Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/AzrOfTGRLrGmXBxUtsYKHSCz-zE.roa
File: AzrOfTGRLrGmXBxUtsYKHSCz-zE.roa (raw, json)
Hash identifier: TTiwXUr7QjhM6zhng+toX1t+HRwFUUfqiFSrGVxbFd4=
Subject key identifier: 03:3A:CE:7D:31:91:2E:B1:A6:5C:1C:54:B6:C6:0A:1D:20:B3:FB:31
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 013173A4
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/AzrOfTGRLrGmXBxUtsYKHSCz-zE.roa
Signing time: Sat 01 Jan 2022 05:02:46 +0000
ROA not before: Sat 01 Jan 2022 05:02:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 104.249.29.0/24 maxlen: 24
104.249.30.0/23 maxlen: 23
104.249.36.0/24 maxlen: 24
104.239.10.0/23 maxlen: 23
104.239.13.0/24 maxlen: 24
104.249.55.0/24 maxlen: 24
104.239.28.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.249.60.0/23 maxlen: 23
104.167.0.0/24 maxlen: 24
104.167.10.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
104.238.4.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.14.0/24 maxlen: 24
104.238.20.0/24 maxlen: 24
104.238.19.0/24 maxlen: 24
216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
216.173.103.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.111.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
104.239.92.0/23 maxlen: 23
104.239.96.0/23 maxlen: 23
104.239.98.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
104.239.70.0/23 maxlen: 23
104.239.68.0/23 maxlen: 23
104.239.76.0/23 maxlen: 23
104.239.73.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.84.0/23 maxlen: 23
104.239.80.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.233.20.0/24 maxlen: 24
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
138.128.151.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
138.128.159.0/24 maxlen: 24
138.128.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20018084 (0x13173a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 1 05:02:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=033ace7d31912eb1a65c1c54b6c60a1d20b3fb31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fc:79:42:ac:a7:3e:f6:54:95:a2:ba:45:73:
a1:68:87:ad:d0:6d:8d:24:2f:98:b5:04:26:86:04:
00:ff:aa:ee:69:e9:c0:70:19:d9:77:ab:11:1a:26:
df:ea:0a:7b:aa:cc:32:bf:f1:7f:80:ef:26:ba:b8:
6d:2c:1a:3f:82:46:6e:f7:8a:b7:6c:14:5b:89:d9:
e2:8b:4b:53:96:93:3e:f4:8f:40:dc:73:77:db:04:
37:12:9f:67:19:3f:d8:da:d5:4c:59:fe:e4:c3:54:
a3:0d:c6:0b:a7:c1:a2:2d:05:59:13:8d:38:3c:38:
f0:0c:46:38:73:0a:1a:e3:72:91:00:a9:5a:58:fa:
72:24:6a:c9:63:df:81:46:5f:1a:d6:74:a0:7e:c9:
d8:4f:aa:83:57:fa:7a:30:b7:a9:db:b5:08:ef:e8:
fe:7c:d4:6b:63:c9:1f:11:65:c2:b3:33:4d:69:eb:
1d:86:fe:28:35:98:28:a2:75:2b:1f:bc:e6:ad:c8:
41:91:03:b2:3b:a5:57:b7:1b:55:b2:61:80:0d:16:
7d:a1:20:9e:03:9c:18:ad:a8:ab:72:a3:a4:74:da:
24:c6:5e:1e:95:2b:45:2d:17:ee:51:31:3b:9b:90:
ba:d2:a9:7c:74:bd:b9:eb:6a:f1:39:f9:f6:87:55:
df:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:3A:CE:7D:31:91:2E:B1:A6:5C:1C:54:B6:C6:0A:1D:20:B3:FB:31
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/AzrOfTGRLrGmXBxUtsYKHSCz-zE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.167.0.0/24
104.167.10.0/24
104.233.20.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.238.14.0/24
104.238.19.0-104.238.20.255
104.239.10.0/23
104.239.13.0/24
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.68.0/22
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.84.0-104.239.86.255
104.239.88.0/24
104.239.90.0-104.239.94.255
104.239.96.0-104.239.98.255
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
104.249.29.0-104.249.31.255
104.249.36.0/24
104.249.55.0/24
104.249.60.0/23
138.128.151.0/24
138.128.153.0/24
138.128.157.0/24
138.128.159.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.111.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
92:8d:72:81:fe:74:b1:99:00:d0:fd:fd:65:e6:8d:1f:5a:5c:
08:00:4a:50:60:fa:7c:a2:67:0f:bc:b5:68:84:17:c1:1d:2b:
f6:d3:66:b8:a7:2c:d0:75:60:62:b4:ec:34:78:6c:d6:06:40:
63:e3:45:9b:35:d7:1c:39:e7:fd:ff:79:e9:25:53:07:a9:0b:
70:2f:a0:69:27:ff:31:d3:14:b8:0b:5b:57:e5:76:85:b3:b2:
12:08:63:9c:69:fc:d0:4a:e8:85:ca:c8:6b:c0:1a:a0:c7:d3:
8c:18:4e:16:80:b8:1f:fe:45:70:99:e2:ce:18:2a:2c:11:2b:
e2:ef:3a:a9:cc:e1:73:99:59:41:79:93:39:9d:bc:9e:ad:b7:
2c:a1:d2:7c:ba:64:fa:da:82:b7:1a:9f:c0:2c:82:3b:65:ca:
45:bf:62:11:f4:30:91:27:e6:dc:e9:17:ec:f4:b4:db:3b:82:
90:80:1e:01:5e:68:e0:f4:f3:7d:b5:2e:db:52:32:5f:17:dc:
72:4f:88:cf:fc:9f:76:53:9d:82:02:b4:c8:f6:d0:32:e7:65:
75:76:46:2e:d7:6a:be:fa:86:a0:25:72:b1:26:21:04:3a:c4:
ec:ea:e4:99:15:12:79:32:0a:fe:10:21:a3:93:57:34:50:ad:
46:33:ff:e3
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIEATFzpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDU4MWU2NzNkODBmNzQ3NDkzNmIyMTMzN2VhZmNjMWJkYzM4NWU5MB4XDTIyMDEw
MTA1MDI0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDMzYWNlN2QzMTkx
MmViMWE2NWMxYzU0YjZjNjBhMWQyMGIzZmIzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJz8eUKspz72VJWiukVzoWiHrdBtjSQvmLUEJoYEAP+q7mnp
wHAZ2XerERom3+oKe6rMMr/xf4DvJrq4bSwaP4JGbveKt2wUW4nZ4otLU5aTPvSP
QNxzd9sENxKfZxk/2NrVTFn+5MNUow3GC6fBoi0FWRONODw48AxGOHMKGuNykQCp
Wlj6ciRqyWPfgUZfGtZ0oH7J2E+qg1f6ejC3qdu1CO/o/nzUa2PJHxFlwrMzTWnr
HYb+KDWYKKJ1Kx+85q3IQZEDsjulV7cbVbJhgA0WfaEgngOcGK2oq3KjpHTaJMZe
HpUrRS0X7lExO5uQutKpfHS9uetq8Tn59odV3/UCAwEAAaOCA0swggNHMB0GA1Ud
DgQWBBQDOs59MZEusaZcHFS2xgodILP7MTAfBgNVHSMEGDAWgBRgWB5nPYD3R0k2
shM36vzBvcOF6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lGZ2VaejJBOTBkSk5ySVROLXI4d2IzRGhlay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8x
L0F6ck9mVEdSTHJHbVhCeFV0c1lLSFNDei16RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
ZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8xL1lGZ2VaejJBOTBk
Sk5ySVROLXI4d2IzRGhlay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AV8GCCsGAQUFBwEHAQH/BIIBTjCCAUowggFGBAIAATCCAT4DBABopwADBABopwoD
BABo6RQwDAMEA2jpGAMEAGjpGgMEAWjuBDAMAwQAaO4HAwQAaO4KAwQAaO4OMAwD
BABo7hMDBABo7hQDBAFo7woDBABo7w0DBABo7xwDBAFo7x4DBABo7ywDBAJo70QD
BABo70kwDAMEAGjvSwMEAGjvTjAMAwQEaO9QAwQAaO9SMAwDBAJo71QDBABo71YD
BABo71gwDAMEAWjvWgMEAGjvXjAMAwQFaO9gAwQAaO9iAwQAaO9lMAwDBANo72gD
BABo72wDBABo728wDAMEAmjvfAMEAGjvfjAMAwQAaPkdAwQFaPkAAwQAaPkkAwQA
aPk3AwQBaPk8AwQAioCXAwQAioCZAwQAioCdAwQAioCfAwQA2K1MAwQA2K1SMAwD
BAHYrWYDBATYrWADBADYrXgwDQYJKoZIhvcNAQELBQADggEBAJKNcoH+dLGZAND9
/WXmjR9aXAgASlBg+nyiZw+8tWiEF8EdK/bTZrinLNB1YGK07DR4bNYGQGPjRZs1
1xw55/3/eeklUwepC3AvoGkn/zHTFLgLW1fldoWzshIIY5xp/NBK6IXKyGvAGqDH
04wYThaAuB/+RXCZ4s4YKiwRK+LvOqnM4XOZWUF5kzmdvJ6ttyyh0ny6ZPragrca
n8AsgjtlykW/YhH0MJEn5tzpF+z0tNs7gpCAHgFeaOD08321LttSMl8X3HJPiM/8
n3ZTnYICtMj20DLnZXV2Ri7Xar76hqAlcrEmIQQ6xOzq5JkVEnkyCv4QIaOTVzRQ
rUYz/+M=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-fra.rpki-client.org