Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/h13zjImAokEOkK09qBrJXBRFaso.roa
File: h13zjImAokEOkK09qBrJXBRFaso.roa (raw, json)
Hash identifier: 4z7ls6TJAivyznJ3pHJ3TqsS/zbOrgJAZjSPrC9p/iM=
Subject key identifier: 87:5D:F3:8C:89:80:A2:41:0E:90:AD:3D:A8:1A:C9:5C:14:45:6A:CA
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018456C8FF0C756544BE40F90BCB7B47CECB
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/h13zjImAokEOkK09qBrJXBRFaso.roa
Signing time: Tue 08 Nov 2022 10:28:43 +0000
ROA not before: Tue 08 Nov 2022 10:28:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 104.143.254.0/23 maxlen: 23
64.137.80.0/22 maxlen: 22
64.137.96.0/22 maxlen: 22
64.137.94.0/23 maxlen: 23
64.137.92.0/23 maxlen: 23
64.137.100.0/23 maxlen: 23
216.173.78.0/23 maxlen: 23
104.249.30.0/23 maxlen: 23
104.249.29.0/24 maxlen: 24
104.249.36.0/24 maxlen: 24
216.173.88.0/23 maxlen: 23
45.43.176.0/20 maxlen: 20
104.239.13.0/24 maxlen: 24
216.173.111.0/24 maxlen: 24
104.249.55.0/24 maxlen: 24
104.249.60.0/23 maxlen: 23
104.239.96.0/23 maxlen: 23
104.239.92.0/23 maxlen: 23
104.239.84.0/23 maxlen: 23
64.137.14.0/23 maxlen: 23
64.137.18.0/23 maxlen: 23
104.233.20.0/24 maxlen: 24
104.143.232.0/21 maxlen: 21
64.137.42.0/23 maxlen: 23
104.143.240.0/22 maxlen: 22
64.137.48.0/23 maxlen: 23
104.143.235.0/24 maxlen: 24
64.137.58.0/23 maxlen: 23
104.143.248.0/21 maxlen: 24
64.137.60.0/22 maxlen: 22
104.238.4.0/23 maxlen: 23
104.238.0.0/22 maxlen: 22
104.233.0.0/21 maxlen: 21
104.238.14.0/24 maxlen: 24
138.128.151.0/24 maxlen: 24
104.238.20.0/24 maxlen: 24
104.238.19.0/24 maxlen: 24
64.137.10.0/23 maxlen: 23
138.128.153.0/24 maxlen: 24
138.128.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:56:c8:ff:0c:75:65:44:be:40:f9:0b:cb:7b:47:ce:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Nov 8 10:28:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=875df38c8980a2410e90ad3da81ac95c14456aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e7:47:c3:ac:7d:95:31:a4:e6:70:48:1b:15:
3d:23:8c:e6:35:86:14:9b:f5:ab:eb:58:7a:7e:9a:
7a:b9:f8:96:47:ba:3c:a0:66:f6:63:18:52:c6:70:
cf:4f:13:fc:bd:47:0a:60:db:af:23:8e:a5:45:c4:
41:ce:ad:48:16:11:4b:0c:3c:ff:01:71:04:d9:92:
14:e0:b4:c1:64:4c:99:46:da:ba:d8:de:03:3c:16:
56:bc:15:16:31:a8:20:41:42:d8:0d:60:84:05:ac:
cf:41:fb:7f:43:2c:b1:39:0d:b0:69:f6:b4:99:c4:
e8:44:c1:38:ee:d3:08:b0:8c:f3:12:ca:5c:ec:e3:
24:f3:4e:45:70:d6:52:5f:47:48:14:a2:22:6e:60:
12:c8:78:32:14:c2:2d:f0:07:8b:22:88:38:2e:a1:
c7:59:c3:32:c8:17:39:fb:dc:84:85:61:8d:98:a5:
fe:1e:7e:1c:89:c7:2f:6e:4c:3e:f2:a8:e5:8e:c5:
78:74:28:5b:7d:3c:95:4a:24:86:2e:5f:9d:e0:b6:
dd:00:06:06:28:48:1b:68:55:42:a2:a7:2a:4d:a1:
2b:1f:4e:e4:2d:78:2a:f4:22:c5:f6:be:49:5e:7c:
67:ab:e0:31:ed:a9:61:ca:cb:22:55:d4:ac:f5:37:
19:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:5D:F3:8C:89:80:A2:41:0E:90:AD:3D:A8:1A:C9:5C:14:45:6A:CA
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/h13zjImAokEOkK09qBrJXBRFaso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.176.0/20
64.137.10.0/23
64.137.14.0/23
64.137.18.0/23
64.137.42.0/23
64.137.48.0/23
64.137.58.0-64.137.63.255
64.137.80.0/22
64.137.92.0-64.137.101.255
104.143.232.0-104.143.243.255
104.143.248.0/21
104.233.0.0/21
104.233.20.0/24
104.238.0.0-104.238.5.255
104.238.14.0/24
104.238.19.0-104.238.20.255
104.239.13.0/24
104.239.84.0/23
104.239.92.0/23
104.239.96.0/23
104.249.29.0-104.249.31.255
104.249.36.0/24
104.249.55.0/24
104.249.60.0/23
138.128.151.0/24
138.128.153.0/24
138.128.159.0/24
216.173.78.0/23
216.173.88.0/23
216.173.111.0/24
Signature Algorithm: sha256WithRSAEncryption
95:ae:0e:0f:4e:db:d5:b8:cc:75:e7:30:e7:d0:41:5e:5d:08:
5c:dc:4d:95:20:30:2d:97:3b:3a:78:5a:f2:87:da:3a:34:55:
d7:c2:92:5b:7f:08:d6:a3:9a:39:71:f1:73:09:fa:31:2c:ee:
ad:0a:95:23:c2:a7:ba:d1:62:0e:8d:b7:b4:a3:8d:c9:77:4d:
8f:03:6d:e3:31:9f:e5:5d:91:f1:ea:0c:4c:ba:d3:47:75:7e:
a5:53:71:8a:56:e8:34:84:31:60:e0:00:7a:8e:cd:8a:5a:4d:
2f:ea:a1:4a:03:fe:65:24:10:e9:dd:c4:68:ba:e4:e2:aa:32:
59:9d:6e:c3:7a:e2:c4:2a:17:ab:f2:4d:60:31:8b:56:d0:f2:
14:78:24:08:b7:aa:26:13:7a:da:f8:56:d8:94:b3:91:a1:d4:
e1:47:b8:48:81:3c:ef:0b:43:ef:60:ad:27:3b:5b:c4:d8:74:
de:5c:96:69:8b:1f:d7:5a:b8:5e:44:89:dd:23:f1:7c:31:47:
74:65:9c:c1:2a:2b:6a:eb:9f:66:c8:47:78:bf:26:4f:45:76:
06:b8:39:00:0e:52:94:e9:ba:f2:98:0e:14:f3:05:8c:4e:ba:
3f:eb:7d:2b:71:67:6a:db:f9:01:86:f7:60:3d:aa:69:3d:07:
31:e0:48:24
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgISAYRWyP8MdWVEvkD5C8t7R87LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMTA4MTAyODQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzVkZjM4Yzg5ODBhMjQxMGU5MGFkM2RhODFhYzk1YzE0NDU2YWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+dHw6x9lTGk5nBIGxU9I4zmNYYU
m/Wr61h6fpp6ufiWR7o8oGb2YxhSxnDPTxP8vUcKYNuvI46lRcRBzq1IFhFLDDz/
AXEE2ZIU4LTBZEyZRtq62N4DPBZWvBUWMaggQULYDWCEBazPQft/QyyxOQ2wafa0
mcToRME47tMIsIzzEspc7OMk805FcNZSX0dIFKIibmASyHgyFMIt8AeLIog4LqHH
WcMyyBc5+9yEhWGNmKX+Hn4ciccvbkw+8qjljsV4dChbfTyVSiSGLl+d4LbdAAYG
KEgbaFVCoqcqTaErH07kLXgq9CLF9r5JXnxnq+Ax7alhyssiVdSs9TcZlQIDAQAB
o4IC7DCCAugwHQYDVR0OBBYEFIdd84yJgKJBDpCtPagayVwURWrKMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvaDEzempJbUFva0VPa0swOXFCckpYQlJGYXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAAYIKwYBBQUHAQcBAf8EgfAwge0wgeoEAgABMIHjAwQE
LSuwAwQBQIkKAwQBQIkOAwQBQIkSAwQBQIkqAwQBQIkwMAwDBAFAiToDBAZAiQAD
BAJAiVAwDAMEAkCJXAMEAUCJZDAMAwQDaI/oAwQCaI/wAwQDaI/4AwQDaOkAAwQA
aOkUMAsDAwFo7gMEAWjuBAMEAGjuDjAMAwQAaO4TAwQAaO4UAwQAaO8NAwQBaO9U
AwQBaO9cAwQBaO9gMAwDBABo+R0DBAVo+QADBABo+SQDBABo+TcDBAFo+TwDBACK
gJcDBACKgJkDBACKgJ8DBAHYrU4DBAHYrVgDBADYrW8wDQYJKoZIhvcNAQELBQAD
ggEBAJWuDg9O29W4zHXnMOfQQV5dCFzcTZUgMC2XOzp4WvKH2jo0VdfCklt/CNaj
mjlx8XMJ+jEs7q0KlSPCp7rRYg6Nt7Sjjcl3TY8DbeMxn+VdkfHqDEy600d1fqVT
cYpW6DSEMWDgAHqOzYpaTS/qoUoD/mUkEOndxGi65OKqMlmdbsN64sQqF6vyTWAx
i1bQ8hR4JAi3qiYTetr4VtiUs5Gh1OFHuEiBPO8LQ+9grSc7W8TYdN5clmmLH9da
uF5Eid0j8XwxR3RlnMEqK2rrn2bIR3i/Jk9Fdga4OQAOUpTpuvKYDhTzBYxOuj/r
fStxZ2rb+QGG92A9qmk9BzHgSCQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-fra.rpki-client.org