Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/JSvRFmJt8bMIK6E6mgMVeJy9Pz8.roa
File: JSvRFmJt8bMIK6E6mgMVeJy9Pz8.roa (raw, json)
Hash identifier: KGZDMUSitVTLsfOw/J8XuaLxu+9wADT+yqounWvHyg4=
Subject key identifier: 25:2B:D1:16:62:6D:F1:B3:08:2B:A1:3A:9A:03:15:78:9C:BD:3F:3F
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 02613077
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/JSvRFmJt8bMIK6E6mgMVeJy9Pz8.roa
Signing time: Mon 02 May 2022 16:54:57 +0000
ROA not before: Mon 02 May 2022 16:54:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 104.249.30.0/23 maxlen: 23
104.249.29.0/24 maxlen: 24
104.239.10.0/23 maxlen: 23
104.249.36.0/24 maxlen: 24
104.239.13.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.249.55.0/24 maxlen: 24
104.239.28.0/24 maxlen: 24
104.249.60.0/23 maxlen: 23
216.173.120.0/24 maxlen: 24
104.238.4.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.14.0/24 maxlen: 24
104.238.19.0/24 maxlen: 24
104.238.20.0/24 maxlen: 24
216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
216.173.103.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.111.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.98.0/24 maxlen: 24
104.239.92.0/23 maxlen: 23
104.239.96.0/23 maxlen: 23
104.239.104.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.73.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.84.0/23 maxlen: 23
104.239.80.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.233.24.0/23 maxlen: 23
104.233.20.0/24 maxlen: 24
104.233.26.0/24 maxlen: 24
138.128.151.0/24 maxlen: 24
138.128.153.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
138.128.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39923831 (0x2613077)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 2 16:54:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=252bd116626df1b3082ba13a9a0315789cbd3f3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1e:01:73:44:81:bb:d7:f9:93:9b:52:99:f6:
30:71:52:b2:9a:8f:c0:0d:4b:7d:f9:8b:6b:e6:bf:
ef:3b:aa:76:0e:60:92:bd:21:0b:b5:35:8f:76:b2:
40:b9:b9:69:39:f6:f4:63:e1:51:90:fc:e9:47:aa:
d4:c7:58:47:35:18:15:e1:50:32:3a:1f:18:7e:61:
2a:2b:57:33:b9:44:27:36:e4:97:a8:50:62:54:b6:
77:c5:35:42:2d:34:f7:c5:0b:f8:10:89:eb:36:61:
ef:22:d9:7b:61:25:0a:eb:6b:3d:78:ec:ca:8c:a9:
1a:33:25:b5:3d:84:f6:c7:0d:e0:8b:38:29:c4:46:
eb:39:5a:3d:91:b1:5b:af:93:01:9c:ff:19:29:7b:
38:76:19:d2:9a:91:f2:41:47:18:ab:51:62:e8:eb:
5c:15:e2:55:16:0b:40:99:3f:3c:c5:83:28:cb:9e:
5c:59:00:d1:05:17:76:58:d3:b7:4f:98:a5:04:30:
26:55:18:95:ce:93:ce:34:14:46:52:b8:76:0b:fc:
ec:f8:32:bf:0f:1f:00:09:bc:c2:1e:e4:be:ed:5d:
0b:12:ee:16:0f:29:d2:97:42:aa:f4:cc:57:75:e9:
a5:71:59:66:e5:0f:18:25:d1:c4:dd:e0:ec:43:ed:
f8:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:2B:D1:16:62:6D:F1:B3:08:2B:A1:3A:9A:03:15:78:9C:BD:3F:3F
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/JSvRFmJt8bMIK6E6mgMVeJy9Pz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.20.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.238.14.0/24
104.238.19.0-104.238.20.255
104.239.10.0/23
104.239.13.0/24
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.84.0-104.239.86.255
104.239.88.0/24
104.239.90.0-104.239.94.255
104.239.96.0-104.239.98.255
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
104.249.29.0-104.249.31.255
104.249.36.0/24
104.249.55.0/24
104.249.60.0/23
138.128.151.0/24
138.128.153.0/24
138.128.157.0/24
138.128.159.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.111.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:3c:ec:a0:18:9f:4c:1c:57:79:9e:fe:9e:2b:36:ad:e4:51:
67:1a:4f:d4:64:6f:c2:f0:25:d9:1c:04:63:be:2c:be:3d:ae:
75:15:e7:4c:7f:2e:d1:1f:ed:57:ba:cd:d2:ee:71:67:77:d6:
ac:0d:8e:67:78:68:a8:b4:41:2e:29:22:08:ec:35:62:a1:71:
60:12:55:9b:83:49:16:29:52:35:95:81:61:65:13:f6:ed:5c:
a8:17:0c:76:17:6f:b0:4d:70:66:d0:67:51:cc:65:bc:30:a5:
db:14:cd:7e:c3:dc:5d:01:45:34:c0:59:6b:87:27:23:91:30:
d3:c4:39:d2:72:2d:ac:0a:45:c9:69:06:24:8c:76:42:32:ff:
6a:08:8d:a1:06:5e:3d:54:c4:fb:71:fa:75:05:38:25:3b:a3:
ce:00:53:34:bb:90:74:cf:42:33:82:ca:31:1f:23:63:6c:33:
95:6d:f9:0a:ba:d9:a4:7b:e9:b1:58:c8:38:6a:e8:13:7c:f8:
d6:d0:8c:7f:72:aa:48:62:6c:1a:e4:18:65:71:aa:c0:30:6f:
36:73:7d:07:b8:c2:94:db:07:d4:a1:bc:35:89:47:60:53:e5:
e7:02:d1:0b:bc:8e:45:23:6c:18:9c:a6:a3:1b:c9:d6:33:e1:
25:74:e2:14
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgIEAmEwdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDU4MWU2NzNkODBmNzQ3NDkzNmIyMTMzN2VhZmNjMWJkYzM4NWU5MB4XDTIyMDUw
MjE2NTQ1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjUyYmQxMTY2MjZk
ZjFiMzA4MmJhMTNhOWEwMzE1Nzg5Y2JkM2YzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ0eAXNEgbvX+ZObUpn2MHFSspqPwA1LffmLa+a/7zuqdg5g
kr0hC7U1j3ayQLm5aTn29GPhUZD86Ueq1MdYRzUYFeFQMjofGH5hKitXM7lEJzbk
l6hQYlS2d8U1Qi0098UL+BCJ6zZh7yLZe2ElCutrPXjsyoypGjMltT2E9scN4Is4
KcRG6zlaPZGxW6+TAZz/GSl7OHYZ0pqR8kFHGKtRYujrXBXiVRYLQJk/PMWDKMue
XFkA0QUXdljTt0+YpQQwJlUYlc6TzjQURlK4dgv87Pgyvw8fAAm8wh7kvu1dCxLu
Fg8p0pdCqvTMV3XppXFZZuUPGCXRxN3g7EPt+E0CAwEAAaOCAzkwggM1MB0GA1Ud
DgQWBBQlK9EWYm3xswgroTqaAxV4nL0/PzAfBgNVHSMEGDAWgBRgWB5nPYD3R0k2
shM36vzBvcOF6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lGZ2VaejJBOTBkSk5ySVROLXI4d2IzRGhlay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8x
L0pTdlJGbUp0OGJNSUs2RTZtZ01WZUp5OVB6OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
ZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8xL1lGZ2VaejJBOTBk
Sk5ySVROLXI4d2IzRGhlay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AU0GCCsGAQUFBwEHAQH/BIIBPDCCATgwggE0BAIAATCCASwDBABo6RQwDAMEA2jp
GAMEAGjpGgMEAWjuBDAMAwQAaO4HAwQAaO4KAwQAaO4OMAwDBABo7hMDBABo7hQD
BAFo7woDBABo7w0DBABo7xwDBAFo7x4DBABo7ywDBABo70kwDAMEAGjvSwMEAGjv
TjAMAwQEaO9QAwQAaO9SMAwDBAJo71QDBABo71YDBABo71gwDAMEAWjvWgMEAGjv
XjAMAwQFaO9gAwQAaO9iAwQAaO9lMAwDBANo72gDBABo72wDBABo728wDAMEAmjv
fAMEAGjvfjAMAwQAaPkdAwQFaPkAAwQAaPkkAwQAaPk3AwQBaPk8AwQAioCXAwQA
ioCZAwQAioCdAwQAioCfAwQA2K1MAwQA2K1SMAwDBAHYrWYDBATYrWADBADYrXgw
DQYJKoZIhvcNAQELBQADggEBAB087KAYn0wcV3me/p4rNq3kUWcaT9Rkb8LwJdkc
BGO+LL49rnUV50x/LtEf7Ve6zdLucWd31qwNjmd4aKi0QS4pIgjsNWKhcWASVZuD
SRYpUjWVgWFlE/btXKgXDHYXb7BNcGbQZ1HMZbwwpdsUzX7D3F0BRTTAWWuHJyOR
MNPEOdJyLawKRclpBiSMdkIy/2oIjaEGXj1UxPtx+nUFOCU7o84AUzS7kHTPQjOC
yjEfI2NsM5Vt+Qq62aR76bFYyDhq6BN8+NbQjH9yqkhibBrkGGVxqsAwbzZzfQe4
wpTbB9ShvDWJR2BT5ecC0Qu8jkUjbBicpqMbydYz4SV04hQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-fra.rpki-client.org