Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/C3_sq2kFt3zoVDbxAsOeeycX5-M.roa
File: C3_sq2kFt3zoVDbxAsOeeycX5-M.roa (raw, json)
Hash identifier: WlEVq/IIRYb52Mug6hP49+fx7XF+xTX2QOOMck1GJ00=
Subject key identifier: 0B:7F:EC:AB:69:05:B7:7C:E8:54:36:F1:02:C3:9E:7B:27:17:E7:E3
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01848A6CC98F1E1E7FCFF623A0973E316A14
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/C3_sq2kFt3zoVDbxAsOeeycX5-M.roa
Signing time: Fri 18 Nov 2022 11:08:15 +0000
ROA not before: Fri 18 Nov 2022 11:08:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202044
IP address blocks: 216.173.72.0/22 maxlen: 22
104.143.224.0/22 maxlen: 22
104.167.10.0/24 maxlen: 24
104.143.244.0/23 maxlen: 23
64.137.56.0/23 maxlen: 23
104.143.246.0/24 maxlen: 24
104.222.184.0/22 maxlen: 22
64.137.96.0/22 maxlen: 22
64.137.92.0/23 maxlen: 23
104.238.8.0/23 maxlen: 23
138.128.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8a:6c:c9:8f:1e:1e:7f:cf:f6:23:a0:97:3e:31:6a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Nov 18 11:08:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b7fecab6905b77ce85436f102c39e7b2717e7e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b1:df:07:5f:29:a4:9d:1a:7b:75:9a:95:9b:
25:f9:27:d0:cd:2c:b4:51:6d:40:d4:4e:57:71:73:
ee:c8:6d:be:46:06:61:1a:ef:76:14:82:b6:08:f7:
09:ec:18:07:65:60:16:bf:f1:d7:44:f6:28:a4:88:
7d:01:63:44:1a:72:5e:37:bc:ab:23:7c:d1:45:95:
0b:ce:c1:c2:10:1d:c9:55:3b:a7:f4:b6:9a:f6:de:
e3:e9:40:bc:28:50:ab:29:af:98:60:bc:29:ab:dd:
ec:1b:b2:1d:90:03:31:d1:48:d3:92:de:c2:1b:b9:
e8:56:be:69:c9:0f:12:19:ec:a1:eb:8f:64:0f:78:
e8:58:73:51:c0:76:63:09:5d:84:3e:59:87:17:36:
31:92:7f:3b:cc:48:c8:06:9a:d2:cc:36:13:64:9b:
1b:58:94:e0:6c:66:5d:fe:b0:d8:2a:2f:15:a2:be:
ee:a5:47:68:4a:be:9b:c1:64:2f:29:a5:e3:46:ad:
a4:02:17:a0:8c:99:29:89:a4:38:e6:96:66:2a:7e:
5c:33:34:52:38:31:ff:13:4b:bb:c6:9c:42:03:08:
f3:f1:08:f2:ec:36:5a:b3:24:66:9b:22:07:85:62:
2e:91:d1:23:ef:88:83:e0:78:8e:bb:31:a9:24:bc:
89:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:7F:EC:AB:69:05:B7:7C:E8:54:36:F1:02:C3:9E:7B:27:17:E7:E3
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/C3_sq2kFt3zoVDbxAsOeeycX5-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.56.0/23
64.137.92.0/23
64.137.96.0/22
104.143.224.0/22
104.143.244.0-104.143.246.255
104.167.10.0/24
104.222.184.0/22
104.238.8.0/23
138.128.148.0/24
216.173.72.0/22
Signature Algorithm: sha256WithRSAEncryption
08:3b:bb:65:8a:1a:10:eb:b1:6c:16:3a:f4:22:ff:61:49:e0:
34:1a:3b:66:6b:e3:92:21:34:40:a3:1c:e4:ad:ab:09:b7:65:
40:fd:b5:68:15:d4:d6:e7:1d:7e:0f:fe:0b:65:cc:69:a5:95:
64:f3:22:d8:a2:63:0e:96:74:7e:82:8e:74:25:6d:73:0a:eb:
cd:9a:38:b6:10:70:a8:ac:c5:60:7f:9a:49:ee:4f:e8:22:f2:
48:78:4c:13:be:46:57:04:75:25:45:36:8e:86:a1:cc:f2:a1:
51:14:45:5d:f3:97:58:b8:2e:cc:5f:dd:56:e5:0d:78:78:ae:
5c:4f:f9:8c:a8:5c:2b:7b:03:72:bb:b4:13:c6:64:a2:74:d2:
e0:b1:10:af:0f:bd:e2:5b:6b:3d:a5:4a:24:6a:27:9f:f5:f0:
7b:09:f4:83:0e:7e:9c:ca:58:75:44:c7:62:1e:82:3d:53:32:
7b:6d:a3:73:91:84:72:5b:ac:17:78:70:42:00:ac:25:57:ab:
fd:5f:0c:34:63:c7:2c:f0:67:ad:fe:2b:d8:95:13:d9:3c:90:
eb:55:58:c5:7c:2e:6b:a5:06:2e:00:5c:39:e6:a8:19:65:1f:
bb:b5:d3:f8:11:ee:98:4b:8e:cf:c1:ed:09:44:73:0b:12:0d:
73:6e:bf:f0
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYSKbMmPHh5/z/YjoJc+MWoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMTE4MTEwODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjdmZWNhYjY5MDViNzdjZTg1NDM2ZjEwMmMzOWU3YjI3MTdlN2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLHfB18ppJ0ae3WalZsl+SfQzSy0
UW1A1E5XcXPuyG2+RgZhGu92FIK2CPcJ7BgHZWAWv/HXRPYopIh9AWNEGnJeN7yr
I3zRRZULzsHCEB3JVTun9Laa9t7j6UC8KFCrKa+YYLwpq93sG7IdkAMx0UjTkt7C
G7noVr5pyQ8SGeyh649kD3joWHNRwHZjCV2EPlmHFzYxkn87zEjIBprSzDYTZJsb
WJTgbGZd/rDYKi8Vor7upUdoSr6bwWQvKaXjRq2kAhegjJkpiaQ45pZmKn5cMzRS
ODH/E0u7xpxCAwjz8Qjy7DZasyRmmyIHhWIukdEj74iD4HiOuzGpJLyJaQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFAt/7KtpBbd86FQ28QLDnnsnF+fjMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvQzNfc3Eya0Z0M3pvVkRieEFzT2VleWNYNS1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQBQIk4AwQB
QIlcAwQCQIlgAwQCaI/gMAwDBAJoj/QDBABoj/YDBABopwoDBAJo3rgDBAFo7ggD
BACKgJQDBALYrUgwDQYJKoZIhvcNAQELBQADggEBAAg7u2WKGhDrsWwWOvQi/2FJ
4DQaO2Zr45IhNECjHOStqwm3ZUD9tWgV1NbnHX4P/gtlzGmllWTzItiiYw6WdH6C
jnQlbXMK682aOLYQcKisxWB/mknuT+gi8kh4TBO+RlcEdSVFNo6GoczyoVEURV3z
l1i4Lsxf3VblDXh4rlxP+YyoXCt7A3K7tBPGZKJ00uCxEK8PveJbaz2lSiRqJ5/1
8HsJ9IMOfpzKWHVEx2Iegj1TMntto3ORhHJbrBd4cEIArCVXq/1fDDRjxyzwZ63+
K9iVE9k8kOtVWMV8LmulBi4AXDnmqBllH7u10/gR7phLjs/B7QlEcwsSDXNuv/A=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-fra.rpki-client.org