Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/bvRxpAERMo5dwfDtYK2CJijISAw.roa
File: bvRxpAERMo5dwfDtYK2CJijISAw.roa (raw, json)
Hash identifier: SrurAYtpaF85eqXylXoX94a+XEEIOT5CyFmU0r1bKIg=
Subject key identifier: 6E:F4:71:A4:01:11:32:8E:5D:C1:F0:ED:60:AD:82:26:28:C8:48:0C
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 01849F8BE71CD9C4D98D7300C2FE23A2D78F
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/bvRxpAERMo5dwfDtYK2CJijISAw.roa
Signing time: Tue 22 Nov 2022 13:34:16 +0000
ROA not before: Tue 22 Nov 2022 13:34:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 212.36.128.0/18 maxlen: 18
62.23.0.0/16 maxlen: 16
62.23.14.0/24 maxlen: 24
212.36.144.0/20 maxlen: 20
62.23.23.0/24 maxlen: 24
80.80.0.0/19 maxlen: 19
46.248.128.0/19 maxlen: 19
212.161.0.0/17 maxlen: 17
136.225.0.0/16 maxlen: 16
84.16.160.0/19 maxlen: 19
193.188.132.0/23 maxlen: 23
213.215.128.0/17 maxlen: 17
213.208.192.0/18 maxlen: 18
62.97.64.0/18 maxlen: 18
212.36.160.0/20 maxlen: 20
62.23.43.0/24 maxlen: 24
157.120.224.0/21 maxlen: 21
157.120.236.0/22 maxlen: 22
212.36.184.0/21 maxlen: 21
62.23.61.0/24 maxlen: 24
62.23.70.0/24 maxlen: 24
157.120.240.0/20 maxlen: 20
193.116.128.0/18 maxlen: 18
212.35.96.0/19 maxlen: 19
62.96.0.0/16 maxlen: 16
213.86.0.0/16 maxlen: 16
87.241.0.0/18 maxlen: 18
213.173.160.0/19 maxlen: 19
213.164.0.0/19 maxlen: 19
193.93.80.0/22 maxlen: 22
80.251.160.0/19 maxlen: 19
195.110.64.0/19 maxlen: 19
212.123.192.0/18 maxlen: 18
217.110.0.0/15 maxlen: 15
212.203.64.0/18 maxlen: 18
212.78.160.0/19 maxlen: 19
194.223.128.0/21 maxlen: 21
194.223.136.0/22 maxlen: 22
213.246.192.0/18 maxlen: 18
85.88.128.0/19 maxlen: 19
195.68.74.0/24 maxlen: 24
193.118.224.0/19 maxlen: 19
78.143.0.0/18 maxlen: 18
212.31.224.0/19 maxlen: 19
217.173.96.0/20 maxlen: 20
82.112.192.0/19 maxlen: 19
62.72.96.0/19 maxlen: 19
57.133.0.0/16 maxlen: 16
78.156.64.0/19 maxlen: 19
193.82.32.0/19 maxlen: 19
212.74.79.0/24 maxlen: 24
212.121.128.0/19 maxlen: 19
212.23.224.0/19 maxlen: 19
213.185.160.0/19 maxlen: 19
212.0.96.0/19 maxlen: 19
213.61.0.0/16 maxlen: 16
62.192.0.0/19 maxlen: 19
193.114.160.0/19 maxlen: 19
212.74.64.0/24 maxlen: 24
212.74.64.0/19 maxlen: 19
212.74.77.0/24 maxlen: 24
212.74.78.0/24 maxlen: 24
195.68.0.0/17 maxlen: 17
84.14.63.0/24 maxlen: 24
62.152.96.0/19 maxlen: 19
213.229.128.0/18 maxlen: 18
118.67.224.0/19 maxlen: 19
62.84.192.0/19 maxlen: 19
84.14.0.0/16 maxlen: 16
213.27.128.0/17 maxlen: 17
213.41.0.0/17 maxlen: 17
80.169.0.0/16 maxlen: 16
2001:921::/32 maxlen: 32
2001:926::/32 maxlen: 32
2001:924::/32 maxlen: 32
2001:925::/32 maxlen: 32
2001:920::/29 maxlen: 29
2001:920::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9f:8b:e7:1c:d9:c4:d9:8d:73:00:c2:fe:23:a2:d7:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Nov 22 13:34:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ef471a40111328e5dc1f0ed60ad822628c8480c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:31:2d:19:65:24:61:1c:a5:d0:4b:ba:cd:9e:
73:2a:de:ce:78:05:72:0c:48:6c:43:22:a9:ee:c9:
e3:da:d9:b9:6f:81:6a:04:64:69:fb:9e:1b:7c:4c:
21:12:cf:ca:89:ae:c8:6f:7e:8a:63:42:59:a3:a0:
10:0f:c6:77:17:7c:a7:78:a4:00:c9:7e:fd:92:37:
18:81:98:ed:f3:c9:c6:54:9d:1d:4d:39:f6:95:f4:
a7:5c:b7:f2:81:2e:dc:24:99:cd:c6:f3:5f:6f:ed:
a5:53:de:cd:92:e5:85:a3:e4:10:ae:fe:ea:af:d1:
fc:a0:2f:51:11:bd:a1:d3:96:c0:33:f4:a3:2e:de:
2e:11:7b:a9:ba:8e:d7:41:8f:55:df:9a:63:d1:ea:
42:fe:71:6c:16:41:67:cf:03:6b:06:33:fe:d1:40:
c5:c4:e2:ea:08:e9:d3:2b:29:00:d2:08:aa:22:4b:
6e:4e:57:3a:f5:8a:40:ad:bd:a9:13:72:d9:32:24:
35:2d:de:19:c3:2e:96:f9:9a:29:50:b6:81:9c:e4:
1f:1c:97:f0:07:2a:7b:4d:e0:39:b6:f9:ec:9d:03:
5c:34:04:06:29:34:82:ca:e3:50:39:8b:20:e2:a6:
24:04:0b:fb:ea:c8:e6:ce:bd:c2:91:4e:2f:5d:6d:
58:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F4:71:A4:01:11:32:8E:5D:C1:F0:ED:60:AD:82:26:28:C8:48:0C
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/bvRxpAERMo5dwfDtYK2CJijISAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.128.0/19
57.133.0.0/16
62.23.0.0/16
62.72.96.0/19
62.84.192.0/19
62.96.0.0/16
62.97.64.0/18
62.152.96.0/19
62.192.0.0/19
78.143.0.0/18
78.156.64.0/19
80.80.0.0/19
80.169.0.0/16
80.251.160.0/19
82.112.192.0/19
84.14.0.0/16
84.16.160.0/19
85.88.128.0/19
87.241.0.0/18
118.67.224.0/19
136.225.0.0/16
157.120.224.0/21
157.120.236.0-157.120.255.255
193.82.32.0/19
193.93.80.0/22
193.114.160.0/19
193.116.128.0/18
193.118.224.0/19
193.188.132.0/23
194.223.128.0-194.223.139.255
195.68.0.0/17
195.110.64.0/19
212.0.96.0/19
212.23.224.0/19
212.31.224.0/19
212.35.96.0/19
212.36.128.0/18
212.74.64.0/19
212.78.160.0/19
212.121.128.0/19
212.123.192.0/18
212.161.0.0/17
212.203.64.0/18
213.27.128.0/17
213.41.0.0/17
213.61.0.0/16
213.86.0.0/16
213.164.0.0/19
213.173.160.0/19
213.185.160.0/19
213.208.192.0/18
213.215.128.0/17
213.229.128.0/18
213.246.192.0/18
217.110.0.0/15
217.173.96.0/20
IPv6:
2001:920::/29
Signature Algorithm: sha256WithRSAEncryption
b1:53:54:6e:43:35:26:33:ea:34:33:e5:c6:3d:9a:37:8b:d1:
c4:25:59:91:b0:91:ee:ee:fe:aa:f5:60:4c:33:1f:c2:d6:ca:
0f:bd:df:13:f5:40:a8:23:74:fa:09:cc:4c:c1:5b:4f:33:c7:
9c:90:e2:b3:f1:b8:55:08:43:6a:c9:d0:24:27:66:ac:1f:df:
74:4a:92:2e:33:70:74:52:1a:9f:a3:b8:17:9e:ff:c5:10:ef:
d8:91:34:12:24:c4:58:34:1a:11:10:87:47:98:6f:a8:47:a7:
ce:ff:21:6e:5a:54:02:92:f9:35:87:d7:b0:4e:8d:45:58:06:
30:c2:b0:af:54:bf:3b:bd:6d:8c:0b:09:1b:d0:63:14:22:f8:
74:ee:62:ec:f0:b7:37:57:42:26:b3:f5:21:1f:e7:90:3e:05:
16:23:9c:f7:c3:31:08:f5:04:8a:60:aa:32:83:f7:dd:62:9e:
90:08:dd:57:3e:a4:db:26:3b:1c:37:ed:71:18:09:e4:7c:d9:
2f:0d:26:72:60:4a:21:69:8d:a0:ee:e0:30:fe:c6:ad:b1:86:
23:a4:67:65:8b:a7:6e:fd:9e:d1:45:6e:2a:1c:03:42:ef:21:
33:8b:41:5b:85:76:aa:7f:94:05:ce:da:2a:db:28:02:9a:50:
5e:04:99:be
-----BEGIN CERTIFICATE-----
MIIGZjCCBU6gAwIBAgISAYSfi+cc2cTZjXMAwv4jotePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjIxMTIyMTMzNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWY0NzFhNDAxMTEzMjhlNWRjMWYwZWQ2MGFkODIyNjI4Yzg0ODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzEtGWUkYRyl0Eu6zZ5zKt7OeAVy
DEhsQyKp7snj2tm5b4FqBGRp+54bfEwhEs/Kia7Ib36KY0JZo6AQD8Z3F3yneKQA
yX79kjcYgZjt88nGVJ0dTTn2lfSnXLfygS7cJJnNxvNfb+2lU97NkuWFo+QQrv7q
r9H8oC9REb2h05bAM/SjLt4uEXupuo7XQY9V35pj0epC/nFsFkFnzwNrBjP+0UDF
xOLqCOnTKykA0giqIktuTlc69YpArb2pE3LZMiQ1Ld4Zwy6W+ZopULaBnOQfHJfw
Byp7TeA5tvnsnQNcNAQGKTSCyuNQOYsg4qYkBAv76sjmzr3CkU4vXW1YOwIDAQAB
o4IDcjCCA24wHQYDVR0OBBYEFG70caQBETKOXcHw7WCtgiYoyEgMMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvYnZSeHBBRVJNbzVkd2ZEdFlLMkNKaWpJU0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhgYIKwYBBQUHAQcBAf8EggF1MIIBcTCCAV4EAgABMIIB
VgMEBS74gAMDADmFAwMAPhcDBAU+SGADBAU+VMADAwA+YAMEBj5hQAMEBT6YYAME
BT7AAAMEBk6PAAMEBU6cQAMEBVBQAAMDAFCpAwQFUPugAwQFUnDAAwMAVA4DBAVU
EKADBAVVWIADBAZX8QADBAV2Q+ADAwCI4QMEA5144DALAwQCnXjsAwMAnXgDBAXB
UiADBALBXVADBAXBcqADBAbBdIADBAXBduADBAHBvIQwDAMEB8LfgAMEAsLfiAME
B8NEAAMEBcNuQAMEBdQAYAMEBdQX4AMEBdQf4AMEBdQjYAMEBtQkgAMEBdRKQAME
BdROoAMEBdR5gAMEBtR7wAMEB9ShAAMEBtTLQAMEB9UbgAMEB9UpAAMDANU9AwMA
1VYDBAXVpAADBAXVraADBAXVuaADBAbV0MADBAfV14ADBAbV5YADBAbV9sADAwHZ
bgMEBNmtYDANBAIAAjAHAwUDIAEJIDANBgkqhkiG9w0BAQsFAAOCAQEAsVNUbkM1
JjPqNDPlxj2aN4vRxCVZkbCR7u7+qvVgTDMfwtbKD73fE/VAqCN0+gnMTMFbTzPH
nJDis/G4VQhDasnQJCdmrB/fdEqSLjNwdFIan6O4F57/xRDv2JE0EiTEWDQaERCH
R5hvqEenzv8hblpUApL5NYfXsE6NRVgGMMKwr1S/O71tjAsJG9BjFCL4dO5i7PC3
N1dCJrP1IR/nkD4FFiOc98MxCPUEimCqMoP33WKekAjdVz6k2yY7HDftcRgJ5HzZ
Lw0mcmBKIWmNoO7gMP7GrbGGI6RnZYunbv2e0UVuKhwDQu8hM4tBW4V2qn+UBc7a
KtsoAppQXgSZvg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:50 2023 by rpki-client on console-fra.rpki-client.org