Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/59swbzFd2pLAOYp5XVn8oGIjpHs.roa
File: 59swbzFd2pLAOYp5XVn8oGIjpHs.roa (raw, json)
Hash identifier: /Gu0itpkyHDU6vL9UhGeEVmLZs2mB+3WfRZWYDtVPWI=
Subject key identifier: E7:DB:30:6F:31:5D:DA:92:C0:39:8A:79:5D:59:FC:A0:62:23:A4:7B
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01841DC5C6F8FAE260130973B090D7BA414A
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/59swbzFd2pLAOYp5XVn8oGIjpHs.roa
Signing time: Fri 28 Oct 2022 08:46:51 +0000
ROA not before: Fri 28 Oct 2022 08:46:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 104.239.10.0/23 maxlen: 23
104.239.13.0/24 maxlen: 24
104.249.55.0/24 maxlen: 24
104.239.28.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.249.60.0/23 maxlen: 23
104.167.0.0/24 maxlen: 24
104.167.10.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
64.137.52.0/23 maxlen: 23
104.238.4.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.14.0/24 maxlen: 24
104.238.20.0/24 maxlen: 24
104.238.19.0/24 maxlen: 24
216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
216.173.103.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
104.239.92.0/23 maxlen: 23
104.239.96.0/23 maxlen: 23
104.239.98.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.73.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.84.0/23 maxlen: 23
104.239.80.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.233.20.0/24 maxlen: 24
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
138.128.148.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
138.128.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1d:c5:c6:f8:fa:e2:60:13:09:73:b0:90:d7:ba:41:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 28 08:46:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e7db306f315dda92c0398a795d59fca06223a47b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e8:12:8c:c7:17:5c:3d:ac:6a:40:44:c6:40:
a2:c1:90:47:bd:22:80:a1:d9:4e:3a:82:d1:bc:6c:
cb:c2:2f:c3:ca:e6:06:5a:a9:49:e9:34:f6:a1:98:
a5:ea:9b:3c:a9:6c:fb:d8:f4:75:4b:eb:5c:e0:ff:
d8:07:4a:7e:2d:53:4a:25:08:e6:65:e4:5c:63:ce:
c6:3f:38:85:c0:f1:83:91:b4:5d:f5:f2:9a:f5:d1:
16:f5:cd:a5:f2:85:c3:cf:8e:dd:44:a8:af:d2:d5:
ba:50:c8:dc:f0:3e:66:25:55:d6:8f:cf:4f:1f:63:
91:dd:88:4f:4b:2b:a2:fe:52:f3:b0:81:07:eb:3a:
86:9a:c5:2a:86:2a:f7:d5:15:94:f6:4e:b5:66:a0:
18:8a:19:4d:98:b7:f8:31:b0:80:f3:93:5f:a9:21:
d4:c9:ee:04:e1:d8:77:bc:2e:46:9c:a7:5c:cd:dc:
23:09:80:a6:48:7c:1f:17:29:b5:7a:47:c6:db:b8:
b6:0b:8f:81:7f:65:f3:f0:c5:57:a3:3c:07:8a:7c:
58:60:17:59:60:77:c1:57:ae:73:dc:96:7a:1b:77:
80:ce:84:ce:30:75:cc:0f:2b:bb:ac:8b:97:87:5e:
79:ac:fb:17:ec:4e:25:ee:f3:ec:3d:a1:2b:dc:3f:
41:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:DB:30:6F:31:5D:DA:92:C0:39:8A:79:5D:59:FC:A0:62:23:A4:7B
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/59swbzFd2pLAOYp5XVn8oGIjpHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.52.0/23
104.167.0.0/24
104.167.10.0/24
104.233.20.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.238.14.0/24
104.238.19.0-104.238.20.255
104.239.10.0/23
104.239.13.0/24
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.84.0-104.239.86.255
104.239.88.0/24
104.239.90.0-104.239.94.255
104.239.96.0-104.239.98.255
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
104.249.55.0/24
104.249.60.0/23
138.128.148.0/24
138.128.157.0/24
138.128.159.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.110.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
45:53:bd:97:b0:09:f2:0e:0e:b4:f2:02:39:9b:6c:11:e2:dd:
3e:c2:a0:57:33:4e:ae:4c:f9:51:42:d3:fd:89:14:be:6e:1c:
33:13:ed:18:76:11:6b:39:71:9d:6e:34:e3:9b:4c:02:7e:25:
1a:eb:fe:d6:ba:bc:0d:ba:f4:8b:8b:9c:d9:97:d1:1b:cb:32:
6c:39:d1:07:85:9d:a9:a7:22:f1:f4:94:8f:16:15:09:f4:d5:
ca:d3:ee:47:d5:3a:93:87:e8:73:e4:d8:a5:a0:85:22:26:ff:
6e:0f:c5:30:23:8e:69:f2:8d:6e:00:55:c8:fa:a2:47:95:0d:
bd:3d:8a:c4:9a:f9:c5:27:17:58:c0:da:4b:37:69:62:75:43:
a2:6c:5d:e0:ac:73:e5:e5:ed:c7:cc:97:93:64:83:6e:b6:4c:
a5:77:36:92:eb:98:94:b1:5e:43:05:f3:79:12:9c:98:ef:dc:
d3:96:f9:41:63:64:44:68:d2:53:dd:b8:ce:48:ce:a5:56:67:
ea:d1:e9:84:c2:bd:40:f8:47:1a:34:28:ba:f2:46:2f:b7:b4:
bd:02:0c:17:e9:9b:86:a1:72:f5:9d:81:82:cb:63:76:84:ef:
f9:6f:3d:97:35:99:da:43:18:9b:5b:10:46:b4:11:a8:6c:28:
a4:1f:21:d2
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgISAYQdxcb4+uJgEwlzsJDXukFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMDI4MDg0NjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2RiMzA2ZjMxNWRkYTkyYzAzOThhNzk1ZDU5ZmNhMDYyMjNhNDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOgSjMcXXD2sakBExkCiwZBHvSKA
odlOOoLRvGzLwi/DyuYGWqlJ6TT2oZil6ps8qWz72PR1S+tc4P/YB0p+LVNKJQjm
ZeRcY87GPziFwPGDkbRd9fKa9dEW9c2l8oXDz47dRKiv0tW6UMjc8D5mJVXWj89P
H2OR3YhPSyui/lLzsIEH6zqGmsUqhir31RWU9k61ZqAYihlNmLf4MbCA85NfqSHU
ye4E4dh3vC5GnKdczdwjCYCmSHwfFym1ekfG27i2C4+Bf2Xz8MVXozwHinxYYBdZ
YHfBV65z3JZ6G3eAzoTOMHXMDyu7rIuXh155rPsX7E4l7vPsPaEr3D9BhwIDAQAB
o4IDMTCCAy0wHQYDVR0OBBYEFOfbMG8xXdqSwDmKeV1Z/KBiI6R7MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvNTlzd2J6RmQycExBT1lwNVhWbjhvR0lqcEhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRQYIKwYBBQUHAQcBAf8EggE0MIIBMDCCASwEAgABMIIB
JAMEAUCJNAMEAGinAAMEAGinCgMEAGjpFDAMAwQDaOkYAwQAaOkaAwQBaO4EMAwD
BABo7gcDBABo7goDBABo7g4wDAMEAGjuEwMEAGjuFAMEAWjvCgMEAGjvDQMEAGjv
HAMEAWjvHgMEAGjvLAMEAGjvSTAMAwQAaO9LAwQAaO9OMAwDBARo71ADBABo71Iw
DAMEAmjvVAMEAGjvVgMEAGjvWDAMAwQBaO9aAwQAaO9eMAwDBAVo72ADBABo72ID
BABo72UwDAMEA2jvaAMEAGjvbAMEAGjvbzAMAwQCaO98AwQAaO9+AwQAaPk3AwQB
aPk8AwQAioCUAwQAioCdAwQAioCfAwQA2K1MAwQA2K1SMAwDBAHYrWYDBADYrW4D
BADYrXgwDQYJKoZIhvcNAQELBQADggEBAEVTvZewCfIODrTyAjmbbBHi3T7CoFcz
Tq5M+VFC0/2JFL5uHDMT7Rh2EWs5cZ1uNOObTAJ+JRrr/ta6vA269IuLnNmX0RvL
Mmw50QeFnamnIvH0lI8WFQn01crT7kfVOpOH6HPk2KWghSIm/24PxTAjjmnyjW4A
Vcj6okeVDb09isSa+cUnF1jA2ks3aWJ1Q6JsXeCsc+Xl7cfMl5Nkg262TKV3NpLr
mJSxXkMF83kSnJjv3NOW+UFjZERo0lPduM5IzqVWZ+rR6YTCvUD4Rxo0KLryRi+3
tL0CDBfpm4ahcvWdgYLLY3aE7/lvPZc1mdpDGJtbEEa0EahsKKQfIdI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:38 2023 by rpki-client on console-ams.rpki-client.org