Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/xLen15kYDYuCSDe_7qMjyTnyjI8.roa
File: xLen15kYDYuCSDe_7qMjyTnyjI8.roa (raw, json)
Hash identifier: dtpBONDDVq7JoE4/pDCeUPMrwyRQ+Pgo4Wc9tUMwWdc=
Subject key identifier: C4:B7:A7:D7:99:18:0D:8B:82:48:37:BF:EE:A3:23:C9:39:F2:8C:8F
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 01854478BD9585CA32DA90B5B5648BC0C30C
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/xLen15kYDYuCSDe_7qMjyTnyjI8.roa
Signing time: Sat 24 Dec 2022 14:10:41 +0000
ROA not before: Sat 24 Dec 2022 14:10:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50810
IP address blocks: 5.201.128.0/21 maxlen: 21
5.201.128.0/18 maxlen: 18
5.201.142.0/23 maxlen: 23
5.201.144.0/21 maxlen: 21
5.201.152.0/22 maxlen: 22
5.201.156.0/22 maxlen: 22
5.201.160.0/23 maxlen: 23
92.114.16.0/20 maxlen: 24
5.201.168.0/22 maxlen: 22
92.114.22.0/23 maxlen: 23
92.114.24.0/21 maxlen: 21
89.43.0.0/21 maxlen: 21
89.43.4.0/22 maxlen: 22
89.43.10.0/23 maxlen: 23
89.43.8.0/22 maxlen: 22
89.43.12.0/23 maxlen: 23
89.37.0.0/20 maxlen: 20
89.37.0.0/24 maxlen: 24
89.37.8.0/24 maxlen: 24
89.37.8.0/22 maxlen: 22
92.114.28.0/22 maxlen: 22
5.201.174.0/24 maxlen: 24
185.22.30.0/23 maxlen: 23
185.103.84.0/24 maxlen: 24
185.103.84.0/22 maxlen: 22
185.103.85.0/24 maxlen: 24
188.213.74.0/24 maxlen: 24
188.213.75.0/24 maxlen: 24
188.213.72.0/24 maxlen: 24
188.213.73.0/24 maxlen: 24
188.213.76.0/22 maxlen: 22
37.156.16.0/21 maxlen: 21
37.156.24.0/22 maxlen: 22
185.135.228.0/22 maxlen: 22
37.156.31.0/24 maxlen: 24
37.156.30.0/23 maxlen: 23
185.182.221.0/24 maxlen: 24
185.182.220.0/22 maxlen: 22
185.182.222.0/23 maxlen: 23
185.182.220.0/24 maxlen: 24
185.176.32.0/22 maxlen: 22
188.213.64.0/20 maxlen: 21
185.136.100.0/22 maxlen: 22
89.37.15.0/24 maxlen: 24
89.37.14.0/24 maxlen: 24
185.175.76.0/23 maxlen: 23
185.175.78.0/23 maxlen: 23
94.101.128.0/21 maxlen: 21
94.101.128.0/20 maxlen: 24
185.162.40.0/22 maxlen: 22
94.101.136.0/22 maxlen: 22
94.101.139.0/24 maxlen: 24
94.101.140.0/23 maxlen: 23
94.101.142.0/23 maxlen: 23
94.101.142.0/24 maxlen: 24
2a00:5ca0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:44:78:bd:95:85:ca:32:da:90:b5:b5:64:8b:c0:c3:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Dec 24 14:10:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4b7a7d799180d8b824837bfeea323c939f28c8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:39:9d:64:fe:3e:16:4a:df:f6:7b:9e:09:f7:
9a:86:47:27:0b:ab:86:cc:4b:24:1e:c6:43:b7:13:
82:d0:79:6b:81:8e:16:38:44:a5:17:94:71:ce:74:
4d:dc:77:1f:05:d6:03:c2:db:08:05:a6:15:f6:89:
69:84:45:29:f7:f5:7b:02:f6:2f:c3:7c:64:37:8c:
32:fe:02:63:36:69:e6:ee:cd:b6:65:a9:89:8c:3e:
c1:76:c6:a0:5a:fb:ec:09:d4:ce:45:fb:f5:69:2e:
fd:1d:56:bc:c2:c2:45:93:f2:67:b3:92:ea:f7:59:
8a:e0:31:8b:09:2f:d2:d7:4b:7a:c0:93:1d:64:46:
f1:9a:06:a0:a3:f2:30:8e:b2:40:5f:4a:e5:66:cb:
e3:4b:00:96:58:44:68:a5:6d:cf:7e:6d:ae:0b:65:
07:d4:5f:bf:1b:b3:f8:4a:55:ff:5a:e9:68:b7:aa:
37:7b:23:7a:60:8e:a9:ec:c1:1f:0f:6d:09:02:85:
b1:2c:bb:01:42:6d:53:4a:81:e6:4b:f4:52:5a:e8:
e5:b1:19:90:2a:7e:a1:2c:69:f9:aa:c4:01:0d:f8:
45:4d:55:22:54:25:62:81:70:a6:43:96:ff:7a:e4:
e4:1f:21:e1:a2:55:f1:3b:1e:6f:35:2e:4b:4e:df:
7a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:B7:A7:D7:99:18:0D:8B:82:48:37:BF:EE:A3:23:C9:39:F2:8C:8F
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/xLen15kYDYuCSDe_7qMjyTnyjI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.128.0/18
37.156.16.0-37.156.27.255
37.156.30.0/23
89.37.0.0/20
89.43.0.0-89.43.13.255
92.114.16.0/20
94.101.128.0/20
185.22.30.0/23
185.103.84.0/22
185.135.228.0/22
185.136.100.0/22
185.162.40.0/22
185.175.76.0/22
185.176.32.0/22
185.182.220.0/22
188.213.64.0/20
IPv6:
2a00:5ca0::/32
Signature Algorithm: sha256WithRSAEncryption
51:7b:ee:c4:64:9d:85:a5:d4:a2:94:42:ae:c3:a0:fa:e3:38:
51:f3:79:c0:da:5c:62:53:bc:7c:3c:3b:32:c7:50:0f:8a:b0:
ba:16:f3:ca:7e:09:c9:07:be:91:c4:45:36:40:e6:7f:db:cf:
35:da:40:25:8e:ef:a2:16:8f:18:19:8e:cf:c6:80:b6:4a:f5:
3e:8a:f4:54:c5:49:6d:ee:9d:2f:38:c4:92:dd:4d:09:c7:e1:
b2:5e:dc:c4:ba:cb:23:c9:b9:da:cc:b2:2e:59:44:a5:07:8d:
32:d5:0b:d0:7c:01:2d:4e:c2:89:dc:82:60:b0:c1:c4:7a:c7:
31:65:8e:67:b3:f3:de:d6:44:f9:29:c2:57:38:b6:cc:05:00:
46:81:91:dc:f7:19:30:39:d2:fd:51:55:65:66:c1:4e:ca:5a:
5c:3d:87:39:fb:2c:33:1e:dd:f5:97:77:b1:e4:63:e0:9b:ca:
57:73:bb:5e:ba:f0:70:a5:9a:6d:5a:13:ca:ad:e5:d1:e6:42:
d0:b2:75:59:5e:75:b6:d3:a3:b8:f0:86:b6:b6:d0:ee:be:4f:
58:29:7a:2c:fb:39:9f:b3:af:9d:e4:18:58:f2:5f:a0:ae:a4:
7e:f9:f2:49:8c:91:c5:3a:44:a9:fa:97:77:81:91:08:34:c8:
fd:df:d2:20
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAYVEeL2Vhcoy2pC1tWSLwMMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjIxMjI0MTQxMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGI3YTdkNzk5MTgwZDhiODI0ODM3YmZlZWEzMjNjOTM5ZjI4YzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDmdZP4+Fkrf9nueCfeahkcnC6uG
zEskHsZDtxOC0HlrgY4WOESlF5RxznRN3HcfBdYDwtsIBaYV9olphEUp9/V7AvYv
w3xkN4wy/gJjNmnm7s22ZamJjD7BdsagWvvsCdTORfv1aS79HVa8wsJFk/Jns5Lq
91mK4DGLCS/S10t6wJMdZEbxmgago/IwjrJAX0rlZsvjSwCWWERopW3Pfm2uC2UH
1F+/G7P4SlX/Wulot6o3eyN6YI6p7MEfD20JAoWxLLsBQm1TSoHmS/RSWujlsRmQ
Kn6hLGn5qsQBDfhFTVUiVCVigXCmQ5b/euTkHyHholXxOx5vNS5LTt96gQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFMS3p9eZGA2Lgkg3v+6jI8k58oyPMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEveExlbjE1a1lEWXVDU0RlXzdxTWp5VG55akk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjB1BAIAATBvAwQGBcmA
MAwDBAQlnBADBAIlnBgDBAElnB4DBARZJQAwCwMDAFkrAwQBWSsMAwQEXHIQAwQE
XmWAAwQBuRYeAwQCuWdUAwQCuYfkAwQCuYhkAwQCuaIoAwQCua9MAwQCubAgAwQC
ubbcAwQEvNVAMA0EAgACMAcDBQAqAFygMA0GCSqGSIb3DQEBCwUAA4IBAQBRe+7E
ZJ2FpdSilEKuw6D64zhR83nA2lxiU7x8PDsyx1APirC6FvPKfgnJB76RxEU2QOZ/
28812kAlju+iFo8YGY7PxoC2SvU+ivRUxUlt7p0vOMSS3U0Jx+GyXtzEussjybna
zLIuWUSlB40y1QvQfAEtTsKJ3IJgsMHEescxZY5ns/Pe1kT5KcJXOLbMBQBGgZHc
9xkwOdL9UVVlZsFOylpcPYc5+ywzHt31l3ex5GPgm8pXc7teuvBwpZptWhPKreXR
5kLQsnVZXnW206O48Ia2ttDuvk9YKXos+zmfs6+d5BhY8l+grqR++fJJjJHFOkSp
+pd3gZEINMj939Ig
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:50 2025 by rpki-client