Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/SW-zSeQ6WcUrZCbSQFrheGgEDIw.roa
File: SW-zSeQ6WcUrZCbSQFrheGgEDIw.roa (raw, json)
Hash identifier: T4PwhRx8hk4a49+tbt7goYCn27obrgmdvEhgPNpXbnw=
Subject key identifier: 49:6F:B3:49:E4:3A:59:C5:2B:64:26:D2:40:5A:E1:78:68:04:0C:8C
Certificate issuer: /CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Certificate serial: 01857315D3D280A287F887BF793BD5D316F0
Authority key identifier: 4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/SW-zSeQ6WcUrZCbSQFrheGgEDIw.roa
Signing time: Mon 02 Jan 2023 15:24:48 +0000
ROA not before: Mon 02 Jan 2023 15:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199551
IP address blocks: 83.230.40.0/21 maxlen: 21
213.227.68.0/22 maxlen: 22
212.106.163.0/24 maxlen: 24
212.106.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:d3:d2:80:a2:87:f8:87:bf:79:3b:d5:d3:16:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b405caab34bbfde6b8ee66c600860c6ce96f32b
Validity
Not Before: Jan 2 15:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=496fb349e43a59c52b6426d2405ae17868040c8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:db:f5:ef:27:25:01:40:db:dd:cf:ef:91:2f:
40:23:32:6e:9a:d6:74:fa:e8:8d:a9:e4:0b:4e:4f:
90:85:9d:f2:46:fd:39:f7:86:bb:8d:98:32:50:bf:
60:24:13:4f:1c:87:cb:c4:d0:2c:30:34:20:73:9e:
20:2b:75:4e:44:e3:71:7b:04:be:d3:fb:a5:42:6e:
c9:bd:e4:16:01:24:98:1d:80:21:63:4d:30:6a:f9:
8a:96:ec:cf:8e:e0:77:3c:0a:0a:a8:4b:d8:cc:fd:
ad:ac:39:db:8a:07:9f:f5:01:4c:fa:b3:44:04:bb:
79:5b:88:88:8f:e8:b6:b0:6a:f3:23:b7:bc:45:07:
19:af:e1:26:2a:f5:d8:ad:ad:95:d1:65:82:31:de:
b0:3a:d7:5c:0f:3a:0b:ce:62:3d:b5:25:24:6e:a0:
fd:e2:2a:67:48:b1:16:ca:50:48:1e:0e:cc:41:93:
92:61:83:13:09:91:64:e8:88:0a:32:30:65:e1:f6:
a5:1b:c1:d7:fa:91:66:c4:c5:1a:36:8f:62:83:1c:
b7:f7:fb:46:64:3c:94:6a:a6:47:d8:28:3f:d0:0b:
52:05:08:88:eb:04:fa:90:d0:cc:ba:c4:56:e0:01:
00:26:0f:18:85:a8:b1:eb:28:68:12:0d:5c:8d:ab:
05:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:6F:B3:49:E4:3A:59:C5:2B:64:26:D2:40:5A:E1:78:68:04:0C:8C
X509v3 Authority Key Identifier:
keyid:4B:40:5C:AA:B3:4B:BF:DE:6B:8E:E6:6C:60:08:60:C6:CE:96:F3:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0BcqrNLv95rjuZsYAhgxs6W8ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/SW-zSeQ6WcUrZCbSQFrheGgEDIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/914d39-3020-4b79-ad26-d87affb8bc61/1/S0BcqrNLv95rjuZsYAhgxs6W8ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.230.40.0/21
212.106.161.0/24
212.106.163.0/24
213.227.68.0/22
Signature Algorithm: sha256WithRSAEncryption
60:d7:7b:0e:9e:2a:55:1d:c5:0e:3f:6b:ac:ef:a4:c2:de:30:
bd:98:b8:5d:d0:a0:a9:a7:51:49:04:66:f7:82:6d:2c:12:8a:
1e:7b:13:5d:2d:4e:87:df:79:eb:53:61:a7:5b:0d:54:96:03:
a0:19:6b:b5:9a:2c:5a:1b:67:2c:7c:5b:c9:9c:19:80:ab:b5:
40:54:75:4a:97:73:d3:02:9a:95:20:7e:57:86:2d:d2:6c:f5:
cc:48:02:cf:32:29:f7:40:96:46:cf:86:8b:c3:dd:8b:e7:e5:
ca:bb:ca:83:41:ac:e1:9f:66:f4:b3:3d:20:b1:7d:d8:b3:e5:
5e:a2:a4:72:37:f0:48:0f:0a:7b:45:b8:04:eb:37:87:6f:65:
49:4a:65:59:06:c7:ab:74:ac:2c:e7:37:f5:83:c3:31:33:63:
84:b2:59:21:f6:f0:b5:4c:02:a5:28:76:3e:db:49:8a:f9:d4:
69:6b:77:80:55:6a:f2:37:ca:16:8a:7c:3b:6c:c2:a9:2b:48:
f4:2f:70:ff:a0:c2:d7:70:ac:bb:38:a6:c1:7e:3c:9e:00:57:
1c:6f:6d:28:f2:3a:f4:16:93:97:a4:d7:0f:cd:4e:38:26:3a:
42:6c:23:3b:17:9d:c8:6c:8a:81:e9:17:bd:75:32:21:74:2a:
b1:e2:b5:0f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVzFdPSgKKH+Ie/eTvV0xbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNDA1Y2FhYjM0YmJmZGU2YjhlZTY2YzYwMDg2MGM2Y2U5
NmYzMmIwHhcNMjMwMTAyMTUyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTZmYjM0OWU0M2E1OWM1MmI2NDI2ZDI0MDVhZTE3ODY4MDQwYzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtv17yclAUDb3c/vkS9AIzJumtZ0
+uiNqeQLTk+QhZ3yRv0594a7jZgyUL9gJBNPHIfLxNAsMDQgc54gK3VORONxewS+
0/ulQm7JveQWASSYHYAhY00wavmKluzPjuB3PAoKqEvYzP2trDnbigef9QFM+rNE
BLt5W4iIj+i2sGrzI7e8RQcZr+EmKvXYra2V0WWCMd6wOtdcDzoLzmI9tSUkbqD9
4ipnSLEWylBIHg7MQZOSYYMTCZFk6IgKMjBl4falG8HX+pFmxMUaNo9igxy39/tG
ZDyUaqZH2Cg/0AtSBQiI6wT6kNDMusRW4AEAJg8Yhaix6yhoEg1cjasFIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFElvs0nkOlnFK2Qm0kBa4XhoBAyMMB8GA1UdIwQY
MBaAFEtAXKqzS7/ea47mbGAIYMbOlvMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzBCY3FyTkx2OTVyanVac1lBaGd4czZXOHlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85MTRkMzktMzAyMC00Yjc5LWFkMjYt
ZDg3YWZmYjhiYzYxLzEvU1ctelNlUTZXY1VyWkNiU1FGcmhlR2dFREl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS85MTRkMzktMzAyMC00Yjc5LWFkMjYtZDg3YWZmYjhiYzYx
LzEvUzBCY3FyTkx2OTVyanVac1lBaGd4czZXOHlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDU+YoAwQA
1GqhAwQA1GqjAwQC1eNEMA0GCSqGSIb3DQEBCwUAA4IBAQBg13sOnipVHcUOP2us
76TC3jC9mLhd0KCpp1FJBGb3gm0sEooeexNdLU6H33nrU2GnWw1UlgOgGWu1mixa
G2csfFvJnBmAq7VAVHVKl3PTApqVIH5Xhi3SbPXMSALPMin3QJZGz4aLw92L5+XK
u8qDQazhn2b0sz0gsX3Ys+VeoqRyN/BIDwp7RbgE6zeHb2VJSmVZBserdKws5zf1
g8MxM2OEslkh9vC1TAKlKHY+20mK+dRpa3eAVWryN8oWinw7bMKpK0j0L3D/oMLX
cKy7OKbBfjyeAFccb20o8jr0FpOXpNcPzU44JjpCbCM7F53IbIqB6Re9dTIhdCqx
4rUP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:18 2025 by rpki-client