Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Gi-EbiBTOhhKFGsXReVIXGatXcc.roa
File: Gi-EbiBTOhhKFGsXReVIXGatXcc.roa (raw, json)
Hash identifier: Yv6XZMciMJrD2msRDhMTXx3TWar2LAUwERT7ENqQRBg=
Subject key identifier: 1A:2F:84:6E:20:53:3A:18:4A:14:6B:17:45:E5:48:5C:66:AD:5D:C7
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0184D2409FF336194172C83A7EB50C100D13
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Gi-EbiBTOhhKFGsXReVIXGatXcc.roa
Signing time: Fri 02 Dec 2022 09:52:41 +0000
ROA not before: Fri 02 Dec 2022 09:52:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
104.239.10.0/23 maxlen: 23
216.173.103.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.239.28.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.98.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
104.239.73.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.80.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
104.238.4.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:40:9f:f3:36:19:41:72:c8:3a:7e:b5:0c:10:0d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Dec 2 09:52:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a2f846e20533a184a146b1745e5485c66ad5dc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:00:db:c5:e2:5b:ac:c1:04:77:db:e1:0b:28:
a3:84:4b:64:f8:e4:c3:6f:9d:b0:30:d6:d9:88:95:
cf:c4:3b:19:5b:c5:60:81:4d:0d:64:85:13:71:72:
15:0a:93:25:5d:c3:61:a8:33:b0:54:44:7e:74:e1:
50:4a:dc:70:4e:f7:a4:2e:79:9c:76:85:bd:18:dc:
2c:e4:78:12:ab:28:21:7b:de:1a:46:d0:ee:fa:45:
96:91:5c:21:f7:77:b5:31:5f:82:13:54:bf:e8:9b:
37:2d:f9:da:6c:2f:06:d2:ba:55:64:51:04:f3:7d:
a7:99:22:90:48:0f:4d:d5:d6:86:ba:23:c4:1d:14:
f3:62:52:c6:3d:4a:e7:aa:db:90:25:a9:a4:86:9d:
1b:7d:28:7d:a2:04:62:66:10:58:6c:f5:81:27:b3:
46:f5:ba:78:45:d8:11:3f:6a:04:02:10:9c:0d:56:
2b:53:16:6e:ff:dd:78:0d:fc:c8:81:33:35:75:1d:
04:73:d9:b5:8a:6c:b6:03:43:96:e3:49:5c:28:68:
51:23:cb:50:ff:48:cb:af:07:15:28:1c:60:e2:44:
b9:f6:3d:e3:d1:99:bc:4a:bb:7c:90:98:bd:1a:14:
ba:d1:28:75:4c:ab:eb:4e:c9:e6:43:66:b0:bc:0f:
7d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:2F:84:6E:20:53:3A:18:4A:14:6B:17:45:E5:48:5C:66:AD:5D:C7
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Gi-EbiBTOhhKFGsXReVIXGatXcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.239.10.0/23
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.86.0/24
104.239.88.0/24
104.239.90.0/23
104.239.94.0/24
104.239.98.0/24
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
138.128.157.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.110.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
83:66:89:23:74:50:43:d2:62:c8:b1:5c:06:bc:b2:f2:f3:a6:
4a:8e:b5:13:8e:1e:bf:86:75:6f:08:99:e6:60:0f:a8:4d:c3:
35:c7:c8:46:a8:8b:98:30:1c:2d:f3:7c:10:e4:ae:4a:9b:c3:
88:0d:60:52:a6:6e:54:44:fc:5b:c4:6e:2f:4a:a0:c6:c6:94:
9f:da:40:76:e2:1d:e8:8a:31:96:48:6d:28:94:1d:78:1c:8b:
c2:42:b8:28:9e:9e:5b:9c:fc:44:ab:7e:ae:94:fe:86:17:d3:
e3:12:34:71:ac:db:b0:f5:eb:5b:9f:3d:79:93:61:08:04:0f:
74:03:cc:70:d6:71:c3:ae:45:9a:88:77:ba:81:12:b1:cd:c8:
6d:00:84:6d:d1:31:22:79:1c:59:67:43:67:bc:31:77:d5:7e:
1c:d5:6f:04:6d:ef:58:56:82:e0:fc:4d:9f:fb:da:2c:d9:de:
02:2b:6d:87:f0:d2:6f:8b:e9:75:ca:5e:54:c6:59:a5:a5:0f:
59:f9:2a:3c:46:2b:d6:e1:9f:bc:5f:43:fc:ce:34:5a:18:6b:
55:45:dd:c2:3e:88:3a:7d:0b:a8:89:b9:4b:f9:89:a8:c7:bc:
c8:28:bc:05:35:54:92:5f:da:79:47:3f:5f:00:26:e8:c3:97:
e5:f2:06:c0
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAYTSQJ/zNhlBcsg6frUMEA0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMjAyMDk1MjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTJmODQ2ZTIwNTMzYTE4NGExNDZiMTc0NWU1NDg1YzY2YWQ1ZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwDbxeJbrMEEd9vhCyijhEtk+OTD
b52wMNbZiJXPxDsZW8VggU0NZIUTcXIVCpMlXcNhqDOwVER+dOFQStxwTvekLnmc
doW9GNws5HgSqyghe94aRtDu+kWWkVwh93e1MV+CE1S/6Js3LfnabC8G0rpVZFEE
832nmSKQSA9N1daGuiPEHRTzYlLGPUrnqtuQJamkhp0bfSh9ogRiZhBYbPWBJ7NG
9bp4RdgRP2oEAhCcDVYrUxZu/914DfzIgTM1dR0Ec9m1imy2A0OW40lcKGhRI8tQ
/0jLrwcVKBxg4kS59j3j0Zm8Srt8kJi9GhS60Sh1TKvrTsnmQ2awvA99XwIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFBovhG4gUzoYShRrF0XlSFxmrV3HMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvR2ktRWJpQlRPaGhLRkdzWFJlVklYR2F0WGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgwDAME
A2jpGAMEAGjpGgMEAWjuBDAMAwQAaO4HAwQAaO4KAwQBaO8KAwQAaO8cAwQBaO8e
AwQAaO8sAwQAaO9JMAwDBABo70sDBABo704wDAMEBGjvUAMEAGjvUgMEAGjvVgME
AGjvWAMEAWjvWgMEAGjvXgMEAGjvYgMEAGjvZTAMAwQDaO9oAwQAaO9sAwQAaO9v
MAwDBAJo73wDBABo734DBACKgJ0DBADYrUwDBADYrVIwDAMEAditZgMEANitbgME
ANiteDANBgkqhkiG9w0BAQsFAAOCAQEAg2aJI3RQQ9JiyLFcBryy8vOmSo61E44e
v4Z1bwiZ5mAPqE3DNcfIRqiLmDAcLfN8EOSuSpvDiA1gUqZuVET8W8RuL0qgxsaU
n9pAduId6IoxlkhtKJQdeByLwkK4KJ6eW5z8RKt+rpT+hhfT4xI0cazbsPXrW589
eZNhCAQPdAPMcNZxw65Fmoh3uoESsc3IbQCEbdExInkcWWdDZ7wxd9V+HNVvBG3v
WFaC4PxNn/vaLNneAitth/DSb4vpdcpeVMZZpaUPWfkqPEYr1uGfvF9D/M40Whhr
VUXdwj6IOn0LqIm5S/mJqMe8yCi8BTVUkl/aeUc/XwAm6MOX5fIGwA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-fra.rpki-client.org