Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/Iu_EvrpPC3yz6KpMEgvuSvTQ0Qo.roa
File: Iu_EvrpPC3yz6KpMEgvuSvTQ0Qo.roa (raw, json)
Hash identifier: MHqeB3JJGZql550WbacnzNpQICifwqnsTArVYrHbiTc=
Subject key identifier: 22:EF:C4:BE:BA:4F:0B:7C:B3:E8:AA:4C:12:0B:EE:4A:F4:D0:D1:0A
Certificate issuer: /CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Certificate serial: 0183F5329B20C04CAF717272EFB27B63E893
Authority key identifier: 99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/Iu_EvrpPC3yz6KpMEgvuSvTQ0Qo.roa
Signing time: Thu 20 Oct 2022 11:41:17 +0000
ROA not before: Thu 20 Oct 2022 11:41:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16333
IP address blocks: 185.2.188.0/22 maxlen: 22
217.16.64.0/19 maxlen: 19
217.16.64.0/20 maxlen: 20
217.16.80.0/20 maxlen: 20
217.16.88.0/22 maxlen: 22
217.16.87.0/24 maxlen: 24
212.110.80.0/21 maxlen: 21
212.110.88.0/22 maxlen: 22
146.255.69.0/24 maxlen: 24
146.255.86.0/24 maxlen: 24
185.80.164.0/22 maxlen: 22
185.100.244.0/22 maxlen: 22
85.30.64.0/19 maxlen: 19
85.30.64.0/21 maxlen: 21
85.30.64.0/18 maxlen: 18
85.30.72.0/22 maxlen: 22
78.157.4.0/24 maxlen: 24
78.157.3.0/24 maxlen: 24
78.157.2.0/24 maxlen: 24
78.157.1.0/24 maxlen: 24
78.157.0.0/24 maxlen: 24
78.157.7.0/24 maxlen: 24
78.157.6.0/24 maxlen: 24
78.157.5.0/24 maxlen: 24
109.69.40.0/21 maxlen: 21
79.126.128.0/18 maxlen: 18
79.126.128.0/17 maxlen: 17
5.32.178.0/23 maxlen: 23
185.89.244.0/22 maxlen: 22
5.32.180.0/24 maxlen: 24
5.32.182.0/24 maxlen: 24
212.110.64.0/23 maxlen: 23
79.126.192.0/18 maxlen: 18
78.157.24.0/24 maxlen: 24
78.157.23.0/24 maxlen: 24
78.157.22.0/24 maxlen: 24
78.157.21.0/24 maxlen: 24
78.157.20.0/24 maxlen: 24
78.157.31.0/24 maxlen: 24
78.157.30.0/24 maxlen: 24
78.157.29.0/24 maxlen: 24
78.157.28.0/24 maxlen: 24
78.157.27.0/24 maxlen: 24
78.157.26.0/24 maxlen: 24
78.157.25.0/24 maxlen: 24
31.11.68.0/22 maxlen: 22
31.11.64.0/18 maxlen: 19
31.11.72.0/21 maxlen: 21
31.11.80.0/21 maxlen: 21
31.11.88.0/21 maxlen: 21
185.5.4.0/22 maxlen: 22
89.31.152.0/21 maxlen: 21
31.11.96.0/21 maxlen: 21
31.11.104.0/21 maxlen: 21
31.11.112.0/21 maxlen: 21
217.196.192.0/20 maxlen: 20
31.11.120.0/21 maxlen: 21
212.158.176.0/20 maxlen: 24
85.30.80.0/22 maxlen: 22
85.30.92.0/22 maxlen: 22
85.30.96.0/19 maxlen: 19
85.30.96.0/22 maxlen: 22
85.30.101.0/24 maxlen: 24
85.30.104.0/22 maxlen: 22
85.30.112.0/24 maxlen: 24
85.30.110.0/24 maxlen: 24
85.30.120.0/21 maxlen: 21
85.30.119.0/24 maxlen: 24
95.128.186.0/24 maxlen: 24
2a01:5b8::/29 maxlen: 29
2a01:5b8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f5:32:9b:20:c0:4c:af:71:72:72:ef:b2:7b:63:e8:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Validity
Not Before: Oct 20 11:41:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22efc4beba4f0b7cb3e8aa4c120bee4af4d0d10a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:12:fa:80:bd:96:36:87:71:4c:fc:50:e3:af:
c4:76:51:19:f9:08:fc:ec:72:a0:0a:80:db:23:68:
3c:1e:2a:05:ad:be:7a:c2:51:7d:27:a3:12:e2:77:
57:66:3f:08:73:bd:dc:5c:04:fe:1c:36:7e:07:3f:
ca:5f:fb:40:9a:6d:71:f3:1c:81:78:f9:77:20:a4:
ed:11:16:d1:9a:5a:f6:98:6b:bf:39:42:fd:6b:57:
75:c2:a7:ca:53:4c:42:fd:3b:54:ec:9e:a5:b5:f5:
e5:8f:2d:84:84:39:44:84:e2:6a:a1:e4:41:68:69:
2e:6e:dd:c7:29:72:68:85:c0:8f:42:2c:2e:39:a8:
86:4c:26:cf:1e:ac:50:83:96:46:ab:ab:f4:df:16:
80:08:4d:ea:77:c2:b3:f7:33:3a:b2:d2:ec:c3:fd:
85:79:b5:70:a1:13:fd:36:ac:4f:8a:1c:5f:4d:f8:
35:0f:1c:98:a6:94:e8:9c:f7:ad:4b:9a:20:ec:6d:
8f:78:cf:de:5c:e7:c0:46:cf:e7:ab:cf:37:81:5f:
8c:74:15:e2:c1:e7:c7:88:59:3a:87:00:8a:ff:e6:
06:7a:12:26:ea:c7:4c:77:ae:d5:9f:17:ce:0f:a5:
05:af:dd:e8:4b:ca:96:d8:bf:69:00:65:a7:15:ae:
e8:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:EF:C4:BE:BA:4F:0B:7C:B3:E8:AA:4C:12:0B:EE:4A:F4:D0:D1:0A
X509v3 Authority Key Identifier:
keyid:99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/Iu_EvrpPC3yz6KpMEgvuSvTQ0Qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.178.0-5.32.180.255
5.32.182.0/24
31.11.64.0/18
78.157.0.0/21
78.157.20.0-78.157.31.255
79.126.128.0/17
85.30.64.0/18
89.31.152.0/21
95.128.186.0/24
109.69.40.0/21
146.255.69.0/24
146.255.86.0/24
185.2.188.0/22
185.5.4.0/22
185.80.164.0/22
185.89.244.0/22
185.100.244.0/22
212.110.64.0/23
212.110.80.0-212.110.91.255
212.158.176.0/20
217.16.64.0/19
217.196.192.0/20
IPv6:
2a01:5b8::/29
Signature Algorithm: sha256WithRSAEncryption
5c:d5:58:f1:5f:a1:81:bb:e0:74:d1:0a:9b:8e:11:c6:76:23:
ca:94:5e:fd:f6:dc:3a:a7:ca:8e:02:41:19:9c:48:b9:27:57:
59:9d:14:3e:c6:32:05:ed:fb:dd:89:b0:d7:de:df:80:7f:b8:
2d:1c:a9:07:c9:f3:4b:b8:be:0c:49:d3:bc:51:1a:6b:58:ca:
7f:19:62:40:89:b1:7a:35:e6:e6:48:8d:d5:f7:f4:17:c7:73:
b5:7e:5d:20:55:bd:34:71:f8:46:1c:e8:d4:f4:89:74:8b:63:
b3:15:65:79:a5:a8:0c:ad:45:f4:d2:bb:30:03:80:d2:6e:9a:
2e:7b:87:94:60:69:bd:38:7c:7a:60:a3:fc:f4:12:d1:68:2c:
71:41:7b:c4:11:ae:97:75:29:24:52:55:43:b1:ff:e4:8d:c0:
c2:6d:65:41:c6:59:ed:8b:1d:ad:57:3f:e1:78:96:af:87:73:
68:b2:e7:4d:6a:df:9c:a3:82:d9:0d:35:c3:d0:78:12:11:ee:
df:7b:bf:38:36:3a:7c:39:bc:f0:ba:96:5b:0d:9b:8d:30:fa:
e9:f5:ca:de:82:6b:b8:c8:29:69:7b:71:7c:46:cf:e5:09:a3:
b0:bd:0c:1a:09:f8:5a:56:86:94:20:da:b6:4b:21:44:66:9d:
49:fe:02:92
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAYP1MpsgwEyvcXJy77J7Y+iTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZTcyMDlhOGM5YjE3NmZiZjYyM2VkZjNlZTBiODIwMDdm
YzJjNDAwHhcNMjIxMDIwMTE0MTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmVmYzRiZWJhNGYwYjdjYjNlOGFhNGMxMjBiZWU0YWY0ZDBkMTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxL6gL2WNodxTPxQ46/EdlEZ+Qj8
7HKgCoDbI2g8HioFrb56wlF9J6MS4ndXZj8Ic73cXAT+HDZ+Bz/KX/tAmm1x8xyB
ePl3IKTtERbRmlr2mGu/OUL9a1d1wqfKU0xC/TtU7J6ltfXljy2EhDlEhOJqoeRB
aGkubt3HKXJohcCPQiwuOaiGTCbPHqxQg5ZGq6v03xaACE3qd8Kz9zM6stLsw/2F
ebVwoRP9NqxPihxfTfg1DxyYppTonPetS5og7G2PeM/eXOfARs/nq883gV+MdBXi
wefHiFk6hwCK/+YGehIm6sdMd67VnxfOD6UFr93oS8qW2L9pAGWnFa7oyQIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFCLvxL66Twt8s+iqTBIL7kr00NEKMB8GA1UdIwQY
MBaAFJnnIJqMmxdvv2I+3z7guCAH/CxAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUt
YjJkY2MxODYzZThiLzEvSXVfRXZycFBDM3l6NktwTUVndnVTdlRRMFFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUtYjJkY2MxODYzZThi
LzEvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTCBowQCAAEwgZwwDAME
AQUgsgMEAAUgtAMEAAUgtgMEBh8LQAMEA06dADAMAwQCTp0UAwQFTp0AAwQHT36A
AwQGVR5AAwQDWR+YAwQAX4C6AwQDbUUoAwQAkv9FAwQAkv9WAwQCuQK8AwQCuQUE
AwQCuVCkAwQCuVn0AwQCuWT0AwQB1G5AMAwDBATUblADBALUblgDBATUnrADBAXZ
EEADBATZxMAwDQQCAAIwBwMFAyoBBbgwDQYJKoZIhvcNAQELBQADggEBAFzVWPFf
oYG74HTRCpuOEcZ2I8qUXv323Dqnyo4CQRmcSLknV1mdFD7GMgXt+92JsNfe34B/
uC0cqQfJ80u4vgxJ07xRGmtYyn8ZYkCJsXo15uZIjdX39BfHc7V+XSBVvTRx+EYc
6NT0iXSLY7MVZXmlqAytRfTSuzADgNJumi57h5Rgab04fHpgo/z0EtFoLHFBe8QR
rpd1KSRSVUOx/+SNwMJtZUHGWe2LHa1XP+F4lq+Hc2iy501q35yjgtkNNcPQeBIR
7t97vzg2Onw5vPC6llsNm40w+un1yt6Ca7jIKWl7cXxGz+UJo7C9DBoJ+FpWhpQg
2rZLIURmnUn+ApI=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:32 2023 by rpki-client on console.sobornost.net