Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/SaA9SHervhjnqPrR0w1MI2j79oM.roa
File: SaA9SHervhjnqPrR0w1MI2j79oM.roa (raw, json)
Hash identifier: SW+SCKQX1jRXVFAD8JlRanTgwtD4yQO4p0R1jqa9JkQ=
Subject key identifier: 49:A0:3D:48:77:AB:BE:18:E7:A8:FA:D1:D3:0D:4C:23:68:FB:F6:83
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01330AA9
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/SaA9SHervhjnqPrR0w1MI2j79oM.roa
Signing time: Sat 01 Jan 2022 05:02:47 +0000
ROA not before: Sat 01 Jan 2022 05:02:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 104.249.30.0/23 maxlen: 23
104.249.29.0/24 maxlen: 24
104.239.10.0/23 maxlen: 23
104.249.36.0/24 maxlen: 24
104.239.13.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.249.55.0/24 maxlen: 24
104.239.28.0/24 maxlen: 24
104.249.60.0/23 maxlen: 23
216.173.120.0/24 maxlen: 24
104.238.4.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.14.0/24 maxlen: 24
104.238.19.0/24 maxlen: 24
104.238.20.0/24 maxlen: 24
216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
216.173.103.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.111.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.98.0/24 maxlen: 24
104.239.92.0/23 maxlen: 23
104.239.96.0/23 maxlen: 23
104.239.104.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
104.239.68.0/23 maxlen: 23
104.239.70.0/23 maxlen: 23
104.239.78.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.73.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.84.0/23 maxlen: 23
104.239.80.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.233.24.0/23 maxlen: 23
104.233.20.0/24 maxlen: 24
104.233.26.0/24 maxlen: 24
138.128.151.0/24 maxlen: 24
138.128.153.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
138.128.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20122281 (0x1330aa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 1 05:02:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49a03d4877abbe18e7a8fad1d30d4c2368fbf683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c3:b3:c4:4d:c4:eb:a7:7d:ef:69:1d:70:9d:
2a:ce:ab:ab:d1:4a:db:fc:7d:c3:a8:e9:99:d5:9a:
67:7e:de:b7:75:dc:88:40:f8:08:75:43:6d:03:da:
95:d7:0a:24:b8:b4:eb:08:a5:12:31:6a:0a:d9:64:
34:8a:00:dd:fe:16:b7:b0:34:9e:1e:3e:9f:36:f2:
21:fc:94:cf:cf:97:89:21:19:28:cf:40:23:35:40:
58:cc:b4:d4:84:4b:47:5a:5f:6a:4d:df:df:e4:20:
a0:74:93:da:69:6e:b5:d8:13:4b:78:ab:63:ba:be:
92:e7:ee:04:08:58:cf:e1:02:d0:ea:e6:7f:29:60:
2f:8d:8e:58:97:58:c0:0a:46:54:6f:b3:1a:f6:e6:
57:2d:a5:2e:ce:ed:32:96:aa:27:a2:f6:22:57:b1:
1c:98:07:17:8a:20:f6:1e:b4:c2:b0:97:01:b8:e0:
ff:31:db:6a:9a:ff:9a:72:af:22:d1:53:53:20:ce:
b1:8b:79:e4:2e:37:87:ce:5d:88:95:c6:06:1f:2f:
33:be:70:10:12:ae:01:6d:11:3f:8f:4f:b7:d9:52:
bc:c6:74:4d:73:e4:50:f7:cb:08:79:d1:9b:6a:1d:
de:2f:ea:ca:27:f4:99:99:92:6f:98:6d:32:7e:35:
d9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:A0:3D:48:77:AB:BE:18:E7:A8:FA:D1:D3:0D:4C:23:68:FB:F6:83
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/SaA9SHervhjnqPrR0w1MI2j79oM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.20.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.238.14.0/24
104.238.19.0-104.238.20.255
104.239.10.0/23
104.239.13.0/24
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.68.0/22
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.84.0-104.239.86.255
104.239.88.0/24
104.239.90.0-104.239.94.255
104.239.96.0-104.239.98.255
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
104.249.29.0-104.249.31.255
104.249.36.0/24
104.249.55.0/24
104.249.60.0/23
138.128.151.0/24
138.128.153.0/24
138.128.157.0/24
138.128.159.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.111.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
86:fc:72:26:13:8d:32:bb:b0:7b:81:e1:44:ef:24:f2:7a:6a:
fb:43:cf:bd:a7:ce:2f:5a:26:52:19:09:29:91:cb:83:9f:fb:
e8:f1:6d:fc:09:b5:29:27:82:3f:c7:ff:42:5d:7a:43:07:74:
e0:26:98:44:6f:bc:cc:a1:ed:09:85:63:30:09:b4:94:7c:72:
d4:59:d6:80:da:a9:f9:b4:90:c0:02:0b:c6:9c:64:5b:89:7a:
99:c2:5e:7b:72:95:3e:c5:be:0e:32:91:60:dd:ea:04:d5:6a:
ae:a2:7d:0d:fb:c5:e3:54:ec:d9:82:e0:07:52:ee:12:97:5a:
7d:1d:2a:01:38:c7:cd:9f:7d:da:b3:83:8e:af:b7:32:f8:2a:
16:e9:ec:fd:96:c8:71:a5:b3:fd:e2:93:fe:5b:17:33:a3:78:
84:9c:4b:3b:d8:b5:4d:23:1d:37:c4:e1:d8:a9:c8:5f:00:e8:
5c:74:f6:0c:8c:1a:d3:f5:f4:79:c7:f9:be:d2:68:bd:bc:fe:
cf:32:b0:72:4c:d0:19:e7:82:a0:d6:50:82:5b:d5:0d:20:42:
b8:72:24:ac:49:9a:53:fb:3a:39:dd:56:b0:62:d8:c4:ec:62:
7a:ab:6f:d7:5f:14:19:fe:5d:31:a3:5e:4d:63:57:c6:1d:e8:
f4:90:0c:f7
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgIEATMKqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDU4MWU2NzNkODBmNzQ3NDkzNmIyMTMzN2VhZmNjMWJkYzM4NWU5MB4XDTIyMDEw
MTA1MDI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDlhMDNkNDg3N2Fi
YmUxOGU3YThmYWQxZDMwZDRjMjM2OGZiZjY4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXDs8RNxOunfe9pHXCdKs6rq9FK2/x9w6jpmdWaZ37et3Xc
iED4CHVDbQPaldcKJLi06wilEjFqCtlkNIoA3f4Wt7A0nh4+nzbyIfyUz8+XiSEZ
KM9AIzVAWMy01IRLR1pfak3f3+QgoHST2mlutdgTS3irY7q+kufuBAhYz+EC0Orm
fylgL42OWJdYwApGVG+zGvbmVy2lLs7tMpaqJ6L2IlexHJgHF4og9h60wrCXAbjg
/zHbapr/mnKvItFTUyDOsYt55C43h85diJXGBh8vM75wEBKuAW0RP49Pt9lSvMZ0
TXPkUPfLCHnRm2od3i/qyif0mZmSb5htMn412SECAwEAAaOCAz8wggM7MB0GA1Ud
DgQWBBRJoD1Id6u+GOeo+tHTDUwjaPv2gzAfBgNVHSMEGDAWgBRgWB5nPYD3R0k2
shM36vzBvcOF6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lGZ2VaejJBOTBkSk5ySVROLXI4d2IzRGhlay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8x
L1NhQTlTSGVydmhqbnFQclIwdzFNSTJqNzlvTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
ZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8xL1lGZ2VaejJBOTBk
Sk5ySVROLXI4d2IzRGhlay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AVMGCCsGAQUFBwEHAQH/BIIBQjCCAT4wggE6BAIAATCCATIDBABo6RQwDAMEA2jp
GAMEAGjpGgMEAWjuBDAMAwQAaO4HAwQAaO4KAwQAaO4OMAwDBABo7hMDBABo7hQD
BAFo7woDBABo7w0DBABo7xwDBAFo7x4DBABo7ywDBAJo70QDBABo70kwDAMEAGjv
SwMEAGjvTjAMAwQEaO9QAwQAaO9SMAwDBAJo71QDBABo71YDBABo71gwDAMEAWjv
WgMEAGjvXjAMAwQFaO9gAwQAaO9iAwQAaO9lMAwDBANo72gDBABo72wDBABo728w
DAMEAmjvfAMEAGjvfjAMAwQAaPkdAwQFaPkAAwQAaPkkAwQAaPk3AwQBaPk8AwQA
ioCXAwQAioCZAwQAioCdAwQAioCfAwQA2K1MAwQA2K1SMAwDBAHYrWYDBATYrWAD
BADYrXgwDQYJKoZIhvcNAQELBQADggEBAIb8ciYTjTK7sHuB4UTvJPJ6avtDz72n
zi9aJlIZCSmRy4Of++jxbfwJtSkngj/H/0JdekMHdOAmmERvvMyh7QmFYzAJtJR8
ctRZ1oDaqfm0kMACC8acZFuJepnCXntylT7Fvg4ykWDd6gTVaq6ifQ37xeNU7NmC
4AdS7hKXWn0dKgE4x82ffdqzg46vtzL4Khbp7P2WyHGls/3ik/5bFzOjeIScSzvY
tU0jHTfE4dipyF8A6Fx09gyMGtP19HnH+b7SaL28/s8ysHJM0BnngqDWUIJb1Q0g
QrhyJKxJmlP7OjndVrBi2MTsYnqrb9dfFBn+XTGjXk1jV8Yd6PSQDPc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-fra.rpki-client.org