Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/lG3UYqq-KRq24Hv4z7vjtkgkGYU.roa
File: lG3UYqq-KRq24Hv4z7vjtkgkGYU.roa (raw, json)
Hash identifier: AHs7+01Yj7tJsgGtq8udkGRA/0TNu6R2JXz6uzIKvPc=
Subject key identifier: 94:6D:D4:62:AA:BE:29:1A:B6:E0:7B:F8:CF:BB:E3:B6:48:24:19:85
Certificate issuer: /CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Certificate serial: 01852ED4F6CD1BE228976EC5F72F2F817139
Authority key identifier: 50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/lG3UYqq-KRq24Hv4z7vjtkgkGYU.roa
Signing time: Tue 20 Dec 2022 09:19:46 +0000
ROA not before: Tue 20 Dec 2022 09:19:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6810
IP address blocks: 147.235.59.0/24 maxlen: 24
147.235.70.0/24 maxlen: 24
147.235.70.0/23 maxlen: 23
147.235.71.0/24 maxlen: 24
147.235.0.0/16 maxlen: 24
147.235.31.0/24 maxlen: 24
147.235.154.0/24 maxlen: 24
147.235.182.0/23 maxlen: 23
147.235.182.0/24 maxlen: 24
147.235.183.0/24 maxlen: 24
147.235.192.0/22 maxlen: 22
147.235.192.0/24 maxlen: 24
147.235.192.0/19 maxlen: 24
147.235.196.0/22 maxlen: 22
147.235.194.0/24 maxlen: 24
147.235.199.0/24 maxlen: 24
147.235.194.0/23 maxlen: 24
147.235.195.0/24 maxlen: 24
147.235.193.0/24 maxlen: 24
147.235.198.0/24 maxlen: 24
147.235.196.0/23 maxlen: 24
147.235.197.0/24 maxlen: 24
147.235.198.0/23 maxlen: 24
147.235.196.0/24 maxlen: 24
147.235.96.0/22 maxlen: 22
147.235.97.0/24 maxlen: 24
147.235.96.0/24 maxlen: 24
147.235.96.0/23 maxlen: 23
147.235.98.0/23 maxlen: 23
147.235.98.0/24 maxlen: 24
147.235.99.0/24 maxlen: 24
147.235.111.0/24 maxlen: 24
147.235.144.0/21 maxlen: 24
149.106.128.0/19 maxlen: 24
149.106.224.0/19 maxlen: 24
147.235.254.0/23 maxlen: 24
147.235.202.0/23 maxlen: 24
147.235.206.0/24 maxlen: 24
147.235.206.0/23 maxlen: 24
147.235.200.0/21 maxlen: 21
147.235.200.0/22 maxlen: 22
147.235.201.0/24 maxlen: 24
147.235.202.0/24 maxlen: 24
147.235.203.0/24 maxlen: 24
147.235.204.0/24 maxlen: 24
147.235.204.0/23 maxlen: 24
147.235.204.0/22 maxlen: 22
147.235.205.0/24 maxlen: 24
147.235.200.0/24 maxlen: 24
147.235.200.0/23 maxlen: 24
147.235.211.0/24 maxlen: 24
147.235.213.0/24 maxlen: 24
147.235.208.0/22 maxlen: 23
147.235.208.0/24 maxlen: 24
147.235.209.0/24 maxlen: 24
147.235.210.0/24 maxlen: 24
147.235.207.0/24 maxlen: 24
147.235.212.0/23 maxlen: 23
147.235.212.0/24 maxlen: 24
147.235.212.0/22 maxlen: 23
147.235.215.0/24 maxlen: 24
147.235.216.0/24 maxlen: 24
147.235.216.0/22 maxlen: 23
147.235.214.0/24 maxlen: 24
147.235.218.0/23 maxlen: 23
147.235.218.0/24 maxlen: 24
147.235.219.0/24 maxlen: 24
147.235.216.0/21 maxlen: 21
147.235.217.0/24 maxlen: 24
147.235.222.0/24 maxlen: 24
147.235.222.0/23 maxlen: 23
147.235.220.0/22 maxlen: 22
147.235.223.0/24 maxlen: 24
147.235.220.0/24 maxlen: 24
147.235.220.0/23 maxlen: 23
147.235.221.0/24 maxlen: 24
147.235.226.0/24 maxlen: 24
147.235.228.0/22 maxlen: 24
2a06:c701::/32 maxlen: 32
2a06:c701:1000::/36 maxlen: 36
2a06:c700:2000::/36 maxlen: 36
2a06:c700::/32 maxlen: 48
2a06:c700::/44 maxlen: 44
2a06:c700::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2e:d4:f6:cd:1b:e2:28:97:6e:c5:f7:2f:2f:81:71:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50741158f3ed65bee1bde12f34f895afb0dd50d5
Validity
Not Before: Dec 20 09:19:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=946dd462aabe291ab6e07bf8cfbbe3b648241985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:dd:ec:ff:91:8c:9c:60:03:0f:31:7c:fc:d2:
d8:39:c4:86:17:4d:f0:55:64:a9:08:c3:ee:ac:aa:
dc:d6:a8:bb:cb:91:04:de:63:55:d0:3c:de:8a:8c:
46:55:37:9b:d5:bc:25:07:59:9a:bf:69:58:e1:30:
e6:c2:89:ca:d3:ad:a7:61:78:b4:d6:8f:92:8d:0b:
03:55:fb:aa:07:74:2e:06:03:9f:19:cd:da:30:8a:
ee:10:2a:3f:19:22:f4:31:38:4f:fc:36:67:c8:1b:
35:89:40:d6:e6:0f:2d:67:9e:b6:83:4d:0a:de:56:
6c:a0:6e:d5:a6:6d:36:f3:bf:d2:07:47:e9:99:ee:
54:d7:a2:6a:fe:1d:94:fa:1d:c3:c9:e3:f1:c4:75:
95:8a:f2:f0:d8:6b:54:21:d0:43:1e:3a:a9:cb:8d:
64:5a:f5:25:d4:dd:8c:ef:2c:3b:15:57:75:ba:05:
54:00:6b:8a:1f:f2:b6:9f:ba:1b:ef:32:16:34:a8:
70:59:35:c0:94:5a:26:16:20:d8:f3:1a:99:8c:bb:
b4:2b:9e:4c:32:bd:b7:92:3d:f6:3b:d4:51:e7:70:
c9:50:6b:f0:dd:72:34:1e:be:06:83:f0:ac:8c:2c:
01:0a:74:36:c4:df:1a:30:56:a6:c3:c6:01:ea:42:
5a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:6D:D4:62:AA:BE:29:1A:B6:E0:7B:F8:CF:BB:E3:B6:48:24:19:85
X509v3 Authority Key Identifier:
keyid:50:74:11:58:F3:ED:65:BE:E1:BD:E1:2F:34:F8:95:AF:B0:DD:50:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UHQRWPPtZb7hveEvNPiVr7DdUNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/lG3UYqq-KRq24Hv4z7vjtkgkGYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/739b81-3cd3-469c-b954-3553b4ed6794/1/UHQRWPPtZb7hveEvNPiVr7DdUNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.235.0.0/16
149.106.128.0/19
149.106.224.0/19
IPv6:
2a06:c700::/29
Signature Algorithm: sha256WithRSAEncryption
7e:10:7f:db:64:2d:2c:a3:f2:69:8d:27:f2:85:92:7a:cd:36:
11:49:49:0d:20:31:79:e8:bb:df:37:8d:07:24:cf:b3:cb:7f:
48:90:f2:3b:8c:59:f3:2b:9b:f2:08:ef:c5:42:53:80:56:e1:
36:36:bf:3e:6f:05:36:09:10:3f:c1:30:70:23:04:f0:da:d4:
7e:5d:84:12:56:b0:31:f4:2d:cd:59:aa:0e:b0:dd:1b:c8:e0:
23:92:dd:46:d0:5b:44:0a:67:1a:bd:42:60:83:ec:10:27:c5:
c9:92:e1:8f:71:8b:61:35:b6:48:11:37:aa:65:b6:40:b0:b5:
aa:73:ca:68:6a:07:29:dc:7c:f4:0b:cb:e3:f2:4c:82:b6:3f:
bf:2e:cc:c6:af:16:db:fa:bc:29:64:d3:85:b5:31:a2:20:10:
d8:1a:d2:54:a8:5d:06:87:8c:4f:46:f7:6b:6c:1c:b4:10:2f:
67:3d:ba:0b:5d:46:4b:c0:b7:bb:89:1e:7f:28:a1:aa:83:4c:
34:a0:46:3e:5c:fc:12:30:e4:1f:1a:87:ac:fd:4d:8e:d0:2e:
24:3c:13:be:90:37:72:9b:4e:67:c0:39:a8:35:c4:14:1f:47:
00:be:30:d6:f8:64:aa:20:15:c7:26:07:0b:e1:ba:f3:5e:b7:
f5:54:a0:be
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYUu1PbNG+Iol27F9y8vgXE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNzQxMTU4ZjNlZDY1YmVlMWJkZTEyZjM0Zjg5NWFmYjBk
ZDUwZDUwHhcNMjIxMjIwMDkxOTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDZkZDQ2MmFhYmUyOTFhYjZlMDdiZjhjZmJiZTNiNjQ4MjQxOTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAld3s/5GMnGADDzF8/NLYOcSGF03w
VWSpCMPurKrc1qi7y5EE3mNV0DzeioxGVTeb1bwlB1mav2lY4TDmwonK062nYXi0
1o+SjQsDVfuqB3QuBgOfGc3aMIruECo/GSL0MThP/DZnyBs1iUDW5g8tZ562g00K
3lZsoG7Vpm0287/SB0fpme5U16Jq/h2U+h3DyePxxHWVivLw2GtUIdBDHjqpy41k
WvUl1N2M7yw7FVd1ugVUAGuKH/K2n7ob7zIWNKhwWTXAlFomFiDY8xqZjLu0K55M
Mr23kj32O9RR53DJUGvw3XI0Hr4Gg/CsjCwBCnQ2xN8aMFamw8YB6kJabQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJRt1GKqvikatuB7+M+747ZIJBmFMB8GA1UdIwQY
MBaAFFB0EVjz7WW+4b3hLzT4la+w3VDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQt
MzU1M2I0ZWQ2Nzk0LzEvbEczVVlxcS1LUnEyNEh2NHo3dmp0a2drR1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MzliODEtM2NkMy00NjljLWI5NTQtMzU1M2I0ZWQ2Nzk0
LzEvVUhRUldQUHRaYjdodmVFdk5QaVZyN0RkVU5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAk+sDBAWV
aoADBAWVauAwDQQCAAIwBwMFAyoGxwAwDQYJKoZIhvcNAQELBQADggEBAH4Qf9tk
LSyj8mmNJ/KFknrNNhFJSQ0gMXnou983jQckz7PLf0iQ8juMWfMrm/II78VCU4BW
4TY2vz5vBTYJED/BMHAjBPDa1H5dhBJWsDH0Lc1Zqg6w3RvI4COS3UbQW0QKZxq9
QmCD7BAnxcmS4Y9xi2E1tkgRN6pltkCwtapzymhqByncfPQLy+PyTIK2P78uzMav
Ftv6vClk04W1MaIgENga0lSoXQaHjE9G92tsHLQQL2c9ugtdRkvAt7uJHn8ooaqD
TDSgRj5c/BIw5B8ah6z9TY7QLiQ8E76QN3KbTmfAOag1xBQfRwC+MNb4ZKogFccm
BwvhuvNet/VUoL4=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:45 2023 by rpki-client on console.sobornost.net