Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/MLrrCThzumlpx7sk48XK9EtqZio.roa
File: MLrrCThzumlpx7sk48XK9EtqZio.roa (raw, json)
Hash identifier: aykBMW6RiRoCCJgpLaktb8kQkmNwNkTkC4fdIaZXw1o=
Subject key identifier: 30:BA:EB:09:38:73:BA:69:69:C7:BB:24:E3:C5:CA:F4:4B:6A:66:2A
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 378F124D
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/MLrrCThzumlpx7sk48XK9EtqZio.roa
Signing time: Sat 01 Jan 2022 06:01:49 +0000
ROA not before: Sat 01 Jan 2022 06:01:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31549
IP address blocks: 217.60.0.0/19 maxlen: 19
217.60.0.0/18 maxlen: 18
217.60.0.0/16 maxlen: 16
217.60.24.0/21 maxlen: 21
217.60.36.0/23 maxlen: 23
217.60.32.0/22 maxlen: 22
217.60.32.0/20 maxlen: 20
217.60.36.0/22 maxlen: 22
217.60.38.0/23 maxlen: 23
217.60.40.0/21 maxlen: 21
217.60.48.0/20 maxlen: 20
37.148.0.0/18 maxlen: 24
37.148.0.0/17 maxlen: 18
217.60.108.0/22 maxlen: 22
217.60.128.0/18 maxlen: 18
217.60.128.0/19 maxlen: 19
217.60.150.0/24 maxlen: 24
217.60.64.0/20 maxlen: 20
217.60.64.0/18 maxlen: 18
217.60.80.0/20 maxlen: 20
217.60.96.0/21 maxlen: 21
217.60.104.0/22 maxlen: 22
151.244.128.0/19 maxlen: 19
94.183.176.0/21 maxlen: 21
84.241.0.0/18 maxlen: 24
31.56.80.0/20 maxlen: 20
31.56.16.0/20 maxlen: 20
31.56.0.0/14 maxlen: 24
31.56.32.0/20 maxlen: 20
185.73.3.0/24 maxlen: 24
185.73.0.0/22 maxlen: 22
151.238.0.0/15 maxlen: 24
185.73.2.0/24 maxlen: 24
185.73.2.0/23 maxlen: 23
185.73.0.0/23 maxlen: 23
151.240.0.0/13 maxlen: 24
85.15.0.0/18 maxlen: 24
151.247.64.0/18 maxlen: 18
217.60.219.0/24 maxlen: 24
217.60.216.0/21 maxlen: 21
217.60.224.0/20 maxlen: 20
217.60.230.0/24 maxlen: 24
217.60.231.0/24 maxlen: 24
217.60.240.0/20 maxlen: 20
37.202.128.0/18 maxlen: 18
37.202.128.0/17 maxlen: 17
217.60.160.0/19 maxlen: 19
217.60.160.0/21 maxlen: 21
217.60.160.0/20 maxlen: 20
217.60.161.0/24 maxlen: 24
217.60.171.0/24 maxlen: 24
217.60.168.0/23 maxlen: 23
217.60.170.0/24 maxlen: 24
217.60.176.0/21 maxlen: 21
217.60.176.0/24 maxlen: 24
217.60.184.0/22 maxlen: 22
37.148.78.0/24 maxlen: 24
217.60.188.0/22 maxlen: 22
217.60.192.0/22 maxlen: 22
217.60.192.0/20 maxlen: 20
217.60.192.0/18 maxlen: 18
217.60.196.0/22 maxlen: 22
217.60.200.0/22 maxlen: 22
94.182.0.0/15 maxlen: 24
217.60.207.0/24 maxlen: 24
217.60.209.0/24 maxlen: 24
217.60.208.0/20 maxlen: 20
217.60.212.0/22 maxlen: 22
217.60.208.0/23 maxlen: 23
37.202.192.0/18 maxlen: 18
37.202.136.0/24 maxlen: 24
31.57.208.0/20 maxlen: 20
2a0e::/26 maxlen: 26
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 932123213 (0x378f124d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jan 1 06:01:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=30baeb093873ba6969c7bb24e3c5caf44b6a662a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:85:0a:41:0a:f0:32:d6:27:0b:ec:6f:13:1c:
ea:c3:53:3e:5a:57:54:ce:6a:8e:eb:00:d1:07:75:
42:b7:bd:1c:e5:dc:17:c3:87:7b:00:a5:91:bf:2c:
29:a1:09:ee:b9:4b:93:aa:44:e0:15:96:f7:59:db:
22:59:7e:d3:0b:f0:0a:2b:f8:97:b0:24:c4:4c:8f:
76:6d:63:67:52:dd:20:84:62:96:5f:b5:3a:ef:47:
6e:76:5a:c6:53:11:54:b3:7e:6a:60:93:16:c7:04:
b7:4b:da:e4:b9:7b:7c:f9:b1:b5:45:5e:7a:4c:94:
59:d4:6f:bc:f9:ba:4e:aa:59:b0:1f:06:84:b4:75:
9d:3b:ff:92:22:b0:f0:8a:0a:f3:be:b4:5e:3b:77:
87:c9:10:59:38:d8:fe:96:e9:9e:1b:25:c5:3a:16:
5f:e5:a4:1d:19:bf:00:b6:8b:44:b4:f9:99:ca:bf:
59:bd:13:68:2a:d8:15:9e:59:34:d4:50:12:ee:8b:
9e:45:c7:44:03:29:51:e5:f1:6c:95:a9:0b:8c:b9:
51:c1:c2:8b:27:03:e4:e2:46:dd:43:84:92:b1:b8:
9f:69:39:75:cd:34:98:eb:4e:e8:1c:6b:45:02:0c:
5d:03:73:25:cd:9c:10:a1:0d:a4:b4:9f:4a:4e:84:
a1:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:BA:EB:09:38:73:BA:69:69:C7:BB:24:E3:C5:CA:F4:4B:6A:66:2A
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/MLrrCThzumlpx7sk48XK9EtqZio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.0.0/14
37.148.0.0/17
37.202.128.0/17
84.241.0.0/18
85.15.0.0/18
94.182.0.0/15
151.238.0.0-151.247.255.255
185.73.0.0/22
217.60.0.0/16
IPv6:
2a0e::/26
Signature Algorithm: sha256WithRSAEncryption
09:77:52:49:32:a2:43:df:10:4a:30:b3:fc:e6:3e:70:21:4d:
22:cd:a7:5a:6d:0e:cd:1a:db:5d:71:da:e4:d0:7f:40:6f:e7:
7b:aa:3a:86:b0:16:ef:34:dd:f4:ec:0b:ef:92:6c:a0:94:66:
33:88:9e:73:9d:4a:09:6d:3b:cb:9b:ab:61:b0:07:03:90:e0:
95:07:ba:33:aa:89:f0:1d:25:8a:5b:e7:b9:b6:69:8d:fc:3f:
e8:32:38:42:0c:1d:a7:25:f4:64:46:e1:c4:79:38:36:79:a5:
c6:65:21:d6:c1:25:81:20:37:b7:9f:a9:42:fe:50:f1:a2:3e:
f6:01:f4:2e:69:f4:1f:16:24:eb:95:6f:66:6d:bf:3c:cf:eb:
c7:ca:ff:72:65:67:83:e1:af:35:14:81:fe:64:f4:b7:58:69:
be:88:78:32:3b:de:13:b1:61:6e:e4:95:f0:8f:b0:63:54:e7:
46:c7:a2:a9:bc:22:46:91:07:c6:9c:ce:f6:89:17:d5:ef:9a:
c3:58:f2:25:b4:97:b4:13:82:fa:3a:f4:89:d1:33:f4:e0:3b:
f1:b5:da:33:44:14:c8:0f:39:5b:4a:66:90:20:c4:da:38:27:
91:9e:57:23:e3:05:85:06:0b:e0:f1:26:1c:6f:b7:c5:97:a9:
b5:0a:b7:02
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEN48STTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGY0OTE0ODhhN2NkODQ0OGE0MjA5NDU4NzFjMGI5OTY3MmRjNjZlMB4XDTIyMDEw
MTA2MDE0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzBiYWViMDkzODcz
YmE2OTY5YzdiYjI0ZTNjNWNhZjQ0YjZhNjYyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALqFCkEK8DLWJwvsbxMc6sNTPlpXVM5qjusA0Qd1Qre9HOXc
F8OHewClkb8sKaEJ7rlLk6pE4BWW91nbIll+0wvwCiv4l7AkxEyPdm1jZ1LdIIRi
ll+1Ou9HbnZaxlMRVLN+amCTFscEt0va5Ll7fPmxtUVeekyUWdRvvPm6TqpZsB8G
hLR1nTv/kiKw8IoK8760Xjt3h8kQWTjY/pbpnhslxToWX+WkHRm/ALaLRLT5mcq/
Wb0TaCrYFZ5ZNNRQEu6LnkXHRAMpUeXxbJWpC4y5UcHCiycD5OJG3UOEkrG4n2k5
dc00mOtO6BxrRQIMXQNzJc2cEKENpLSfSk6Eob8CAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBQwuusJOHO6aWnHuyTjxcr0S2pmKjAfBgNVHSMEGDAWgBSt9JFIinzYRIpC
CUWHHAuZZy3GbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JmU1JTSXA4MkVTS1FnbEZoeHdMbVdjdHhtNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvNzE1ZDE1LTI4MTAtNDgyNy04ZGJkLTBiZWUwNjEyNmIxYS8x
L01McnJDVGh6dW1scHg3c2s0OFhLOUV0cVppby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
NzE1ZDE1LTI4MTAtNDgyNy04ZGJkLTBiZWUwNjEyNmIxYS8xL3JmU1JTSXA4MkVT
S1FnbEZoeHdMbVdjdHhtNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwPwQCAAEwOQMDAh84AwQHJZQAAwQHJcqAAwQGVPEA
AwQGVQ8AAwMBXrYwCgMDAZfuAwMDl/ADBAK5SQADAwDZPDANBAIAAjAHAwUGKg4A
ADANBgkqhkiG9w0BAQsFAAOCAQEACXdSSTKiQ98QSjCz/OY+cCFNIs2nWm0OzRrb
XXHa5NB/QG/ne6o6hrAW7zTd9OwL75JsoJRmM4iec51KCW07y5urYbAHA5DglQe6
M6qJ8B0lilvnubZpjfw/6DI4QgwdpyX0ZEbhxHk4NnmlxmUh1sElgSA3t5+pQv5Q
8aI+9gH0Lmn0HxYk65VvZm2/PM/rx8r/cmVng+GvNRSB/mT0t1hpvoh4MjveE7Fh
buSV8I+wY1TnRseiqbwiRpEHxpzO9okX1e+aw1jyJbSXtBOC+jr0idEz9OA78bXa
M0QUyA85W0pmkCDE2jgnkZ5XI+MFhQYL4PEmHG+3xZeptQq3Ag==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:31 2023 by rpki-client on console-ams.rpki-client.org