Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/p31AfVDv6LzPU7ofK9ZGXbGCDFs.roa
File: p31AfVDv6LzPU7ofK9ZGXbGCDFs.roa (raw, json)
Hash identifier: lUI/Kz5X0RHtlSgTfgLoITsaC30eH1eCgS0iO+0g5QQ=
Subject key identifier: A7:7D:40:7D:50:EF:E8:BC:CF:53:BA:1F:2B:D6:46:5D:B1:82:0C:5B
Certificate issuer: /CN=bdd244214d76468d3fb72abad1892ef23dede978
Certificate serial: 018570DE65CF3525CA7504E6A9E96D1540E4
Authority key identifier: BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/p31AfVDv6LzPU7ofK9ZGXbGCDFs.roa
Signing time: Mon 02 Jan 2023 05:05:01 +0000
ROA not before: Mon 02 Jan 2023 05:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6830
IP address blocks: 84.20.32.0/21 maxlen: 21
84.20.32.0/20 maxlen: 20
84.74.0.0/15 maxlen: 15
84.20.40.0/21 maxlen: 21
84.20.48.0/21 maxlen: 21
84.20.48.0/22 maxlen: 22
217.168.32.0/20 maxlen: 20
217.168.32.0/19 maxlen: 19
217.168.48.0/20 maxlen: 20
46.140.0.0/17 maxlen: 17
46.140.0.0/16 maxlen: 16
62.2.0.0/17 maxlen: 17
62.2.0.0/16 maxlen: 16
194.29.0.0/20 maxlen: 20
194.29.0.0/19 maxlen: 19
46.140.128.0/17 maxlen: 17
46.127.0.0/16 maxlen: 16
80.218.0.0/16 maxlen: 16
80.218.0.0/15 maxlen: 15
62.2.128.0/17 maxlen: 17
194.29.16.0/20 maxlen: 20
77.56.0.0/15 maxlen: 15
178.83.0.0/16 maxlen: 16
77.56.0.0/14 maxlen: 14
81.7.224.0/19 maxlen: 19
81.7.224.0/20 maxlen: 20
178.82.0.0/16 maxlen: 16
178.82.0.0/15 maxlen: 15
81.7.240.0/20 maxlen: 20
213.193.64.0/19 maxlen: 19
213.193.64.0/18 maxlen: 18
84.72.0.0/15 maxlen: 15
84.72.0.0/14 maxlen: 14
213.193.96.0/19 maxlen: 19
46.126.0.0/16 maxlen: 16
46.126.0.0/15 maxlen: 15
217.162.0.0/17 maxlen: 17
217.162.0.0/16 maxlen: 16
31.10.128.0/17 maxlen: 17
31.10.128.0/18 maxlen: 18
84.20.52.0/22 maxlen: 22
80.219.0.0/16 maxlen: 16
195.202.192.0/19 maxlen: 19
31.10.192.0/18 maxlen: 18
195.202.192.0/18 maxlen: 18
195.202.224.0/19 maxlen: 19
77.58.0.0/15 maxlen: 15
217.162.128.0/17 maxlen: 17
212.47.160.0/19 maxlen: 19
212.47.160.0/20 maxlen: 20
212.47.176.0/20 maxlen: 20
2a02:aa00::/27 maxlen: 27
2a02:aa00::/28 maxlen: 28
2a00:e2c0::/32 maxlen: 32
2a00:e2c0::/33 maxlen: 33
2a00:e2c0:8000::/33 maxlen: 33
2a02:aa10::/28 maxlen: 28
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:65:cf:35:25:ca:75:04:e6:a9:e9:6d:15:40:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdd244214d76468d3fb72abad1892ef23dede978
Validity
Not Before: Jan 2 05:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a77d407d50efe8bccf53ba1f2bd6465db1820c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1d:0a:10:43:c6:66:b6:d1:f3:f7:fc:b9:c7:
fe:41:39:6a:32:95:d2:d9:a9:20:fd:e3:f3:1c:77:
ae:34:1d:8f:5a:74:e5:2e:99:a7:b7:e3:f4:21:84:
92:f2:de:2d:07:64:3e:bf:3b:88:10:3d:91:d1:7e:
a8:61:26:53:d6:7e:71:1b:47:23:8b:1a:4e:2d:5c:
1b:bc:7d:51:e7:4f:f2:1f:69:4a:97:6f:cc:9a:0e:
05:23:d4:9c:0e:51:ac:15:2c:5f:bb:86:31:2a:33:
67:32:3d:41:15:7e:2c:f6:de:bc:ac:08:92:a6:60:
10:0f:62:59:7f:14:f4:e0:5b:d0:55:bc:ef:fb:1e:
18:02:f7:e2:33:94:c3:e8:8a:df:0f:13:ea:10:6c:
19:bc:58:90:91:01:3a:39:2d:38:97:b3:01:0e:27:
6f:06:dd:c0:fa:10:31:32:a2:5f:04:2a:ea:8e:84:
a2:92:26:ca:92:bc:f9:fe:93:bd:2a:14:79:d4:8b:
eb:44:ce:e4:af:36:7d:ea:9a:c7:1d:81:f3:c0:ef:
c4:85:c9:e3:f0:14:04:04:65:f9:7d:5c:d0:da:e8:
f7:a3:a1:e9:82:ea:c3:36:f4:9d:6a:58:2e:b3:66:
1e:96:c1:93:f9:39:b8:fa:b6:41:1d:2b:49:ae:39:
6e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:7D:40:7D:50:EF:E8:BC:CF:53:BA:1F:2B:D6:46:5D:B1:82:0C:5B
X509v3 Authority Key Identifier:
keyid:BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/p31AfVDv6LzPU7ofK9ZGXbGCDFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.128.0/17
46.126.0.0/15
46.140.0.0/16
62.2.0.0/16
77.56.0.0/14
80.218.0.0/15
81.7.224.0/19
84.20.32.0-84.20.55.255
84.72.0.0/14
178.82.0.0/15
194.29.0.0/19
195.202.192.0/18
212.47.160.0/19
213.193.64.0/18
217.162.0.0/16
217.168.32.0/19
IPv6:
2a00:e2c0::/32
2a02:aa00::/27
Signature Algorithm: sha256WithRSAEncryption
49:0d:3a:04:cc:e8:0d:69:2f:ac:56:49:a6:6e:98:bc:a0:3a:
88:07:2a:d4:8f:86:22:90:4b:25:c4:65:84:4e:b3:29:c8:67:
53:13:c6:2f:5b:cd:b2:fc:65:08:00:1f:11:7c:a3:a2:c4:41:
04:ef:e6:1b:86:73:b6:ea:9d:61:26:4b:75:1f:75:0b:3e:e3:
12:99:ca:97:59:d9:b0:08:9e:ba:83:26:b7:4f:08:2b:e8:ad:
6f:75:d7:17:64:fa:8b:20:f6:05:10:bc:b7:89:89:e6:85:3f:
e0:c0:9d:65:50:15:41:4c:84:e4:29:16:bc:c0:41:8b:d5:20:
33:6b:6b:ab:81:f4:77:54:28:67:ec:16:d7:31:43:36:01:31:
a1:1b:fa:30:9d:91:3f:8c:80:9d:6b:08:32:c4:0d:7a:20:5d:
5b:58:2f:8f:65:a2:df:76:ed:90:5d:e5:fe:d6:3d:eb:9b:fc:
c6:c2:4d:57:71:1d:09:49:80:95:b3:1b:71:43:b8:35:e0:ec:
c6:f1:a8:96:52:bc:39:70:4e:22:72:74:60:b5:46:7d:1a:0d:
3a:f4:97:6d:31:11:f7:fc:6a:a6:4b:b4:8b:01:78:28:52:60:
c6:a3:ae:28:c9:8c:9b:06:70:ce:d7:47:a6:e4:1e:2d:57:24:
ed:22:f1:20
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYVw3mXPNSXKdQTmqeltFUDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZDI0NDIxNGQ3NjQ2OGQzZmI3MmFiYWQxODkyZWYyM2Rl
ZGU5NzgwHhcNMjMwMTAyMDUwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzdkNDA3ZDUwZWZlOGJjY2Y1M2JhMWYyYmQ2NDY1ZGIxODIwYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnR0KEEPGZrbR8/f8ucf+QTlqMpXS
2akg/ePzHHeuNB2PWnTlLpmnt+P0IYSS8t4tB2Q+vzuIED2R0X6oYSZT1n5xG0cj
ixpOLVwbvH1R50/yH2lKl2/Mmg4FI9ScDlGsFSxfu4YxKjNnMj1BFX4s9t68rAiS
pmAQD2JZfxT04FvQVbzv+x4YAvfiM5TD6IrfDxPqEGwZvFiQkQE6OS04l7MBDidv
Bt3A+hAxMqJfBCrqjoSikibKkrz5/pO9KhR51IvrRM7krzZ96prHHYHzwO/Ehcnj
8BQEBGX5fVzQ2uj3o6HpgurDNvSdalgus2YelsGT+Tm4+rZBHStJrjlufQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFKd9QH1Q7+i8z1O6HyvWRl2xggxbMB8GA1UdIwQY
MBaAFL3SRCFNdkaNP7cqutGJLvI97el4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYt
NDZhNDNlZjAyMjFiLzEvcDMxQWZWRHY2THpQVTdvZks5WkdYYkdDREZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYtNDZhNDNlZjAyMjFi
LzEvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADBAcfCoAD
AwEufgMDAC6MAwMAPgIDAwJNOAMDAVDaAwQFUQfgMAwDBAVUFCADBANUFDADAwJU
SAMDAbJSAwQFwh0AAwQGw8rAAwQF1C+gAwQG1cFAAwMA2aIDBAXZqCAwFAQCAAIw
DgMFACoA4sADBQUqAqoAMA0GCSqGSIb3DQEBCwUAA4IBAQBJDToEzOgNaS+sVkmm
bpi8oDqIByrUj4YikEslxGWETrMpyGdTE8YvW82y/GUIAB8RfKOixEEE7+YbhnO2
6p1hJkt1H3ULPuMSmcqXWdmwCJ66gya3Twgr6K1vddcXZPqLIPYFELy3iYnmhT/g
wJ1lUBVBTITkKRa8wEGL1SAza2urgfR3VChn7BbXMUM2ATGhG/ownZE/jICdawgy
xA16IF1bWC+PZaLfdu2QXeX+1j3rm/zGwk1XcR0JSYCVsxtxQ7g14OzG8aiWUrw5
cE4icnRgtUZ9Gg069JdtMRH3/GqmS7SLAXgoUmDGo64oyYybBnDO10em5B4tVyTt
IvEg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:32 2025 by rpki-client