Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YLOJQNRqM-P0lqupN17mFC2E9EY.roa
File: YLOJQNRqM-P0lqupN17mFC2E9EY.roa (raw, json)
Hash identifier: lUP7EGTCi9qFXfmwCMtqHOqmtL9cn/1E0qaRVTf1CoU=
Subject key identifier: 60:B3:89:40:D4:6A:33:E3:F4:96:AB:A9:37:5E:E6:14:2D:84:F4:46
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0184802ADF8825E8B9E46F8CAE28F37BA759
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YLOJQNRqM-P0lqupN17mFC2E9EY.roa
Signing time: Wed 16 Nov 2022 11:20:04 +0000
ROA not before: Wed 16 Nov 2022 11:20:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
104.239.10.0/23 maxlen: 23
216.173.103.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.239.28.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
104.249.60.0/23 maxlen: 23
104.239.94.0/24 maxlen: 24
104.239.98.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.73.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.80.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.233.24.0/23 maxlen: 23
104.233.20.0/24 maxlen: 24
104.233.26.0/24 maxlen: 24
104.238.4.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:2a:df:88:25:e8:b9:e4:6f:8c:ae:28:f3:7b:a7:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Nov 16 11:20:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60b38940d46a33e3f496aba9375ee6142d84f446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:43:f9:5b:6b:ed:21:2c:c2:12:75:04:5d:fb:
f5:73:41:ff:c7:10:01:dc:95:56:1b:f4:53:6b:c9:
b8:8f:97:b3:fb:24:74:4b:bd:93:2a:a1:ea:51:59:
22:b0:1c:53:ce:3b:58:66:9a:74:2c:da:52:37:fc:
85:df:50:b3:65:4c:83:d7:45:24:c5:21:db:c7:98:
19:ee:d0:8a:96:6d:d4:5a:cf:e9:b5:82:e9:e9:57:
0b:54:84:8c:3e:19:42:61:e6:87:1b:21:92:9a:26:
88:67:99:a6:23:c1:80:c5:2f:c8:ce:61:4d:96:94:
a0:aa:c8:1c:e8:ea:8f:32:de:b1:aa:a2:08:66:8d:
29:90:b1:5c:fe:ac:c6:6b:5c:94:cd:87:be:b7:72:
f1:93:21:0c:53:1a:db:ee:ea:31:4f:0f:58:98:55:
21:c2:52:e3:41:d7:69:91:f8:7c:0a:61:9e:e3:cc:
f3:fb:4d:36:81:63:bd:fb:3b:47:f5:74:c5:26:5e:
3a:d2:e2:97:ba:5a:56:37:82:dd:b7:4f:60:fa:b6:
63:a4:b7:be:9d:cd:41:66:a1:20:cb:fe:44:45:cf:
50:ea:a4:1c:0e:65:98:69:ec:a6:a9:77:c3:4e:34:
f3:e7:5d:ea:34:a5:60:50:43:00:40:52:70:e6:03:
fe:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:B3:89:40:D4:6A:33:E3:F4:96:AB:A9:37:5E:E6:14:2D:84:F4:46
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YLOJQNRqM-P0lqupN17mFC2E9EY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.20.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.239.10.0/23
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.86.0/24
104.239.88.0/24
104.239.90.0/23
104.239.94.0/24
104.239.98.0/24
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
104.249.60.0/23
138.128.157.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.110.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:07:cf:8e:e8:1f:0f:1e:13:22:da:f8:5a:59:cc:05:ac:a8:
78:77:aa:30:b3:80:37:52:e6:ee:cd:f4:56:53:28:a8:36:c5:
46:ac:1c:b1:f4:a9:3b:6c:8c:c5:64:25:a4:57:a3:04:ec:57:
45:8a:38:17:fb:5d:9c:45:ac:1a:05:3e:94:7b:3f:ca:28:0e:
40:a6:67:12:05:99:a9:ed:c4:1c:30:51:3a:2d:a5:a7:8c:4c:
3c:86:e6:8d:08:a1:72:92:62:b4:cc:cb:39:22:b1:4e:34:95:
1c:cd:b8:36:4a:f2:98:1e:86:b3:bc:1a:99:47:e2:f9:06:71:
b6:31:74:8e:98:54:ba:e8:e1:92:c1:6a:a5:cb:f7:ab:fc:1e:
46:fd:34:72:be:ed:08:9e:3f:0e:e8:fe:8e:ab:76:d9:e9:25:
7e:1e:f0:c2:a0:dc:c7:64:96:40:05:cf:11:b7:5e:3f:9a:eb:
1b:82:b9:c4:51:28:cf:d7:47:b8:68:80:74:4a:26:c0:86:57:
e0:d7:ae:9a:ba:a5:ef:6e:cb:f5:bc:f1:d6:46:64:5b:b1:67:
ee:03:c8:d4:39:8c:e1:36:d4:05:52:1a:21:17:46:a3:1c:f4:
5d:ef:f3:9d:20:2e:e0:cf:d5:d7:88:cc:b4:d1:72:db:5e:42:
99:6a:db:14
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAYSAKt+IJei55G+Mrijze6dZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMTE2MTEyMDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGIzODk0MGQ0NmEzM2UzZjQ5NmFiYTkzNzVlZTYxNDJkODRmNDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0P5W2vtISzCEnUEXfv1c0H/xxAB
3JVWG/RTa8m4j5ez+yR0S72TKqHqUVkisBxTzjtYZpp0LNpSN/yF31CzZUyD10Uk
xSHbx5gZ7tCKlm3UWs/ptYLp6VcLVISMPhlCYeaHGyGSmiaIZ5mmI8GAxS/IzmFN
lpSgqsgc6OqPMt6xqqIIZo0pkLFc/qzGa1yUzYe+t3LxkyEMUxrb7uoxTw9YmFUh
wlLjQddpkfh8CmGe48zz+002gWO9+ztH9XTFJl460uKXulpWN4Ldt09g+rZjpLe+
nc1BZqEgy/5ERc9Q6qQcDmWYaeymqXfDTjTz513qNKVgUEMAQFJw5gP+qwIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFGCziUDUajPj9JarqTde5hQthPRGMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvWUxPSlFOUnFNLVAwbHF1cE4xN21GQzJFOUVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQDBABo
6RQwDAMEA2jpGAMEAGjpGgMEAWjuBDAMAwQAaO4HAwQAaO4KAwQBaO8KAwQAaO8c
AwQBaO8eAwQAaO8sAwQAaO9JMAwDBABo70sDBABo704wDAMEBGjvUAMEAGjvUgME
AGjvVgMEAGjvWAMEAWjvWgMEAGjvXgMEAGjvYgMEAGjvZTAMAwQDaO9oAwQAaO9s
AwQAaO9vMAwDBAJo73wDBABo734DBAFo+TwDBACKgJ0DBADYrUwDBADYrVIwDAME
AditZgMEANitbgMEANiteDANBgkqhkiG9w0BAQsFAAOCAQEAawfPjugfDx4TItr4
WlnMBayoeHeqMLOAN1Lm7s30VlMoqDbFRqwcsfSpO2yMxWQlpFejBOxXRYo4F/td
nEWsGgU+lHs/yigOQKZnEgWZqe3EHDBROi2lp4xMPIbmjQihcpJitMzLOSKxTjSV
HM24NkrymB6Gs7wamUfi+QZxtjF0jphUuujhksFqpcv3q/weRv00cr7tCJ4/Duj+
jqt22eklfh7wwqDcx2SWQAXPEbdeP5rrG4K5xFEoz9dHuGiAdEomwIZX4Neumrql
727L9bzx1kZkW7Fn7gPI1DmM4TbUBVIaIRdGoxz0Xe/znSAu4M/V14jMtNFy215C
mWrbFA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-fra.rpki-client.org