Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/_1CC3Klnf2lX8QRa20mgW94kJpg.roa
File: _1CC3Klnf2lX8QRa20mgW94kJpg.roa (raw, json)
Hash identifier: zEZF4EnnsFwNescjqDo42dFvsDLGTaYdqlSF2U6Noto=
Subject key identifier: FF:50:82:DC:A9:67:7F:69:57:F1:04:5A:DB:49:A0:5B:DE:24:26:98
Certificate issuer: /CN=ad109dee6fbdc256df911460ccc915d066a8ff8b
Certificate serial: 0C6AB47D
Authority key identifier: AD:10:9D:EE:6F:BD:C2:56:DF:91:14:60:CC:C9:15:D0:66:A8:FF:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rRCd7m-9wlbfkRRgzMkV0Gao_4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/_1CC3Klnf2lX8QRa20mgW94kJpg.roa
Signing time: Thu 24 Mar 2022 08:03:48 +0000
ROA not before: Thu 24 Mar 2022 08:03:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33924
IP address blocks: 31.222.44.0/24 maxlen: 24
31.222.44.0/22 maxlen: 22
31.222.40.0/22 maxlen: 22
31.222.40.0/21 maxlen: 21
31.222.40.0/24 maxlen: 24
31.222.41.0/24 maxlen: 24
31.222.42.0/24 maxlen: 24
31.222.43.0/24 maxlen: 24
31.222.45.0/24 maxlen: 24
31.222.46.0/24 maxlen: 24
31.222.47.0/24 maxlen: 24
185.55.44.0/22 maxlen: 22
185.55.44.0/24 maxlen: 24
185.55.44.0/23 maxlen: 23
185.55.45.0/24 maxlen: 24
185.55.46.0/24 maxlen: 24
185.55.47.0/24 maxlen: 24
84.20.64.0/19 maxlen: 19
84.20.64.0/20 maxlen: 20
84.20.64.0/24 maxlen: 24
84.20.64.0/22 maxlen: 22
84.20.64.0/21 maxlen: 21
84.20.65.0/24 maxlen: 24
84.20.66.0/24 maxlen: 24
84.20.67.0/24 maxlen: 24
84.20.68.0/24 maxlen: 24
84.20.68.0/22 maxlen: 22
84.20.69.0/24 maxlen: 24
84.20.70.0/24 maxlen: 24
84.20.71.0/24 maxlen: 24
84.20.78.0/24 maxlen: 24
84.20.72.0/24 maxlen: 24
84.20.72.0/22 maxlen: 22
84.20.78.0/23 maxlen: 23
84.20.73.0/24 maxlen: 24
84.20.74.0/24 maxlen: 24
84.20.75.0/24 maxlen: 24
84.20.76.0/23 maxlen: 23
84.20.76.0/24 maxlen: 24
84.20.76.0/22 maxlen: 22
84.20.77.0/24 maxlen: 24
84.20.85.0/24 maxlen: 24
84.20.83.0/24 maxlen: 24
84.20.82.0/24 maxlen: 24
84.20.84.0/24 maxlen: 24
84.20.84.0/22 maxlen: 22
84.20.79.0/24 maxlen: 24
84.20.80.0/22 maxlen: 22
84.20.80.0/24 maxlen: 24
84.20.80.0/21 maxlen: 21
84.20.81.0/24 maxlen: 24
84.20.86.0/24 maxlen: 24
84.20.87.0/24 maxlen: 24
84.20.88.0/23 maxlen: 23
84.20.88.0/24 maxlen: 24
84.20.88.0/22 maxlen: 22
84.20.89.0/24 maxlen: 24
84.20.90.0/24 maxlen: 24
84.20.91.0/24 maxlen: 24
84.20.94.0/24 maxlen: 24
84.20.94.0/23 maxlen: 23
84.20.95.0/24 maxlen: 24
84.20.92.0/24 maxlen: 24
2a00:6b81::/32 maxlen: 32
2a00:6b82::/32 maxlen: 32
2a00:6b84::/32 maxlen: 32
2a00:6b85::/32 maxlen: 32
2a00:6b80::/29 maxlen: 29
2a00:6b87::/32 maxlen: 32
2a00:6b83::/32 maxlen: 32
2a00:6b86::/32 maxlen: 32
2a00:6b80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 208319613 (0xc6ab47d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad109dee6fbdc256df911460ccc915d066a8ff8b
Validity
Not Before: Mar 24 08:03:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff5082dca9677f6957f1045adb49a05bde242698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:75:24:4e:c2:53:fb:82:5e:41:10:e6:37:21:
56:0d:e5:b6:5c:f8:b4:ca:99:36:2f:a1:78:33:06:
42:c5:ab:46:93:cd:3e:e6:bc:ac:6d:97:66:8f:16:
50:67:43:30:d1:10:00:ab:ed:fe:57:a6:0e:9d:8d:
45:53:91:78:73:f5:e0:20:d5:db:e9:01:fc:77:af:
52:d1:ce:1b:6c:73:dd:b8:93:22:1c:84:7f:0e:cc:
16:d0:c7:18:75:e9:3e:69:64:f5:1f:e1:06:18:e8:
fe:04:ef:35:55:0f:d4:21:35:36:d5:7b:da:46:f4:
f8:2a:f0:69:45:61:fb:82:b0:de:56:5d:ed:c1:96:
a1:e4:69:d2:2e:2a:55:7c:e1:2a:bc:ee:cc:cf:96:
dc:c7:b0:d9:97:59:2f:9a:a0:b7:2a:7e:ec:4b:00:
19:cb:53:a2:39:2d:2e:3d:00:38:93:bf:2e:93:c3:
db:d3:82:16:17:0c:f4:48:7c:ff:b7:ac:9a:4b:07:
b6:e7:96:94:10:1e:49:07:1e:93:dd:c6:b6:05:7e:
a5:8d:eb:08:d8:83:75:9f:e4:c4:48:00:54:74:67:
70:39:74:b4:b3:4e:0e:4c:6b:b0:73:84:2c:0b:b7:
06:6b:4c:7b:a6:fc:cf:e7:e6:d8:f9:7b:92:39:b6:
19:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:50:82:DC:A9:67:7F:69:57:F1:04:5A:DB:49:A0:5B:DE:24:26:98
X509v3 Authority Key Identifier:
keyid:AD:10:9D:EE:6F:BD:C2:56:DF:91:14:60:CC:C9:15:D0:66:A8:FF:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rRCd7m-9wlbfkRRgzMkV0Gao_4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/_1CC3Klnf2lX8QRa20mgW94kJpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/4615be-e566-4253-83ef-f6626b63383e/1/rRCd7m-9wlbfkRRgzMkV0Gao_4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.40.0/21
84.20.64.0/19
185.55.44.0/22
IPv6:
2a00:6b80::/29
Signature Algorithm: sha256WithRSAEncryption
ad:f4:e4:9b:be:03:b7:d4:82:26:09:7b:d6:f1:85:23:e2:ea:
06:74:4c:ab:2f:f1:76:5b:b4:99:6b:03:3f:37:cb:cd:4b:b0:
3f:8d:a5:00:f1:40:d7:34:bd:6f:a1:31:fa:91:c7:09:c7:96:
94:03:7f:a9:b6:c3:5c:61:c3:a6:88:cc:8d:8a:69:63:d9:d9:
92:cb:ff:6a:6a:59:4d:01:df:32:7d:19:d3:ec:fa:5b:e9:5f:
e0:5e:d3:56:9e:10:0e:5f:9c:cb:1f:67:05:e5:f1:8e:c6:92:
c4:c4:3c:9f:b0:ba:89:82:2a:36:1c:7c:2a:10:29:98:ed:93:
a4:49:7d:41:dc:17:b7:d0:7b:c0:02:74:ab:dd:12:2b:7a:19:
2e:59:e4:80:26:40:ea:fa:f0:ea:aa:86:40:6e:7e:80:1b:85:
74:e6:aa:db:0a:51:5a:16:85:14:b5:6e:e5:43:4c:24:55:dd:
c5:71:4e:7d:39:a0:48:d0:1b:21:00:f1:5a:f2:78:40:e3:f1:
c1:ef:5c:64:4e:57:40:c7:57:2a:93:37:2c:1a:97:a0:94:a9:
ca:85:f5:fb:b9:da:76:db:5a:50:37:57:a3:60:49:4c:76:83:
c8:37:65:11:47:44:4e:2c:82:f4:b3:c1:0a:94:f5:53:7c:a5:
fe:58:fe:14
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEDGq0fTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZDEwOWRlZTZmYmRjMjU2ZGY5MTE0NjBjY2M5MTVkMDY2YThmZjhiMB4XDTIyMDMy
NDA4MDM0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmY1MDgyZGNhOTY3
N2Y2OTU3ZjEwNDVhZGI0OWEwNWJkZTI0MjY5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK11JE7CU/uCXkEQ5jchVg3ltlz4tMqZNi+heDMGQsWrRpPN
Pua8rG2XZo8WUGdDMNEQAKvt/lemDp2NRVOReHP14CDV2+kB/HevUtHOG2xz3biT
IhyEfw7MFtDHGHXpPmlk9R/hBhjo/gTvNVUP1CE1NtV72kb0+CrwaUVh+4Kw3lZd
7cGWoeRp0i4qVXzhKrzuzM+W3Mew2ZdZL5qgtyp+7EsAGctTojktLj0AOJO/LpPD
29OCFhcM9Eh8/7esmksHtueWlBAeSQcek93GtgV+pY3rCNiDdZ/kxEgAVHRncDl0
tLNODkxrsHOELAu3BmtMe6b8z+fm2Pl7kjm2Ge8CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBT/UILcqWd/aVfxBFrbSaBb3iQmmDAfBgNVHSMEGDAWgBStEJ3ub73CVt+R
FGDMyRXQZqj/izAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JSQ2Q3bS05d2xiZmtSUmd6TWtWMEdhb180cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvNDYxNWJlLWU1NjYtNDI1My04M2VmLWY2NjI2YjYzMzgzZS8x
L18xQ0MzS2xuZjJsWDhRUmEyMG1nVzk0a0pwZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
NDYxNWJlLWU1NjYtNDI1My04M2VmLWY2NjI2YjYzMzgzZS8xL3JSQ2Q3bS05d2xi
ZmtSUmd6TWtWMEdhb180cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAx/eKAMEBVQUQAMEArk3LDANBAIA
AjAHAwUDKgBrgDANBgkqhkiG9w0BAQsFAAOCAQEArfTkm74Dt9SCJgl71vGFI+Lq
BnRMqy/xdlu0mWsDPzfLzUuwP42lAPFA1zS9b6Ex+pHHCceWlAN/qbbDXGHDpojM
jYppY9nZksv/ampZTQHfMn0Z0+z6W+lf4F7TVp4QDl+cyx9nBeXxjsaSxMQ8n7C6
iYIqNhx8KhApmO2TpEl9QdwXt9B7wAJ0q90SK3oZLlnkgCZA6vrw6qqGQG5+gBuF
dOaq2wpRWhaFFLVu5UNMJFXdxXFOfTmgSNAbIQDxWvJ4QOPxwe9cZE5XQMdXKpM3
LBqXoJSpyoX1+7nadttaUDdXo2BJTHaDyDdlEUdETiyC9LPBCpT1U3yl/lj+FA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:06 2023 by rpki-client on console-fra.rpki-client.org