Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/kzGCu1IUKbyrsn3KNW12tLTkfdI.roa
File: kzGCu1IUKbyrsn3KNW12tLTkfdI.roa (raw, json)
Hash identifier: Ho4+wfHhQgKaiVpmApFcbA3g5IK7AgJ9HDDME8snV8Q=
Subject key identifier: 93:31:82:BB:52:14:29:BC:AB:B2:7D:CA:35:6D:76:B4:B4:E4:7D:D2
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0135DFE3
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/kzGCu1IUKbyrsn3KNW12tLTkfdI.roa
Signing time: Sat 01 Jan 2022 05:02:49 +0000
ROA not before: Sat 01 Jan 2022 05:02:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 11426
IP address blocks: 104.249.32.0/22 maxlen: 22
104.249.56.0/22 maxlen: 22
104.238.0.0/22 maxlen: 22
45.43.132.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20307939 (0x135dfe3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 1 05:02:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=933182bb521429bcabb27dca356d76b4b4e47dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:76:f9:99:a5:02:5e:8d:58:6f:8c:62:11:45:
6d:76:94:d2:94:30:4c:9d:15:5f:e4:c7:0d:44:3c:
7e:23:6f:3e:bc:cd:49:8b:1a:42:c7:99:01:70:0b:
2b:2d:eb:ae:57:b8:e3:cf:e9:a7:dc:3a:bc:a5:f1:
11:5a:29:fc:5d:07:27:dd:77:d0:89:de:8f:4f:5b:
60:04:2e:97:b2:e1:0a:01:50:bb:be:91:ec:4e:c5:
a5:4d:57:72:ac:7c:8d:e6:de:bb:35:da:e1:6c:c7:
61:c8:b4:f5:0b:bf:18:40:52:52:af:bd:79:a3:70:
81:b4:21:72:50:a5:e7:ae:73:55:17:f6:e2:f9:0b:
03:52:df:be:b3:4d:56:3f:90:89:94:f3:83:05:84:
da:14:0b:5c:36:90:b3:e8:9e:51:8d:ad:48:19:3e:
9e:03:d5:19:39:97:c7:4c:6c:36:0c:a5:a2:1f:08:
55:89:20:ff:c6:6b:d0:c3:c9:45:bc:69:39:a6:02:
55:41:6a:f0:63:42:90:b7:ce:e2:d2:02:bf:6b:7b:
50:14:fd:fa:dd:0a:27:06:92:54:3f:13:80:26:1c:
84:4c:22:1f:47:7a:09:82:a4:5b:41:15:9e:f8:42:
8c:9c:0c:5f:ef:7b:4e:04:fd:a7:e8:61:52:1b:4b:
9a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:31:82:BB:52:14:29:BC:AB:B2:7D:CA:35:6D:76:B4:B4:E4:7D:D2
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/kzGCu1IUKbyrsn3KNW12tLTkfdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.132.0/22
104.238.0.0/22
104.249.32.0/22
104.249.56.0/22
Signature Algorithm: sha256WithRSAEncryption
77:b0:b7:5a:5b:a9:af:6a:7a:26:09:f7:44:0b:d2:4f:81:ea:
16:27:1f:a8:47:d5:5a:1a:b6:5a:43:da:e1:93:11:98:6c:cc:
ef:ea:ad:38:3d:83:5d:5a:63:27:0b:f5:0e:70:2b:24:5e:9b:
65:4d:39:38:23:b2:af:ea:bc:d3:00:be:68:45:ee:27:d6:46:
b5:bc:a3:3d:0c:2c:44:52:61:75:0a:a8:48:53:d9:48:cd:da:
ae:b1:a8:64:b0:c0:7d:bd:4c:e3:2e:07:56:1c:97:8f:23:ee:
f6:8d:10:2c:6f:7e:a2:e6:d2:c0:e9:bb:82:ba:36:63:f9:4d:
ff:e0:ac:f7:f2:f9:40:e9:bc:1e:f5:47:50:07:ea:4d:79:d9:
ea:fb:1a:30:0f:73:61:ad:dd:87:b5:94:07:8a:e5:f0:b6:93:
a3:f4:cb:b8:f4:57:c2:c8:e1:b9:61:e6:3e:a7:e5:76:2b:42:
ff:32:fc:0e:e1:d9:60:be:84:6c:1c:f2:cd:c6:a7:b1:30:20:
37:a5:bc:41:c6:b5:a0:f3:98:bb:c0:5e:d2:0a:fe:73:eb:90:
ef:b8:21:f4:e8:bb:e6:ce:e6:71:27:5d:32:b1:7c:10:0b:ca:
ba:40:6a:7a:fd:29:f8:bb:ec:ce:09:e2:e5:c2:97:6c:05:2f:
63:d5:e5:94
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEATXf4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDU4MWU2NzNkODBmNzQ3NDkzNmIyMTMzN2VhZmNjMWJkYzM4NWU5MB4XDTIyMDEw
MTA1MDI0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTMzMTgyYmI1MjE0
MjliY2FiYjI3ZGNhMzU2ZDc2YjRiNGU0N2RkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALN2+ZmlAl6NWG+MYhFFbXaU0pQwTJ0VX+THDUQ8fiNvPrzN
SYsaQseZAXALKy3rrle448/pp9w6vKXxEVop/F0HJ9130Inej09bYAQul7LhCgFQ
u76R7E7FpU1Xcqx8jebeuzXa4WzHYci09Qu/GEBSUq+9eaNwgbQhclCl565zVRf2
4vkLA1LfvrNNVj+QiZTzgwWE2hQLXDaQs+ieUY2tSBk+ngPVGTmXx0xsNgyloh8I
VYkg/8Zr0MPJRbxpOaYCVUFq8GNCkLfO4tICv2t7UBT9+t0KJwaSVD8TgCYchEwi
H0d6CYKkW0EVnvhCjJwMX+97TgT9p+hhUhtLmrsCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSTMYK7UhQpvKuyfco1bXa0tOR90jAfBgNVHSMEGDAWgBRgWB5nPYD3R0k2
shM36vzBvcOF6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lGZ2VaejJBOTBkSk5ySVROLXI4d2IzRGhlay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8x
L2t6R0N1MUlVS2J5cnNuM0tOVzEydExUa2ZkSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
ZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8xL1lGZ2VaejJBOTBk
Sk5ySVROLXI4d2IzRGhlay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAi0rhAMEAmjuAAMEAmj5IAMEAmj5
ODANBgkqhkiG9w0BAQsFAAOCAQEAd7C3Wlupr2p6Jgn3RAvST4HqFicfqEfVWhq2
WkPa4ZMRmGzM7+qtOD2DXVpjJwv1DnArJF6bZU05OCOyr+q80wC+aEXuJ9ZGtbyj
PQwsRFJhdQqoSFPZSM3arrGoZLDAfb1M4y4HVhyXjyPu9o0QLG9+oubSwOm7gro2
Y/lN/+Cs9/L5QOm8HvVHUAfqTXnZ6vsaMA9zYa3dh7WUB4rl8LaTo/TLuPRXwsjh
uWHmPqflditC/zL8DuHZYL6EbBzyzcansTAgN6W8Qca1oPOYu8Be0gr+c+uQ77gh
9Oi75s7mcSddMrF8EAvKukBqev0p+Lvszgni5cKXbAUvY9XllA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-fra.rpki-client.org