Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/thXmgEDe9tJaTX2rtMh1xnZQNPQ.roa
File: thXmgEDe9tJaTX2rtMh1xnZQNPQ.roa (raw, json)
Hash identifier: YsEcsXxWH09JcKooAaJR9lFClngXtmnLfLyNDf0LNxM=
Subject key identifier: B6:15:E6:80:40:DE:F6:D2:5A:4D:7D:AB:B4:C8:75:C6:76:50:34:F4
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 01825EC769BB4DEF758DBE651FA4974D7F06
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/thXmgEDe9tJaTX2rtMh1xnZQNPQ.roa
Signing time: Tue 02 Aug 2022 13:38:23 +0000
ROA not before: Tue 02 Aug 2022 13:38:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208677
IP address blocks: 46.243.172.0/24 maxlen: 24
37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
178.170.242.0/24 maxlen: 24
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
37.230.139.0/24 maxlen: 24
87.242.88.0/21 maxlen: 21
37.18.102.0/24 maxlen: 24
37.18.100.0/23 maxlen: 23
37.18.107.0/24 maxlen: 24
37.18.112.0/23 maxlen: 23
37.18.108.0/22 maxlen: 22
37.18.115.0/24 maxlen: 24
37.18.114.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
37.18.122.0/24 maxlen: 24
37.230.186.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.180.0/23 maxlen: 23
46.243.206.0/24 maxlen: 24
46.243.205.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
46.243.244.0/23 maxlen: 23
37.18.72.0/23 maxlen: 23
188.72.106.0/23 maxlen: 23
188.72.108.0/23 maxlen: 23
37.230.192.0/21 maxlen: 21
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
94.139.252.0/22 maxlen: 22
178.170.192.0/22 maxlen: 22
178.170.191.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
178.170.196.0/23 maxlen: 23
141.101.201.0/24 maxlen: 24
141.101.151.0/24 maxlen: 24
45.89.224.0/22 maxlen: 22
2a0c:2b80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5e:c7:69:bb:4d:ef:75:8d:be:65:1f:a4:97:4d:7f:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: Aug 2 13:38:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b615e68040def6d25a4d7dabb4c875c6765034f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e2:6d:b1:5c:21:71:e2:77:1c:2c:b2:9b:02:
d7:ff:93:79:bb:3e:ff:2c:bd:34:51:d3:ad:02:73:
88:b5:8e:d8:d2:15:cf:3d:26:cd:c5:fd:07:32:15:
19:61:7e:cd:0b:25:47:4b:09:da:1c:74:4e:b3:12:
90:e4:35:c5:ae:9d:3a:c2:7d:b6:1b:e7:16:c1:ef:
3c:b7:bb:e1:fc:9e:46:ae:e0:21:5e:5e:aa:53:43:
da:9e:df:25:2c:96:2a:af:b8:f8:70:0b:c2:5d:43:
f4:21:97:a1:be:d6:1a:b5:90:52:52:5e:ee:0b:21:
0a:40:03:73:7a:60:f9:c6:04:76:b9:77:40:47:a2:
32:79:3c:7d:65:03:84:47:96:5a:35:a6:1e:e8:49:
03:8c:8b:02:fb:ac:0a:4e:31:80:35:49:56:6a:a1:
51:42:ec:c5:36:8f:06:e0:58:19:48:c7:1b:0b:32:
cc:42:16:c1:a0:b8:16:d1:66:a8:8b:fb:aa:5a:2d:
80:f6:f3:36:b2:9b:24:57:36:65:2a:1c:c6:03:51:
01:c6:8c:94:ea:a3:98:a8:a0:e5:f4:ff:68:de:1d:
ce:9b:c9:08:d2:a1:a9:5a:22:64:02:ed:9d:7a:b0:
bd:7f:be:f4:3f:9c:d8:cc:bb:b9:0e:90:ad:20:ff:
79:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:15:E6:80:40:DE:F6:D2:5A:4D:7D:AB:B4:C8:75:C6:76:50:34:F4
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/thXmgEDe9tJaTX2rtMh1xnZQNPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.230.139.0/24
37.230.180.0/23
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
46.243.141.0-46.243.143.255
46.243.172.0/24
46.243.201.0/24
46.243.205.0-46.243.206.255
46.243.226.0/23
46.243.244.0/23
87.242.88.0/21
94.139.252.0/22
141.101.151.0/24
141.101.201.0/24
178.170.191.0-178.170.197.255
178.170.242.0/24
188.72.106.0-188.72.109.255
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
a1:55:c9:9b:0b:d1:3b:b1:8c:1f:7d:8b:af:1c:6e:ad:c1:e1:
c7:ea:30:70:a3:87:2b:7a:2d:34:df:8d:58:52:53:5f:5d:4f:
1c:36:54:e1:2e:14:e1:fb:f2:bf:74:cd:f8:8d:f1:a9:3a:f4:
c3:4f:a6:11:29:a2:1b:c6:18:26:c7:42:22:37:83:10:96:67:
48:4d:6a:3d:8b:c7:7a:15:98:c1:cc:e7:a7:77:56:ef:b5:3e:
8b:89:74:57:79:2e:bb:c0:69:ee:5d:24:95:44:f7:1d:56:8d:
95:c9:a0:65:fc:8b:82:e6:18:01:a8:3d:2f:a4:d0:fb:19:9c:
79:7e:b6:9a:31:a7:73:99:a0:4a:1c:c7:5e:dc:9f:0d:59:8b:
ac:11:ae:cf:22:f2:e7:b2:a6:cd:73:99:ed:ab:f7:73:cc:01:
5b:83:09:05:8b:47:e8:05:b5:b0:16:24:48:0e:d2:7a:9b:2f:
8c:7a:26:21:fa:7d:d6:da:e4:57:b6:0d:a9:16:76:15:f9:da:
ac:33:69:e9:d6:a2:fe:d5:27:d6:bc:98:d3:1b:db:8b:4a:50:
7e:1e:84:5d:fa:e0:66:2a:34:3e:be:12:fc:80:49:da:63:04:
2c:09:7b:37:de:67:fe:64:31:6b:70:a2:d2:cd:48:49:5c:65:
14:25:ed:60
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgISAYJex2m7Te91jb5lH6SXTX8GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MTllMWYzZmU2OWI0ZWJkZmYwMmE5YTg1N2U3YzZjMmIy
NTMwMWEwHhcNMjIwODAyMTMzODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjE1ZTY4MDQwZGVmNmQyNWE0ZDdkYWJiNGM4NzVjNjc2NTAzNGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuJtsVwhceJ3HCyymwLX/5N5uz7/
LL00UdOtAnOItY7Y0hXPPSbNxf0HMhUZYX7NCyVHSwnaHHROsxKQ5DXFrp06wn22
G+cWwe88t7vh/J5GruAhXl6qU0Pant8lLJYqr7j4cAvCXUP0IZehvtYatZBSUl7u
CyEKQANzemD5xgR2uXdAR6IyeTx9ZQOER5ZaNaYe6EkDjIsC+6wKTjGANUlWaqFR
QuzFNo8G4FgZSMcbCzLMQhbBoLgW0Waoi/uqWi2A9vM2spskVzZlKhzGA1EBxoyU
6qOYqKDl9P9o3h3Om8kI0qGpWiJkAu2derC9f770P5zYzLu5DpCtIP95jwIDAQAB
o4IC9jCCAvIwHQYDVR0OBBYEFLYV5oBA3vbSWk19q7TIdcZ2UDT0MB8GA1UdIwQY
MBaAFPkZ4fP+abTr3/AqmoV+fGwrJTAaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Sbmg4XzVwdE92ZjhDcWFoWDU4YkNzbE1Cby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAz
LWRhZDA0MjBiODVkMy8xL3RoWG1nRURlOXRKYVRYMnJ0TWgxeG5aUU5QUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAzLWRhZDA0MjBiODVk
My8xLzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEIBggrBgEFBQcBBwEB/wSB+DCB9TCB4wQCAAEwgdww
DAMEAyUSCAMEACUSCgMEACUSFgMEASUSSDAMAwQCJRJkAwQAJRJmMAwDBAAlEmsD
BAAlEnoDBAAl5osDBAEl5rQwDAMEAyXmuAMEACXmugMEAyXmwAMEACXm4AMEACXm
6QMEAi0JGAMEAi1Z4DAMAwQALvONAwQELvOAAwQALvOsAwQALvPJMAwDBAAu880D
BAAu884DBAEu8+IDBAEu8/QDBANX8lgDBAJei/wDBACNZZcDBACNZckwDAMEALKq
vwMEAbKqxAMEALKq8jAMAwQBvEhqAwQBvEhsMA0EAgACMAcDBQMqDCuAMA0GCSqG
SIb3DQEBCwUAA4IBAQChVcmbC9E7sYwffYuvHG6tweHH6jBwo4crei00341YUlNf
XU8cNlThLhTh+/K/dM34jfGpOvTDT6YRKaIbxhgmx0IiN4MQlmdITWo9i8d6FZjB
zOend1bvtT6LiXRXeS67wGnuXSSVRPcdVo2VyaBl/IuC5hgBqD0vpND7GZx5fraa
MadzmaBKHMde3J8NWYusEa7PIvLnsqbNc5ntq/dzzAFbgwkFi0foBbWwFiRIDtJ6
my+MeiYh+n3W2uRXtg2pFnYV+dqsM2np1qL+1SfWvJjTG9uLSlB+HoRd+uBmKjQ+
vhL8gEnaYwQsCXs33mf+ZDFrcKLSzUhJXGUUJe1g
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:55 2024 by rpki-client on console-ams.rpki-client.org