Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/R01__Wz1NzRJiIIPcAEWkRC9A1M.roa
File: R01__Wz1NzRJiIIPcAEWkRC9A1M.roa (raw, json)
Hash identifier: i622bIX8yUJUFFiVi4Lx7IEdXSOmWGew1OW381w+2sw=
Subject key identifier: 47:4D:7F:FD:6C:F5:37:34:49:88:82:0F:70:01:16:91:10:BD:03:53
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01842F01226A0AE42A3E0247E0ED3EE1FE86
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/R01__Wz1NzRJiIIPcAEWkRC9A1M.roa
Signing time: Mon 31 Oct 2022 17:05:14 +0000
ROA not before: Mon 31 Oct 2022 17:05:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 104.239.10.0/23 maxlen: 23
104.239.13.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.249.55.0/24 maxlen: 24
104.239.28.0/24 maxlen: 24
104.249.60.0/23 maxlen: 23
216.173.120.0/24 maxlen: 24
104.238.4.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
216.173.103.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.98.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.73.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.80.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.233.24.0/23 maxlen: 23
104.233.20.0/24 maxlen: 24
104.233.26.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
138.128.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2f:01:22:6a:0a:e4:2a:3e:02:47:e0:ed:3e:e1:fe:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 31 17:05:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=474d7ffd6cf537344988820f7001169110bd0353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d8:88:54:db:29:42:27:09:49:54:b2:06:57:
69:8a:d0:2c:a5:f7:2f:86:8d:96:aa:ac:31:aa:25:
3e:c6:b1:1b:ae:2c:30:98:b3:7e:6f:0a:df:1c:d4:
b4:18:5c:4f:fc:89:29:a4:cf:38:90:f7:02:7a:2a:
85:08:c6:b3:3d:b1:df:26:e6:f4:26:94:c3:cc:06:
e0:a8:fe:47:13:46:9e:1d:15:14:6e:a0:86:64:25:
2a:38:02:f2:29:fa:56:c9:cd:f3:12:e5:b7:45:18:
bf:78:df:bb:be:f6:bd:fd:ef:f6:a5:08:9c:21:74:
03:15:95:d2:dc:72:f8:4d:55:fa:bd:83:5a:54:33:
13:33:0f:ac:d9:7e:30:45:76:20:df:69:e8:b0:4a:
73:cb:bd:1c:f8:f3:c9:bc:76:0e:df:23:01:f4:f4:
82:a8:5e:2a:69:00:23:d6:52:0e:a1:43:ca:8b:b9:
ba:b5:7e:20:9b:b7:fb:cd:68:f5:72:d3:10:a0:53:
2a:e2:c8:e1:d9:01:ba:63:19:82:ec:e3:fc:f0:7a:
10:53:26:ec:f3:f5:87:d4:05:dd:93:fb:64:59:08:
ff:ef:fa:a1:be:36:15:6b:7c:6f:6e:16:c1:a3:5d:
5e:37:50:97:02:1f:cc:0d:6c:1d:f4:73:1b:44:48:
4f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:4D:7F:FD:6C:F5:37:34:49:88:82:0F:70:01:16:91:10:BD:03:53
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/R01__Wz1NzRJiIIPcAEWkRC9A1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.20.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.239.10.0/23
104.239.13.0/24
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.86.0/24
104.239.88.0/24
104.239.90.0/23
104.239.94.0/24
104.239.98.0/24
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
104.249.55.0/24
104.249.60.0/23
138.128.157.0/24
138.128.159.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.110.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
60:0e:90:d6:47:6f:1f:4c:ba:e9:1d:51:60:5f:49:14:a4:56:
17:ee:c7:b0:a4:8d:ba:7b:b5:53:f9:01:63:b7:60:3a:c9:98:
5a:35:8c:25:ff:e9:23:0f:b3:68:f4:8c:87:65:97:2b:59:20:
32:52:9d:11:43:38:3a:3b:ef:c9:1e:f4:67:26:03:62:b2:44:
3a:63:94:0d:ff:0a:77:10:fa:d7:4e:df:79:a6:62:e0:fa:a0:
3d:e6:11:97:4a:81:ce:f2:c1:76:4f:b8:dd:d2:2a:57:0f:a5:
75:59:04:16:81:87:b3:9c:65:94:d2:17:40:39:0b:20:12:ba:
48:81:01:56:42:cf:44:bc:67:b5:dc:85:b6:64:42:07:4b:b3:
03:a0:99:94:d6:17:3c:4b:e9:27:7b:85:07:51:62:46:e6:83:
1e:02:c2:e5:63:1c:1a:df:92:2f:4a:ef:bc:b8:3f:10:32:63:
af:f0:d6:9c:05:46:ac:bb:f3:4f:45:90:96:04:09:31:a5:1f:
7e:eb:26:ce:15:ae:a4:81:00:2b:55:d1:3c:33:ba:bb:ee:05:
d2:9d:1b:54:22:26:2d:9d:2c:c7:57:1e:a5:11:a0:1d:8c:b3:
79:21:cb:07:d0:8c:a8:2e:59:5d:7d:94:9b:f2:bb:dd:f0:ae:
40:e3:68:29
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAYQvASJqCuQqPgJH4O0+4f6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMDMxMTcwNTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzRkN2ZmZDZjZjUzNzM0NDk4ODgyMGY3MDAxMTY5MTEwYmQwMzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidiIVNspQicJSVSyBldpitAspfcv
ho2WqqwxqiU+xrEbriwwmLN+bwrfHNS0GFxP/IkppM84kPcCeiqFCMazPbHfJub0
JpTDzAbgqP5HE0aeHRUUbqCGZCUqOALyKfpWyc3zEuW3RRi/eN+7vva9/e/2pQic
IXQDFZXS3HL4TVX6vYNaVDMTMw+s2X4wRXYg32nosEpzy70c+PPJvHYO3yMB9PSC
qF4qaQAj1lIOoUPKi7m6tX4gm7f7zWj1ctMQoFMq4sjh2QG6YxmC7OP88HoQUybs
8/WH1AXdk/tkWQj/7/qhvjYVa3xvbhbBo11eN1CXAh/MDWwd9HMbREhPiwIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFEdNf/1s9Tc0SYiCD3ABFpEQvQNTMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvUjAxX19XejFOelJKaUlJUGNBRVdrUkM5QTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwge0EAgABMIHmAwQA
aOkUMAwDBANo6RgDBABo6RoDBAFo7gQwDAMEAGjuBwMEAGjuCgMEAWjvCgMEAGjv
DQMEAGjvHAMEAWjvHgMEAGjvLAMEAGjvSTAMAwQAaO9LAwQAaO9OMAwDBARo71AD
BABo71IDBABo71YDBABo71gDBAFo71oDBABo714DBABo72IDBABo72UwDAMEA2jv
aAMEAGjvbAMEAGjvbzAMAwQCaO98AwQAaO9+AwQAaPk3AwQBaPk8AwQAioCdAwQA
ioCfAwQA2K1MAwQA2K1SMAwDBAHYrWYDBADYrW4DBADYrXgwDQYJKoZIhvcNAQEL
BQADggEBAGAOkNZHbx9MuukdUWBfSRSkVhfux7Ckjbp7tVP5AWO3YDrJmFo1jCX/
6SMPs2j0jIdllytZIDJSnRFDODo778ke9GcmA2KyRDpjlA3/CncQ+tdO33mmYuD6
oD3mEZdKgc7ywXZPuN3SKlcPpXVZBBaBh7OcZZTSF0A5CyASukiBAVZCz0S8Z7Xc
hbZkQgdLswOgmZTWFzxL6Sd7hQdRYkbmgx4CwuVjHBrfki9K77y4PxAyY6/w1pwF
Rqy7809FkJYECTGlH37rJs4VrqSBACtV0TwzurvuBdKdG1QiJi2dLMdXHqURoB2M
s3khywfQjKguWV19lJvyu93wrkDjaCk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-fra.rpki-client.org