Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/t0Lf88LwGKft2D5O19sIxGRXp7A.roa
File: t0Lf88LwGKft2D5O19sIxGRXp7A.roa (raw, json)
Hash identifier: FUSs08Xe37h8nyIXKGBW2E/gMJeOYFgY+gauSxsImlA=
Subject key identifier: B7:42:DF:F3:C2:F0:18:A7:ED:D8:3E:4E:D7:DB:08:C4:64:57:A7:B0
Certificate issuer: /CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Certificate serial: 01999341
Authority key identifier: EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/t0Lf88LwGKft2D5O19sIxGRXp7A.roa
Signing time: Sat 01 Jan 2022 02:01:50 +0000
ROA not before: Sat 01 Jan 2022 02:01:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15975
IP address blocks: 217.66.224.0/21 maxlen: 21
217.66.224.0/23 maxlen: 23
217.66.226.0/24 maxlen: 24
82.205.0.0/17 maxlen: 17
217.66.227.0/24 maxlen: 24
217.66.232.0/24 maxlen: 24
217.66.228.0/22 maxlen: 22
217.66.238.0/23 maxlen: 23
217.66.236.0/24 maxlen: 24
217.66.236.0/22 maxlen: 22
86.107.16.0/22 maxlen: 22
87.252.108.0/22 maxlen: 22
188.215.100.0/22 maxlen: 22
82.205.80.0/20 maxlen: 20
82.205.96.0/20 maxlen: 20
82.205.112.0/21 maxlen: 21
217.66.240.0/20 maxlen: 20
82.205.32.0/20 maxlen: 20
212.33.96.0/20 maxlen: 20
212.33.96.0/19 maxlen: 19
185.171.132.0/22 maxlen: 22
82.205.48.0/20 maxlen: 20
82.205.64.0/20 maxlen: 20
212.33.112.0/20 maxlen: 20
212.106.80.0/20 maxlen: 20
82.102.240.0/20 maxlen: 20
82.102.192.0/20 maxlen: 20
37.8.112.0/20 maxlen: 20
82.102.208.0/20 maxlen: 20
82.102.216.0/23 maxlen: 23
82.102.224.0/20 maxlen: 20
82.102.224.0/21 maxlen: 21
212.106.64.0/20 maxlen: 20
212.106.64.0/19 maxlen: 19
82.102.232.0/24 maxlen: 24
82.102.233.0/24 maxlen: 24
82.102.236.0/22 maxlen: 22
82.102.234.0/23 maxlen: 23
85.113.96.0/20 maxlen: 20
85.113.96.0/19 maxlen: 19
85.113.112.0/20 maxlen: 20
176.65.12.0/22 maxlen: 22
147.189.176.0/20 maxlen: 20
194.169.123.0/24 maxlen: 24
194.169.122.0/24 maxlen: 24
194.169.121.0/24 maxlen: 24
199.250.128.0/21 maxlen: 21
199.250.128.0/19 maxlen: 19
217.21.14.0/23 maxlen: 23
217.21.12.0/23 maxlen: 23
188.209.208.0/22 maxlen: 22
37.8.64.0/20 maxlen: 20
37.8.80.0/20 maxlen: 20
37.8.96.0/20 maxlen: 20
37.8.0.0/17 maxlen: 17
199.250.136.0/21 maxlen: 21
199.250.144.0/21 maxlen: 21
199.250.152.0/21 maxlen: 21
37.8.32.0/20 maxlen: 20
37.8.48.0/20 maxlen: 20
109.232.163.0/24 maxlen: 24
109.232.162.0/24 maxlen: 24
185.90.242.0/24 maxlen: 24
217.78.48.0/21 maxlen: 21
217.78.56.0/22 maxlen: 22
217.21.3.0/24 maxlen: 24
217.21.2.0/24 maxlen: 24
217.21.4.0/24 maxlen: 24
217.21.0.0/23 maxlen: 23
217.21.6.0/23 maxlen: 23
217.21.8.0/23 maxlen: 23
217.21.5.0/24 maxlen: 24
217.21.10.0/23 maxlen: 23
2a01:7f80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26841921 (0x1999341)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec3a633ef2c08251a58603562e56aa6efa93ec25
Validity
Not Before: Jan 1 02:01:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b742dff3c2f018a7edd83e4ed7db08c46457a7b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:df:c4:96:26:c8:59:cf:f0:3c:92:69:19:c1:
3b:8a:f8:ce:51:d5:32:83:61:44:a4:a5:bf:88:1c:
dd:c4:33:78:e9:a3:cc:64:9b:f0:a0:b7:bc:ec:91:
ba:22:fb:21:c0:02:0b:e0:cd:ab:3a:ac:8c:23:d4:
9b:ab:2b:3d:60:e5:cf:22:b2:6a:4f:31:0d:fb:f5:
ee:34:50:f7:cd:7b:ba:88:25:34:1f:d7:1b:c5:8d:
89:4d:ff:a3:3d:cd:72:4c:54:ae:8c:05:4b:73:4f:
5f:56:a3:ce:e8:f5:db:1f:50:92:10:d3:94:53:35:
4a:37:13:5b:63:5b:c5:27:49:8f:aa:7b:e8:6e:87:
c0:5e:dc:ce:e7:d9:01:00:c8:7c:0e:a1:0f:87:36:
9a:0c:f4:10:e3:3e:5c:76:af:aa:c1:35:12:b1:4e:
89:dd:87:4e:3c:34:95:ec:06:38:2b:c5:02:e3:63:
9c:17:62:bc:15:eb:39:8a:09:3c:fc:fb:e4:ee:79:
35:f8:2f:e1:36:42:de:55:96:fb:09:43:49:3d:e2:
18:a6:cb:d7:2f:22:a8:f4:4c:a3:f7:ca:ac:c4:83:
46:f6:43:12:60:8a:e2:01:09:c7:1e:ce:54:87:e9:
f7:ca:fd:f7:f6:35:1e:f3:21:f9:bf:16:e0:d1:29:
1a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:42:DF:F3:C2:F0:18:A7:ED:D8:3E:4E:D7:DB:08:C4:64:57:A7:B0
X509v3 Authority Key Identifier:
keyid:EC:3A:63:3E:F2:C0:82:51:A5:86:03:56:2E:56:AA:6E:FA:93:EC:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7DpjPvLAglGlhgNWLlaqbvqT7CU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/t0Lf88LwGKft2D5O19sIxGRXp7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c1b1f0-234f-45d5-8595-f7c2c2a91bc2/1/7DpjPvLAglGlhgNWLlaqbvqT7CU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.8.0.0/17
82.102.192.0/18
82.205.0.0/17
85.113.96.0/19
86.107.16.0/22
87.252.108.0/22
109.232.162.0/23
147.189.176.0/20
176.65.12.0/22
185.90.242.0/24
185.171.132.0/22
188.209.208.0/22
188.215.100.0/22
194.169.121.0-194.169.123.255
199.250.128.0/19
212.33.96.0/19
212.106.64.0/19
217.21.0.0/20
217.66.224.0-217.66.232.255
217.66.236.0-217.66.255.255
217.78.48.0-217.78.59.255
IPv6:
2a01:7f80::/32
Signature Algorithm: sha256WithRSAEncryption
44:23:a0:9c:aa:3c:99:f1:dd:bf:8a:cb:33:b5:85:8f:76:d7:
c8:1e:fb:9c:e8:60:d3:1e:0e:07:06:46:30:86:5b:ba:3c:4a:
59:9c:b5:e9:1f:36:f2:4d:28:a0:8c:1c:14:5b:f6:1f:ba:9c:
20:8a:f4:97:70:27:65:36:27:44:a3:72:e8:fa:b0:49:c0:0b:
94:46:e9:8f:39:29:4e:04:fb:cd:1c:d6:9b:e3:9e:22:8c:4d:
b5:12:2f:e5:c0:b4:d0:c9:7a:7a:58:85:ad:dd:c3:f3:0b:cf:
df:5b:34:ca:d0:59:06:a3:f6:0d:46:e1:97:3e:2c:4e:69:8e:
17:d2:22:88:5e:b1:ec:f3:fb:0b:7a:15:53:c1:4c:0c:52:fb:
76:b1:99:98:3e:76:a0:03:8a:92:9d:90:a5:a1:37:b7:00:1d:
e9:2a:79:a6:c9:bc:91:a5:6d:1d:42:6b:0c:88:11:48:62:be:
2c:37:c8:ed:9f:b3:c3:27:38:f0:d3:d7:a1:29:10:ab:77:4e:
ec:ab:4e:c9:95:62:3d:49:13:3d:31:02:f2:4b:23:5e:67:e1:
6c:52:22:9b:0e:11:36:c3:82:00:14:c3:f4:89:86:54:97:b1:
d7:f6:16:9e:0f:72:02:b2:fd:ec:c5:0f:df:99:11:e2:83:17:
e7:bf:05:ff
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIEAZmTQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YzNhNjMzZWYyYzA4MjUxYTU4NjAzNTYyZTU2YWE2ZWZhOTNlYzI1MB4XDTIyMDEw
MTAyMDE1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjc0MmRmZjNjMmYw
MThhN2VkZDgzZTRlZDdkYjA4YzQ2NDU3YTdiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7fxJYmyFnP8DySaRnBO4r4zlHVMoNhRKSlv4gc3cQzeOmj
zGSb8KC3vOyRuiL7IcACC+DNqzqsjCPUm6srPWDlzyKyak8xDfv17jRQ9817uogl
NB/XG8WNiU3/oz3NckxUrowFS3NPX1ajzuj12x9QkhDTlFM1SjcTW2NbxSdJj6p7
6G6HwF7czufZAQDIfA6hD4c2mgz0EOM+XHavqsE1ErFOid2HTjw0lewGOCvFAuNj
nBdivBXrOYoJPPz75O55Nfgv4TZC3lWW+wlDST3iGKbL1y8iqPRMo/fKrMSDRvZD
EmCK4gEJxx7OVIfp98r99/Y1HvMh+b8W4NEpGtMCAwEAAaOCArQwggKwMB0GA1Ud
DgQWBBS3Qt/zwvAYp+3YPk7X2wjEZFensDAfBgNVHSMEGDAWgBTsOmM+8sCCUaWG
A1YuVqpu+pPsJTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdEcGpQdkxBZ2xHbGhnTldMbGFxYnZxVDdDVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvYzFiMWYwLTIzNGYtNDVkNS04NTk1LWY3YzJjMmE5MWJjMi8x
L3QwTGY4OEx3R0tmdDJENU8xOXNJeEdSWHA3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
YzFiMWYwLTIzNGYtNDVkNS04NTk1LWY3YzJjMmE5MWJjMi8xLzdEcGpQdkxBZ2xH
bGhnTldMbGFxYnZxVDdDVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
yQYIKwYBBQUHAQcBAf8EgbkwgbYwgaQEAgABMIGdAwQHJQgAAwQGUmbAAwQHUs0A
AwQFVXFgAwQCVmsQAwQCV/xsAwQBbeiiAwQEk72wAwQCsEEMAwQAuVryAwQCuauE
AwQCvNHQAwQCvNdkMAwDBADCqXkDBALCqXgDBAXH+oADBAXUIWADBAXUakADBATZ
FQAwDAMEBdlC4AMEANlC6DALAwQC2ULsAwMA2UIwDAMEBNlOMAMEAtlOODANBAIA
AjAHAwUAKgF/gDANBgkqhkiG9w0BAQsFAAOCAQEARCOgnKo8mfHdv4rLM7WFj3bX
yB77nOhg0x4OBwZGMIZbujxKWZy16R828k0ooIwcFFv2H7qcIIr0l3AnZTYnRKNy
6PqwScALlEbpjzkpTgT7zRzWm+OeIoxNtRIv5cC00Ml6eliFrd3D8wvP31s0ytBZ
BqP2DUbhlz4sTmmOF9IiiF6x7PP7C3oVU8FMDFL7drGZmD52oAOKkp2QpaE3twAd
6Sp5psm8kaVtHUJrDIgRSGK+LDfI7Z+zwyc48NPXoSkQq3dO7KtOyZViPUkTPTEC
8ksjXmfhbFIimw4RNsOCABTD9ImGVJex1/YWng9yArL97MUP35kR4oMX578F/w==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:04:19 2025 by rpki-client