Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/nEKYAybinRMlXyKzdbWukmFRSoI.roa
File: nEKYAybinRMlXyKzdbWukmFRSoI.roa (raw, json)
Hash identifier: gTqehG5VzqRdFwFS6e2m9H71RVwVJRId3ineT18oqwI=
Subject key identifier: 9C:42:98:03:26:E2:9D:13:25:5F:22:B3:75:B5:AE:92:61:51:4A:82
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0187D6664DE13FE045600A2C6A8053D8BB5A
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/nEKYAybinRMlXyKzdbWukmFRSoI.roa
Signing time: Mon 01 May 2023 08:20:41 +0000
ROA not before: Mon 01 May 2023 08:20:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.180.234.0/24 maxlen: 24
5.253.38.0/24 maxlen: 24
45.66.153.0/24 maxlen: 24
45.9.2.0/24 maxlen: 24
45.9.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:d6:66:4d:e1:3f:e0:45:60:0a:2c:6a:80:53:d8:bb:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: May 1 08:20:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c42980326e29d13255f22b375b5ae9261514a82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:2e:d5:72:3c:38:0c:6c:7e:4b:92:59:80:38:
7a:21:62:0e:0d:3a:7c:17:cf:61:45:40:cd:46:64:
02:43:2b:ed:d4:09:13:d8:8a:b5:5e:3f:ae:17:9e:
b0:00:23:10:40:60:bb:26:3f:4a:e7:77:c6:7f:0a:
89:16:d5:6f:d5:09:c7:80:1a:2f:62:e9:5c:75:5e:
34:12:bc:e7:75:a7:b0:c2:95:f0:39:a4:27:c1:30:
2c:ef:74:09:0e:5b:30:fe:3b:94:9a:36:29:24:89:
3b:b1:07:d2:6e:59:11:38:cb:0c:22:4e:b7:ab:ed:
d2:e0:2e:ff:5b:7d:f7:08:11:d9:b1:93:d6:cc:51:
9a:87:fd:3b:59:0b:b4:8e:13:e9:c7:94:c9:fb:2e:
30:88:63:d9:95:96:c1:f5:73:cb:c2:2f:58:72:1e:
75:5f:64:4d:0e:8e:48:8c:34:77:90:28:db:0b:02:
84:4b:06:df:35:1e:f1:f0:11:08:04:a9:d9:6f:34:
a2:0d:24:6a:32:68:59:9d:af:5d:0f:ae:72:ba:ef:
5a:8b:fb:aa:66:57:44:af:6a:c0:a7:bc:36:31:06:
b2:24:cd:65:8b:40:18:42:49:90:cb:cf:58:7f:c1:
52:3d:23:e9:5f:a5:55:6d:71:a0:18:9a:c0:4c:7d:
ae:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:42:98:03:26:E2:9D:13:25:5F:22:B3:75:B5:AE:92:61:51:4A:82
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/nEKYAybinRMlXyKzdbWukmFRSoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.234.0/24
5.253.38.0/24
45.9.2.0/24
45.9.5.0/24
45.66.153.0/24
Signature Algorithm: sha256WithRSAEncryption
87:0f:f9:c7:17:74:17:44:48:a1:ce:a6:ed:25:57:14:46:07:
d1:76:6e:ba:68:6c:ec:02:ef:92:1e:b2:26:a6:b7:2c:d3:9f:
5d:1c:ff:4f:ad:fd:10:cb:da:34:de:ec:cc:b4:94:c3:72:5f:
76:a7:66:be:9d:b9:05:5b:dc:6e:13:cb:ed:83:26:28:83:4e:
ef:ed:0d:a8:d4:87:46:f7:d5:58:bd:bc:89:43:a9:0a:d8:e3:
cf:b9:8f:a6:7d:19:e6:a9:b9:13:36:83:cd:73:5e:03:1c:8c:
7f:ad:8b:cc:aa:e0:7e:1e:e0:41:4e:c8:6a:ee:d0:58:06:43:
cc:e1:b9:9c:e9:92:6c:e4:da:7c:7a:fb:37:0d:44:7e:a4:90:
8d:65:4b:d8:78:4f:58:7d:ed:89:d4:c0:60:ba:51:45:90:b6:
ad:9e:b3:13:a0:ef:59:2a:e5:f8:2d:b0:ea:1a:74:9e:4e:11:
59:d8:5c:2c:a9:d3:5c:b6:25:cd:59:45:a3:07:16:6a:27:15:
c5:b5:7a:78:7d:20:95:f5:5e:14:c8:7d:7b:42:5e:ff:60:aa:
c9:cd:8b:a8:af:47:f5:35:d8:15:ad:de:00:e2:a3:72:e8:e4:
96:25:1e:d9:ee:99:dc:19:6b:73:7d:cc:08:ea:2f:85:9f:0b:
b7:ba:cb:b1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYfWZk3hP+BFYAosaoBT2LtaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwNTAxMDgyMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzQyOTgwMzI2ZTI5ZDEzMjU1ZjIyYjM3NWI1YWU5MjYxNTE0YTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnS7Vcjw4DGx+S5JZgDh6IWIODTp8
F89hRUDNRmQCQyvt1AkT2Iq1Xj+uF56wACMQQGC7Jj9K53fGfwqJFtVv1QnHgBov
YulcdV40ErzndaewwpXwOaQnwTAs73QJDlsw/juUmjYpJIk7sQfSblkROMsMIk63
q+3S4C7/W333CBHZsZPWzFGah/07WQu0jhPpx5TJ+y4wiGPZlZbB9XPLwi9Ych51
X2RNDo5IjDR3kCjbCwKESwbfNR7x8BEIBKnZbzSiDSRqMmhZna9dD65yuu9ai/uq
ZldEr2rAp7w2MQayJM1li0AYQkmQy89Yf8FSPSPpX6VVbXGgGJrATH2uowIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJxCmAMm4p0TJV8is3W1rpJhUUqCMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvbkVLWUF5YmluUk1sWHlLemRiV3VrbUZSU29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABbTqAwQA
Bf0mAwQALQkCAwQALQkFAwQALUKZMA0GCSqGSIb3DQEBCwUAA4IBAQCHD/nHF3QX
REihzqbtJVcURgfRdm66aGzsAu+SHrImprcs059dHP9Prf0Qy9o03uzMtJTDcl92
p2a+nbkFW9xuE8vtgyYog07v7Q2o1IdG99VYvbyJQ6kK2OPPuY+mfRnmqbkTNoPN
c14DHIx/rYvMquB+HuBBTshq7tBYBkPM4bmc6ZJs5Np8evs3DUR+pJCNZUvYeE9Y
fe2J1MBgulFFkLatnrMToO9ZKuX4LbDqGnSeThFZ2FwsqdNctiXNWUWjBxZqJxXF
tXp4fSCV9V4UyH17Ql7/YKrJzYuor0f1NdgVrd4A4qNy6OSWJR7Z7pncGWtzfcwI
6i+Fnwu3usux
-----END CERTIFICATE-----
Generated at Tue Apr 29 05:20:49 2025 by rpki-client