Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/QR5gCuSaPexEKrSpZrZ2ioGgkSc.roa
File: QR5gCuSaPexEKrSpZrZ2ioGgkSc.roa (raw, json)
Hash identifier: UbHMTSknodgBuNluLrEC9SSmRAXWNvjmHK6LMbZL3Do=
Subject key identifier: 41:1E:60:0A:E4:9A:3D:EC:44:2A:B4:A9:66:B6:76:8A:81:A0:91:27
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01842D99E249322127EC76E3122E5DE3994D
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/QR5gCuSaPexEKrSpZrZ2ioGgkSc.roa
Signing time: Mon 31 Oct 2022 10:32:50 +0000
ROA not before: Mon 31 Oct 2022 10:32:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 104.239.10.0/23 maxlen: 23
104.239.13.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.249.55.0/24 maxlen: 24
104.239.28.0/24 maxlen: 24
104.249.60.0/23 maxlen: 23
216.173.120.0/24 maxlen: 24
104.238.4.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.20.0/24 maxlen: 24
216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
216.173.103.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.98.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
104.239.73.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.80.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.233.20.0/24 maxlen: 24
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
138.128.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:99:e2:49:32:21:27:ec:76:e3:12:2e:5d:e3:99:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 31 10:32:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=411e600ae49a3dec442ab4a966b6768a81a09127
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:04:e2:56:94:5e:d1:1b:6b:32:0f:09:48:92:
02:0d:6a:4e:a8:30:05:53:29:04:1c:07:a0:e4:c6:
92:46:ef:01:6f:f3:2d:aa:2d:29:1b:e0:7f:da:39:
25:3e:90:4e:89:e4:11:9a:25:b5:fc:5b:56:a0:23:
a5:5b:5a:cf:2e:f7:69:87:30:a5:d9:26:7f:d6:9a:
83:be:a7:5f:d4:9e:1d:16:12:ca:9c:fc:1e:05:2a:
b2:44:43:71:65:e5:d8:ff:35:7f:e4:0b:d5:dd:09:
0d:02:33:e2:63:f9:36:2a:c2:5a:de:1d:98:a9:9e:
61:58:8d:14:cb:93:7a:3c:88:67:97:4e:bd:5f:38:
a9:db:cd:b5:88:11:4a:f0:e5:83:6d:5c:be:69:ce:
b7:46:9c:fe:6a:dd:b3:91:2a:bc:00:1c:68:40:ba:
3a:c4:13:5d:94:a4:5b:db:3b:77:1c:3b:09:d9:ae:
48:52:a7:06:2e:c9:36:ff:45:89:25:42:36:20:80:
07:94:ef:58:c1:7f:38:d7:c2:ab:0b:bd:9b:7f:61:
3d:3d:de:86:2e:bf:2b:84:2f:07:1f:39:f8:ac:2b:
c7:b3:51:4c:e4:73:8c:aa:53:16:7b:00:5f:78:65:
80:32:32:e2:1a:2b:dd:06:fa:f2:ee:b3:23:02:aa:
f3:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:1E:60:0A:E4:9A:3D:EC:44:2A:B4:A9:66:B6:76:8A:81:A0:91:27
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/QR5gCuSaPexEKrSpZrZ2ioGgkSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.20.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.238.20.0/24
104.239.10.0/23
104.239.13.0/24
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.86.0/24
104.239.88.0/24
104.239.90.0/23
104.239.94.0/24
104.239.98.0/24
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
104.249.55.0/24
104.249.60.0/23
138.128.157.0/24
138.128.159.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.110.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:28:e5:13:4d:d8:1e:81:5b:60:9d:22:7a:ad:82:77:40:2f:
ca:4e:75:d7:14:ff:7c:de:d3:97:16:2c:0a:3c:0d:5d:6a:c7:
48:4a:8f:dc:a3:8d:a7:0a:28:cd:a1:5d:8b:5f:48:b5:de:81:
93:a5:91:fe:6e:de:3c:c0:50:e4:24:46:b7:1f:ad:4c:da:76:
74:37:7d:15:e9:55:ba:14:22:51:bc:0f:5a:1b:fa:20:72:1d:
da:af:0f:9f:03:51:8a:fd:bc:98:2c:31:91:d3:76:f4:55:fc:
36:e4:a7:e7:f5:8d:84:d0:ef:52:08:73:8f:f5:e5:74:e1:fe:
15:87:2b:b1:2b:32:0e:47:44:0d:0d:81:32:a6:5e:22:86:fb:
6a:77:bb:1d:e4:8c:0f:12:f0:bc:6e:18:45:89:90:07:72:06:
c2:47:35:b7:52:38:01:d8:4d:a5:0f:33:64:dd:d3:14:0b:ea:
57:d4:fe:fb:dd:93:e7:8a:13:9e:db:95:a7:25:b1:cd:6a:b0:
a8:7e:6c:cd:4a:91:dc:5d:87:87:20:60:7d:61:c0:8f:ee:9a:
88:2b:c6:a6:25:40:ab:88:b7:4c:ae:da:6d:7f:45:5b:5d:12:
9e:a3:5b:81:26:39:9b:b0:36:89:f9:c2:c4:5d:69:b6:2c:e9:
6a:7d:46:58
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAYQtmeJJMiEn7HbjEi5d45lNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMDMxMTAzMjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTFlNjAwYWU0OWEzZGVjNDQyYWI0YTk2NmI2NzY4YTgxYTA5MTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkATiVpRe0RtrMg8JSJICDWpOqDAF
UykEHAeg5MaSRu8Bb/Mtqi0pG+B/2jklPpBOieQRmiW1/FtWoCOlW1rPLvdphzCl
2SZ/1pqDvqdf1J4dFhLKnPweBSqyRENxZeXY/zV/5AvV3QkNAjPiY/k2KsJa3h2Y
qZ5hWI0Uy5N6PIhnl069Xzip2821iBFK8OWDbVy+ac63Rpz+at2zkSq8ABxoQLo6
xBNdlKRb2zt3HDsJ2a5IUqcGLsk2/0WJJUI2IIAHlO9YwX8418KrC72bf2E9Pd6G
Lr8rhC8HHzn4rCvHs1FM5HOMqlMWewBfeGWAMjLiGivdBvry7rMjAqrzJwIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFEEeYArkmj3sRCq0qWa2doqBoJEnMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvUVI1Z0N1U2FQZXhFS3JTcFpyWjJpb0dna1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsAwQA
aOkUMAwDBANo6RgDBABo6RoDBAFo7gQwDAMEAGjuBwMEAGjuCgMEAGjuFAMEAWjv
CgMEAGjvDQMEAGjvHAMEAWjvHgMEAGjvLAMEAGjvSTAMAwQAaO9LAwQAaO9OMAwD
BARo71ADBABo71IDBABo71YDBABo71gDBAFo71oDBABo714DBABo72IDBABo72Uw
DAMEA2jvaAMEAGjvbAMEAGjvbzAMAwQCaO98AwQAaO9+AwQAaPk3AwQBaPk8AwQA
ioCdAwQAioCfAwQA2K1MAwQA2K1SMAwDBAHYrWYDBADYrW4DBADYrXgwDQYJKoZI
hvcNAQELBQADggEBAD8o5RNN2B6BW2CdInqtgndAL8pOddcU/3ze05cWLAo8DV1q
x0hKj9yjjacKKM2hXYtfSLXegZOlkf5u3jzAUOQkRrcfrUzadnQ3fRXpVboUIlG8
D1ob+iByHdqvD58DUYr9vJgsMZHTdvRV/Dbkp+f1jYTQ71IIc4/15XTh/hWHK7Er
Mg5HRA0NgTKmXiKG+2p3ux3kjA8S8LxuGEWJkAdyBsJHNbdSOAHYTaUPM2Td0xQL
6lfU/vvdk+eKE57blaclsc1qsKh+bM1Kkdxdh4cgYH1hwI/umogrxqYlQKuIt0yu
2m1/RVtdEp6jW4EmOZuwNon5wsRdabYs6Wp9Rlg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org