Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/FInXLGgDxqblwFRgd1Em2o1x9m0.roa
File: FInXLGgDxqblwFRgd1Em2o1x9m0.roa (raw, json)
Hash identifier: pT0U63y/izphCUo8G5Zsn8uiyHhctGRuyfTg9hqUZWc=
Subject key identifier: 14:89:D7:2C:68:03:C6:A6:E5:C0:54:60:77:51:26:DA:8D:71:F6:6D
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0184D240A14F100BB526DAFD461F2EAACCEE
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/FInXLGgDxqblwFRgd1Em2o1x9m0.roa
Signing time: Fri 02 Dec 2022 09:52:41 +0000
ROA not before: Fri 02 Dec 2022 09:52:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 64.137.74.0/24 maxlen: 24
64.137.73.0/24 maxlen: 24
64.137.78.0/24 maxlen: 24
64.137.77.0/24 maxlen: 24
64.137.80.0/22 maxlen: 22
64.137.89.0/24 maxlen: 24
64.137.96.0/22 maxlen: 22
64.137.94.0/23 maxlen: 23
64.137.92.0/23 maxlen: 23
64.137.100.0/23 maxlen: 23
104.249.29.0/24 maxlen: 24
216.173.87.0/24 maxlen: 24
104.249.36.0/24 maxlen: 24
216.173.111.0/24 maxlen: 24
104.249.55.0/24 maxlen: 24
64.137.14.0/23 maxlen: 23
64.137.18.0/23 maxlen: 23
104.143.232.0/21 maxlen: 21
64.137.42.0/23 maxlen: 23
104.143.240.0/22 maxlen: 22
64.137.48.0/23 maxlen: 23
64.137.58.0/23 maxlen: 23
104.143.248.0/21 maxlen: 24
64.137.60.0/22 maxlen: 22
104.238.0.0/22 maxlen: 22
104.233.0.0/21 maxlen: 21
138.128.151.0/24 maxlen: 24
64.137.10.0/23 maxlen: 23
138.128.153.0/24 maxlen: 24
64.137.8.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:40:a1:4f:10:0b:b5:26:da:fd:46:1f:2e:aa:cc:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Dec 2 09:52:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1489d72c6803c6a6e5c05460775126da8d71f66d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:25:8c:39:3e:9b:ad:e3:ec:07:40:6b:d3:e9:
4b:17:d4:b6:a5:12:10:c7:ae:7b:de:64:e8:ce:e8:
d9:ce:7c:7d:68:39:ff:74:93:6a:c0:f7:b9:56:4b:
06:33:d8:be:29:18:fc:1e:36:6b:9b:3c:ec:47:d3:
d1:b8:af:f3:ce:f5:12:23:7f:bd:64:78:e0:ec:a9:
3e:ca:57:18:1c:1f:d9:7a:3b:d6:78:cb:80:78:b1:
a3:fc:35:71:f0:14:ad:0b:52:ea:13:5e:fd:91:13:
8c:4b:df:b5:60:ea:2a:63:7f:83:77:68:b7:d1:9f:
16:16:63:0b:d3:6a:3b:b5:b6:68:8e:d3:88:79:ab:
ec:8b:5e:60:01:9e:23:b1:c2:db:c7:8d:f2:4a:52:
58:62:4f:93:bb:a5:12:6d:f4:44:41:cf:b4:8d:77:
1c:c7:ca:2c:8f:ca:c3:f8:51:72:f0:b5:c8:16:ac:
33:ed:9e:42:86:b5:47:9f:d8:05:92:fe:66:5a:74:
17:37:fd:48:33:75:a1:ab:c0:6e:5c:04:e3:f2:00:
91:55:ab:40:52:12:66:1c:14:87:bd:11:a2:dd:c1:
09:38:f2:59:30:ef:de:4d:a5:01:65:c7:72:69:61:
b0:78:09:a6:2e:c6:d0:57:82:d1:7a:75:31:fb:db:
3d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:89:D7:2C:68:03:C6:A6:E5:C0:54:60:77:51:26:DA:8D:71:F6:6D
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/FInXLGgDxqblwFRgd1Em2o1x9m0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.8.0/24
64.137.10.0/23
64.137.14.0/23
64.137.18.0/23
64.137.42.0/23
64.137.48.0/23
64.137.58.0-64.137.63.255
64.137.73.0-64.137.74.255
64.137.77.0-64.137.78.255
64.137.80.0/22
64.137.89.0/24
64.137.92.0-64.137.101.255
104.143.232.0-104.143.243.255
104.143.248.0/21
104.233.0.0/21
104.238.0.0/22
104.249.29.0/24
104.249.36.0/24
104.249.55.0/24
138.128.151.0/24
138.128.153.0/24
216.173.87.0/24
216.173.111.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:12:61:99:1d:6b:0e:42:e7:aa:e5:ca:fb:e7:d3:0e:bc:d1:
e5:41:ea:e0:8c:8e:46:81:e0:26:15:b9:ea:e2:b4:ee:49:5d:
df:40:da:5d:61:c8:97:af:43:f8:e9:19:8c:e3:74:cc:a0:11:
35:b7:86:81:28:a6:31:fe:c3:76:e7:a9:0f:0f:b8:41:62:57:
11:4c:92:23:5a:4b:a1:70:9b:ed:0f:02:95:7e:19:5a:b1:dd:
37:2b:b8:c4:95:df:b5:f2:db:92:63:4a:1f:38:2b:63:2e:3f:
99:fc:da:19:49:64:8e:51:ef:d3:31:0d:26:87:a2:69:67:82:
3c:9c:f3:cd:28:5d:a6:6b:81:33:58:26:b2:6e:69:bf:0f:f0:
ba:5d:de:75:2f:a0:5a:5a:c3:69:99:01:4c:4c:d5:7d:05:2f:
ef:ea:9e:1a:9a:4a:9b:35:5c:38:a3:5c:c5:14:3f:11:ad:d7:
20:56:49:e9:fa:e5:4e:98:5e:e0:65:db:f5:46:3f:5e:1e:66:
be:22:dd:bc:b2:cf:94:b5:20:29:53:3a:98:9b:50:28:e7:c1:
3e:c5:18:bc:3e:84:0d:be:06:0b:05:60:e1:3f:85:9a:68:1f:
be:7c:60:f2:cf:61:5d:fd:83:c3:51:ca:87:5e:0c:a6:61:85:
36:9f:4f:b2
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAYTSQKFPEAu1Jtr9Rh8uqszuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMjAyMDk1MjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDg5ZDcyYzY4MDNjNmE2ZTVjMDU0NjA3NzUxMjZkYThkNzFmNjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiWMOT6brePsB0Br0+lLF9S2pRIQ
x6573mTozujZznx9aDn/dJNqwPe5VksGM9i+KRj8HjZrmzzsR9PRuK/zzvUSI3+9
ZHjg7Kk+ylcYHB/ZejvWeMuAeLGj/DVx8BStC1LqE179kROMS9+1YOoqY3+Dd2i3
0Z8WFmML02o7tbZojtOIeavsi15gAZ4jscLbx43ySlJYYk+Tu6USbfREQc+0jXcc
x8osj8rD+FFy8LXIFqwz7Z5ChrVHn9gFkv5mWnQXN/1IM3Whq8BuXATj8gCRVatA
UhJmHBSHvRGi3cEJOPJZMO/eTaUBZcdyaWGweAmmLsbQV4LRenUx+9s9LwIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFBSJ1yxoA8am5cBUYHdRJtqNcfZtMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvRkluWExHZ0R4cWJsd0ZSZ2QxRW0ybzF4OW0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBABA
iQgDBAFAiQoDBAFAiQ4DBAFAiRIDBAFAiSoDBAFAiTAwDAMEAUCJOgMEBkCJADAM
AwQAQIlJAwQAQIlKMAwDBABAiU0DBABAiU4DBAJAiVADBABAiVkwDAMEAkCJXAME
AUCJZDAMAwQDaI/oAwQCaI/wAwQDaI/4AwQDaOkAAwQCaO4AAwQAaPkdAwQAaPkk
AwQAaPk3AwQAioCXAwQAioCZAwQA2K1XAwQA2K1vMA0GCSqGSIb3DQEBCwUAA4IB
AQBvEmGZHWsOQueq5cr759MOvNHlQergjI5GgeAmFbnq4rTuSV3fQNpdYciXr0P4
6RmM43TMoBE1t4aBKKYx/sN256kPD7hBYlcRTJIjWkuhcJvtDwKVfhlasd03K7jE
ld+18tuSY0ofOCtjLj+Z/NoZSWSOUe/TMQ0mh6JpZ4I8nPPNKF2ma4EzWCaybmm/
D/C6Xd51L6BaWsNpmQFMTNV9BS/v6p4amkqbNVw4o1zFFD8RrdcgVknp+uVOmF7g
Zdv1Rj9eHma+It28ss+UtSApUzqYm1Ao58E+xRi8PoQNvgYLBWDhP4WaaB++fGDy
z2Fd/YPDUcqHXgymYYU2n0+y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org