5PZ0iFxq8eSSbmGfNRfC2aMCx4U4B
V+yT9FrCKPixgfcGH2DGDklQWjxpLDGrVo7adI7OHnutTjW5H1cN8PMoQJniXzo7
RpLl64UheLBmh8/7RFGwoTFcHlO36ZPaSEIeNQlLW3l1e/o/GG8Pa/wqmz1YEKGH
OEuN1AiFpxr17DH6wBNiyaCEkohKLB93mFfR5I3ltpzyuOVrVIiHAe0y3n2yH7mM
4/3EYOelBililht2Ouln4I/o651Gn12lUFZ64AZkQimUO9e5lJxh5g3/VQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFJ1kFPw5KG9jompv5Hqi0EsWwkVJMB8GA1UdIwQY
MBaAFInaYPBJ37o0vktOhBi5/0khJcRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRwZzhFbmZ1alMtUzA2RUdMbl9TU0VseEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTQ3N2YtMDc4NS00MDI2LTgzYmUt
Njk4OTBjODI5ZTMzLzEvbldRVV9Ea29iMk9pYW1fa2VxTFFTeGJDUlVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTQ3N2YtMDc4NS00MDI2LTgzYmUtNjk4OTBjODI5ZTMz
LzEvaWRwZzhFbmZ1alMtUzA2RUdMbl9TU0VseEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAtBAIAATAnMAsDAwEFHgME
BwUgAAMDAFDjAwMBV8gDAwJbSAMDA17IAwQF1YQgMB0EAgACMBcDBQAqAA8pMA4D
BQAqAA8rAwUAKgAPLjANBgkqhkiG9w0BAQsFAAOCAQEAbpuIOl5EMgbBYkWtU11q
AgF3C0s48wETLJfe/kG7bQ6edbsG0JtbxhkTb+pQsi9w8mOL4UVqGl2+WQYRbJ2T
Ah/zH/KbijpvUIjBhyNwKgHiMFJtiKho1vG7iWBgPiS+FnCKpgCNsrL2CgWpurYM
uxlKDySbBrtHFKDREV1NSIp3+NeoD1IPtGh1zB2sSzzeFAD7nkBd288D6biixRSQ
u7YvpqA1TUXgdLe/OURS27mNj06C1VZKYRg7Py/pfq9qm6Y7Jeab1gpWNZz8Pc8b
uFS2BPCpxyLCeNWkYEVVxYSS8K33iNv7x934wqYGAYgbc8X3zO0GZJX0dExbZi73
HA==
-----END CERTIFICATE-----
Generated at Mon Apr 28 10:38:21 2025 by rpki-client