Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/R5pndwJiMktu0SLAmOJciR1yg8I.roa
File: R5pndwJiMktu0SLAmOJciR1yg8I.roa (raw, json)
Hash identifier: KD5KfF4PstEbD/Kh9T4U6jpov35yLhVzuOSvEM4Pnps=
Subject key identifier: 47:9A:67:77:02:62:32:4B:6E:D1:22:C0:98:E2:5C:89:1D:72:83:C2
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 3932A63B
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/R5pndwJiMktu0SLAmOJciR1yg8I.roa
Signing time: Sat 18 Jun 2022 05:26:44 +0000
ROA not before: Sat 18 Jun 2022 05:26:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205647
IP address blocks: 151.247.216.0/21 maxlen: 21
94.182.41.0/24 maxlen: 24
151.247.214.0/23 maxlen: 23
151.247.224.0/22 maxlen: 22
151.240.80.0/21 maxlen: 21
31.56.116.0/24 maxlen: 24
85.15.49.0/24 maxlen: 24
85.15.48.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.204.0/24 maxlen: 24
94.182.204.0/22 maxlen: 22
94.182.205.0/24 maxlen: 24
94.182.207.0/24 maxlen: 24
94.182.217.0/24 maxlen: 24
94.182.226.0/24 maxlen: 24
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
94.182.228.0/22 maxlen: 22
31.56.64.0/19 maxlen: 19
31.56.96.0/20 maxlen: 20
31.56.0.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 959620667 (0x3932a63b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jun 18 05:26:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=479a67770262324b6ed122c098e25c891d7283c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:1f:d6:67:f5:b6:b6:26:af:f6:67:2e:a4:c2:
8a:83:5e:5f:1d:c0:44:68:4f:21:6d:c5:e0:8e:44:
14:ca:ed:12:03:c9:d0:23:f9:4d:39:08:02:6e:70:
d5:85:18:f1:d4:33:cf:39:7c:c7:8b:44:8f:6c:d1:
1f:44:e2:c9:49:4b:84:73:8a:e5:da:c6:ec:b2:cb:
9d:4a:65:eb:7f:2c:07:2a:39:ec:bc:2b:37:c4:da:
b7:f2:42:67:9c:92:54:4a:76:a6:33:ca:eb:1a:12:
90:47:fc:0c:15:65:2f:7e:4b:44:9d:cd:ce:89:bd:
0a:c2:eb:4e:29:a2:72:1a:c3:c0:76:f3:6f:be:4b:
3f:84:e0:9a:63:6d:6a:d1:a0:63:c2:85:58:f3:e3:
6b:df:9f:e4:2f:63:1a:8b:e0:f2:8f:0c:9f:45:9c:
1e:90:24:42:36:77:70:df:47:ba:a9:3c:4b:db:dc:
c5:d8:53:0e:58:cd:40:16:e1:86:53:58:e8:07:8a:
4a:18:12:ee:ae:49:9c:39:97:56:67:23:ec:cd:00:
78:26:46:b8:05:72:89:8f:9e:0f:29:bd:d9:40:04:
4a:b7:cf:45:9f:9a:4a:ef:45:af:d1:97:18:25:5c:
b2:65:71:ec:3a:8b:0b:54:13:d7:fd:20:3a:56:f4:
38:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:9A:67:77:02:62:32:4B:6E:D1:22:C0:98:E2:5C:89:1D:72:83:C2
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/R5pndwJiMktu0SLAmOJciR1yg8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.0.0-31.56.111.255
31.56.116.0/24
85.15.48.0/23
94.182.8.0/23
94.182.12.0/23
94.182.41.0/24
94.182.204.0/22
94.182.217.0/24
94.182.226.0/24
94.182.228.0/22
151.240.80.0/21
151.247.214.0-151.247.227.255
Signature Algorithm: sha256WithRSAEncryption
0f:46:3b:bb:18:f7:e9:4b:34:a3:17:63:81:d7:e2:9a:5e:0f:
94:76:f1:0d:93:d4:82:0d:7e:af:53:27:d3:92:36:47:96:b6:
44:48:5b:08:c6:f6:b3:88:94:5a:13:80:18:ec:0c:55:47:b4:
6e:7a:dd:02:f7:97:5a:02:77:63:51:81:14:ad:99:36:4c:3c:
e5:f3:f8:a6:7d:6b:67:56:19:97:77:f8:50:1d:c1:90:2d:22:
c7:cd:14:7d:25:49:16:07:92:ef:fe:41:f2:c0:55:5f:7f:f2:
a5:88:e9:68:f3:46:b8:d8:b8:b8:79:71:d4:b8:21:03:32:83:
42:02:8f:b2:c3:3c:33:c9:97:a6:16:83:ea:af:b8:01:eb:0c:
51:2f:cc:a5:30:40:eb:ae:d8:5a:ff:16:a1:35:5a:0e:68:e6:
75:34:4e:6c:62:f3:4b:e6:87:d1:ec:3f:8b:a4:a5:83:4a:e4:
5e:4b:d5:b3:c1:1e:49:57:8b:b9:cb:b7:0c:e7:9d:49:f1:3d:
0b:9b:d5:6f:09:87:18:09:1b:c9:6c:6b:6a:7a:00:bc:c7:46:
89:44:21:41:d3:0b:bf:cb:1b:33:84:f1:3e:1f:48:dc:9f:cd:
b3:5b:c5:95:76:09:e7:0c:47:c6:10:f1:89:9e:e0:99:d0:c8:
3b:d1:44:e9
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEOTKmOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGY0OTE0ODhhN2NkODQ0OGE0MjA5NDU4NzFjMGI5OTY3MmRjNjZlMB4XDTIyMDYx
ODA1MjY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDc5YTY3NzcwMjYy
MzI0YjZlZDEyMmMwOThlMjVjODkxZDcyODNjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPYf1mf1trYmr/ZnLqTCioNeXx3ARGhPIW3F4I5EFMrtEgPJ
0CP5TTkIAm5w1YUY8dQzzzl8x4tEj2zRH0TiyUlLhHOK5drG7LLLnUpl638sByo5
7LwrN8Tat/JCZ5ySVEp2pjPK6xoSkEf8DBVlL35LRJ3Nzom9CsLrTimichrDwHbz
b75LP4TgmmNtatGgY8KFWPPja9+f5C9jGovg8o8Mn0WcHpAkQjZ3cN9Huqk8S9vc
xdhTDljNQBbhhlNY6AeKShgS7q5JnDmXVmcj7M0AeCZGuAVyiY+eDym92UAESrfP
RZ+aSu9Fr9GXGCVcsmVx7DqLC1QT1/0gOlb0OLUCAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBRHmmd3AmIyS27RIsCY4lyJHXKDwjAfBgNVHSMEGDAWgBSt9JFIinzYRIpC
CUWHHAuZZy3GbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JmU1JTSXA4MkVTS1FnbEZoeHdMbVdjdHhtNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvNzE1ZDE1LTI4MTAtNDgyNy04ZGJkLTBiZWUwNjEyNmIxYS8x
L1I1cG5kd0ppTWt0dTBTTEFtT0pjaVIxeWc4SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
NzE1ZDE1LTI4MTAtNDgyNy04ZGJkLTBiZWUwNjEyNmIxYS8xL3JmU1JTSXA4MkVT
S1FnbEZoeHdMbVdjdHhtNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wXQQCAAEwVzALAwMDHzgDBAQfOGADBAAfOHQDBAFV
DzADBAFetggDBAFetgwDBABetikDBAJetswDBABettkDBABetuIDBAJetuQDBAOX
8FAwDAMEAZf31gMEApf34DANBgkqhkiG9w0BAQsFAAOCAQEAD0Y7uxj36Us0oxdj
gdfiml4PlHbxDZPUgg1+r1Mn05I2R5a2REhbCMb2s4iUWhOAGOwMVUe0bnrdAveX
WgJ3Y1GBFK2ZNkw85fP4pn1rZ1YZl3f4UB3BkC0ix80UfSVJFgeS7/5B8sBVX3/y
pYjpaPNGuNi4uHlx1LghAzKDQgKPssM8M8mXphaD6q+4AesMUS/MpTBA667YWv8W
oTVaDmjmdTRObGLzS+aH0ew/i6Slg0rkXkvVs8EeSVeLucu3DOedSfE9C5vVbwmH
GAkbyWxranoAvMdGiUQhQdMLv8sbM4TxPh9I3J/Ns1vFlXYJ5wxHxhDxiZ7gmdDI
O9FE6Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:52 2023 by rpki-client on console-fra.rpki-client.org