Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/pGa4hfM-1YpoNIMcUxA3BEpvkto.roa
File: pGa4hfM-1YpoNIMcUxA3BEpvkto.roa (raw, json)
Hash identifier: AVVQ0EFPaQdqgEvRH7hJjufB2jqn6fCl5RS49OuHeIE=
Subject key identifier: A4:66:B8:85:F3:3E:D5:8A:68:34:83:1C:53:10:37:04:4A:6F:92:DA
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0184761BE61140524C2A9D4348D9CEA53290
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/pGa4hfM-1YpoNIMcUxA3BEpvkto.roa
Signing time: Mon 14 Nov 2022 12:27:30 +0000
ROA not before: Mon 14 Nov 2022 12:27:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 104.143.254.0/23 maxlen: 23
64.137.80.0/22 maxlen: 22
64.137.96.0/22 maxlen: 22
64.137.94.0/23 maxlen: 23
64.137.92.0/23 maxlen: 23
64.137.100.0/23 maxlen: 23
216.173.78.0/23 maxlen: 23
104.249.30.0/23 maxlen: 23
104.249.29.0/24 maxlen: 24
216.173.80.0/23 maxlen: 23
104.249.36.0/24 maxlen: 24
216.173.88.0/23 maxlen: 23
45.43.176.0/20 maxlen: 20
104.239.13.0/24 maxlen: 24
216.173.111.0/24 maxlen: 24
104.249.55.0/24 maxlen: 24
104.249.60.0/23 maxlen: 23
104.239.96.0/23 maxlen: 23
104.239.92.0/23 maxlen: 23
104.239.84.0/23 maxlen: 23
64.137.14.0/23 maxlen: 23
64.137.18.0/23 maxlen: 23
104.233.20.0/24 maxlen: 24
104.143.232.0/21 maxlen: 21
64.137.42.0/23 maxlen: 23
104.143.240.0/22 maxlen: 22
64.137.48.0/23 maxlen: 23
104.143.235.0/24 maxlen: 24
64.137.58.0/23 maxlen: 23
104.143.248.0/21 maxlen: 24
64.137.60.0/22 maxlen: 22
104.238.4.0/23 maxlen: 23
104.238.0.0/22 maxlen: 22
104.233.0.0/21 maxlen: 21
104.238.14.0/24 maxlen: 24
138.128.151.0/24 maxlen: 24
104.238.20.0/24 maxlen: 24
104.238.19.0/24 maxlen: 24
64.137.10.0/23 maxlen: 23
138.128.153.0/24 maxlen: 24
138.128.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:1b:e6:11:40:52:4c:2a:9d:43:48:d9:ce:a5:32:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Nov 14 12:27:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a466b885f33ed58a6834831c531037044a6f92da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:06:c3:b8:10:02:a2:04:ca:2b:9f:aa:02:f8:
12:10:54:c2:db:bd:4e:15:72:9d:94:2b:10:24:1b:
36:10:87:fd:55:2b:c7:41:0f:e1:f5:ec:6f:a3:a9:
c2:37:d3:7b:a7:67:3b:94:68:a1:04:2f:38:39:3d:
01:d9:5f:0f:f2:f2:4b:b4:dd:eb:fd:47:94:dc:a4:
53:2f:25:21:94:ad:51:05:0b:be:e0:8c:86:9f:53:
cb:6e:e1:4d:f2:d2:0a:62:a5:25:38:2e:4e:6c:2e:
d6:52:d1:43:71:38:78:94:57:ff:94:65:b6:af:12:
43:d1:74:19:0e:99:70:af:e3:0d:96:01:1b:53:98:
42:16:8f:f4:4f:a4:d0:28:73:32:1f:c1:d4:0f:f5:
c0:a2:77:7c:62:fe:a4:d2:24:d4:62:44:80:af:4e:
d6:f8:79:06:37:ee:ac:2c:13:16:a4:26:b7:38:ea:
fd:f2:a3:2d:6c:b8:ec:ad:0a:99:77:0f:ff:20:b4:
8b:4b:39:f8:ac:42:45:56:5b:94:33:14:66:3e:98:
11:ee:49:fd:e2:18:f2:87:6e:3d:ec:8f:94:d1:13:
e3:b9:6d:c4:ad:8b:11:89:03:c0:55:05:19:8b:28:
5d:6c:af:63:03:b4:7c:14:e6:26:d9:e6:97:21:51:
cd:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:66:B8:85:F3:3E:D5:8A:68:34:83:1C:53:10:37:04:4A:6F:92:DA
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/pGa4hfM-1YpoNIMcUxA3BEpvkto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.176.0/20
64.137.10.0/23
64.137.14.0/23
64.137.18.0/23
64.137.42.0/23
64.137.48.0/23
64.137.58.0-64.137.63.255
64.137.80.0/22
64.137.92.0-64.137.101.255
104.143.232.0-104.143.243.255
104.143.248.0/21
104.233.0.0/21
104.233.20.0/24
104.238.0.0-104.238.5.255
104.238.14.0/24
104.238.19.0-104.238.20.255
104.239.13.0/24
104.239.84.0/23
104.239.92.0/23
104.239.96.0/23
104.249.29.0-104.249.31.255
104.249.36.0/24
104.249.55.0/24
104.249.60.0/23
138.128.151.0/24
138.128.153.0/24
138.128.159.0/24
216.173.78.0-216.173.81.255
216.173.88.0/23
216.173.111.0/24
Signature Algorithm: sha256WithRSAEncryption
49:c5:55:a0:df:86:e8:d6:19:61:f9:19:1e:16:ab:3f:eb:f7:
db:cb:5f:da:45:b0:65:69:2f:cd:93:71:cc:7f:37:d1:9d:bf:
fc:04:20:c4:e8:f5:3b:aa:91:c2:9d:7f:13:b6:18:a1:29:4b:
de:e9:ac:32:52:91:2e:c8:33:a0:cd:f9:b5:69:85:2c:91:38:
d8:fc:84:93:bf:12:9e:c4:df:a4:b4:94:a9:31:b8:40:d1:25:
48:3a:d2:85:e9:db:52:b0:cb:55:c7:73:08:35:f3:77:9e:e3:
7b:ed:a6:65:28:e6:23:78:2f:ad:36:81:58:d2:15:c5:37:a3:
25:bf:7c:55:64:93:5e:0e:4e:f2:7f:61:e3:af:84:c1:34:da:
c2:4f:c9:6c:de:df:5f:7f:66:7d:4f:34:8e:70:35:f0:02:34:
0f:bd:26:10:77:41:0b:94:60:e6:a3:0c:cd:c5:9f:53:63:c6:
01:98:6c:8c:7b:b2:f9:af:9e:55:6f:14:d2:f7:e7:44:80:bd:
0a:f3:36:fc:b6:60:4d:fb:64:7e:e9:8a:e8:d2:c2:84:bf:6a:
9b:c6:f4:74:2f:98:22:68:a0:c5:15:5a:10:39:85:d1:6a:50:
ec:e0:50:66:65:5b:7c:fb:4c:63:86:b2:32:d4:cc:4d:e2:0c:
c5:83:a0:b4
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgISAYR2G+YRQFJMKp1DSNnOpTKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMTE0MTIyNzMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDY2Yjg4NWYzM2VkNThhNjgzNDgzMWM1MzEwMzcwNDRhNmY5MmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwbDuBACogTKK5+qAvgSEFTC271O
FXKdlCsQJBs2EIf9VSvHQQ/h9exvo6nCN9N7p2c7lGihBC84OT0B2V8P8vJLtN3r
/UeU3KRTLyUhlK1RBQu+4IyGn1PLbuFN8tIKYqUlOC5ObC7WUtFDcTh4lFf/lGW2
rxJD0XQZDplwr+MNlgEbU5hCFo/0T6TQKHMyH8HUD/XAond8Yv6k0iTUYkSAr07W
+HkGN+6sLBMWpCa3OOr98qMtbLjsrQqZdw//ILSLSzn4rEJFVluUMxRmPpgR7kn9
4hjyh2497I+U0RPjuW3ErYsRiQPAVQUZiyhdbK9jA7R8FOYm2eaXIVHNjQIDAQAB
o4IC9DCCAvAwHQYDVR0OBBYEFKRmuIXzPtWKaDSDHFMQNwRKb5LaMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvcEdhNGhmTS0xWXBvTklNY1V4QTNCRXB2a3RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCAYIKwYBBQUHAQcBAf8EgfgwgfUwgfIEAgABMIHrAwQE
LSuwAwQBQIkKAwQBQIkOAwQBQIkSAwQBQIkqAwQBQIkwMAwDBAFAiToDBAZAiQAD
BAJAiVAwDAMEAkCJXAMEAUCJZDAMAwQDaI/oAwQCaI/wAwQDaI/4AwQDaOkAAwQA
aOkUMAsDAwFo7gMEAWjuBAMEAGjuDjAMAwQAaO4TAwQAaO4UAwQAaO8NAwQBaO9U
AwQBaO9cAwQBaO9gMAwDBABo+R0DBAVo+QADBABo+SQDBABo+TcDBAFo+TwDBACK
gJcDBACKgJkDBACKgJ8wDAMEAditTgMEAditUAMEAditWAMEANitbzANBgkqhkiG
9w0BAQsFAAOCAQEAScVVoN+G6NYZYfkZHharP+v328tf2kWwZWkvzZNxzH830Z2/
/AQgxOj1O6qRwp1/E7YYoSlL3umsMlKRLsgzoM35tWmFLJE42PyEk78SnsTfpLSU
qTG4QNElSDrShenbUrDLVcdzCDXzd57je+2mZSjmI3gvrTaBWNIVxTejJb98VWST
Xg5O8n9h46+EwTTawk/JbN7fX39mfU80jnA18AI0D70mEHdBC5Rg5qMMzcWfU2PG
AZhsjHuy+a+eVW8U0vfnRIC9CvM2/LZgTftkfumK6NLChL9qm8b0dC+YImigxRVa
EDmF0WpQ7OBQZmVbfPtMY4ayMtTMTeIMxYOgtA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:38 2023 by rpki-client on console-ams.rpki-client.org