Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/SaWBXN_BAkL7xJqE2zmOzKcbAV4.roa
File: SaWBXN_BAkL7xJqE2zmOzKcbAV4.roa (raw, json)
Hash identifier: z8vv2km1scMcHyAoj9FHBvJDEPuM4YaFgSv92QsJHKI=
Subject key identifier: 49:A5:81:5C:DF:C1:02:42:FB:C4:9A:84:DB:39:8E:CC:A7:1B:01:5E
Certificate issuer: /CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Certificate serial: 01823EAAE44759569F344EEBBF305A0611CC
Authority key identifier: EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/SaWBXN_BAkL7xJqE2zmOzKcbAV4.roa
Signing time: Wed 27 Jul 2022 07:59:23 +0000
ROA not before: Wed 27 Jul 2022 07:59:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15975
IP address blocks: 217.66.224.0/21 maxlen: 21
217.66.224.0/23 maxlen: 23
217.66.226.0/24 maxlen: 24
82.205.0.0/17 maxlen: 17
217.66.227.0/24 maxlen: 24
217.66.232.0/24 maxlen: 24
217.66.228.0/22 maxlen: 22
217.66.238.0/23 maxlen: 23
217.66.236.0/24 maxlen: 24
217.66.236.0/22 maxlen: 22
86.107.16.0/22 maxlen: 22
87.252.108.0/22 maxlen: 22
188.215.100.0/22 maxlen: 22
82.205.80.0/20 maxlen: 20
82.205.96.0/20 maxlen: 20
82.205.112.0/21 maxlen: 21
217.66.240.0/20 maxlen: 20
82.205.32.0/20 maxlen: 20
212.33.96.0/20 maxlen: 20
212.33.96.0/19 maxlen: 19
185.171.132.0/22 maxlen: 22
82.205.48.0/20 maxlen: 20
82.205.64.0/20 maxlen: 20
212.33.112.0/20 maxlen: 20
212.106.80.0/20 maxlen: 20
82.102.240.0/20 maxlen: 20
82.102.192.0/20 maxlen: 20
37.8.112.0/20 maxlen: 20
82.102.208.0/20 maxlen: 20
82.102.216.0/23 maxlen: 23
82.102.224.0/20 maxlen: 20
82.102.224.0/21 maxlen: 21
212.106.64.0/20 maxlen: 20
212.106.64.0/19 maxlen: 19
82.102.232.0/24 maxlen: 24
82.102.233.0/24 maxlen: 24
212.106.73.0/24 maxlen: 24
82.102.236.0/22 maxlen: 22
82.102.234.0/23 maxlen: 23
85.113.96.0/20 maxlen: 20
85.113.96.0/19 maxlen: 19
85.113.112.0/20 maxlen: 20
176.65.12.0/22 maxlen: 22
147.189.176.0/20 maxlen: 20
194.169.123.0/24 maxlen: 24
194.169.122.0/24 maxlen: 24
194.169.121.0/24 maxlen: 24
199.250.128.0/21 maxlen: 21
199.250.128.0/19 maxlen: 19
217.21.14.0/23 maxlen: 23
217.21.12.0/23 maxlen: 23
188.209.208.0/22 maxlen: 22
37.8.64.0/20 maxlen: 20
37.8.80.0/20 maxlen: 20
37.8.96.0/20 maxlen: 20
37.8.0.0/17 maxlen: 17
199.250.136.0/21 maxlen: 21
199.250.144.0/21 maxlen: 21
199.250.152.0/21 maxlen: 21
37.8.32.0/20 maxlen: 20
37.8.48.0/20 maxlen: 20
109.232.163.0/24 maxlen: 24
109.232.162.0/24 maxlen: 24
185.90.242.0/24 maxlen: 24
217.78.48.0/21 maxlen: 21
217.78.56.0/24 maxlen: 24
217.78.56.0/22 maxlen: 22
217.21.3.0/24 maxlen: 24
217.21.2.0/24 maxlen: 24
217.21.4.0/24 maxlen: 24
217.21.0.0/23 maxlen: 23
217.21.6.0/23 maxlen: 23
217.21.8.0/23 maxlen: 23
217.21.5.0/24 maxlen: 24
217.21.10.0/23 maxlen: 23
2a01:7f80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3e:aa:e4:47:59:56:9f:34:4e:eb:bf:30:5a:06:11:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Validity
Not Before: Jul 27 07:59:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49a5815cdfc10242fbc49a84db398ecca71b015e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:24:eb:a4:00:14:72:a0:a4:ea:35:c3:66:34:
56:a8:76:a5:54:b9:a5:4d:5b:40:15:5b:2c:bb:07:
34:11:5f:96:4b:db:fb:e8:0c:50:60:79:a5:f5:f5:
1b:d4:81:3f:39:af:2a:59:a7:fe:59:00:85:1d:20:
4a:8a:18:b2:ee:98:84:aa:de:d2:f3:dd:97:2a:58:
a5:77:8f:4a:fa:1d:a8:1f:35:dc:7c:df:0f:9f:72:
d4:49:7f:4e:95:26:3d:98:c4:98:ef:b9:5a:b1:0a:
b9:0d:0c:41:fc:db:3c:8d:59:f4:20:7b:6b:ad:50:
60:0c:31:64:f8:d2:d6:0f:36:fb:39:2f:11:18:ef:
2d:b8:a2:6a:fc:f6:41:76:81:10:9e:b8:b5:77:ed:
e0:8e:09:90:6a:0b:aa:af:1d:f8:a0:8f:05:5d:0b:
f7:36:4f:3e:d9:0c:b7:34:09:39:25:a7:ed:d1:9d:
a9:24:62:03:62:66:f6:ef:af:5b:37:c1:e7:b5:b0:
9d:55:54:c0:6d:e5:d5:41:7f:42:75:0e:bc:40:ce:
44:e6:c9:65:2c:b1:50:dd:bf:67:f2:8d:26:db:ed:
89:65:a8:01:5d:06:83:71:ac:73:10:30:9c:9f:f1:
a0:03:b6:d7:65:bc:44:d7:61:a0:a8:a7:50:75:a9:
8f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:A5:81:5C:DF:C1:02:42:FB:C4:9A:84:DB:39:8E:CC:A7:1B:01:5E
X509v3 Authority Key Identifier:
keyid:EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/SaWBXN_BAkL7xJqE2zmOzKcbAV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.8.0.0/17
82.102.192.0/18
82.205.0.0/17
85.113.96.0/19
86.107.16.0/22
87.252.108.0/22
109.232.162.0/23
147.189.176.0/20
176.65.12.0/22
185.90.242.0/24
185.171.132.0/22
188.209.208.0/22
188.215.100.0/22
194.169.121.0-194.169.123.255
199.250.128.0/19
212.33.96.0/19
212.106.64.0/19
217.21.0.0/20
217.66.224.0-217.66.232.255
217.66.236.0-217.66.255.255
217.78.48.0-217.78.59.255
IPv6:
2a01:7f80::/32
Signature Algorithm: sha256WithRSAEncryption
5e:43:11:c1:b4:42:37:f1:fb:eb:d3:ca:fc:21:e3:22:59:64:
32:1e:4d:bf:bb:cc:0f:3c:b0:2c:f4:08:9b:4c:cf:76:e1:bf:
ac:96:c1:c2:36:42:f5:91:ee:cd:1f:03:1f:46:6b:ee:d7:f1:
3f:b3:0c:07:c2:43:df:ae:f4:51:89:f4:aa:a3:cb:60:46:ed:
d1:6a:99:e2:2c:2b:f8:27:f6:e2:f6:84:a4:5a:a5:4b:17:0c:
36:68:ce:1d:62:06:48:3f:d8:62:f4:5d:4f:fd:3c:85:61:3a:
21:0e:ab:24:fa:24:27:5d:9f:e2:7d:c4:a8:65:8e:67:e7:8f:
e4:e9:71:bb:77:6c:5d:7e:02:bb:29:e2:3e:c1:3a:6c:c6:51:
f3:96:fe:73:c6:ce:7f:ca:4c:30:52:79:40:c8:79:dd:b3:b4:
9d:55:5f:78:ba:0d:75:21:5e:4a:61:8e:13:e7:fc:d5:7b:85:
53:76:c3:4e:5d:99:9b:86:8f:e7:0e:8a:5e:e4:a0:1f:db:e4:
e2:14:f1:e9:68:88:d5:af:4c:8b:25:0a:81:9c:83:1a:dc:7e:
df:9b:1a:49:36:a3:1c:5e:86:4a:b6:c0:72:70:b0:02:f9:37:
1c:de:fd:bc:e4:ff:8f:31:8c:12:42:ad:80:56:96:0c:9e:5e:
e6:dd:7c:0f
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYI+quRHWVafNE7rvzBaBhHMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjM2E2MzNlZjJjMDgyNTFhNTg2MDM1NjJlNTZhYTZlZmE5
M2VjMjUwHhcNMjIwNzI3MDc1OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWE1ODE1Y2RmYzEwMjQyZmJjNDlhODRkYjM5OGVjY2E3MWIwMTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCTrpAAUcqCk6jXDZjRWqHalVLml
TVtAFVssuwc0EV+WS9v76AxQYHml9fUb1IE/Oa8qWaf+WQCFHSBKihiy7piEqt7S
892XKlild49K+h2oHzXcfN8Pn3LUSX9OlSY9mMSY77lasQq5DQxB/Ns8jVn0IHtr
rVBgDDFk+NLWDzb7OS8RGO8tuKJq/PZBdoEQnri1d+3gjgmQaguqrx34oI8FXQv3
Nk8+2Qy3NAk5Jaft0Z2pJGIDYmb2769bN8HntbCdVVTAbeXVQX9CdQ68QM5E5sll
LLFQ3b9n8o0m2+2JZagBXQaDcaxzEDCcn/GgA7bXZbxE12GgqKdQdamPAwIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFEmlgVzfwQJC+8SahNs5jsynGwFeMB8GA1UdIwQY
MBaAFOw6Yz7ywIJRpYYDVi5Wqm76k+wlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0RwalB2TEFnbEdsaGdOV0xsYXFidnFUN0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMWIxZjAtMjM0Zi00NWQ1LTg1OTUt
ZjdjMmMyYTkxYmMyLzEvU2FXQlhOX0JBa0w3eEpxRTJ6bU96S2NiQVY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMWIxZjAtMjM0Zi00NWQ1LTg1OTUtZjdjMmMyYTkxYmMy
LzEvN0RwalB2TEFnbEdsaGdOV0xsYXFidnFUN0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBpAQCAAEwgZ0DBAcl
CAADBAZSZsADBAdSzQADBAVVcWADBAJWaxADBAJX/GwDBAFt6KIDBASTvbADBAKw
QQwDBAC5WvIDBAK5q4QDBAK80dADBAK812QwDAMEAMKpeQMEAsKpeAMEBcf6gAME
BdQhYAMEBdRqQAMEBNkVADAMAwQF2ULgAwQA2ULoMAsDBALZQuwDAwDZQjAMAwQE
2U4wAwQC2U44MA0EAgACMAcDBQAqAX+AMA0GCSqGSIb3DQEBCwUAA4IBAQBeQxHB
tEI38fvr08r8IeMiWWQyHk2/u8wPPLAs9AibTM924b+slsHCNkL1ke7NHwMfRmvu
1/E/swwHwkPfrvRRifSqo8tgRu3RapniLCv4J/bi9oSkWqVLFww2aM4dYgZIP9hi
9F1P/TyFYTohDqsk+iQnXZ/ifcSoZY5n54/k6XG7d2xdfgK7KeI+wTpsxlHzlv5z
xs5/ykwwUnlAyHnds7SdVV94ug11IV5KYY4T5/zVe4VTdsNOXZmbho/nDope5KAf
2+TiFPHpaIjVr0yLJQqBnIMa3H7fmxpJNqMcXoZKtsBycLAC+Tcc3v285P+PMYwS
Qq2AVpYMnl7m3XwP
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:26 2023 by rpki-client on console-ams.rpki-client.org