Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/YDC6bdhElQ85U5gLudou8HbYFbc.roa
File: YDC6bdhElQ85U5gLudou8HbYFbc.roa (raw, json)
Hash identifier: /YSoSKmtCvFD8T+Hp+QTdmmbC765jxpJwboxI1tXgIw=
Subject key identifier: 60:30:BA:6D:D8:44:95:0F:39:53:98:0B:B9:DA:2E:F0:76:D8:15:B7
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 018A1CCE0D34F3978FCE377660FC86C42460
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/YDC6bdhElQ85U5gLudou8HbYFbc.roa
Signing time: Tue 22 Aug 2023 10:33:00 +0000
ROA not before: Tue 22 Aug 2023 10:33:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50810
IP address blocks: 5.201.128.0/21 maxlen: 21
5.201.128.0/18 maxlen: 18
5.201.142.0/23 maxlen: 23
5.201.144.0/21 maxlen: 21
5.201.152.0/22 maxlen: 22
5.201.156.0/22 maxlen: 22
5.201.160.0/23 maxlen: 23
92.114.16.0/20 maxlen: 24
92.114.21.0/24 maxlen: 24
5.201.168.0/22 maxlen: 22
92.114.22.0/23 maxlen: 23
92.114.20.0/23 maxlen: 23
92.114.24.0/21 maxlen: 21
89.43.0.0/21 maxlen: 21
89.43.4.0/22 maxlen: 22
89.43.10.0/23 maxlen: 23
89.43.8.0/22 maxlen: 22
89.43.12.0/23 maxlen: 23
89.37.0.0/20 maxlen: 20
89.37.0.0/24 maxlen: 24
89.37.8.0/24 maxlen: 24
89.37.8.0/22 maxlen: 22
92.114.28.0/22 maxlen: 22
92.114.25.0/24 maxlen: 24
5.201.174.0/24 maxlen: 24
185.22.30.0/23 maxlen: 23
185.103.84.0/24 maxlen: 24
185.103.84.0/22 maxlen: 22
185.103.85.0/24 maxlen: 24
188.213.74.0/24 maxlen: 24
188.213.75.0/24 maxlen: 24
188.213.72.0/24 maxlen: 24
188.213.73.0/24 maxlen: 24
188.213.76.0/22 maxlen: 22
37.156.16.0/21 maxlen: 21
37.156.24.0/22 maxlen: 22
185.135.228.0/22 maxlen: 22
37.156.31.0/24 maxlen: 24
37.156.30.0/23 maxlen: 23
185.182.221.0/24 maxlen: 24
185.182.220.0/22 maxlen: 22
185.182.222.0/23 maxlen: 23
185.182.220.0/24 maxlen: 24
185.176.32.0/22 maxlen: 22
188.213.64.0/20 maxlen: 21
185.136.100.0/22 maxlen: 22
89.37.15.0/24 maxlen: 24
89.37.14.0/24 maxlen: 24
185.175.76.0/23 maxlen: 23
185.175.78.0/23 maxlen: 23
94.101.128.0/21 maxlen: 21
94.101.128.0/20 maxlen: 24
185.162.40.0/22 maxlen: 22
94.101.136.0/22 maxlen: 22
94.101.139.0/24 maxlen: 24
94.101.140.0/23 maxlen: 23
94.101.142.0/23 maxlen: 23
94.101.142.0/24 maxlen: 24
2a00:5ca0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:ce:0d:34:f3:97:8f:ce:37:76:60:fc:86:c4:24:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Aug 22 10:33:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6030ba6dd844950f3953980bb9da2ef076d815b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6e:d9:4e:df:db:03:4d:44:df:ba:05:ba:b4:
90:b2:19:64:83:5f:4b:19:40:99:92:bc:8a:35:e5:
76:f7:bf:59:3d:7f:1c:b0:30:b8:29:a0:f1:0d:d6:
38:10:81:10:65:db:a0:9b:79:e6:dd:6b:dc:2c:dc:
15:b4:a1:ef:fa:d0:bc:3f:a3:06:21:32:d4:5d:fc:
a6:38:38:cf:1b:e8:61:21:f6:5d:c1:32:fb:67:78:
28:b9:41:b5:ed:0b:35:31:16:6a:e4:4c:04:87:e4:
65:b4:d1:af:4d:85:75:16:71:2e:33:90:70:b7:05:
81:48:90:16:09:70:1a:85:f8:16:8d:05:04:88:d5:
08:0d:22:4c:26:de:88:13:81:d4:4b:02:e0:ce:70:
78:a1:64:3f:ba:16:93:25:5a:1d:35:0f:db:56:64:
55:39:09:cd:48:c9:a8:3d:f0:30:97:34:1f:f0:44:
72:b2:15:21:8b:d6:d1:8f:6a:e0:07:48:7a:18:3b:
66:58:83:30:36:e3:4e:26:6a:6c:4c:6a:8e:86:84:
12:83:b2:39:fa:f9:22:99:8a:68:f2:58:d9:af:a6:
5d:36:9b:10:8b:e7:fc:4b:09:e9:6c:1b:d2:ff:83:
7d:d7:ab:22:21:51:ab:71:b9:83:c9:b7:25:73:03:
e4:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:30:BA:6D:D8:44:95:0F:39:53:98:0B:B9:DA:2E:F0:76:D8:15:B7
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/YDC6bdhElQ85U5gLudou8HbYFbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.128.0/18
37.156.16.0-37.156.27.255
37.156.30.0/23
89.37.0.0/20
89.43.0.0-89.43.13.255
92.114.16.0/20
94.101.128.0/20
185.22.30.0/23
185.103.84.0/22
185.135.228.0/22
185.136.100.0/22
185.162.40.0/22
185.175.76.0/22
185.176.32.0/22
185.182.220.0/22
188.213.64.0/20
IPv6:
2a00:5ca0::/32
Signature Algorithm: sha256WithRSAEncryption
71:bb:bc:68:0e:f0:41:76:8f:bd:fb:00:3c:0b:72:f9:bc:3e:
37:24:3c:1a:f2:ce:35:c5:ee:3b:77:c9:57:e7:0e:d7:2b:73:
c3:66:45:d8:29:10:f1:68:78:8e:c5:b4:09:90:fc:bf:37:a6:
e7:cc:d4:4f:c2:9a:05:ba:9b:cc:9d:50:19:3f:7e:14:33:fe:
32:2e:e6:89:f4:46:77:fb:cf:8f:67:e3:73:1e:03:0c:df:a7:
ce:70:23:e5:54:8a:82:cb:ac:ac:7b:58:11:90:4f:59:02:5a:
92:98:dd:31:9c:bd:be:99:e2:5b:a7:09:6f:31:0f:fd:f8:04:
cc:20:0c:8a:e1:4c:d8:a4:81:fb:e6:51:26:bc:30:50:98:2c:
cd:82:40:15:44:f1:33:12:00:74:59:13:c1:ed:e4:5f:68:b7:
05:ec:c3:e5:3a:ac:65:27:1b:ea:b4:d3:a5:3e:47:89:c7:3d:
1e:82:06:15:db:0e:af:2a:d7:e5:9e:00:88:6f:98:f2:86:89:
3a:37:a6:81:1d:25:54:25:dd:f8:a1:aa:cb:c0:e3:8d:2e:61:
a7:3a:79:8a:27:45:2b:83:b2:d6:02:8b:ee:27:66:73:fc:db:
1e:0b:65:9e:09:8d:ee:6f:48:be:0f:e4:aa:6d:57:c2:a3:d6:
6f:58:a0:ec
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYoczg0085ePzjd2YPyGxCRgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjMwODIyMTAzMzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDMwYmE2ZGQ4NDQ5NTBmMzk1Mzk4MGJiOWRhMmVmMDc2ZDgxNWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsW7ZTt/bA01E37oFurSQshlkg19L
GUCZkryKNeV2979ZPX8csDC4KaDxDdY4EIEQZdugm3nm3WvcLNwVtKHv+tC8P6MG
ITLUXfymODjPG+hhIfZdwTL7Z3gouUG17Qs1MRZq5EwEh+RltNGvTYV1FnEuM5Bw
twWBSJAWCXAahfgWjQUEiNUIDSJMJt6IE4HUSwLgznB4oWQ/uhaTJVodNQ/bVmRV
OQnNSMmoPfAwlzQf8ERyshUhi9bRj2rgB0h6GDtmWIMwNuNOJmpsTGqOhoQSg7I5
+vkimYpo8ljZr6ZdNpsQi+f8SwnpbBvS/4N916siIVGrcbmDybclcwPkIQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFGAwum3YRJUPOVOYC7naLvB22BW3MB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvWURDNmJkaEVsUTg1VTVnTHVkb3U4SGJZRmJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjB1BAIAATBvAwQGBcmA
MAwDBAQlnBADBAIlnBgDBAElnB4DBARZJQAwCwMDAFkrAwQBWSsMAwQEXHIQAwQE
XmWAAwQBuRYeAwQCuWdUAwQCuYfkAwQCuYhkAwQCuaIoAwQCua9MAwQCubAgAwQC
ubbcAwQEvNVAMA0EAgACMAcDBQAqAFygMA0GCSqGSIb3DQEBCwUAA4IBAQBxu7xo
DvBBdo+9+wA8C3L5vD43JDwa8s41xe47d8lX5w7XK3PDZkXYKRDxaHiOxbQJkPy/
N6bnzNRPwpoFupvMnVAZP34UM/4yLuaJ9EZ3+8+PZ+NzHgMM36fOcCPlVIqCy6ys
e1gRkE9ZAlqSmN0xnL2+meJbpwlvMQ/9+ATMIAyK4UzYpIH75lEmvDBQmCzNgkAV
RPEzEgB0WRPB7eRfaLcF7MPlOqxlJxvqtNOlPkeJxz0eggYV2w6vKtflngCIb5jy
hok6N6aBHSVUJd34oarLwOONLmGnOnmKJ0Urg7LWAovuJ2Zz/NseC2WeCY3ub0i+
D+SqbVfCo9ZvWKDs
-----END CERTIFICATE-----
Generated at Wed Apr 23 15:32:28 2025 by rpki-client