Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/XqVRrbkwJPtGlid9xRgf5rTYCFE.roa
File: XqVRrbkwJPtGlid9xRgf5rTYCFE.roa (raw, json)
Hash identifier: 0agQBFpu038csa3jzVJF7mMqcuf2cr2lXB0GmMSSGGY=
Subject key identifier: 5E:A5:51:AD:B9:30:24:FB:46:96:27:7D:C5:18:1F:E6:B4:D8:08:51
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0184802AE018DF4A4F82B6ABD39CBCCA5AA6
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/XqVRrbkwJPtGlid9xRgf5rTYCFE.roa
Signing time: Wed 16 Nov 2022 11:20:04 +0000
ROA not before: Wed 16 Nov 2022 11:20:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
104.239.10.0/23 maxlen: 23
216.173.103.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.239.28.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
104.249.60.0/23 maxlen: 23
104.239.94.0/24 maxlen: 24
104.239.98.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
104.239.73.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.80.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.233.20.0/24 maxlen: 24
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
104.238.4.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:2a:e0:18:df:4a:4f:82:b6:ab:d3:9c:bc:ca:5a:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Nov 16 11:20:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ea551adb93024fb4696277dc5181fe6b4d80851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7c:7a:6c:5f:8f:b9:7b:3c:f9:a4:01:1d:c1:
51:0c:aa:c6:dd:76:6a:6a:d3:91:fd:6f:3c:47:7c:
e9:6b:86:87:d9:c7:25:d2:a3:6a:9e:a7:31:38:78:
70:f9:84:df:5f:da:7f:9b:35:14:16:31:f3:b4:87:
ab:58:1a:d6:b9:b4:c3:c6:b2:07:81:17:0c:ab:d7:
c6:ef:e4:be:5e:d3:f7:23:2a:0b:d2:97:bf:a5:8f:
08:08:69:7c:1c:7a:9f:39:15:8b:59:9f:12:4a:0d:
5b:90:99:af:b0:f8:d1:a3:4d:88:d5:17:04:48:26:
0e:89:f9:31:4a:fe:5e:92:1a:0d:ca:6b:46:56:01:
d5:a4:94:d7:32:b0:d5:f2:77:b8:c5:51:20:1f:60:
95:16:cf:10:64:b6:2f:ee:5c:4e:3f:ff:5d:7b:c6:
10:0e:75:b4:2a:bc:fa:0e:31:20:e4:c2:7c:66:8e:
12:c5:69:84:ec:77:55:1a:15:9f:5d:92:d8:12:42:
7f:0d:79:90:2f:4d:7b:a6:8e:08:5b:ed:48:d7:6f:
52:6c:05:ac:8d:50:48:f2:5b:c7:41:a0:99:7a:24:
26:1e:f9:59:f6:d7:0b:80:20:d9:2a:29:59:bc:fb:
c0:a8:61:57:ed:bf:c1:4b:e1:41:bd:4b:fa:d8:33:
28:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A5:51:AD:B9:30:24:FB:46:96:27:7D:C5:18:1F:E6:B4:D8:08:51
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/XqVRrbkwJPtGlid9xRgf5rTYCFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.20.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.239.10.0/23
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.86.0/24
104.239.88.0/24
104.239.90.0/23
104.239.94.0/24
104.239.98.0/24
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
104.249.60.0/23
138.128.157.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.110.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
08:d0:e6:a3:13:58:93:00:19:b7:03:7e:28:77:ef:e5:ce:0c:
70:dc:8e:90:eb:9f:dd:26:a3:27:b4:53:d0:38:4c:77:41:b8:
48:9c:d9:c4:af:78:73:3d:38:dd:9d:8d:47:10:93:7f:eb:82:
e3:48:a9:23:aa:fe:3e:ee:a2:10:dd:6c:c8:9b:22:65:38:3e:
32:23:01:23:0f:91:89:2a:e5:a1:d8:a3:b7:8e:32:b1:10:d8:
70:b6:64:02:f3:6e:54:55:01:65:3d:76:5d:ca:cc:72:c5:89:
34:2b:f7:9f:b3:3f:7f:40:b4:00:ef:b8:58:e5:ae:66:0a:21:
5b:31:0c:70:22:1d:a4:20:9c:56:9a:62:dc:24:37:bd:7e:4b:
bc:d9:da:eb:bf:2f:15:c2:c1:64:23:d3:f2:24:e7:3f:f0:c7:
0e:d1:2b:d3:6d:e2:ca:2d:9f:4e:17:0c:f9:fb:0b:7c:07:c3:
fe:b6:a1:4d:e8:8e:0d:83:74:35:99:c2:11:22:86:de:c6:ea:
4d:58:bc:61:d7:0d:19:fa:3c:3a:d4:34:6a:e7:b1:ab:44:94:
01:0c:3c:ba:1a:67:77:fe:af:29:13:b3:4b:38:8f:6a:30:42:
e4:1f:42:8f:70:8c:6f:b9:d3:d5:6c:46:20:c2:f5:a4:be:b1:
a8:c9:1b:28
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAYSAKuAY30pPgrar05y8ylqmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMTE2MTEyMDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWE1NTFhZGI5MzAyNGZiNDY5NjI3N2RjNTE4MWZlNmI0ZDgwODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHx6bF+PuXs8+aQBHcFRDKrG3XZq
atOR/W88R3zpa4aH2ccl0qNqnqcxOHhw+YTfX9p/mzUUFjHztIerWBrWubTDxrIH
gRcMq9fG7+S+XtP3IyoL0pe/pY8ICGl8HHqfORWLWZ8SSg1bkJmvsPjRo02I1RcE
SCYOifkxSv5ekhoNymtGVgHVpJTXMrDV8ne4xVEgH2CVFs8QZLYv7lxOP/9de8YQ
DnW0Krz6DjEg5MJ8Zo4SxWmE7HdVGhWfXZLYEkJ/DXmQL017po4IW+1I129SbAWs
jVBI8lvHQaCZeiQmHvlZ9tcLgCDZKilZvPvAqGFX7b/BS+FBvUv62DMoiQIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFF6lUa25MCT7RpYnfcUYH+a02AhRMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvWHFWUnJia3dKUHRHbGlkOXhSZ2Y1clRZQ0ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQDBABo
6RQwDAMEA2jpGAMEAGjpGgMEAWjuBDAMAwQAaO4HAwQAaO4KAwQBaO8KAwQAaO8c
AwQBaO8eAwQAaO8sAwQAaO9JMAwDBABo70sDBABo704wDAMEBGjvUAMEAGjvUgME
AGjvVgMEAGjvWAMEAWjvWgMEAGjvXgMEAGjvYgMEAGjvZTAMAwQDaO9oAwQAaO9s
AwQAaO9vMAwDBAJo73wDBABo734DBAFo+TwDBACKgJ0DBADYrUwDBADYrVIwDAME
AditZgMEANitbgMEANiteDANBgkqhkiG9w0BAQsFAAOCAQEACNDmoxNYkwAZtwN+
KHfv5c4McNyOkOuf3SajJ7RT0DhMd0G4SJzZxK94cz043Z2NRxCTf+uC40ipI6r+
Pu6iEN1syJsiZTg+MiMBIw+RiSrlodijt44ysRDYcLZkAvNuVFUBZT12XcrMcsWJ
NCv3n7M/f0C0AO+4WOWuZgohWzEMcCIdpCCcVppi3CQ3vX5LvNna678vFcLBZCPT
8iTnP/DHDtEr023iyi2fThcM+fsLfAfD/rahTeiODYN0NZnCESKG3sbqTVi8YdcN
Gfo8OtQ0auexq0SUAQw8uhpnd/6vKROzSziPajBC5B9Cj3CMb7nT1WxGIML1pL6x
qMkbKA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-fra.rpki-client.org