Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/U8TGWsoC-tK39UFc9RDDsx6kt8s.roa
File: U8TGWsoC-tK39UFc9RDDsx6kt8s.roa (raw, json)
Hash identifier: TDiMyAoldplz+oUrILJHf7/b3w9IKvWHKEhfkcKQwGc=
Subject key identifier: 53:C4:C6:5A:CA:02:FA:D2:B7:F5:41:5C:F5:10:C3:B3:1E:A4:B7:CB
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01849A550FE27C0359376168E1C029742D48
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/U8TGWsoC-tK39UFc9RDDsx6kt8s.roa
Signing time: Mon 21 Nov 2022 13:16:16 +0000
ROA not before: Mon 21 Nov 2022 13:16:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202044
IP address blocks: 104.167.10.0/24 maxlen: 24
104.222.184.0/22 maxlen: 22
104.239.40.0/22 maxlen: 22
64.137.96.0/22 maxlen: 22
64.137.92.0/23 maxlen: 23
104.233.16.0/22 maxlen: 22
216.173.72.0/22 maxlen: 22
104.143.224.0/22 maxlen: 22
104.143.244.0/23 maxlen: 23
64.137.56.0/23 maxlen: 23
104.143.246.0/24 maxlen: 24
104.238.8.0/23 maxlen: 23
138.128.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9a:55:0f:e2:7c:03:59:37:61:68:e1:c0:29:74:2d:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Nov 21 13:16:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53c4c65aca02fad2b7f5415cf510c3b31ea4b7cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fe:21:3d:94:84:b9:4a:ef:61:bd:76:db:6f:
cd:49:e4:a7:62:db:1a:f0:42:12:4f:42:39:f6:e9:
c5:fc:dc:f2:38:8e:1a:e2:19:15:c4:45:0c:e4:ba:
73:15:b3:97:f9:75:57:e1:1d:de:80:18:23:20:b0:
2d:ea:90:9a:70:a8:9c:a8:d8:61:10:58:25:cf:ff:
6f:a2:1f:47:b4:d5:7f:26:71:56:32:e0:95:e8:84:
20:aa:49:14:26:c0:61:69:69:c5:39:89:f5:f9:db:
53:4f:95:01:6f:86:7d:02:47:13:32:3f:ed:d0:cc:
5d:0c:8a:3c:dc:1d:02:ba:5e:a9:ea:3d:32:93:a4:
75:8c:fb:2e:89:5f:36:9e:7f:5e:8a:57:bb:74:e7:
3f:5e:46:34:69:44:3d:9d:ea:fc:bc:70:20:27:63:
80:f0:10:04:2d:db:e0:34:3e:6f:54:4b:2b:4f:6e:
7b:00:80:1a:ee:63:35:02:ac:da:e4:6f:23:4c:00:
2e:ea:c8:ab:4d:73:8c:5b:20:1d:82:f4:77:89:64:
87:99:ba:e3:cc:23:65:e2:65:8b:fa:a4:6d:50:0b:
3d:c5:2d:0c:f7:95:29:6f:42:bb:70:52:1b:37:9a:
20:a8:c1:cd:c9:b2:bc:9c:46:20:63:56:b1:ff:11:
c2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C4:C6:5A:CA:02:FA:D2:B7:F5:41:5C:F5:10:C3:B3:1E:A4:B7:CB
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/U8TGWsoC-tK39UFc9RDDsx6kt8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.56.0/23
64.137.92.0/23
64.137.96.0/22
104.143.224.0/22
104.143.244.0-104.143.246.255
104.167.10.0/24
104.222.184.0/22
104.233.16.0/22
104.238.8.0/23
104.239.40.0/22
138.128.148.0/24
216.173.72.0/22
Signature Algorithm: sha256WithRSAEncryption
61:59:10:26:ee:3c:18:43:94:8f:34:1b:42:6d:8e:de:85:ee:
13:dc:84:ea:5a:17:d2:6d:a4:f1:b0:3d:d0:9b:f2:07:0b:b1:
b9:b2:a0:aa:69:00:8b:d4:9c:c6:d5:9e:4b:f2:5c:2c:00:a0:
55:b3:c8:8a:06:f2:b6:79:0e:24:4b:b8:2c:c1:80:48:50:dc:
68:b0:df:f1:fa:6f:7b:4a:f1:81:34:96:6f:56:5d:96:73:b5:
63:ff:06:df:a4:fe:89:82:4e:dc:ab:77:79:7f:b8:a7:26:41:
2a:bc:e2:bd:3d:aa:8c:27:3b:95:a6:51:b1:e5:e2:c5:82:a8:
eb:a8:1a:e4:04:e1:39:69:16:1e:13:8d:b8:99:15:fa:67:db:
34:a8:5d:4d:4e:7f:82:26:d8:51:0f:1a:0b:85:fd:c9:07:c4:
8a:9f:4b:6c:8d:6e:d9:2f:9e:a9:96:c5:8f:37:34:d7:e4:58:
f9:63:a9:1e:6e:17:65:c1:e5:af:61:b0:34:8a:3b:b9:ec:f5:
96:f7:9b:8e:af:f4:ba:59:20:cf:fd:fb:a2:ff:80:77:6c:d7:
67:ac:35:41:14:be:26:84:cd:7d:80:eb:a8:ab:af:13:c6:46:
05:64:48:67:49:05:60:10:51:81:b5:2b:eb:31:23:bf:d8:12:
bf:5c:22:e2
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYSaVQ/ifANZN2Fo4cApdC1IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMTIxMTMxNjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2M0YzY1YWNhMDJmYWQyYjdmNTQxNWNmNTEwYzNiMzFlYTRiN2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtf4hPZSEuUrvYb1222/NSeSnYtsa
8EIST0I59unF/NzyOI4a4hkVxEUM5LpzFbOX+XVX4R3egBgjILAt6pCacKicqNhh
EFglz/9voh9HtNV/JnFWMuCV6IQgqkkUJsBhaWnFOYn1+dtTT5UBb4Z9AkcTMj/t
0MxdDIo83B0Cul6p6j0yk6R1jPsuiV82nn9eile7dOc/XkY0aUQ9ner8vHAgJ2OA
8BAELdvgND5vVEsrT257AIAa7mM1Aqza5G8jTAAu6sirTXOMWyAdgvR3iWSHmbrj
zCNl4mWL+qRtUAs9xS0M95Upb0K7cFIbN5ogqMHNybK8nEYgY1ax/xHCgwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFFPExlrKAvrSt/VBXPUQw7MepLfLMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvVThUR1dzb0MtdEszOVVGYzlSRERzeDZrdDhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQBQIk4AwQB
QIlcAwQCQIlgAwQCaI/gMAwDBAJoj/QDBABoj/YDBABopwoDBAJo3rgDBAJo6RAD
BAFo7ggDBAJo7ygDBACKgJQDBALYrUgwDQYJKoZIhvcNAQELBQADggEBAGFZECbu
PBhDlI80G0Jtjt6F7hPchOpaF9JtpPGwPdCb8gcLsbmyoKppAIvUnMbVnkvyXCwA
oFWzyIoG8rZ5DiRLuCzBgEhQ3Giw3/H6b3tK8YE0lm9WXZZztWP/Bt+k/omCTtyr
d3l/uKcmQSq84r09qownO5WmUbHl4sWCqOuoGuQE4TlpFh4TjbiZFfpn2zSoXU1O
f4Im2FEPGguF/ckHxIqfS2yNbtkvnqmWxY83NNfkWPljqR5uF2XB5a9hsDSKO7ns
9Zb3m46v9LpZIM/9+6L/gHds12esNUEUviaEzX2A66irrxPGRgVkSGdJBWAQUYG1
K+sxI7/YEr9cIuI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:03 2024 by rpki-client on console-fra.rpki-client.org