Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/hHytMMxZ-1hrhUpyL2oBiw0p7x8.roa
File: hHytMMxZ-1hrhUpyL2oBiw0p7x8.roa (raw, json)
Hash identifier: om5K2986nI/tUdvUmD84rRqg+7xL7jZv/VBKnyIFpA4=
Subject key identifier: 84:7C:AD:30:CC:59:FB:58:6B:85:4A:72:2F:6A:01:8B:0D:29:EF:1F
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0183F663FE6124E4E621286029B370B2390D
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/hHytMMxZ-1hrhUpyL2oBiw0p7x8.roa
Signing time: Thu 20 Oct 2022 17:14:51 +0000
ROA not before: Thu 20 Oct 2022 17:14:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 104.249.30.0/23 maxlen: 23
104.249.36.0/24 maxlen: 24
104.239.10.0/23 maxlen: 23
104.239.13.0/24 maxlen: 24
104.249.55.0/24 maxlen: 24
104.239.28.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.249.60.0/23 maxlen: 23
104.167.0.0/24 maxlen: 24
104.167.10.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
64.137.52.0/23 maxlen: 23
104.238.4.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.14.0/24 maxlen: 24
104.238.20.0/24 maxlen: 24
104.238.19.0/24 maxlen: 24
216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
216.173.103.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.111.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
104.239.92.0/23 maxlen: 23
104.239.96.0/23 maxlen: 23
104.239.98.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.73.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.84.0/23 maxlen: 23
104.239.80.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.233.20.0/24 maxlen: 24
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
138.128.148.0/24 maxlen: 24
138.128.151.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
138.128.159.0/24 maxlen: 24
138.128.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f6:63:fe:61:24:e4:e6:21:28:60:29:b3:70:b2:39:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 20 17:14:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=847cad30cc59fb586b854a722f6a018b0d29ef1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:36:db:3c:93:68:d9:74:f5:5d:1a:06:a1:db:
8d:94:93:e7:37:26:a3:bc:a0:83:4a:67:60:c2:e9:
05:7b:ac:45:b3:a4:b1:fd:be:8c:20:75:d8:3d:8b:
82:57:9f:0e:49:d1:83:90:74:b7:2e:49:e1:bf:65:
1a:a0:25:b9:e4:14:6b:d1:ca:74:06:ff:2e:0f:ff:
8a:27:ad:52:92:5e:cc:79:6a:d7:0f:9c:b3:fe:ce:
0c:f6:9f:86:48:c8:24:77:f8:03:50:1b:db:42:58:
5d:ee:f2:34:78:80:e3:d8:73:65:72:be:9b:d0:d7:
b1:04:0f:00:f9:50:2d:f1:00:34:4a:2a:10:e8:4d:
df:73:b9:6f:73:6f:74:23:13:1c:1a:33:b9:58:24:
01:0f:52:23:0d:6e:92:ee:11:d0:88:12:9c:11:ae:
a8:f8:ea:92:38:86:81:7b:24:50:c4:e1:a4:09:27:
c1:4b:e0:26:61:49:1b:b2:82:97:11:40:fa:8a:c7:
2f:33:8a:f2:08:a5:c1:49:a8:75:b6:b5:4d:d1:36:
4c:6d:53:a8:64:87:02:95:6a:64:7a:a5:58:f0:16:
fb:09:f3:90:4c:0a:8b:5c:4d:e6:01:88:ed:40:af:
8c:69:55:40:11:bb:fc:e7:e4:4e:ce:9e:f1:38:48:
88:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:7C:AD:30:CC:59:FB:58:6B:85:4A:72:2F:6A:01:8B:0D:29:EF:1F
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/hHytMMxZ-1hrhUpyL2oBiw0p7x8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.52.0/23
104.167.0.0/24
104.167.10.0/24
104.233.20.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.238.14.0/24
104.238.19.0-104.238.20.255
104.239.10.0/23
104.239.13.0/24
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.84.0-104.239.86.255
104.239.88.0/24
104.239.90.0-104.239.94.255
104.239.96.0-104.239.98.255
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
104.249.30.0/23
104.249.36.0/24
104.249.55.0/24
104.249.60.0/23
138.128.148.0/24
138.128.151.0/24
138.128.153.0/24
138.128.157.0/24
138.128.159.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.111.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
30:f8:cc:35:7b:8f:76:41:b5:26:d6:c9:71:c6:3e:fe:6f:c4:
17:fe:61:72:20:3c:58:f4:29:03:34:b6:bc:61:e0:3e:27:bc:
4d:45:1b:c4:2d:d5:04:08:f5:68:ff:7c:c6:72:9d:e0:23:8f:
82:f4:56:82:24:91:40:96:33:40:b2:3d:11:2d:ee:c3:f2:6a:
be:fa:43:70:b4:a5:0d:02:25:0c:a4:88:d6:32:04:17:2d:4d:
b6:87:c4:be:00:6e:06:7f:56:bb:29:49:b9:2a:99:6c:a2:40:
c5:97:41:cb:e7:e3:3a:f1:38:f4:77:87:95:8d:ec:4a:5b:5e:
22:42:2b:38:3b:97:78:19:74:05:ae:51:b0:48:50:fa:a4:97:
66:fe:e2:a7:c0:94:fc:32:43:8f:4f:c6:23:c0:39:cf:74:fe:
de:1e:52:5f:a5:97:5a:1c:b8:05:a9:c7:40:cf:89:d7:c6:5b:
79:91:70:90:49:fa:d1:60:38:38:5f:0e:59:ac:7b:ff:34:71:
dd:d7:12:83:d7:c5:48:15:72:b5:0c:61:17:db:41:b3:ad:cf:
67:f3:8f:3a:b5:a7:0a:30:37:20:95:8d:f3:d3:56:65:77:69:
cb:40:1c:d2:bc:4f:aa:50:62:44:34:8c:70:c7:0a:aa:5f:8a:
e7:98:ac:df
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgISAYP2Y/5hJOTmIShgKbNwsjkNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMDIwMTcxNDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDdjYWQzMGNjNTlmYjU4NmI4NTRhNzIyZjZhMDE4YjBkMjllZjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjbbPJNo2XT1XRoGoduNlJPnNyaj
vKCDSmdgwukFe6xFs6Sx/b6MIHXYPYuCV58OSdGDkHS3Lknhv2UaoCW55BRr0cp0
Bv8uD/+KJ61Skl7MeWrXD5yz/s4M9p+GSMgkd/gDUBvbQlhd7vI0eIDj2HNlcr6b
0NexBA8A+VAt8QA0SioQ6E3fc7lvc290IxMcGjO5WCQBD1IjDW6S7hHQiBKcEa6o
+OqSOIaBeyRQxOGkCSfBS+AmYUkbsoKXEUD6iscvM4ryCKXBSah1trVN0TZMbVOo
ZIcClWpkeqVY8Bb7CfOQTAqLXE3mAYjtQK+MaVVAEbv85+ROzp7xOEiIHQIDAQAB
o4IDSTCCA0UwHQYDVR0OBBYEFIR8rTDMWftYa4VKci9qAYsNKe8fMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvaEh5dE1NeFotMWhyaFVweUwyb0JpdzBwN3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXQYIKwYBBQUHAQcBAf8EggFMMIIBSDCCAUQEAgABMIIB
PAMEAUCJNAMEAGinAAMEAGinCgMEAGjpFDAMAwQDaOkYAwQAaOkaAwQBaO4EMAwD
BABo7gcDBABo7goDBABo7g4wDAMEAGjuEwMEAGjuFAMEAWjvCgMEAGjvDQMEAGjv
HAMEAWjvHgMEAGjvLAMEAGjvSTAMAwQAaO9LAwQAaO9OMAwDBARo71ADBABo71Iw
DAMEAmjvVAMEAGjvVgMEAGjvWDAMAwQBaO9aAwQAaO9eMAwDBAVo72ADBABo72ID
BABo72UwDAMEA2jvaAMEAGjvbAMEAGjvbzAMAwQCaO98AwQAaO9+AwQBaPkeAwQA
aPkkAwQAaPk3AwQBaPk8AwQAioCUAwQAioCXAwQAioCZAwQAioCdAwQAioCfAwQA
2K1MAwQA2K1SMAwDBAHYrWYDBATYrWADBADYrXgwDQYJKoZIhvcNAQELBQADggEB
ADD4zDV7j3ZBtSbWyXHGPv5vxBf+YXIgPFj0KQM0trxh4D4nvE1FG8Qt1QQI9Wj/
fMZyneAjj4L0VoIkkUCWM0CyPREt7sPyar76Q3C0pQ0CJQykiNYyBBctTbaHxL4A
bgZ/VrspSbkqmWyiQMWXQcvn4zrxOPR3h5WN7EpbXiJCKzg7l3gZdAWuUbBIUPqk
l2b+4qfAlPwyQ49PxiPAOc90/t4eUl+ll1ocuAWpx0DPidfGW3mRcJBJ+tFgODhf
Dlmse/80cd3XEoPXxUgVcrUMYRfbQbOtz2fzjzq1pwowNyCVjfPTVmV3actAHNK8
T6pQYkQ0jHDHCqpfiueYrN8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-fra.rpki-client.org