Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/iabAwZtNQ-V6utdWOAQAhZlHD4U.roa
File: iabAwZtNQ-V6utdWOAQAhZlHD4U.roa (raw, json)
Hash identifier: KLVDceYIVf8wiAyMm4c6x+sdkFFcIlGrcn9kS+ZlkU0=
Subject key identifier: 89:A6:C0:C1:9B:4D:43:E5:7A:BA:D7:56:38:04:00:85:99:47:0F:85
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0183FA15BCA77172272A1ADC014BDA283D50
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/iabAwZtNQ-V6utdWOAQAhZlHD4U.roa
Signing time: Fri 21 Oct 2022 10:27:51 +0000
ROA not before: Fri 21 Oct 2022 10:27:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 104.249.30.0/23 maxlen: 23
104.239.10.0/23 maxlen: 23
104.239.13.0/24 maxlen: 24
104.249.55.0/24 maxlen: 24
104.239.28.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.249.60.0/23 maxlen: 23
104.167.0.0/24 maxlen: 24
104.167.10.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
64.137.52.0/23 maxlen: 23
104.238.4.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.14.0/24 maxlen: 24
104.238.20.0/24 maxlen: 24
104.238.19.0/24 maxlen: 24
216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
216.173.103.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
104.239.92.0/23 maxlen: 23
104.239.96.0/23 maxlen: 23
104.239.98.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.73.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.84.0/23 maxlen: 23
104.239.80.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.233.20.0/24 maxlen: 24
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
138.128.148.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
138.128.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fa:15:bc:a7:71:72:27:2a:1a:dc:01:4b:da:28:3d:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 21 10:27:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89a6c0c19b4d43e57abad7563804008599470f85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:be:1f:68:25:8f:9d:5f:c1:b5:e9:c4:38:5a:
90:97:44:eb:8b:d3:5a:11:20:e5:9a:a8:a1:38:1a:
3e:73:e2:79:ab:2c:8f:82:69:60:76:08:13:b3:73:
da:1c:52:f9:0b:37:b8:e3:ed:9e:0c:f5:39:b5:cc:
22:69:26:ab:89:5c:92:68:d5:46:24:2e:fe:7b:70:
b3:3e:3d:1f:22:f9:90:7f:b6:f3:36:77:a5:c2:1f:
ab:eb:ba:c3:72:16:0c:db:f5:e4:71:ed:4d:76:99:
d9:ed:c1:2c:7f:8b:77:3e:fb:01:4f:c3:f4:e4:54:
2c:cb:ea:7e:d1:8f:f7:0f:2f:a2:4b:91:58:78:9b:
7e:73:1f:c6:66:8b:e3:c0:b8:d4:c5:54:32:44:80:
f4:76:e1:72:c4:69:fb:e4:d6:57:59:51:5b:85:a0:
0e:43:6e:40:70:30:b2:ba:8d:c5:cc:58:0c:ae:37:
3c:30:b6:ca:86:f6:64:8c:d6:d7:ae:64:c2:a5:e2:
6c:7e:fe:6e:55:2e:66:a1:97:f5:37:96:57:05:3a:
6a:fa:61:92:17:d3:fd:65:a4:b6:56:7a:1c:ec:40:
c9:c7:da:ea:aa:72:98:43:b6:a2:6d:25:03:a0:9c:
e5:ee:f7:00:a7:a0:da:01:1a:7f:4f:14:1f:52:92:
29:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A6:C0:C1:9B:4D:43:E5:7A:BA:D7:56:38:04:00:85:99:47:0F:85
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/iabAwZtNQ-V6utdWOAQAhZlHD4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.52.0/23
104.167.0.0/24
104.167.10.0/24
104.233.20.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.238.14.0/24
104.238.19.0-104.238.20.255
104.239.10.0/23
104.239.13.0/24
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.84.0-104.239.86.255
104.239.88.0/24
104.239.90.0-104.239.94.255
104.239.96.0-104.239.98.255
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
104.249.30.0/23
104.249.55.0/24
104.249.60.0/23
138.128.148.0/24
138.128.157.0/24
138.128.159.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.110.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:b2:60:1f:d5:ff:82:c1:60:67:4b:35:03:30:91:11:8b:3f:
d8:50:d6:cf:12:0a:99:c2:64:c0:db:7f:80:dc:2b:e8:32:f7:
5f:9c:a9:85:2f:11:d6:5e:06:bc:f0:36:32:9c:97:d5:ae:71:
8f:70:6a:36:a8:8f:1f:40:ea:aa:f1:76:dc:4e:14:e8:2e:78:
e1:d8:9d:a4:35:23:2b:e7:8e:93:c6:3a:19:bf:d1:1d:20:03:
e7:95:5b:05:94:5d:52:15:ed:b2:9b:6b:00:73:6b:13:0d:2f:
46:15:49:0a:da:69:3b:f6:16:97:17:6f:c1:8c:6e:ee:ef:ed:
d9:65:aa:da:82:ce:c7:79:e9:7c:97:49:f9:49:75:72:76:81:
f3:ec:e2:f0:d0:29:98:42:c7:2c:df:65:65:6d:65:ff:2a:cc:
af:64:24:a9:bb:6e:a6:4e:01:9a:ca:3e:d2:c2:e9:1b:e8:70:
eb:99:a1:dd:39:db:2c:53:40:00:67:ea:3a:cb:15:d8:1a:ac:
45:a4:60:ba:48:55:ab:14:b9:67:ae:72:0e:ad:81:45:52:c8:
d5:56:09:6d:38:93:27:30:1e:e4:03:f7:e3:d1:af:a7:11:92:
bd:af:4a:27:ee:fc:8c:9c:ca:2f:f4:73:f7:a2:9b:36:88:bc:
11:41:7b:39
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgISAYP6FbyncXInKhrcAUvaKD1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMDIxMTAyNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWE2YzBjMTliNGQ0M2U1N2FiYWQ3NTYzODA0MDA4NTk5NDcwZjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn74faCWPnV/BtenEOFqQl0Tri9Na
ESDlmqihOBo+c+J5qyyPgmlgdggTs3PaHFL5Cze44+2eDPU5tcwiaSariVySaNVG
JC7+e3CzPj0fIvmQf7bzNnelwh+r67rDchYM2/Xkce1NdpnZ7cEsf4t3PvsBT8P0
5FQsy+p+0Y/3Dy+iS5FYeJt+cx/GZovjwLjUxVQyRID0duFyxGn75NZXWVFbhaAO
Q25AcDCyuo3FzFgMrjc8MLbKhvZkjNbXrmTCpeJsfv5uVS5moZf1N5ZXBTpq+mGS
F9P9ZaS2Vnoc7EDJx9rqqnKYQ7aibSUDoJzl7vcAp6DaARp/TxQfUpIpJwIDAQAB
o4IDNzCCAzMwHQYDVR0OBBYEFImmwMGbTUPlerrXVjgEAIWZRw+FMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvaWFiQXdadE5RLVY2dXRkV09BUUFoWmxIRDRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBSwYIKwYBBQUHAQcBAf8EggE6MIIBNjCCATIEAgABMIIB
KgMEAUCJNAMEAGinAAMEAGinCgMEAGjpFDAMAwQDaOkYAwQAaOkaAwQBaO4EMAwD
BABo7gcDBABo7goDBABo7g4wDAMEAGjuEwMEAGjuFAMEAWjvCgMEAGjvDQMEAGjv
HAMEAWjvHgMEAGjvLAMEAGjvSTAMAwQAaO9LAwQAaO9OMAwDBARo71ADBABo71Iw
DAMEAmjvVAMEAGjvVgMEAGjvWDAMAwQBaO9aAwQAaO9eMAwDBAVo72ADBABo72ID
BABo72UwDAMEA2jvaAMEAGjvbAMEAGjvbzAMAwQCaO98AwQAaO9+AwQBaPkeAwQA
aPk3AwQBaPk8AwQAioCUAwQAioCdAwQAioCfAwQA2K1MAwQA2K1SMAwDBAHYrWYD
BADYrW4DBADYrXgwDQYJKoZIhvcNAQELBQADggEBAHuyYB/V/4LBYGdLNQMwkRGL
P9hQ1s8SCpnCZMDbf4DcK+gy91+cqYUvEdZeBrzwNjKcl9WucY9wajaojx9A6qrx
dtxOFOgueOHYnaQ1IyvnjpPGOhm/0R0gA+eVWwWUXVIV7bKbawBzaxMNL0YVSQra
aTv2FpcXb8GMbu7v7dllqtqCzsd56XyXSflJdXJ2gfPs4vDQKZhCxyzfZWVtZf8q
zK9kJKm7bqZOAZrKPtLC6RvocOuZod052yxTQABn6jrLFdgarEWkYLpIVasUuWeu
cg6tgUVSyNVWCW04kycwHuQD9+PRr6cRkr2vSifu/Iycyi/0c/eimzaIvBFBezk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-fra.rpki-client.org