Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Odt4xF5WNgHEwSvg7qBvqGW5SlI.roa
File: Odt4xF5WNgHEwSvg7qBvqGW5SlI.roa (raw, json)
Hash identifier: /UA6t3k0DO4ZiLtD2KnZQWh0vprvzymjh1RchNsuoLM=
Subject key identifier: 39:DB:78:C4:5E:56:36:01:C4:C1:2B:E0:EE:A0:6F:A8:65:B9:4A:52
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01849A0912A28681D2626DABDBD27629E504
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Odt4xF5WNgHEwSvg7qBvqGW5SlI.roa
Signing time: Mon 21 Nov 2022 11:53:16 +0000
ROA not before: Mon 21 Nov 2022 11:53:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 104.143.254.0/23 maxlen: 23
64.137.74.0/24 maxlen: 24
64.137.73.0/24 maxlen: 24
64.137.78.0/24 maxlen: 24
64.137.77.0/24 maxlen: 24
64.137.80.0/22 maxlen: 22
64.137.89.0/24 maxlen: 24
64.137.96.0/22 maxlen: 22
64.137.94.0/23 maxlen: 23
64.137.92.0/23 maxlen: 23
64.137.100.0/23 maxlen: 23
216.173.78.0/23 maxlen: 23
104.249.30.0/23 maxlen: 23
104.249.29.0/24 maxlen: 24
216.173.80.0/23 maxlen: 23
104.249.36.0/24 maxlen: 24
216.173.88.0/23 maxlen: 23
45.43.176.0/20 maxlen: 20
104.239.13.0/24 maxlen: 24
216.173.111.0/24 maxlen: 24
104.249.55.0/24 maxlen: 24
104.249.60.0/23 maxlen: 23
104.239.96.0/23 maxlen: 23
104.239.92.0/23 maxlen: 23
104.239.84.0/23 maxlen: 23
64.137.14.0/23 maxlen: 23
64.137.17.0/24 maxlen: 24
64.137.18.0/23 maxlen: 23
104.233.20.0/24 maxlen: 24
104.143.232.0/21 maxlen: 21
64.137.42.0/23 maxlen: 23
104.143.240.0/22 maxlen: 22
64.137.48.0/23 maxlen: 23
104.143.235.0/24 maxlen: 24
64.137.58.0/23 maxlen: 23
104.143.248.0/21 maxlen: 24
64.137.60.0/22 maxlen: 22
104.238.4.0/23 maxlen: 23
104.238.0.0/22 maxlen: 22
104.233.0.0/21 maxlen: 21
104.238.14.0/24 maxlen: 24
138.128.151.0/24 maxlen: 24
104.238.20.0/24 maxlen: 24
104.238.19.0/24 maxlen: 24
64.137.10.0/23 maxlen: 23
138.128.153.0/24 maxlen: 24
138.128.159.0/24 maxlen: 24
64.137.8.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9a:09:12:a2:86:81:d2:62:6d:ab:db:d2:76:29:e5:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Nov 21 11:53:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=39db78c45e563601c4c12be0eea06fa865b94a52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:89:97:ac:17:9a:58:e0:6a:81:de:71:96:c1:
a9:f7:75:be:89:72:a5:b5:c4:40:e3:ab:3f:b6:58:
c9:54:a8:c1:e5:f0:6e:7b:f8:d8:d0:dd:51:f7:59:
de:99:21:25:ac:52:c0:ff:a2:d9:91:8d:4f:f9:74:
1e:c5:c2:f5:8d:69:30:2f:6d:7e:d0:7c:68:20:39:
f2:fe:ec:07:48:a8:aa:a9:a6:1c:24:a7:42:a8:ce:
c2:f4:d3:3a:0b:23:af:e5:0c:b0:96:b2:71:a3:c0:
c6:33:de:fc:2c:b3:f0:0f:72:d1:f3:84:bb:52:f1:
70:67:fc:3d:dd:7d:7c:3f:e5:c0:45:03:20:9f:44:
fd:36:8e:6d:02:88:d1:b8:dd:c6:af:f8:46:82:68:
ab:78:e4:b5:97:56:9f:2e:c3:ad:04:96:89:da:ba:
74:6c:9d:56:b2:6c:11:6c:c8:ab:dc:3c:37:d0:b6:
9f:4f:d8:92:6d:d4:e9:2b:74:c4:3a:f0:0d:cd:ad:
62:1a:27:05:7d:3e:0a:87:d6:16:76:8b:d4:17:94:
00:2e:1a:e6:67:cd:11:b0:29:84:3a:c9:39:28:2d:
35:56:94:6b:5b:85:67:44:34:03:4b:32:fc:46:58:
5f:67:94:61:89:ca:62:c1:31:9a:2c:ef:3a:94:41:
8b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:DB:78:C4:5E:56:36:01:C4:C1:2B:E0:EE:A0:6F:A8:65:B9:4A:52
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/Odt4xF5WNgHEwSvg7qBvqGW5SlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.176.0/20
64.137.8.0/24
64.137.10.0/23
64.137.14.0/23
64.137.17.0-64.137.19.255
64.137.42.0/23
64.137.48.0/23
64.137.58.0-64.137.63.255
64.137.73.0-64.137.74.255
64.137.77.0-64.137.78.255
64.137.80.0/22
64.137.89.0/24
64.137.92.0-64.137.101.255
104.143.232.0-104.143.243.255
104.143.248.0/21
104.233.0.0/21
104.233.20.0/24
104.238.0.0-104.238.5.255
104.238.14.0/24
104.238.19.0-104.238.20.255
104.239.13.0/24
104.239.84.0/23
104.239.92.0/23
104.239.96.0/23
104.249.29.0-104.249.31.255
104.249.36.0/24
104.249.55.0/24
104.249.60.0/23
138.128.151.0/24
138.128.153.0/24
138.128.159.0/24
216.173.78.0-216.173.81.255
216.173.88.0/23
216.173.111.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:2d:36:33:11:c5:85:50:2d:49:1b:30:d5:ab:8d:80:78:3e:
a9:d9:58:6b:dc:b3:0e:d4:2b:89:be:af:e5:95:a7:8c:f2:6c:
e0:0e:2d:5f:4f:c3:22:4b:32:1e:2c:c2:b0:07:26:57:65:e2:
1e:67:a7:78:4b:2c:4c:06:2b:f4:61:6f:f8:7e:a4:6f:05:da:
76:b4:a8:72:8c:b9:3f:83:5d:fa:48:5b:68:d4:b7:ca:9f:f7:
16:f6:0f:c2:0d:67:8c:92:f9:21:49:7e:a1:d6:95:b7:43:b5:
db:2b:f5:e3:2a:30:05:9e:4c:b2:e3:e9:03:d3:e7:28:90:e3:
62:c7:9b:bd:1e:80:18:52:bb:4f:df:d1:6d:d9:7d:a3:6b:e5:
ca:b1:fe:41:6c:13:fa:63:f6:25:b3:9a:ec:c8:55:d1:72:39:
47:4e:de:87:54:df:b2:9d:be:d0:3b:b2:b7:68:51:12:5a:e5:
94:60:48:0d:63:b4:ec:ef:5f:1b:98:a0:f4:2b:da:68:97:3b:
ab:6f:5e:b8:6d:67:e8:81:2d:4c:ca:d1:35:cb:e5:a7:24:ff:
53:5d:1b:d7:f3:f9:8a:8d:96:dc:de:37:a2:28:62:df:f6:7b:
c2:2d:ba:1a:d5:36:5a:05:0e:b0:c3:32:b2:46:57:01:57:82:
04:70:c4:a4
-----BEGIN CERTIFICATE-----
MIIGHDCCBQSgAwIBAgISAYSaCRKihoHSYm2r29J2KeUEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMTIxMTE1MzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWRiNzhjNDVlNTYzNjAxYzRjMTJiZTBlZWEwNmZhODY1Yjk0YTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnomXrBeaWOBqgd5xlsGp93W+iXKl
tcRA46s/tljJVKjB5fBue/jY0N1R91nemSElrFLA/6LZkY1P+XQexcL1jWkwL21+
0HxoIDny/uwHSKiqqaYcJKdCqM7C9NM6CyOv5QywlrJxo8DGM978LLPwD3LR84S7
UvFwZ/w93X18P+XARQMgn0T9No5tAojRuN3Gr/hGgmireOS1l1afLsOtBJaJ2rp0
bJ1WsmwRbMir3Dw30LafT9iSbdTpK3TEOvANza1iGicFfT4Kh9YWdovUF5QALhrm
Z80RsCmEOsk5KC01VpRrW4VnRDQDSzL8RlhfZ5RhicpiwTGaLO86lEGLJQIDAQAB
o4IDKDCCAyQwHQYDVR0OBBYEFDnbeMReVjYBxMEr4O6gb6hluUpSMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvT2R0NHhGNVdOZ0hFd1N2ZzdxQnZxR1c1U2xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPAYIKwYBBQUHAQcBAf8EggErMIIBJzCCASMEAgABMIIB
GwMEBC0rsAMEAECJCAMEAUCJCgMEAUCJDjAMAwQAQIkRAwQCQIkQAwQBQIkqAwQB
QIkwMAwDBAFAiToDBAZAiQAwDAMEAECJSQMEAECJSjAMAwQAQIlNAwQAQIlOAwQC
QIlQAwQAQIlZMAwDBAJAiVwDBAFAiWQwDAMEA2iP6AMEAmiP8AMEA2iP+AMEA2jp
AAMEAGjpFDALAwMBaO4DBAFo7gQDBABo7g4wDAMEAGjuEwMEAGjuFAMEAGjvDQME
AWjvVAMEAWjvXAMEAWjvYDAMAwQAaPkdAwQFaPkAAwQAaPkkAwQAaPk3AwQBaPk8
AwQAioCXAwQAioCZAwQAioCfMAwDBAHYrU4DBAHYrVADBAHYrVgDBADYrW8wDQYJ
KoZIhvcNAQELBQADggEBAF4tNjMRxYVQLUkbMNWrjYB4PqnZWGvcsw7UK4m+r+WV
p4zybOAOLV9PwyJLMh4swrAHJldl4h5np3hLLEwGK/Rhb/h+pG8F2na0qHKMuT+D
XfpIW2jUt8qf9xb2D8INZ4yS+SFJfqHWlbdDtdsr9eMqMAWeTLLj6QPT5yiQ42LH
m70egBhSu0/f0W3ZfaNr5cqx/kFsE/pj9iWzmuzIVdFyOUdO3odU37KdvtA7srdo
URJa5ZRgSA1jtOzvXxuYoPQr2miXO6tvXrhtZ+iBLUzK0TXL5ack/1NdG9fz+YqN
ltzeN6IoYt/2e8ItuhrVNloFDrDDMrJGVwFXggRwxKQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-fra.rpki-client.org