Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/THvkzpMLraHv9M8hDMEM01xJRfM.roa
File: THvkzpMLraHv9M8hDMEM01xJRfM.roa (raw, json)
Hash identifier: 5V3/HmUhgM5ge7REBX2WBq6cx7wZVhel+QCck2JeooI=
Subject key identifier: 4C:7B:E4:CE:93:0B:AD:A1:EF:F4:CF:21:0C:C1:0C:D3:5C:49:45:F3
Certificate issuer: /CN=7c3e585a59b523bb86d660a7168e1c1eba094da0
Certificate serial: 01869DA48203BEB0BDEFAE4F80730E0092FF
Authority key identifier: 7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/THvkzpMLraHv9M8hDMEM01xJRfM.roa
Signing time: Wed 01 Mar 2023 14:47:29 +0000
ROA not before: Wed 01 Mar 2023 14:47:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210756
IP address blocks: 95.181.180.0/24 maxlen: 24
5.101.68.0/24 maxlen: 24
5.101.69.0/24 maxlen: 24
5.101.70.0/24 maxlen: 24
5.188.176.0/24 maxlen: 24
5.188.177.0/24 maxlen: 24
5.188.178.0/24 maxlen: 24
5.188.179.0/24 maxlen: 24
37.9.37.0/24 maxlen: 24
37.9.38.0/24 maxlen: 24
37.9.36.0/24 maxlen: 24
37.9.39.0/24 maxlen: 24
37.9.54.0/24 maxlen: 24
37.9.55.0/24 maxlen: 24
37.9.52.0/24 maxlen: 24
37.9.53.0/24 maxlen: 24
146.185.197.0/24 maxlen: 24
146.185.198.0/24 maxlen: 24
146.185.199.0/24 maxlen: 24
146.185.196.0/24 maxlen: 24
2a11:27c0:1010::/44 maxlen: 44
2a11:27c0:170::/44 maxlen: 44
2a11:27c0:150::/44 maxlen: 44
2a11:27c0:130::/44 maxlen: 44
2a11:27c0:110::/44 maxlen: 44
2a11:27c0:1000::/44 maxlen: 44
2a11:27c0:120::/44 maxlen: 44
2a11:27c0:140::/44 maxlen: 44
2a11:27c0:160::/44 maxlen: 44
2a11:27c0:1e0::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9d:a4:82:03:be:b0:bd:ef:ae:4f:80:73:0e:00:92:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3e585a59b523bb86d660a7168e1c1eba094da0
Validity
Not Before: Mar 1 14:47:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c7be4ce930bada1eff4cf210cc10cd35c4945f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f1:f2:18:f4:5f:39:14:ad:d2:14:05:e7:ac:
9e:2a:23:56:6b:72:ef:94:2b:e3:29:08:7d:39:d5:
f4:4e:c9:99:70:38:64:8b:73:95:f8:05:67:57:4a:
de:11:e7:d6:af:9c:6a:94:d8:06:ba:47:bc:3b:c3:
a5:c5:d2:10:f7:6d:d7:5a:ea:c5:3e:d6:a6:2c:14:
40:ad:a8:66:d3:29:a9:45:a1:a0:94:c1:61:72:76:
c2:db:97:a8:c9:42:32:ec:8c:3b:08:79:b7:c0:13:
b8:22:57:af:c7:be:11:56:86:a6:de:46:8f:8b:af:
d6:d6:d6:63:38:50:d0:95:5b:c2:90:a6:e6:96:67:
64:1c:fd:aa:2d:e0:67:08:92:37:82:81:53:2b:06:
bd:3c:f0:88:01:a8:db:e5:1e:95:1c:d7:65:7b:27:
8e:b8:8d:69:02:f1:70:e7:4f:f4:08:3d:57:57:d9:
cf:13:c8:e5:03:d6:2d:3e:19:81:a4:27:28:c5:a4:
d2:47:59:87:b3:fb:ca:a2:6b:d5:ec:42:28:f3:ee:
c5:80:bc:7e:6d:c8:d9:89:6f:83:91:83:5a:76:ce:
73:b0:f8:27:ad:9d:07:99:59:50:99:c2:98:1f:e7:
f7:19:85:94:73:4c:05:09:ef:6c:7a:c1:0d:95:75:
4f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:7B:E4:CE:93:0B:AD:A1:EF:F4:CF:21:0C:C1:0C:D3:5C:49:45:F3
X509v3 Authority Key Identifier:
keyid:7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/THvkzpMLraHv9M8hDMEM01xJRfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.68.0-5.101.70.255
5.188.176.0/22
37.9.36.0/22
37.9.52.0/22
95.181.180.0/24
146.185.196.0/22
IPv6:
2a11:27c0:110::-2a11:27c0:17f:ffff:ffff:ffff:ffff:ffff
2a11:27c0:1e0::/44
2a11:27c0:1000::/43
Signature Algorithm: sha256WithRSAEncryption
46:eb:1f:0e:94:58:2c:ca:4f:64:a5:a8:94:29:b3:54:ba:57:
34:a1:14:99:e9:f0:7c:82:b2:f3:f4:22:69:bc:19:8c:91:40:
6d:24:d0:0e:8e:77:e7:f2:30:7e:a4:de:6a:31:ec:1d:99:e2:
b1:2a:2e:4d:e8:bd:75:63:a6:14:47:3e:70:a1:31:4f:24:6a:
08:d5:f1:d4:3d:69:97:6f:fb:cd:5f:81:59:70:b9:d8:de:a2:
34:06:3c:b6:b3:02:88:c8:ac:1b:d5:a3:a6:c5:7e:a9:5b:87:
75:0a:27:1b:ef:72:6a:04:94:38:0c:fe:ac:ba:a4:1a:35:73:
ad:65:bd:fc:41:35:16:a4:98:64:7e:65:2a:14:77:ff:af:d9:
55:68:a0:7c:da:e5:57:8a:9d:2d:6c:01:d7:c7:6e:29:14:53:
ee:87:93:40:b7:c9:5a:27:2b:1a:83:bf:b8:06:16:b2:59:c0:
f7:82:38:c9:42:9b:8d:b6:4c:ef:59:96:a7:b8:70:be:90:62:
dd:d2:6f:1d:02:4e:0e:a6:34:83:1a:fd:79:45:6f:50:47:d3:
4a:99:7a:1f:15:61:9f:69:c8:88:64:63:f0:51:54:bf:7f:63:
81:e6:b6:ea:4a:ff:a6:5c:21:4d:a2:16:e0:63:35:4c:c4:ee:
1f:9c:75:aa
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYadpIIDvrC9765PgHMOAJL/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2U1ODVhNTliNTIzYmI4NmQ2NjBhNzE2OGUxYzFlYmEw
OTRkYTAwHhcNMjMwMzAxMTQ0NzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzdiZTRjZTkzMGJhZGExZWZmNGNmMjEwY2MxMGNkMzVjNDk0NWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PHyGPRfORSt0hQF56yeKiNWa3Lv
lCvjKQh9OdX0TsmZcDhki3OV+AVnV0reEefWr5xqlNgGuke8O8OlxdIQ923XWurF
PtamLBRArahm0ympRaGglMFhcnbC25eoyUIy7Iw7CHm3wBO4Ilevx74RVoam3kaP
i6/W1tZjOFDQlVvCkKbmlmdkHP2qLeBnCJI3goFTKwa9PPCIAajb5R6VHNdleyeO
uI1pAvFw50/0CD1XV9nPE8jlA9YtPhmBpCcoxaTSR1mHs/vKomvV7EIo8+7FgLx+
bcjZiW+DkYNads5zsPgnrZ0HmVlQmcKYH+f3GYWUc0wFCe9sesENlXVPJQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFEx75M6TC62h7/TPIQzBDNNcSUXzMB8GA1UdIwQY
MBaAFHw+WFpZtSO7htZgpxaOHB66CU2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQ1WVdsbTFJN3VHMW1DbkZvNGNIcm9KVGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8yNmUzMmEtMzViYS00NDNmLWJjMWUt
NmRjMWY1NjAzMWViLzEvVEh2a3pwTUxyYUh2OU04aERNRU0wMXhKUmZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8yNmUzMmEtMzViYS00NDNmLWJjMWUtNmRjMWY1NjAzMWVi
LzEvZkQ1WVdsbTFJN3VHMW1DbkZvNGNIcm9KVGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjAyBAIAATAsMAwDBAIFZUQD
BAAFZUYDBAIFvLADBAIlCSQDBAIlCTQDBABftbQDBAKSucQwLAQCAAIwJjASAwcE
KhEnwAEQAwcHKhEnwAEAAwcEKhEnwAHgAwcFKhEnwBAAMA0GCSqGSIb3DQEBCwUA
A4IBAQBG6x8OlFgsyk9kpaiUKbNUulc0oRSZ6fB8grLz9CJpvBmMkUBtJNAOjnfn
8jB+pN5qMewdmeKxKi5N6L11Y6YURz5woTFPJGoI1fHUPWmXb/vNX4FZcLnY3qI0
Bjy2swKIyKwb1aOmxX6pW4d1Cicb73JqBJQ4DP6suqQaNXOtZb38QTUWpJhkfmUq
FHf/r9lVaKB82uVXip0tbAHXx24pFFPuh5NAt8laJysag7+4BhayWcD3gjjJQpuN
tkzvWZanuHC+kGLd0m8dAk4OpjSDGv15RW9QR9NKmXofFWGfaciIZGPwUVS/f2OB
5rbqSv+mXCFNohbgYzVMxO4fnHWq
-----END CERTIFICATE-----
Generated at Sat Jun 14 12:58:49 2025 by rpki-client