Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/zYAUN6xSp0YIPZu3LJVUY8AkOJ8.roa
File: zYAUN6xSp0YIPZu3LJVUY8AkOJ8.roa (raw, json)
Hash identifier: tyK1gexLMD++g/hiE+ZwnV08HCC64kICK/FNU/RyckI=
Subject key identifier: CD:80:14:37:AC:52:A7:46:08:3D:9B:B7:2C:95:54:63:C0:24:38:9F
Certificate issuer: /CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Certificate serial: 018BD86A398E4B504B6A87E0B73738F7BAB2
Authority key identifier: A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/zYAUN6xSp0YIPZu3LJVUY8AkOJ8.roa
Signing time: Thu 16 Nov 2023 13:55:22 +0000
ROA not before: Thu 16 Nov 2023 13:55:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210079
IP address blocks: 217.144.96.0/24 maxlen: 24
217.144.98.0/24 maxlen: 24
217.144.97.0/24 maxlen: 24
217.144.99.0/24 maxlen: 24
217.144.103.0/24 maxlen: 24
217.144.101.0/24 maxlen: 24
217.144.100.0/24 maxlen: 24
185.221.152.0/22 maxlen: 22
185.221.155.0/24 maxlen: 24
185.221.154.0/24 maxlen: 24
185.22.232.0/23 maxlen: 23
185.22.234.0/23 maxlen: 23
91.218.230.0/23 maxlen: 23
91.218.228.0/23 maxlen: 23
95.181.224.0/24 maxlen: 24
95.181.226.0/24 maxlen: 24
95.181.225.0/24 maxlen: 24
5.35.100.0/24 maxlen: 24
5.35.102.0/24 maxlen: 24
5.35.101.0/24 maxlen: 24
185.11.246.0/23 maxlen: 23
91.201.40.0/22 maxlen: 22
212.8.247.0/24 maxlen: 24
185.12.92.0/22 maxlen: 22
95.183.8.0/23 maxlen: 23
95.183.11.0/24 maxlen: 24
95.183.10.0/24 maxlen: 24
95.183.15.0/24 maxlen: 24
95.183.14.0/24 maxlen: 24
95.183.13.0/24 maxlen: 24
95.183.12.0/24 maxlen: 24
37.143.10.0/23 maxlen: 23
37.143.8.0/23 maxlen: 23
37.143.14.0/23 maxlen: 23
37.143.12.0/23 maxlen: 23
46.254.16.0/23 maxlen: 23
46.254.23.0/24 maxlen: 24
46.254.22.0/24 maxlen: 24
46.254.20.0/23 maxlen: 23
46.254.18.0/23 maxlen: 23
95.181.228.0/24 maxlen: 24
95.181.227.0/24 maxlen: 24
95.181.231.0/24 maxlen: 24
95.181.230.0/24 maxlen: 24
95.181.229.0/24 maxlen: 24
185.87.192.0/24 maxlen: 24
185.87.195.0/24 maxlen: 24
185.87.194.0/24 maxlen: 24
185.87.193.0/24 maxlen: 24
185.87.199.0/24 maxlen: 24
185.87.198.0/24 maxlen: 24
185.87.197.0/24 maxlen: 24
185.87.196.0/24 maxlen: 24
178.57.218.0/23 maxlen: 23
178.57.216.0/23 maxlen: 23
178.57.222.0/23 maxlen: 23
178.57.220.0/23 maxlen: 23
2a03:c980:b916::/48 maxlen: 48
2a03:c980:5fb5::/48 maxlen: 48
2a03:c980:d990::/48 maxlen: 48
2a03:80c0::/48 maxlen: 48
2a03:c980:b957::/48 maxlen: 48
2a03:c980:e5::/48 maxlen: 48
2a03:c980:db::/48 maxlen: 48
2a03:c980:b239::/48 maxlen: 48
2a03:80c0:1::/48 maxlen: 48
2a03:c980:beef::/48 maxlen: 48
2a03:c980:dead::/48 maxlen: 48
2a03:c980:5fb7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:6a:39:8e:4b:50:4b:6a:87:e0:b7:37:38:f7:ba:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Validity
Not Before: Nov 16 13:55:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd801437ac52a746083d9bb72c955463c024389f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:77:32:d6:81:6f:9f:d5:bf:13:2e:d6:29:47:
42:f7:b0:cb:e3:42:8b:b9:93:4f:52:94:7b:ea:2f:
c4:a1:e1:29:37:45:3e:a8:ee:c6:49:80:38:ca:f4:
50:66:43:6a:12:0e:2a:b5:d8:55:f9:e3:01:f1:46:
b7:64:63:1a:12:f9:bd:16:d5:8c:5a:3e:b5:ae:43:
65:ed:ca:e2:fa:2c:12:be:a5:0e:b9:81:ed:22:75:
1f:90:aa:3b:82:a3:dd:16:7d:8b:4a:88:d3:08:80:
51:5e:b1:85:cd:4a:c0:0f:c2:bc:f7:d3:d6:b6:15:
44:6c:67:88:a2:08:51:45:de:b6:72:06:05:94:f5:
c4:40:3c:da:20:68:28:67:80:8e:53:bb:9a:33:b8:
93:ca:50:32:fc:5e:0c:04:96:d8:5b:99:06:b5:ef:
85:ec:3f:f8:d2:f6:44:87:50:dc:48:ba:03:b5:2b:
a0:c8:2c:cb:10:56:2d:a5:2b:7c:17:2d:73:45:8c:
c2:5a:e6:d8:01:8f:19:c1:01:47:41:b0:6b:cd:a0:
1d:69:b2:5e:46:72:b2:34:01:58:d9:7f:ee:10:9c:
d5:1d:ab:4d:ea:3b:30:16:c5:a0:e7:98:13:6c:0f:
1f:d1:9c:a3:83:b6:c5:7f:58:3a:b8:e2:88:bb:21:
9f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:80:14:37:AC:52:A7:46:08:3D:9B:B7:2C:95:54:63:C0:24:38:9F
X509v3 Authority Key Identifier:
keyid:A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/zYAUN6xSp0YIPZu3LJVUY8AkOJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.100.0-5.35.102.255
37.143.8.0/21
46.254.16.0/21
91.201.40.0/22
91.218.228.0/22
95.181.224.0/21
95.183.8.0/21
178.57.216.0/21
185.11.246.0/23
185.12.92.0/22
185.22.232.0/22
185.87.192.0/21
185.221.152.0/22
212.8.247.0/24
217.144.96.0-217.144.101.255
217.144.103.0/24
IPv6:
2a03:80c0::/47
2a03:c980:db::/48
2a03:c980:e5::/48
2a03:c980:5fb5::/48
2a03:c980:5fb7::/48
2a03:c980:b239::/48
2a03:c980:b916::/48
2a03:c980:b957::/48
2a03:c980:beef::/48
2a03:c980:d990::/48
2a03:c980:dead::/48
Signature Algorithm: sha256WithRSAEncryption
89:93:b0:f0:90:b0:73:4c:99:b0:5d:d0:b4:82:aa:30:6e:a8:
a9:07:78:c3:67:17:f0:1b:d3:0e:66:58:60:72:8d:3d:fc:d1:
c3:cd:94:8d:4c:b6:36:86:18:17:20:be:2d:9c:82:03:82:c9:
e1:c1:17:02:85:53:05:2c:21:51:b8:ac:dd:d9:6b:9c:50:6c:
c9:30:2b:10:d7:24:15:02:47:54:01:24:95:ae:ae:6d:34:76:
3c:42:30:f5:0c:56:ae:fc:eb:4d:72:d8:ed:5a:4c:88:71:1e:
87:81:32:28:13:73:6a:f5:c7:72:fc:4e:43:e1:d1:31:a6:c0:
b8:7d:6c:54:fe:5e:77:e9:a5:a3:cd:5f:6c:bf:81:f9:01:80:
18:fc:0d:ec:75:8f:d8:e3:d6:83:38:56:5a:d1:b7:7a:21:39:
3a:c7:61:bb:7c:e6:88:29:cc:dd:da:74:bb:4a:02:9b:f2:ad:
8d:1f:e3:e9:11:76:87:03:9b:a3:e9:37:a4:42:47:b8:e3:c8:
c9:33:37:a7:40:3f:dc:27:23:93:51:3d:6e:61:16:fe:8b:ac:
fe:70:d3:5c:17:e4:68:80:86:04:00:d0:c7:0c:d1:a0:7c:1d:
86:47:14:17:cf:c3:86:30:0f:cf:13:31:60:a2:ca:e3:02:4c:
cd:fe:f8:53
-----BEGIN CERTIFICATE-----
MIIF1TCCBL2gAwIBAgISAYvYajmOS1BLaofgtzc497qyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NTJkMGQyNjY1NTczODU4MzZhYWI3YWUzZmRjZWQ0Y2E3
NGFkODkwHhcNMjMxMTE2MTM1NTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDgwMTQzN2FjNTJhNzQ2MDgzZDliYjcyYzk1NTQ2M2MwMjQzODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03cy1oFvn9W/Ey7WKUdC97DL40KL
uZNPUpR76i/EoeEpN0U+qO7GSYA4yvRQZkNqEg4qtdhV+eMB8Ua3ZGMaEvm9FtWM
Wj61rkNl7cri+iwSvqUOuYHtInUfkKo7gqPdFn2LSojTCIBRXrGFzUrAD8K899PW
thVEbGeIoghRRd62cgYFlPXEQDzaIGgoZ4COU7uaM7iTylAy/F4MBJbYW5kGte+F
7D/40vZEh1DcSLoDtSugyCzLEFYtpSt8Fy1zRYzCWubYAY8ZwQFHQbBrzaAdabJe
RnKyNAFY2X/uEJzVHatN6jswFsWg55gTbA8f0Zyjg7bFf1g6uOKIuyGf2wIDAQAB
o4IC4TCCAt0wHQYDVR0OBBYEFM2AFDesUqdGCD2btyyVVGPAJDifMB8GA1UdIwQY
MBaAFKlS0NJmVXOFg2qreuP9ztTKdK2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAt
NGMyMWE1MDVmMzQ2LzEvellBVU42eFNwMFlJUFp1M0xKVlVZOEFrT0o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAtNGMyMWE1MDVmMzQ2
LzEvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH2BggrBgEFBQcBBwEB/wSB5jCB4zB2BAIAATBwMAwDBAIF
I2QDBAAFI2YDBAMljwgDBAMu/hADBAJbySgDBAJb2uQDBANfteADBANftwgDBAOy
OdgDBAG5C/YDBAK5DFwDBAK5FugDBAO5V8ADBAK53ZgDBADUCPcwDAMEBdmQYAME
AdmQZAMEANmQZzBpBAIAAjBjAwcBKgOAwAAAAwcAKgPJgADbAwcAKgPJgADlAwcA
KgPJgF+1AwcAKgPJgF+3AwcAKgPJgLI5AwcAKgPJgLkWAwcAKgPJgLlXAwcAKgPJ
gL7vAwcAKgPJgNmQAwcAKgPJgN6tMA0GCSqGSIb3DQEBCwUAA4IBAQCJk7DwkLBz
TJmwXdC0gqowbqipB3jDZxfwG9MOZlhgco09/NHDzZSNTLY2hhgXIL4tnIIDgsnh
wRcChVMFLCFRuKzd2WucUGzJMCsQ1yQVAkdUASSVrq5tNHY8QjD1DFau/OtNctjt
WkyIcR6HgTIoE3Nq9cdy/E5D4dExpsC4fWxU/l536aWjzV9sv4H5AYAY/A3sdY/Y
49aDOFZa0bd6ITk6x2G7fOaIKczd2nS7SgKb8q2NH+PpEXaHA5uj6TekQke448jJ
MzenQD/cJyOTUT1uYRb+i6z+cNNcF+RogIYEANDHDNGgfB2GRxQXz8OGMA/PEzFg
osrjAkzN/vhT
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:05:09 2025 by rpki-client