Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/PUTm4vfe6L3QExYH2_9E6NhyZtc.roa
File: PUTm4vfe6L3QExYH2_9E6NhyZtc.roa (raw, json)
Hash identifier: g51d9wBiTezzMU5DoOQMO6wCg1kU7uScT51nVJy3mSg=
Subject key identifier: 3D:44:E6:E2:F7:DE:E8:BD:D0:13:16:07:DB:FF:44:E8:D8:72:66:D7
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0184963CCA99D6917778627717CB9320A5D7
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/PUTm4vfe6L3QExYH2_9E6NhyZtc.roa
Signing time: Sun 20 Nov 2022 18:11:17 +0000
ROA not before: Sun 20 Nov 2022 18:11:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202044
IP address blocks: 216.173.72.0/22 maxlen: 22
104.167.10.0/24 maxlen: 24
104.143.244.0/23 maxlen: 23
64.137.56.0/23 maxlen: 23
104.143.246.0/24 maxlen: 24
104.222.184.0/22 maxlen: 22
64.137.96.0/22 maxlen: 22
64.137.92.0/23 maxlen: 23
104.238.8.0/23 maxlen: 23
138.128.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:96:3c:ca:99:d6:91:77:78:62:77:17:cb:93:20:a5:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Nov 20 18:11:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d44e6e2f7dee8bdd0131607dbff44e8d87266d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f9:63:5a:1d:93:d6:60:b9:a3:24:ff:94:33:
32:50:f0:5a:2c:6e:55:9c:cf:99:d7:4b:49:66:b0:
0f:12:ec:e8:98:ef:20:38:17:0c:ba:e9:da:d4:dd:
86:a7:4b:1f:a6:e1:79:52:af:c1:02:75:9c:f5:6c:
9b:90:d1:b7:7e:59:7e:90:3b:40:4c:b3:38:93:57:
e3:6c:b1:2f:35:9c:ee:a5:59:bf:d8:75:80:9b:d4:
87:39:06:27:56:13:43:f2:09:e9:07:5c:89:cb:37:
2e:c2:34:09:b7:f6:ea:c7:f7:de:a5:3a:f2:73:70:
bd:7e:ba:d3:03:d1:30:ef:cd:43:a8:41:20:d0:60:
3b:8f:98:11:58:f3:26:f4:ff:f1:2f:74:e9:d2:71:
68:0f:da:02:a1:78:1c:37:86:e1:3b:d9:f1:0f:85:
4d:d2:c6:7e:64:27:3c:02:f7:98:d5:74:65:a2:e8:
ab:e8:29:91:48:13:4d:bd:44:b5:99:70:60:0f:27:
1b:7a:d9:0f:fd:6d:56:3e:dd:18:29:2e:43:cd:01:
bc:a2:26:00:48:49:6e:39:72:fc:6a:a6:92:08:9e:
a5:f1:76:6e:0c:e2:4d:32:89:bf:18:89:2d:b3:13:
4b:71:d3:e3:fa:d6:c8:76:ec:b8:34:09:c3:b9:27:
85:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:44:E6:E2:F7:DE:E8:BD:D0:13:16:07:DB:FF:44:E8:D8:72:66:D7
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/PUTm4vfe6L3QExYH2_9E6NhyZtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.56.0/23
64.137.92.0/23
64.137.96.0/22
104.143.244.0-104.143.246.255
104.167.10.0/24
104.222.184.0/22
104.238.8.0/23
138.128.148.0/24
216.173.72.0/22
Signature Algorithm: sha256WithRSAEncryption
42:36:60:82:7b:a3:e7:bb:c5:22:bc:fd:c5:e2:3f:56:49:c8:
8a:cb:f8:0e:2d:41:fa:d1:50:93:77:5e:82:47:f6:8b:c9:d7:
be:d7:39:3f:b8:58:0e:c6:61:ea:83:6f:3f:e4:f5:61:82:28:
88:4c:58:08:48:4d:20:12:7c:bc:b9:bc:12:cf:79:00:0c:40:
b2:92:5f:29:8e:de:43:7a:49:21:70:b2:39:c0:a5:2a:58:3d:
83:67:47:16:67:35:eb:3c:b9:e8:ce:f8:fa:cc:b2:79:69:1d:
c4:d7:75:d5:4c:75:6c:d3:8b:04:a1:d6:64:a5:bf:97:0d:7d:
14:c0:02:5b:2f:31:dd:a3:29:88:92:96:96:e0:a6:22:42:4a:
5e:e9:75:eb:00:74:f7:55:c2:a9:a4:1d:e1:95:17:4b:36:76:
48:92:9c:e9:3b:56:33:fa:60:1d:a3:f4:6d:aa:5b:79:82:be:
08:43:cd:7d:3b:36:cc:22:b3:94:88:f8:6f:f7:92:c7:59:3d:
bf:a8:16:a4:9c:78:e3:2f:a0:0a:18:61:62:b8:8b:0e:72:09:
03:51:c4:49:e6:00:3d:cc:62:48:61:e2:67:98:75:c1:b5:53:
b8:fd:c3:f0:e9:6e:eb:51:d7:b9:92:3a:33:97:44:0a:38:c7:
b5:8c:64:5d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYSWPMqZ1pF3eGJ3F8uTIKXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMTIwMTgxMTE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDQ0ZTZlMmY3ZGVlOGJkZDAxMzE2MDdkYmZmNDRlOGQ4NzI2NmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4PljWh2T1mC5oyT/lDMyUPBaLG5V
nM+Z10tJZrAPEuzomO8gOBcMuuna1N2Gp0sfpuF5Uq/BAnWc9WybkNG3fll+kDtA
TLM4k1fjbLEvNZzupVm/2HWAm9SHOQYnVhND8gnpB1yJyzcuwjQJt/bqx/fepTry
c3C9frrTA9Ew781DqEEg0GA7j5gRWPMm9P/xL3Tp0nFoD9oCoXgcN4bhO9nxD4VN
0sZ+ZCc8AveY1XRlouir6CmRSBNNvUS1mXBgDycbetkP/W1WPt0YKS5DzQG8oiYA
SEluOXL8aqaSCJ6l8XZuDOJNMom/GIktsxNLcdPj+tbIduy4NAnDuSeFuQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFD1E5uL33ui90BMWB9v/ROjYcmbXMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvUFVUbTR2ZmU2TDNRRXhZSDJfOUU2Tmh5WnRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQBQIk4AwQB
QIlcAwQCQIlgMAwDBAJoj/QDBABoj/YDBABopwoDBAJo3rgDBAFo7ggDBACKgJQD
BALYrUgwDQYJKoZIhvcNAQELBQADggEBAEI2YIJ7o+e7xSK8/cXiP1ZJyIrL+A4t
QfrRUJN3XoJH9ovJ177XOT+4WA7GYeqDbz/k9WGCKIhMWAhITSASfLy5vBLPeQAM
QLKSXymO3kN6SSFwsjnApSpYPYNnRxZnNes8uejO+PrMsnlpHcTXddVMdWzTiwSh
1mSlv5cNfRTAAlsvMd2jKYiSlpbgpiJCSl7pdesAdPdVwqmkHeGVF0s2dkiSnOk7
VjP6YB2j9G2qW3mCvghDzX07Nswis5SI+G/3ksdZPb+oFqSceOMvoAoYYWK4iw5y
CQNRxEnmAD3MYkhh4meYdcG1U7j9w/DpbutR17mSOjOXRAo4x7WMZF0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-fra.rpki-client.org