Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/qQDyMgOpCEsUyoEbcy8wlAHMV10.roa
File: qQDyMgOpCEsUyoEbcy8wlAHMV10.roa (raw, json)
Hash identifier: qlNyhqGAJW6/UHDvD3C6D7cejfpk6CQPHpt9JGimTZs=
Subject key identifier: A9:00:F2:32:03:A9:08:4B:14:CA:81:1B:73:2F:30:94:01:CC:57:5D
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 38F85D52
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/qQDyMgOpCEsUyoEbcy8wlAHMV10.roa
Signing time: Wed 25 May 2022 09:18:13 +0000
ROA not before: Wed 25 May 2022 09:18:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205647
IP address blocks: 151.247.216.0/21 maxlen: 21
151.247.214.0/23 maxlen: 23
151.247.224.0/22 maxlen: 22
151.240.80.0/21 maxlen: 21
31.56.116.0/24 maxlen: 24
85.15.49.0/24 maxlen: 24
85.15.48.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.204.0/24 maxlen: 24
94.182.204.0/22 maxlen: 22
94.182.205.0/24 maxlen: 24
94.182.207.0/24 maxlen: 24
94.182.226.0/24 maxlen: 24
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
94.182.228.0/22 maxlen: 22
31.56.64.0/19 maxlen: 19
31.56.96.0/20 maxlen: 20
31.56.0.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 955800914 (0x38f85d52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: May 25 09:18:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a900f23203a9084b14ca811b732f309401cc575d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:bf:50:d5:77:0a:85:c2:cb:74:06:18:6f:49:
d9:54:b1:24:dc:c7:57:eb:52:74:f1:4a:39:00:8c:
ca:f0:b3:2d:72:da:f4:84:ec:c7:d3:d1:f8:d5:06:
00:8a:a9:da:62:f0:bf:b4:ec:94:9e:00:03:ec:59:
0b:61:cb:37:d9:b7:93:1f:dd:24:35:af:b9:56:87:
b0:39:1f:ba:52:95:73:97:56:f7:56:4b:ab:93:45:
1c:1d:f0:01:3c:a3:31:4d:d6:b4:07:bc:9b:d4:e7:
79:82:7b:5d:9f:67:c9:1a:b4:26:bf:da:2c:63:bb:
9a:63:17:4f:1b:52:9f:8c:10:3d:c2:47:c2:2c:55:
fe:d3:ab:ba:76:df:82:40:9c:ea:19:16:47:0f:01:
95:74:4d:8c:1b:7f:3d:1a:fe:6a:b3:63:f4:ca:99:
f2:ec:94:73:92:f8:48:c0:c6:35:55:4f:c4:75:dd:
e0:41:37:59:ae:32:23:d0:21:3e:33:9c:b1:f1:93:
3a:a6:6d:61:57:f5:ab:d9:4e:45:6e:f2:eb:1c:18:
c4:4e:b4:ba:27:bd:0d:1b:2d:03:b2:61:28:6e:4e:
d3:bf:da:52:5b:ed:83:42:60:e3:dd:45:74:fc:7f:
ce:f4:b0:1d:b1:75:31:b1:f6:66:7c:ce:ac:6a:b3:
89:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:00:F2:32:03:A9:08:4B:14:CA:81:1B:73:2F:30:94:01:CC:57:5D
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/qQDyMgOpCEsUyoEbcy8wlAHMV10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.0.0-31.56.111.255
31.56.116.0/24
85.15.48.0/23
94.182.8.0/23
94.182.12.0/23
94.182.204.0/22
94.182.226.0/24
94.182.228.0/22
151.240.80.0/21
151.247.214.0-151.247.227.255
Signature Algorithm: sha256WithRSAEncryption
57:38:74:b5:b9:1b:dc:49:2e:38:13:14:81:bf:14:44:c4:90:
7f:6f:c3:6f:8c:ec:a8:60:87:eb:1b:ba:8e:2c:fe:ed:d7:bb:
be:6f:1a:c5:e9:89:6d:59:ad:01:82:dc:a7:4d:80:7f:86:af:
c5:ac:93:d6:0f:8c:91:1a:ab:d5:c5:b0:80:21:0b:2d:09:a3:
52:a6:d7:bf:e4:b8:54:6e:b3:b5:b8:60:9c:f9:b6:40:72:7c:
73:f1:8d:da:c3:3b:d5:e7:83:14:b7:63:57:fd:50:89:77:18:
54:87:eb:d3:50:8f:61:07:4a:af:65:e9:68:9a:85:47:cf:d5:
a7:36:db:33:80:5b:f6:fa:08:77:4e:a4:50:2a:29:13:96:2a:
6d:88:e3:eb:29:64:cc:89:f5:4a:7c:41:1d:22:3f:fa:ab:2b:
fe:01:48:16:be:2d:d5:90:e5:a5:af:a7:f9:bf:7b:b7:39:26:
04:61:55:07:e3:50:99:1a:4c:90:d8:c4:8c:ff:16:a5:50:fd:
7d:f8:a8:30:6e:04:78:f9:88:3f:81:23:f5:e9:c4:19:1c:f7:
4c:89:ac:fb:36:25:86:a4:52:d3:cc:68:23:3f:41:ef:69:c4:
f3:88:b8:30:f6:a4:bd:07:b8:51:a3:88:36:cd:5d:a4:27:77:
1c:13:da:68
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIEOPhdUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZGY0OTE0ODhhN2NkODQ0OGE0MjA5NDU4NzFjMGI5OTY3MmRjNjZlMB4XDTIyMDUy
NTA5MTgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTkwMGYyMzIwM2E5
MDg0YjE0Y2E4MTFiNzMyZjMwOTQwMWNjNTc1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANy/UNV3CoXCy3QGGG9J2VSxJNzHV+tSdPFKOQCMyvCzLXLa
9ITsx9PR+NUGAIqp2mLwv7TslJ4AA+xZC2HLN9m3kx/dJDWvuVaHsDkfulKVc5dW
91ZLq5NFHB3wATyjMU3WtAe8m9TneYJ7XZ9nyRq0Jr/aLGO7mmMXTxtSn4wQPcJH
wixV/tOrunbfgkCc6hkWRw8BlXRNjBt/PRr+arNj9MqZ8uyUc5L4SMDGNVVPxHXd
4EE3Wa4yI9AhPjOcsfGTOqZtYVf1q9lORW7y6xwYxE60uie9DRstA7JhKG5O07/a
Ulvtg0Jg491FdPx/zvSwHbF1MbH2ZnzOrGqzicsCAwEAAaOCAk4wggJKMB0GA1Ud
DgQWBBSpAPIyA6kISxTKgRtzLzCUAcxXXTAfBgNVHSMEGDAWgBSt9JFIinzYRIpC
CUWHHAuZZy3GbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JmU1JTSXA4MkVTS1FnbEZoeHdMbVdjdHhtNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvNzE1ZDE1LTI4MTAtNDgyNy04ZGJkLTBiZWUwNjEyNmIxYS8x
L3FRRHlNZ09wQ0VzVXlvRWJjeTh3bEFITVYxMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
NzE1ZDE1LTI4MTAtNDgyNy04ZGJkLTBiZWUwNjEyNmIxYS8xL3JmU1JTSXA4MkVT
S1FnbEZoeHdMbVdjdHhtNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBk
BggrBgEFBQcBBwEB/wRVMFMwUQQCAAEwSzALAwMDHzgDBAQfOGADBAAfOHQDBAFV
DzADBAFetggDBAFetgwDBAJetswDBABetuIDBAJetuQDBAOX8FAwDAMEAZf31gME
Apf34DANBgkqhkiG9w0BAQsFAAOCAQEAVzh0tbkb3EkuOBMUgb8URMSQf2/Db4zs
qGCH6xu6jiz+7de7vm8axemJbVmtAYLcp02Af4avxayT1g+MkRqr1cWwgCELLQmj
UqbXv+S4VG6ztbhgnPm2QHJ8c/GN2sM71eeDFLdjV/1QiXcYVIfr01CPYQdKr2Xp
aJqFR8/VpzbbM4Bb9voId06kUCopE5YqbYjj6ylkzIn1SnxBHSI/+qsr/gFIFr4t
1ZDlpa+n+b97tzkmBGFVB+NQmRpMkNjEjP8WpVD9ffioMG4EePmIP4Ej9enEGRz3
TIms+zYlhqRS08xoIz9B72nE84i4MPakvQe4UaOINs1dpCd3HBPaaA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:36 2023 by rpki-client on console.sobornost.net