Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/9-44E1w-emwbj39v1JVBzUi-5GA.roa
File: 9-44E1w-emwbj39v1JVBzUi-5GA.roa (raw, json)
Hash identifier: mVvevTuYhLR48Z9IAcO0HwXUZlaBI7abrvFwfavQROw=
Subject key identifier: F7:EE:38:13:5C:3E:7A:6C:1B:8F:7F:6F:D4:95:41:CD:48:BE:E4:60
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0184D240A0E0EC9A5A69777721E7B359C22A
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/9-44E1w-emwbj39v1JVBzUi-5GA.roa
Signing time: Fri 02 Dec 2022 09:52:41 +0000
ROA not before: Fri 02 Dec 2022 09:52:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202496
IP address blocks: 104.239.92.0/23 maxlen: 23
104.143.254.0/23 maxlen: 23
216.173.78.0/23 maxlen: 23
104.233.20.0/24 maxlen: 24
104.249.30.0/23 maxlen: 23
216.173.80.0/23 maxlen: 23
216.173.88.0/23 maxlen: 23
45.43.176.0/20 maxlen: 20
104.239.13.0/24 maxlen: 24
104.143.235.0/24 maxlen: 24
104.143.252.0/24 maxlen: 24
104.249.60.0/23 maxlen: 23
104.143.248.0/22 maxlen: 22
104.238.4.0/23 maxlen: 23
138.128.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:40:a0:e0:ec:9a:5a:69:77:77:21:e7:b3:59:c2:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Dec 2 09:52:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7ee38135c3e7a6c1b8f7f6fd49541cd48bee460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:db:1c:c9:79:9e:d3:82:6b:42:f5:8e:cd:19:
98:ec:97:c5:f1:1d:fb:95:a2:1b:53:c7:39:76:57:
7c:ed:73:89:e9:77:3c:20:9f:1d:4b:66:70:d1:36:
73:4c:94:db:a1:b2:a1:01:19:de:9a:08:2e:dc:7f:
d0:47:01:00:43:19:5d:57:01:11:0e:9b:08:82:db:
c5:ae:64:3c:62:f3:cc:26:1a:c9:c4:78:86:2c:6c:
df:23:46:c9:68:c8:6a:be:6c:c8:d6:dc:6e:04:a1:
17:ad:44:19:1b:33:f9:dd:59:44:37:92:4e:1a:db:
c6:e6:cb:92:e5:7c:a2:67:14:6e:37:78:1e:ac:7b:
46:30:11:0d:0e:c7:f8:16:fb:98:b8:c1:00:08:d8:
00:1d:ad:0d:2e:4e:c1:3f:a0:f9:78:75:e9:9e:c9:
f6:2d:f5:46:8f:4d:1c:a9:2c:09:88:10:0a:35:6e:
9a:51:d3:9f:ee:be:03:34:7b:c6:c7:9a:db:9a:eb:
62:ca:ae:5c:5c:c8:d2:0e:73:eb:b6:e7:9a:78:db:
39:2a:3e:a0:b3:9c:67:d8:70:b2:71:9c:27:da:56:
28:8c:f4:0e:13:60:91:67:23:0d:af:53:63:8b:93:
97:45:e4:de:cc:43:d7:88:19:3f:fe:f1:85:ad:9b:
09:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:EE:38:13:5C:3E:7A:6C:1B:8F:7F:6F:D4:95:41:CD:48:BE:E4:60
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/9-44E1w-emwbj39v1JVBzUi-5GA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.176.0/20
104.143.235.0/24
104.143.248.0-104.143.252.255
104.143.254.0/23
104.233.20.0/24
104.238.4.0/23
104.239.13.0/24
104.239.92.0/23
104.249.30.0/23
104.249.60.0/23
138.128.159.0/24
216.173.78.0-216.173.81.255
216.173.88.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:bb:73:da:34:c7:ce:a3:3d:10:a0:e2:6f:c0:26:e1:7b:46:
2c:83:7f:3e:6a:30:72:62:c4:c4:14:16:0c:83:55:a3:42:54:
12:92:6d:ad:7d:8c:1c:6e:14:db:c2:6e:4b:18:32:2b:b5:d8:
6c:18:eb:23:a0:f9:2e:5b:fa:ed:25:a1:0d:57:a6:2f:ce:f4:
9c:bf:77:c9:f0:57:69:ec:39:11:38:7b:9c:6c:68:ec:4a:f9:
e7:6e:4a:14:a0:5e:dc:37:3a:2c:a4:98:61:2a:42:8b:14:7e:
e6:53:76:23:95:67:6c:e6:e9:4b:22:a7:71:7b:01:ec:a8:5b:
96:58:7c:3c:13:cd:dc:46:89:cb:5f:0f:86:e6:30:58:22:ff:
f3:67:78:3d:85:38:4a:48:a3:de:7c:29:59:d5:f2:11:6d:e5:
d9:a5:2e:15:e0:a5:93:c9:f8:03:df:49:b7:4d:aa:8f:3e:da:
81:64:8c:18:19:84:74:7e:04:95:df:06:25:79:04:e0:22:75:
78:6a:d0:27:f7:88:03:47:c9:ef:c6:84:ee:52:8a:04:06:ee:
7b:cd:f0:f1:b4:ce:84:b6:a0:d0:b8:cd:75:b1:fa:d3:8a:a1:
f0:ed:ff:a4:b5:a6:84:5c:49:80:13:cf:6f:e1:e5:b9:0d:9e:
b4:d1:ee:c1
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYTSQKDg7JpaaXd3IeezWcIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMjAyMDk1MjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2VlMzgxMzVjM2U3YTZjMWI4ZjdmNmZkNDk1NDFjZDQ4YmVlNDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1dscyXme04JrQvWOzRmY7JfF8R37
laIbU8c5dld87XOJ6Xc8IJ8dS2Zw0TZzTJTbobKhARnemggu3H/QRwEAQxldVwER
DpsIgtvFrmQ8YvPMJhrJxHiGLGzfI0bJaMhqvmzI1txuBKEXrUQZGzP53VlEN5JO
GtvG5suS5XyiZxRuN3gerHtGMBENDsf4FvuYuMEACNgAHa0NLk7BP6D5eHXpnsn2
LfVGj00cqSwJiBAKNW6aUdOf7r4DNHvGx5rbmutiyq5cXMjSDnPrtueaeNs5Kj6g
s5xn2HCycZwn2lYojPQOE2CRZyMNr1Nji5OXReTezEPXiBk//vGFrZsJ1wIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFPfuOBNcPnpsG49/b9SVQc1IvuRgMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvOS00NEUxdy1lbXdiajM5djFKVkJ6VWktNUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQELSuwAwQA
aI/rMAwDBANoj/gDBABoj/wDBAFoj/4DBABo6RQDBAFo7gQDBABo7w0DBAFo71wD
BAFo+R4DBAFo+TwDBACKgJ8wDAMEAditTgMEAditUAMEAditWDANBgkqhkiG9w0B
AQsFAAOCAQEAe7tz2jTHzqM9EKDib8Am4XtGLIN/PmowcmLExBQWDINVo0JUEpJt
rX2MHG4U28JuSxgyK7XYbBjrI6D5Llv67SWhDVemL870nL93yfBXaew5ETh7nGxo
7Er5525KFKBe3Dc6LKSYYSpCixR+5lN2I5VnbObpSyKncXsB7Khbllh8PBPN3EaJ
y18PhuYwWCL/82d4PYU4Skij3nwpWdXyEW3l2aUuFeClk8n4A99Jt02qjz7agWSM
GBmEdH4Eld8GJXkE4CJ1eGrQJ/eIA0fJ78aE7lKKBAbue83w8bTOhLag0LjNdbH6
04qh8O3/pLWmhFxJgBPPb+HluQ2etNHuwQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:38 2023 by rpki-client on console-ams.rpki-client.org