Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/Th_i-99HCm2cmdVUAWvnJzy2r70.roa
File: Th_i-99HCm2cmdVUAWvnJzy2r70.roa (raw, json)
Hash identifier: YyRMwOKKa6bMT0a1nkgbaN/Ld9SJHoUfsKqJcVGgVxw=
Subject key identifier: 4E:1F:E2:FB:DF:47:0A:6D:9C:99:D5:54:01:6B:E7:27:3C:B6:AF:BD
Certificate issuer: /CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Certificate serial: 018B5D6D2535E279FB633B2D44E7664B5523
Authority key identifier: A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/Th_i-99HCm2cmdVUAWvnJzy2r70.roa
Signing time: Mon 23 Oct 2023 16:45:15 +0000
ROA not before: Mon 23 Oct 2023 16:45:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210079
IP address blocks: 217.144.96.0/24 maxlen: 24
217.144.98.0/24 maxlen: 24
217.144.97.0/24 maxlen: 24
217.144.99.0/24 maxlen: 24
217.144.103.0/24 maxlen: 24
217.144.101.0/24 maxlen: 24
217.144.100.0/24 maxlen: 24
185.22.232.0/23 maxlen: 23
185.22.234.0/23 maxlen: 23
91.218.230.0/23 maxlen: 23
91.218.228.0/23 maxlen: 23
95.181.224.0/24 maxlen: 24
95.181.226.0/24 maxlen: 24
95.181.225.0/24 maxlen: 24
5.35.100.0/24 maxlen: 24
5.35.102.0/24 maxlen: 24
5.35.101.0/24 maxlen: 24
95.183.8.0/23 maxlen: 23
95.183.11.0/24 maxlen: 24
95.183.10.0/24 maxlen: 24
95.183.15.0/24 maxlen: 24
95.183.14.0/24 maxlen: 24
95.183.13.0/24 maxlen: 24
95.183.12.0/24 maxlen: 24
37.143.10.0/23 maxlen: 23
37.143.8.0/23 maxlen: 23
37.143.14.0/23 maxlen: 23
37.143.12.0/23 maxlen: 23
46.254.16.0/23 maxlen: 23
46.254.23.0/24 maxlen: 24
46.254.22.0/24 maxlen: 24
46.254.20.0/23 maxlen: 23
46.254.18.0/23 maxlen: 23
95.181.228.0/24 maxlen: 24
95.181.227.0/24 maxlen: 24
95.181.231.0/24 maxlen: 24
95.181.230.0/24 maxlen: 24
95.181.229.0/24 maxlen: 24
185.87.192.0/24 maxlen: 24
185.87.195.0/24 maxlen: 24
185.87.194.0/24 maxlen: 24
185.87.193.0/24 maxlen: 24
185.87.199.0/24 maxlen: 24
185.87.198.0/24 maxlen: 24
185.87.197.0/24 maxlen: 24
185.87.196.0/24 maxlen: 24
178.57.218.0/23 maxlen: 23
178.57.216.0/23 maxlen: 23
178.57.222.0/23 maxlen: 23
178.57.220.0/23 maxlen: 23
2a03:c980:b916::/48 maxlen: 48
2a03:c980:5fb5::/48 maxlen: 48
2a03:c980:d990::/48 maxlen: 48
2a03:c980:b957::/48 maxlen: 48
2a03:c980:e5::/48 maxlen: 48
2a03:c980:db::/48 maxlen: 48
2a03:c980:b239::/48 maxlen: 48
2a03:c980:beef::/48 maxlen: 48
2a03:c980:dead::/48 maxlen: 48
2a03:c980:5fb7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5d:6d:25:35:e2:79:fb:63:3b:2d:44:e7:66:4b:55:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Validity
Not Before: Oct 23 16:45:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e1fe2fbdf470a6d9c99d554016be7273cb6afbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8b:ea:6d:45:2c:ab:d2:77:da:75:8c:ce:d8:
ed:cc:86:a0:39:63:cf:1e:c4:87:fd:d6:36:01:bc:
b5:5f:04:61:88:67:1b:b8:a5:b7:69:42:54:68:86:
7a:80:d7:aa:5b:06:10:7f:ca:c6:e4:cc:20:96:06:
46:e5:db:f4:72:a6:49:1b:bb:21:fa:9b:82:92:06:
03:bb:12:05:bd:6e:dd:eb:f0:d4:dd:a9:e1:0e:1b:
b5:d7:0f:3d:93:ab:93:6a:4e:f9:31:78:1f:8e:ea:
50:91:ee:5a:f5:53:2f:7c:19:e1:d4:c5:8a:df:f7:
f0:d1:2f:e7:86:a3:58:33:ec:30:d9:51:ec:94:e4:
0b:07:c8:d9:55:32:04:8f:b3:f4:24:b6:69:fa:51:
f6:29:c3:88:66:86:65:62:b1:9a:77:94:f2:8a:7e:
e4:f1:6a:15:a7:4c:c7:0c:5c:e9:50:94:a4:0c:e7:
53:46:0c:fd:67:c3:54:f9:1c:8e:82:77:14:23:95:
9c:ea:b3:52:02:38:d7:21:08:90:a1:27:3c:a7:3f:
33:42:5b:89:2d:49:62:64:ff:14:eb:3b:27:bf:f8:
bf:c9:e0:cb:16:3b:2f:a5:32:29:c9:ac:47:ee:2a:
db:a8:7e:a9:55:14:f2:63:1c:50:f2:6b:06:73:56:
d0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:1F:E2:FB:DF:47:0A:6D:9C:99:D5:54:01:6B:E7:27:3C:B6:AF:BD
X509v3 Authority Key Identifier:
keyid:A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/Th_i-99HCm2cmdVUAWvnJzy2r70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.100.0-5.35.102.255
37.143.8.0/21
46.254.16.0/21
91.218.228.0/22
95.181.224.0/21
95.183.8.0/21
178.57.216.0/21
185.22.232.0/22
185.87.192.0/21
217.144.96.0-217.144.101.255
217.144.103.0/24
IPv6:
2a03:c980:db::/48
2a03:c980:e5::/48
2a03:c980:5fb5::/48
2a03:c980:5fb7::/48
2a03:c980:b239::/48
2a03:c980:b916::/48
2a03:c980:b957::/48
2a03:c980:beef::/48
2a03:c980:d990::/48
2a03:c980:dead::/48
Signature Algorithm: sha256WithRSAEncryption
21:49:f3:d3:f6:41:4b:43:7d:97:ab:69:bc:7c:ca:8e:fa:2e:
73:69:0a:e3:50:1a:ad:9a:d3:fe:19:03:7c:de:22:8e:63:85:
fe:78:e8:72:45:6b:60:5c:71:5c:60:b0:f4:4b:93:4e:40:9e:
3a:e8:9b:8c:df:f7:a0:1c:9b:9d:20:f0:01:64:5d:dd:5d:4c:
4a:f9:24:24:9a:31:d9:94:ac:67:85:e0:b9:5f:58:a8:dd:61:
2c:12:52:d4:27:52:b0:f2:db:16:3e:23:6c:fe:25:66:3b:55:
b9:70:72:b9:95:c2:8c:8e:87:bf:3c:7b:67:74:36:06:0e:e1:
8f:84:a7:ac:15:d2:ac:3c:fe:c2:dd:93:08:73:ff:06:72:1a:
0e:4d:51:c8:9b:c3:d4:7a:49:60:cd:64:fa:36:bc:69:5d:53:
3d:66:5d:aa:f3:35:a4:9b:16:1e:f7:9a:f1:e7:62:21:b8:ac:
a0:25:c4:15:0a:70:10:9c:a3:92:fd:c1:90:6d:76:8f:0a:6b:
e3:02:dc:3b:e1:cf:95:b8:8c:17:31:5d:76:36:6c:c1:0d:2f:
17:f0:f4:d0:03:73:a1:9d:1f:15:05:c0:1e:43:1f:ce:a0:de:
bd:a8:cf:79:a0:3f:ef:12:45:91:5e:0a:b9:10:d7:85:b4:87:
ad:ca:05:2e
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYtdbSU14nn7YzstROdmS1UjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NTJkMGQyNjY1NTczODU4MzZhYWI3YWUzZmRjZWQ0Y2E3
NGFkODkwHhcNMjMxMDIzMTY0NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTFmZTJmYmRmNDcwYTZkOWM5OWQ1NTQwMTZiZTcyNzNjYjZhZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoovqbUUsq9J32nWMztjtzIagOWPP
HsSH/dY2Aby1XwRhiGcbuKW3aUJUaIZ6gNeqWwYQf8rG5MwglgZG5dv0cqZJG7sh
+puCkgYDuxIFvW7d6/DU3anhDhu11w89k6uTak75MXgfjupQke5a9VMvfBnh1MWK
3/fw0S/nhqNYM+ww2VHslOQLB8jZVTIEj7P0JLZp+lH2KcOIZoZlYrGad5Tyin7k
8WoVp0zHDFzpUJSkDOdTRgz9Z8NU+RyOgncUI5Wc6rNSAjjXIQiQoSc8pz8zQluJ
LUliZP8U6zsnv/i/yeDLFjsvpTIpyaxH7irbqH6pVRTyYxxQ8msGc1bQ3QIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFE4f4vvfRwptnJnVVAFr5yc8tq+9MB8GA1UdIwQY
MBaAFKlS0NJmVXOFg2qreuP9ztTKdK2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAt
NGMyMWE1MDVmMzQ2LzEvVGhfaS05OUhDbTJjbWRWVUFXdm5KenkycjcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAtNGMyMWE1MDVmMzQ2
LzEvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDBYBAIAATBSMAwDBAIF
I2QDBAAFI2YDBAMljwgDBAMu/hADBAJb2uQDBANfteADBANftwgDBAOyOdgDBAK5
FugDBAO5V8AwDAMEBdmQYAMEAdmQZAMEANmQZzBgBAIAAjBaAwcAKgPJgADbAwcA
KgPJgADlAwcAKgPJgF+1AwcAKgPJgF+3AwcAKgPJgLI5AwcAKgPJgLkWAwcAKgPJ
gLlXAwcAKgPJgL7vAwcAKgPJgNmQAwcAKgPJgN6tMA0GCSqGSIb3DQEBCwUAA4IB
AQAhSfPT9kFLQ32Xq2m8fMqO+i5zaQrjUBqtmtP+GQN83iKOY4X+eOhyRWtgXHFc
YLD0S5NOQJ466JuM3/egHJudIPABZF3dXUxK+SQkmjHZlKxnheC5X1io3WEsElLU
J1Kw8tsWPiNs/iVmO1W5cHK5lcKMjoe/PHtndDYGDuGPhKesFdKsPP7C3ZMIc/8G
choOTVHIm8PUeklgzWT6NrxpXVM9Zl2q8zWkmxYe95rx52IhuKygJcQVCnAQnKOS
/cGQbXaPCmvjAtw74c+VuIwXMV12NmzBDS8X8PTQA3OhnR8VBcAeQx/OoN69qM95
oD/vEkWRXgq5ENeFtIetygUu
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:13:23 2025 by rpki-client