Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/9xjklhTbLyvjrsIFmVllrq-q8sc.roa
File: 9xjklhTbLyvjrsIFmVllrq-q8sc.roa (raw, json)
Hash identifier: u90UPQ9fa/8jlVF0B1SKe5qEPy77ajlpdxwHVj2VDbA=
Subject key identifier: F7:18:E4:96:14:DB:2F:2B:E3:AE:C2:05:99:59:65:AE:AF:AA:F2:C7
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 380F2CA5
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/9xjklhTbLyvjrsIFmVllrq-q8sc.roa
Signing time: Sat 19 Feb 2022 12:58:46 +0000
ROA not before: Sat 19 Feb 2022 12:58:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43395
IP address blocks: 151.238.136.0/21 maxlen: 21
151.238.144.0/23 maxlen: 23
31.58.238.0/24 maxlen: 24
31.58.240.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
31.58.239.0/24 maxlen: 24
31.58.237.0/24 maxlen: 24
151.247.232.0/22 maxlen: 22
151.247.228.0/22 maxlen: 22
151.247.236.0/22 maxlen: 22
151.247.240.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
151.247.242.0/24 maxlen: 24
31.58.246.0/24 maxlen: 24
31.58.242.0/24 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.241.0/24 maxlen: 24
31.58.243.0/24 maxlen: 24
31.58.252.0/24 maxlen: 24
31.58.248.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.253.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
31.59.3.0/24 maxlen: 24
31.58.255.0/24 maxlen: 24
31.59.0.0/23 maxlen: 23
31.58.254.0/24 maxlen: 24
31.59.4.0/24 maxlen: 24
31.59.2.0/24 maxlen: 24
31.59.5.0/24 maxlen: 24
31.59.9.0/24 maxlen: 24
31.59.8.0/24 maxlen: 24
31.59.13.0/24 maxlen: 24
31.59.15.0/24 maxlen: 24
31.59.14.0/24 maxlen: 24
31.59.12.0/24 maxlen: 24
31.59.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 940518565 (0x380f2ca5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Feb 19 12:58:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f718e49614db2f2be3aec205995965aeafaaf2c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cd:47:43:9f:ee:f2:ae:53:a7:49:1e:01:d6:
c7:ba:85:3d:b2:2b:44:2d:d3:11:7d:20:66:f9:e7:
5f:e5:30:ed:59:e1:3d:d3:3c:56:6e:9c:fb:e3:81:
97:f5:b3:86:5b:5b:f4:f5:87:57:0f:55:7f:5c:20:
d6:32:86:20:ef:66:60:90:22:6d:60:b2:8f:42:87:
55:e3:9b:d7:70:8e:8e:db:c9:d0:f8:e5:e4:27:7f:
02:1c:11:70:86:4b:7f:7b:e1:40:b5:f9:6d:8b:7c:
16:a3:80:9d:0d:8e:60:3f:83:4a:d6:22:f7:39:6c:
2e:2c:5a:b7:07:b2:19:f5:c5:ca:93:cd:d4:65:22:
5f:e6:e2:1f:27:6e:27:06:78:0a:9b:7e:21:89:50:
88:6a:0b:35:c4:82:4b:a5:01:de:43:01:7c:64:22:
22:b3:5d:10:9d:cb:0c:f0:3e:a2:0f:38:87:28:88:
f8:f9:95:67:4a:81:b5:2b:53:61:dd:e4:60:5e:97:
9d:c4:f8:4c:43:3b:3b:1f:80:57:4c:30:2c:4a:fa:
3e:92:72:3f:d6:b0:35:23:59:26:e4:da:6f:d5:15:
ac:f8:80:1a:56:bf:89:4e:8a:a8:d9:a6:38:2d:a2:
72:a7:97:f8:51:f0:a6:c5:29:89:be:f1:ff:e5:bd:
65:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:18:E4:96:14:DB:2F:2B:E3:AE:C2:05:99:59:65:AE:AF:AA:F2:C7
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/9xjklhTbLyvjrsIFmVllrq-q8sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.236.0-31.59.5.255
31.59.8.0/23
31.59.12.0/22
151.238.136.0-151.238.145.255
151.247.228.0-151.247.242.255
Signature Algorithm: sha256WithRSAEncryption
be:ff:d4:47:ef:3d:96:cb:f6:de:74:0d:2e:7b:c7:76:c8:6a:
e2:0e:5f:1a:9b:86:77:3a:36:06:69:dd:76:fd:66:4e:c0:6c:
7d:4d:99:6b:19:47:85:5a:ed:c4:a1:d2:c4:17:8b:2c:21:96:
57:86:31:77:ec:77:df:9e:db:2e:31:b6:1f:06:33:44:ea:41:
2a:17:56:ec:e9:c9:7c:91:3a:d9:7a:73:4b:05:57:0d:ab:bb:
da:eb:73:da:22:f5:2d:5d:a7:84:07:87:b6:6d:42:6d:6e:dc:
85:79:40:59:0e:1c:78:82:97:99:bf:94:94:ee:f5:6d:54:2b:
82:ec:3e:8d:92:c5:3f:64:2a:7b:0e:4e:99:3d:8f:c2:68:ee:
e0:3c:7e:58:64:1a:6f:ea:ba:48:11:80:fd:88:83:70:ec:13:
0b:e5:20:b3:f6:f1:1f:44:69:b3:7c:c6:60:aa:8b:74:d5:8b:
fd:f6:70:1e:b9:0c:42:60:f6:f6:f5:50:eb:bd:0e:60:8c:dd:
b9:dc:b7:c6:89:46:4b:67:b2:f7:0f:34:c7:41:e7:50:9a:c5:
aa:45:d8:7c:e7:d5:2c:a5:1c:63:f2:ad:48:5e:38:bf:38:ae:
00:8a:01:d5:5a:93:f3:4c:c9:52:75:29:2b:3f:e5:60:8a:6e:
8a:32:35:ad
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEOA8spTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGY0OTE0ODhhN2NkODQ0OGE0MjA5NDU4NzFjMGI5OTY3MmRjNjZlMB4XDTIyMDIx
OTEyNTg0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjcxOGU0OTYxNGRi
MmYyYmUzYWVjMjA1OTk1OTY1YWVhZmFhZjJjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7NR0Of7vKuU6dJHgHWx7qFPbIrRC3TEX0gZvnnX+Uw7Vnh
PdM8Vm6c++OBl/Wzhltb9PWHVw9Vf1wg1jKGIO9mYJAibWCyj0KHVeOb13COjtvJ
0Pjl5Cd/AhwRcIZLf3vhQLX5bYt8FqOAnQ2OYD+DStYi9zlsLixatweyGfXFypPN
1GUiX+biHyduJwZ4Cpt+IYlQiGoLNcSCS6UB3kMBfGQiIrNdEJ3LDPA+og84hyiI
+PmVZ0qBtStTYd3kYF6XncT4TEM7Ox+AV0wwLEr6PpJyP9awNSNZJuTab9UVrPiA
Gla/iU6KqNmmOC2icqeX+FHwpsUpib7x/+W9ZUsCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBT3GOSWFNsvK+OuwgWZWWWur6ryxzAfBgNVHSMEGDAWgBSt9JFIinzYRIpC
CUWHHAuZZy3GbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JmU1JTSXA4MkVTS1FnbEZoeHdMbVdjdHhtNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvNzE1ZDE1LTI4MTAtNDgyNy04ZGJkLTBiZWUwNjEyNmIxYS8x
Lzl4amtsaFRiTHl2anJzSUZtVmxscnEtcThzYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
NzE1ZDE1LTI4MTAtNDgyNy04ZGJkLTBiZWUwNjEyNmIxYS8xL3JmU1JTSXA4MkVT
S1FnbEZoeHdMbVdjdHhtNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNjAMAwQCHzrsAwQBHzsEAwQBHzsIAwQC
HzsMMAwDBAOX7ogDBAGX7pAwDAMEApf35AMEAJf38jANBgkqhkiG9w0BAQsFAAOC
AQEAvv/UR+89lsv23nQNLnvHdshq4g5fGpuGdzo2Bmnddv1mTsBsfU2ZaxlHhVrt
xKHSxBeLLCGWV4Yxd+x3357bLjG2HwYzROpBKhdW7OnJfJE62XpzSwVXDau72utz
2iL1LV2nhAeHtm1CbW7chXlAWQ4ceIKXmb+UlO71bVQrguw+jZLFP2Qqew5OmT2P
wmju4Dx+WGQab+q6SBGA/YiDcOwTC+Ugs/bxH0Rps3zGYKqLdNWL/fZwHrkMQmD2
9vVQ670OYIzdudy3xolGS2ey9w80x0HnUJrFqkXYfOfVLKUcY/KtSF44vziuAIoB
1VqT80zJUnUpKz/lYIpuijI1rQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:52 2023 by rpki-client on console-fra.rpki-client.org