Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/r-x4Jtka20dHb-3a42OioqTYGso.roa
File: r-x4Jtka20dHb-3a42OioqTYGso.roa (raw, json)
Hash identifier: 8knBLk9Ba8gLDoiE2g07dwhq5DapeRt1rMydqxZgPfY=
Subject key identifier: AF:EC:78:26:D9:1A:DB:47:47:6F:ED:DA:E3:63:A2:A2:A4:D8:1A:CA
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0183D5C1950EE75BE25E6B298B3BA14B50AF
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/r-x4Jtka20dHb-3a42OioqTYGso.roa
Signing time: Fri 14 Oct 2022 09:09:37 +0000
ROA not before: Fri 14 Oct 2022 09:09:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 64.137.80.0/22 maxlen: 22
64.137.96.0/22 maxlen: 22
64.137.94.0/23 maxlen: 23
64.137.92.0/23 maxlen: 23
64.137.100.0/23 maxlen: 23
64.137.14.0/23 maxlen: 23
64.137.18.0/23 maxlen: 23
104.143.232.0/21 maxlen: 21
64.137.42.0/23 maxlen: 23
104.143.240.0/22 maxlen: 22
64.137.48.0/23 maxlen: 23
64.137.58.0/23 maxlen: 23
64.137.60.0/22 maxlen: 22
104.238.0.0/22 maxlen: 22
104.233.0.0/21 maxlen: 21
64.137.10.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d5:c1:95:0e:e7:5b:e2:5e:6b:29:8b:3b:a1:4b:50:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 14 09:09:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=afec7826d91adb47476feddae363a2a2a4d81aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a9:a9:26:cc:8c:3a:b3:cd:96:3e:1c:50:5f:
25:15:75:5b:50:27:2a:27:88:bb:34:41:6a:6f:46:
b9:25:53:0f:43:16:d7:e6:6a:b9:4c:0a:7c:ee:f5:
75:05:1a:9b:9f:6e:02:c6:9c:be:89:cd:6a:9a:63:
ce:8a:2d:1b:9d:24:c4:87:f9:20:47:67:90:a2:10:
65:7a:9a:6d:12:10:1e:d0:e7:0f:91:9b:13:db:46:
2d:5a:e4:cc:70:aa:1c:64:06:55:11:d7:6c:65:48:
87:81:25:cf:34:75:d2:c1:8c:b3:78:33:00:2d:3d:
d7:15:68:ff:ae:0e:2c:57:c3:82:2e:60:c2:ac:a4:
fa:b8:ef:87:5d:c7:91:8f:d0:12:05:74:d8:cb:e6:
e3:8d:70:4e:03:85:98:08:36:6d:f1:61:32:ad:73:
7d:7e:5c:ad:91:7a:9b:31:74:f5:db:40:e7:5b:62:
b4:96:96:a2:dd:fa:50:73:e9:91:af:83:aa:3b:1a:
78:94:0f:3a:c2:99:f7:d7:42:77:dc:e0:74:71:a1:
60:00:5f:19:f3:c7:fe:ea:0b:a9:4b:64:9a:8e:8a:
86:2d:35:03:1d:42:b0:7f:f2:78:e4:2d:b4:ec:80:
8b:10:cd:df:a4:16:2c:7d:d1:5c:b7:7f:a3:7e:d6:
89:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:EC:78:26:D9:1A:DB:47:47:6F:ED:DA:E3:63:A2:A2:A4:D8:1A:CA
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/r-x4Jtka20dHb-3a42OioqTYGso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.10.0/23
64.137.14.0/23
64.137.18.0/23
64.137.42.0/23
64.137.48.0/23
64.137.58.0-64.137.63.255
64.137.80.0/22
64.137.92.0-64.137.101.255
104.143.232.0-104.143.243.255
104.233.0.0/21
104.238.0.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:10:28:80:71:d7:d9:9a:12:f0:92:5f:20:fe:41:7c:16:ed:
d4:c3:c4:74:ed:4a:cc:13:1c:53:9a:34:1a:10:8b:96:2b:5f:
09:17:54:ef:83:b4:35:af:f9:c3:45:f2:85:92:5b:b2:d3:b8:
9e:d5:d1:ff:c7:31:40:fa:e9:d2:7e:bc:4c:47:83:bb:14:8f:
bf:ac:3d:94:f0:1e:0f:3d:c9:0f:28:37:2c:9e:73:59:7e:11:
b4:9a:3b:b9:8a:f6:d5:d2:8d:02:72:3c:29:5a:89:4f:f2:4a:
76:90:4f:db:2d:b5:14:17:40:00:86:5e:ce:03:d3:c0:7a:ba:
6a:e6:98:9e:be:5d:da:d2:db:52:5c:de:73:02:a4:9f:da:e4:
bc:cf:8c:e6:d6:2f:e2:1e:92:bf:ca:50:e2:b6:5d:58:8b:11:
24:f9:12:06:f6:d8:72:7d:83:83:d4:b5:41:b9:ba:08:54:ad:
4f:84:52:91:a9:5b:a0:17:8a:a9:1a:8c:9f:82:6d:76:40:8a:
da:3d:97:06:a3:42:aa:dc:ad:07:a8:f7:10:6e:b2:79:c7:f7:
b7:02:35:24:3c:0b:c2:ee:30:52:dc:9c:3b:fc:9b:8d:68:9f:
c5:5f:03:20:ed:34:e6:85:e4:fe:81:b0:58:65:a9:7f:00:85:
48:8a:0b:f3
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYPVwZUO51viXmspizuhS1CvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMDE0MDkwOTM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmVjNzgyNmQ5MWFkYjQ3NDc2ZmVkZGFlMzYzYTJhMmE0ZDgxYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKmpJsyMOrPNlj4cUF8lFXVbUCcq
J4i7NEFqb0a5JVMPQxbX5mq5TAp87vV1BRqbn24Cxpy+ic1qmmPOii0bnSTEh/kg
R2eQohBlepptEhAe0OcPkZsT20YtWuTMcKocZAZVEddsZUiHgSXPNHXSwYyzeDMA
LT3XFWj/rg4sV8OCLmDCrKT6uO+HXceRj9ASBXTYy+bjjXBOA4WYCDZt8WEyrXN9
flytkXqbMXT120DnW2K0lpai3fpQc+mRr4OqOxp4lA86wpn310J33OB0caFgAF8Z
88f+6gupS2SajoqGLTUDHUKwf/J45C207ICLEM3fpBYsfdFct3+jftaJIwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFK/seCbZGttHR2/t2uNjoqKk2BrKMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvci14NEp0a2EyMGRIYi0zYTQyT2lvcVRZR3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQBQIkKAwQB
QIkOAwQBQIkSAwQBQIkqAwQBQIkwMAwDBAFAiToDBAZAiQADBAJAiVAwDAMEAkCJ
XAMEAUCJZDAMAwQDaI/oAwQCaI/wAwQDaOkAAwQCaO4AMA0GCSqGSIb3DQEBCwUA
A4IBAQCOECiAcdfZmhLwkl8g/kF8Fu3Uw8R07UrMExxTmjQaEIuWK18JF1Tvg7Q1
r/nDRfKFkluy07ie1dH/xzFA+unSfrxMR4O7FI+/rD2U8B4PPckPKDcsnnNZfhG0
mju5ivbV0o0CcjwpWolP8kp2kE/bLbUUF0AAhl7OA9PAerpq5pievl3a0ttSXN5z
AqSf2uS8z4zm1i/iHpK/ylDitl1YixEk+RIG9thyfYOD1LVBuboIVK1PhFKRqVug
F4qpGoyfgm12QIraPZcGo0Kq3K0HqPcQbrJ5x/e3AjUkPAvC7jBS3Jw7/JuNaJ/F
XwMg7TTmheT+gbBYZal/AIVIigvz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:38 2023 by rpki-client on console-ams.rpki-client.org