Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/Cdr6GGa0V5OkMZsVUGWBEHXdYqE.roa
File: Cdr6GGa0V5OkMZsVUGWBEHXdYqE.roa (raw, json)
Hash identifier: 0NL2ADM55MeQ1B+cQPOG/TbnEO4nd725cLKl8yfSyyA=
Subject key identifier: 09:DA:FA:18:66:B4:57:93:A4:31:9B:15:50:65:81:10:75:DD:62:A1
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 37912256
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/Cdr6GGa0V5OkMZsVUGWBEHXdYqE.roa
Signing time: Sat 01 Jan 2022 06:01:50 +0000
ROA not before: Sat 01 Jan 2022 06:01:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43395
IP address blocks: 151.238.136.0/21 maxlen: 21
151.238.144.0/23 maxlen: 23
31.58.238.0/24 maxlen: 24
31.58.240.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
31.58.239.0/24 maxlen: 24
31.58.237.0/24 maxlen: 24
151.247.232.0/22 maxlen: 22
151.247.228.0/22 maxlen: 22
151.247.236.0/22 maxlen: 22
151.247.240.0/24 maxlen: 24
151.247.241.0/24 maxlen: 24
31.58.246.0/24 maxlen: 24
31.58.242.0/24 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.241.0/24 maxlen: 24
31.58.243.0/24 maxlen: 24
31.58.252.0/24 maxlen: 24
31.58.248.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.253.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
31.59.3.0/24 maxlen: 24
31.58.255.0/24 maxlen: 24
31.59.0.0/23 maxlen: 23
31.58.254.0/24 maxlen: 24
31.59.4.0/24 maxlen: 24
31.59.2.0/24 maxlen: 24
31.59.5.0/24 maxlen: 24
31.59.9.0/24 maxlen: 24
31.59.8.0/24 maxlen: 24
31.59.13.0/24 maxlen: 24
31.59.15.0/24 maxlen: 24
31.59.14.0/24 maxlen: 24
31.59.12.0/24 maxlen: 24
31.59.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 932258390 (0x37912256)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jan 1 06:01:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09dafa1866b45793a4319b155065811075dd62a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:4b:1e:fc:29:c2:c8:94:70:ed:e7:29:53:ff:
fb:8b:f7:d5:f3:e9:af:dc:ce:46:81:3c:61:e8:7c:
09:b7:cc:73:a7:79:59:ae:92:e1:93:88:ac:39:d2:
55:f2:4e:f5:29:a7:4b:54:cf:e8:e9:e4:d8:7d:67:
b2:3d:11:6c:65:72:ad:68:d9:ad:e4:b5:57:aa:22:
10:2f:7d:f4:3e:2c:47:b5:b6:7b:b4:05:91:1d:24:
11:f4:da:61:dc:4c:dd:7d:1f:20:d3:57:50:5b:be:
81:a8:c9:d0:80:1e:82:b0:aa:02:4e:d5:65:71:f6:
84:ce:b3:12:92:44:ed:dd:b3:00:86:9a:16:89:de:
42:e0:15:aa:38:f9:5a:9a:4b:c9:01:e4:13:13:11:
51:84:b8:4d:1c:6c:06:b6:c4:9e:7b:e7:d2:d9:cb:
ed:7b:93:fc:3e:7b:7a:f4:80:a6:73:65:8e:99:a8:
40:ec:c2:c7:ba:09:13:b0:cb:31:98:1c:c5:8f:6e:
b6:f2:02:cb:ea:81:c2:27:bf:51:a0:3e:66:87:1b:
6e:31:96:75:67:23:6f:af:88:ac:c4:37:5b:68:5b:
9d:50:62:30:27:11:8d:5b:6b:71:8f:64:a2:04:f2:
76:db:4e:85:06:1e:89:89:ca:36:61:14:3b:63:ef:
30:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:DA:FA:18:66:B4:57:93:A4:31:9B:15:50:65:81:10:75:DD:62:A1
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/Cdr6GGa0V5OkMZsVUGWBEHXdYqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.236.0-31.59.5.255
31.59.8.0/23
31.59.12.0/22
151.238.136.0-151.238.145.255
151.247.228.0-151.247.241.255
Signature Algorithm: sha256WithRSAEncryption
83:dc:08:8c:ef:5c:1f:96:10:e5:ec:46:36:27:63:07:4e:ad:
c3:f9:10:ef:d3:bd:8a:62:bb:33:9d:9e:d5:58:cf:63:6d:34:
42:b1:9e:5f:f1:e7:be:91:ec:60:8e:87:9e:99:3c:ae:e8:bd:
31:d6:13:54:1c:c6:13:e7:ac:6a:1b:63:45:b2:f9:1c:bb:86:
b8:69:ec:bf:5a:e4:20:02:35:82:10:32:38:b5:60:96:5e:e7:
c2:d4:1f:4f:5e:98:86:3b:b6:70:e9:f9:d4:5a:b9:f0:77:e3:
0f:48:08:90:bd:e9:2f:21:75:2b:1a:d3:b3:ce:a7:a5:22:4a:
36:5a:f9:90:60:e7:38:45:36:75:48:fa:ba:ee:7a:1f:76:a8:
f1:c0:b6:36:72:42:57:59:1e:e0:f4:4a:33:5c:43:bd:99:a8:
88:37:a4:39:52:75:c5:1c:eb:d2:66:a7:1f:21:09:73:b3:0f:
dd:d0:b2:d5:db:78:26:03:6f:d9:25:5c:87:07:35:12:0e:12:
6a:6c:7d:4f:c7:72:9d:2a:64:13:2b:98:41:cd:1f:13:3b:20:
0b:ea:b8:72:05:69:dc:e3:42:4f:98:f1:ad:65:8b:71:5c:c5:
38:6b:f4:8e:7a:c5:50:4b:aa:3b:26:fc:b0:3d:94:85:bf:6d:
dd:81:c2:09
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEN5EiVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGY0OTE0ODhhN2NkODQ0OGE0MjA5NDU4NzFjMGI5OTY3MmRjNjZlMB4XDTIyMDEw
MTA2MDE1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDlkYWZhMTg2NmI0
NTc5M2E0MzE5YjE1NTA2NTgxMTA3NWRkNjJhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOlLHvwpwsiUcO3nKVP/+4v31fPpr9zORoE8Yeh8CbfMc6d5
Wa6S4ZOIrDnSVfJO9SmnS1TP6Onk2H1nsj0RbGVyrWjZreS1V6oiEC999D4sR7W2
e7QFkR0kEfTaYdxM3X0fINNXUFu+gajJ0IAegrCqAk7VZXH2hM6zEpJE7d2zAIaa
FoneQuAVqjj5WppLyQHkExMRUYS4TRxsBrbEnnvn0tnL7XuT/D57evSApnNljpmo
QOzCx7oJE7DLMZgcxY9utvICy+qBwie/UaA+ZocbbjGWdWcjb6+IrMQ3W2hbnVBi
MCcRjVtrcY9kogTydttOhQYeiYnKNmEUO2PvMLkCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQJ2voYZrRXk6QxmxVQZYEQdd1ioTAfBgNVHSMEGDAWgBSt9JFIinzYRIpC
CUWHHAuZZy3GbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JmU1JTSXA4MkVTS1FnbEZoeHdMbVdjdHhtNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvNzE1ZDE1LTI4MTAtNDgyNy04ZGJkLTBiZWUwNjEyNmIxYS8x
L0NkcjZHR2EwVjVPa01ac1ZVR1dCRUhYZFlxRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
NzE1ZDE1LTI4MTAtNDgyNy04ZGJkLTBiZWUwNjEyNmIxYS8xL3JmU1JTSXA4MkVT
S1FnbEZoeHdMbVdjdHhtNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNjAMAwQCHzrsAwQBHzsEAwQBHzsIAwQC
HzsMMAwDBAOX7ogDBAGX7pAwDAMEApf35AMEAZf38DANBgkqhkiG9w0BAQsFAAOC
AQEAg9wIjO9cH5YQ5exGNidjB06tw/kQ79O9imK7M52e1VjPY200QrGeX/HnvpHs
YI6Hnpk8rui9MdYTVBzGE+esahtjRbL5HLuGuGnsv1rkIAI1ghAyOLVgll7nwtQf
T16Yhju2cOn51Fq58HfjD0gIkL3pLyF1KxrTs86npSJKNlr5kGDnOEU2dUj6uu56
H3ao8cC2NnJCV1ke4PRKM1xDvZmoiDekOVJ1xRzr0manHyEJc7MP3dCy1dt4JgNv
2SVchwc1Eg4Samx9T8dynSpkEyuYQc0fEzsgC+q4cgVp3ONCT5jxrWWLcVzFOGv0
jnrFUEuqOyb8sD2Uhb9t3YHCCQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:52 2023 by rpki-client on console-fra.rpki-client.org