Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/chkYdALzoOkcEjbwoB04LLZ12tI.roa
File: chkYdALzoOkcEjbwoB04LLZ12tI.roa (raw, json)
Hash identifier: BQmc2fe6qhz2V+QY6ur6EyZ3cb3OZ+5iay5i9/F+TEg=
Subject key identifier: 72:19:18:74:02:F3:A0:E9:1C:12:36:F0:A0:1D:38:2C:B6:75:DA:D2
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0184D2409EB482546FEBB4A47E7C5C22F937
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/chkYdALzoOkcEjbwoB04LLZ12tI.roa
Signing time: Fri 02 Dec 2022 09:52:40 +0000
ROA not before: Fri 02 Dec 2022 09:52:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 104.239.10.0/23 maxlen: 23
104.239.28.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.167.0.0/24 maxlen: 24
104.167.10.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
64.137.52.0/23 maxlen: 23
104.238.4.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
216.173.103.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
104.239.98.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.73.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.80.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
138.128.148.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:40:9e:b4:82:54:6f:eb:b4:a4:7e:7c:5c:22:f9:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Dec 2 09:52:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7219187402f3a0e91c1236f0a01d382cb675dad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0f:2c:1b:cf:8a:27:84:87:f8:70:83:80:ee:
8e:4a:42:29:cf:cf:98:52:37:97:67:ae:d1:bf:6f:
f0:09:d2:d5:4f:df:5c:e0:ac:4d:dd:15:93:82:98:
96:1d:e0:69:49:97:55:53:f9:8b:77:f3:f8:e2:63:
4d:fe:9b:62:4a:96:fd:db:6f:20:99:94:79:ae:35:
24:e7:c8:54:e5:99:a6:68:ce:86:92:41:a9:35:78:
5f:be:21:ec:d8:24:65:f3:ab:cf:fa:02:e5:7e:07:
9f:25:23:e8:20:d3:b7:e0:d5:2d:1a:f0:eb:5e:7e:
10:d0:1e:ff:91:33:7f:21:b1:9c:f6:90:e4:e0:9c:
9b:13:6c:89:a1:3a:3c:64:cc:cf:fa:56:01:9a:3b:
44:e8:2d:22:c3:01:93:f8:de:aa:92:78:67:10:e6:
36:ec:81:20:73:27:8c:9b:ad:e7:9e:3a:c2:e2:9f:
ca:f0:35:7e:58:1e:a1:eb:ef:2e:93:91:46:10:b5:
d7:6c:75:21:51:d9:11:5f:0e:2e:99:a7:3b:42:e4:
7b:98:1b:96:6d:e1:6c:6b:c2:9a:52:07:b6:90:f0:
e8:77:9e:4e:95:f5:54:ba:16:10:08:4b:08:e3:8f:
b1:d3:57:36:cb:af:b0:5d:95:7b:2d:6f:38:d6:ac:
bc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:19:18:74:02:F3:A0:E9:1C:12:36:F0:A0:1D:38:2C:B6:75:DA:D2
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/chkYdALzoOkcEjbwoB04LLZ12tI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.52.0/23
104.167.0.0/24
104.167.10.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.239.10.0/23
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.86.0/24
104.239.88.0/24
104.239.90.0/23
104.239.94.0/24
104.239.98.0/24
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
138.128.148.0/24
138.128.157.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.110.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
12:81:91:e3:ad:2c:c8:1e:7c:9c:88:9c:c8:1c:e8:96:63:2d:
94:61:ff:7e:82:07:52:c5:97:93:17:19:8d:dd:64:d0:1e:e6:
07:ee:f8:59:87:6f:6c:04:df:3c:4d:a7:88:ac:08:45:ae:4f:
a4:5e:fe:d2:1e:39:69:41:4d:4c:dc:a8:7b:dd:8d:2d:98:99:
68:3a:aa:9f:77:4b:89:95:c4:17:10:85:23:4c:9f:2e:9a:f3:
00:98:f3:dc:93:11:e1:6e:29:63:b3:53:fe:fd:a9:7b:ed:47:
d1:14:ff:33:cf:ae:b2:19:0e:f3:d2:e5:18:f7:d7:05:a3:90:
77:4e:b6:8b:3f:f0:fb:be:7c:5a:f0:27:dd:a8:39:4a:e9:fe:
3d:de:b5:49:2d:62:33:59:42:da:d5:75:8b:db:bf:4e:be:fa:
6f:0b:f5:8e:30:a3:9c:be:44:8d:79:94:3c:52:5c:1a:18:ac:
1e:f3:9e:6c:92:b4:1f:e3:8b:c4:1f:b4:fa:c4:39:e0:a4:34:
a4:8b:68:a6:ff:a3:b9:d3:1b:10:c0:93:16:53:ad:52:37:a9:
a8:1f:b5:47:e0:9c:18:1d:1e:e5:37:83:1c:c5:0a:83:78:54:
11:74:35:68:05:b9:ff:47:8a:ab:3e:e9:c8:0f:7d:53:42:0a:
3f:3e:d0:50
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAYTSQJ60glRv67SkfnxcIvk3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMjAyMDk1MjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjE5MTg3NDAyZjNhMGU5MWMxMjM2ZjBhMDFkMzgyY2I2NzVkYWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQ8sG8+KJ4SH+HCDgO6OSkIpz8+Y
UjeXZ67Rv2/wCdLVT99c4KxN3RWTgpiWHeBpSZdVU/mLd/P44mNN/ptiSpb9228g
mZR5rjUk58hU5ZmmaM6GkkGpNXhfviHs2CRl86vP+gLlfgefJSPoINO34NUtGvDr
Xn4Q0B7/kTN/IbGc9pDk4JybE2yJoTo8ZMzP+lYBmjtE6C0iwwGT+N6qknhnEOY2
7IEgcyeMm63nnjrC4p/K8DV+WB6h6+8uk5FGELXXbHUhUdkRXw4umac7QuR7mBuW
beFsa8KaUge2kPDod55OlfVUuhYQCEsI44+x01c2y6+wXZV7LW841qy8VwIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFHIZGHQC86DpHBI28KAdOCy2ddrSMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvY2hrWWRBTHpvT2tjRWpid29CMDRMTFoxMnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB5wQCAAEwgeADBAFA
iTQDBABopwADBABopwowDAMEA2jpGAMEAGjpGgMEAWjuBDAMAwQAaO4HAwQAaO4K
AwQBaO8KAwQAaO8cAwQBaO8eAwQAaO8sAwQAaO9JMAwDBABo70sDBABo704wDAME
BGjvUAMEAGjvUgMEAGjvVgMEAGjvWAMEAWjvWgMEAGjvXgMEAGjvYgMEAGjvZTAM
AwQDaO9oAwQAaO9sAwQAaO9vMAwDBAJo73wDBABo734DBACKgJQDBACKgJ0DBADY
rUwDBADYrVIwDAMEAditZgMEANitbgMEANiteDANBgkqhkiG9w0BAQsFAAOCAQEA
EoGR460syB58nIicyBzolmMtlGH/foIHUsWXkxcZjd1k0B7mB+74WYdvbATfPE2n
iKwIRa5PpF7+0h45aUFNTNyoe92NLZiZaDqqn3dLiZXEFxCFI0yfLprzAJjz3JMR
4W4pY7NT/v2pe+1H0RT/M8+ushkO89LlGPfXBaOQd062iz/w+758WvAn3ag5Sun+
Pd61SS1iM1lC2tV1i9u/Tr76bwv1jjCjnL5EjXmUPFJcGhisHvOebJK0H+OLxB+0
+sQ54KQ0pItopv+judMbEMCTFlOtUjepqB+1R+CcGB0e5TeDHMUKg3hUEXQ1aAW5
/0eKqz7pyA99U0IKPz7QUA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:45 2024 by rpki-client on console-ams.rpki-client.org