Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/iymaLa-rsUJuEbCGaPT8rQcxGvo.roa
File: iymaLa-rsUJuEbCGaPT8rQcxGvo.roa (raw, json)
Hash identifier: q62OCAKq062o9bYhCkSnFSD3Ugal82Jje0Wpd1jMlAw=
Subject key identifier: 8B:29:9A:2D:AF:AB:B1:42:6E:11:B0:86:68:F4:FC:AD:07:31:1A:FA
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 0182BAE921F1FE3881C36967D235013B400E
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/iymaLa-rsUJuEbCGaPT8rQcxGvo.roa
Signing time: Sat 20 Aug 2022 11:00:16 +0000
ROA not before: Sat 20 Aug 2022 11:00:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50810
IP address blocks: 5.201.128.0/21 maxlen: 21
5.201.128.0/18 maxlen: 18
5.201.142.0/23 maxlen: 23
5.201.144.0/21 maxlen: 21
5.201.152.0/22 maxlen: 22
5.201.156.0/22 maxlen: 22
5.201.160.0/23 maxlen: 23
92.114.16.0/20 maxlen: 24
5.201.168.0/22 maxlen: 22
92.114.22.0/23 maxlen: 23
92.114.24.0/21 maxlen: 21
89.43.0.0/21 maxlen: 21
89.43.4.0/22 maxlen: 22
89.43.10.0/23 maxlen: 23
89.43.8.0/22 maxlen: 22
89.43.12.0/23 maxlen: 23
89.37.0.0/20 maxlen: 20
89.37.0.0/24 maxlen: 24
89.37.8.0/24 maxlen: 24
89.37.8.0/22 maxlen: 22
92.114.28.0/22 maxlen: 22
5.201.174.0/24 maxlen: 24
185.22.30.0/23 maxlen: 23
185.103.84.0/22 maxlen: 22
185.103.85.0/24 maxlen: 24
188.213.74.0/24 maxlen: 24
188.213.75.0/24 maxlen: 24
188.213.72.0/24 maxlen: 24
188.213.73.0/24 maxlen: 24
188.213.76.0/22 maxlen: 22
37.156.16.0/21 maxlen: 21
37.156.24.0/22 maxlen: 22
185.135.228.0/22 maxlen: 22
37.156.31.0/24 maxlen: 24
37.156.30.0/23 maxlen: 23
185.182.221.0/24 maxlen: 24
185.182.220.0/22 maxlen: 22
185.182.222.0/23 maxlen: 23
185.176.32.0/22 maxlen: 22
188.213.64.0/20 maxlen: 21
185.136.100.0/22 maxlen: 22
89.37.15.0/24 maxlen: 24
89.37.14.0/24 maxlen: 24
185.175.76.0/23 maxlen: 23
185.175.78.0/23 maxlen: 23
94.101.128.0/21 maxlen: 21
94.101.128.0/20 maxlen: 24
185.162.40.0/22 maxlen: 22
94.101.136.0/22 maxlen: 22
94.101.139.0/24 maxlen: 24
94.101.140.0/23 maxlen: 23
94.101.142.0/23 maxlen: 23
94.101.142.0/24 maxlen: 24
2a00:5ca0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ba:e9:21:f1:fe:38:81:c3:69:67:d2:35:01:3b:40:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Aug 20 11:00:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b299a2dafabb1426e11b08668f4fcad07311afa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d4:3e:f7:b0:1a:50:56:52:f7:76:e4:80:bf:
74:9b:34:60:d2:a6:d3:81:a0:f7:bb:74:8b:df:3c:
73:0a:74:3b:80:d6:96:d9:3a:49:ab:18:19:81:e7:
39:05:5a:86:4a:1c:04:f8:44:4f:92:fd:d1:44:59:
06:de:e7:51:f6:bf:d6:d7:a0:9b:26:50:89:5c:d4:
0a:9d:92:76:51:e9:26:6f:ff:bf:58:f5:e4:32:77:
23:be:49:dd:c5:98:8d:71:28:95:ea:d2:cc:44:ec:
72:64:08:61:6d:ff:b1:12:23:44:b8:96:82:e9:12:
90:df:8a:8a:64:8d:91:a7:a3:1d:0d:be:71:a1:b6:
e3:64:b5:4c:c9:ed:c0:6b:1a:7d:45:94:ad:08:c6:
e9:fd:ad:2b:d8:12:e8:cf:52:19:44:65:8f:b2:d5:
2b:fd:31:a6:0a:d2:54:7c:bd:18:65:77:be:73:48:
ca:e9:f2:62:89:c6:aa:41:83:0a:3f:dc:7d:04:29:
43:dc:d1:80:e3:8a:b7:3b:38:37:6d:0d:a7:89:37:
71:62:34:e3:4f:6c:be:dd:90:6c:58:70:07:7b:2c:
58:52:f5:c2:ab:a5:a5:f2:dc:d7:7b:60:38:57:45:
7a:c6:e3:d0:6b:7f:2f:2a:a0:a0:4b:5b:0a:16:05:
f2:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:29:9A:2D:AF:AB:B1:42:6E:11:B0:86:68:F4:FC:AD:07:31:1A:FA
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/iymaLa-rsUJuEbCGaPT8rQcxGvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.128.0/18
37.156.16.0-37.156.27.255
37.156.30.0/23
89.37.0.0/20
89.43.0.0-89.43.13.255
92.114.16.0/20
94.101.128.0/20
185.22.30.0/23
185.103.84.0/22
185.135.228.0/22
185.136.100.0/22
185.162.40.0/22
185.175.76.0/22
185.176.32.0/22
185.182.220.0/22
188.213.64.0/20
IPv6:
2a00:5ca0::/32
Signature Algorithm: sha256WithRSAEncryption
62:29:20:80:6b:82:da:9f:f1:e3:5a:52:27:ac:46:ed:bf:93:
fb:b5:7b:e4:ea:8a:68:b0:eb:b3:a7:e0:9a:39:93:5e:95:bb:
7a:96:31:7a:e1:88:f4:2e:68:9b:b6:1e:1d:4f:12:e8:00:eb:
c5:c2:cc:48:d5:86:11:bd:e5:5c:0a:ab:21:be:aa:bc:dc:c6:
c0:1a:75:75:39:f1:d1:33:f1:04:6c:91:3f:96:47:ed:62:ea:
22:49:ba:82:16:fe:26:d8:d6:9c:d1:cf:3f:08:21:f7:50:cf:
43:80:04:09:2e:a2:5e:03:5e:cd:20:54:8b:f0:6d:1b:e2:dc:
bf:d6:ed:d2:03:0f:44:25:15:a9:11:73:84:bb:2d:4f:1d:32:
4a:e7:2a:25:39:98:71:3f:76:36:38:ee:cb:54:89:06:19:d1:
01:95:87:99:1e:e6:c0:a0:b9:af:98:d3:6e:a8:a1:1b:4f:2f:
3d:f3:ed:89:4e:d2:08:1a:a7:44:ec:05:ef:16:13:e6:70:51:
d1:72:a2:6c:15:c8:a4:e5:f9:fb:e9:bc:f1:b7:d2:ec:d0:be:
fb:57:41:e7:eb:77:12:26:25:42:ec:52:db:b5:a4:28:84:a5:
09:ec:4b:21:51:01:8e:95:3f:51:c3:e7:03:f0:d4:36:01:3e:
0f:33:78:d4
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYK66SHx/jiBw2ln0jUBO0AOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjIwODIwMTEwMDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjI5OWEyZGFmYWJiMTQyNmUxMWIwODY2OGY0ZmNhZDA3MzExYWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNQ+97AaUFZS93bkgL90mzRg0qbT
gaD3u3SL3zxzCnQ7gNaW2TpJqxgZgec5BVqGShwE+ERPkv3RRFkG3udR9r/W16Cb
JlCJXNQKnZJ2Uekmb/+/WPXkMncjvkndxZiNcSiV6tLMROxyZAhhbf+xEiNEuJaC
6RKQ34qKZI2Rp6MdDb5xobbjZLVMye3Aaxp9RZStCMbp/a0r2BLoz1IZRGWPstUr
/TGmCtJUfL0YZXe+c0jK6fJiicaqQYMKP9x9BClD3NGA44q3Ozg3bQ2niTdxYjTj
T2y+3ZBsWHAHeyxYUvXCq6Wl8tzXe2A4V0V6xuPQa38vKqCgS1sKFgXyawIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFIspmi2vq7FCbhGwhmj0/K0HMRr6MB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvaXltYUxhLXJzVUp1RWJDR2FQVDhyUWN4R3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjB1BAIAATBvAwQGBcmA
MAwDBAQlnBADBAIlnBgDBAElnB4DBARZJQAwCwMDAFkrAwQBWSsMAwQEXHIQAwQE
XmWAAwQBuRYeAwQCuWdUAwQCuYfkAwQCuYhkAwQCuaIoAwQCua9MAwQCubAgAwQC
ubbcAwQEvNVAMA0EAgACMAcDBQAqAFygMA0GCSqGSIb3DQEBCwUAA4IBAQBiKSCA
a4Lan/HjWlInrEbtv5P7tXvk6oposOuzp+CaOZNelbt6ljF64Yj0Lmibth4dTxLo
AOvFwsxI1YYRveVcCqshvqq83MbAGnV1OfHRM/EEbJE/lkftYuoiSbqCFv4m2Nac
0c8/CCH3UM9DgAQJLqJeA17NIFSL8G0b4ty/1u3SAw9EJRWpEXOEuy1PHTJK5yol
OZhxP3Y2OO7LVIkGGdEBlYeZHubAoLmvmNNuqKEbTy898+2JTtIIGqdE7AXvFhPm
cFHRcqJsFcik5fn76bzxt9Ls0L77V0Hn63cSJiVC7FLbtaQohKUJ7EshUQGOlT9R
w+cD8NQ2AT4PM3jU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:33 2025 by rpki-client