Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/r3vR-Lssq8aJiAlQ6XeqJzs3DEA.roa
File: r3vR-Lssq8aJiAlQ6XeqJzs3DEA.roa (raw, json)
Hash identifier: cVOfN/4m/vGuhytQlnhGhQlu1Pkdu0tP52XgNnb7Yd0=
Subject key identifier: AF:7B:D1:F8:BB:2C:AB:C6:89:88:09:50:E9:77:AA:27:3B:37:0C:40
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0183F663FF62C15C85629210A7F84EEF244A
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/r3vR-Lssq8aJiAlQ6XeqJzs3DEA.roa
Signing time: Thu 20 Oct 2022 17:14:51 +0000
ROA not before: Thu 20 Oct 2022 17:14:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 104.249.30.0/23 maxlen: 23
104.239.10.0/23 maxlen: 23
104.249.36.0/24 maxlen: 24
104.239.13.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.249.55.0/24 maxlen: 24
104.239.28.0/24 maxlen: 24
104.249.60.0/23 maxlen: 23
216.173.120.0/24 maxlen: 24
104.238.4.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.14.0/24 maxlen: 24
104.238.19.0/24 maxlen: 24
104.238.20.0/24 maxlen: 24
216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
216.173.103.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.111.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.98.0/24 maxlen: 24
104.239.92.0/23 maxlen: 23
104.239.96.0/23 maxlen: 23
104.239.104.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.73.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.84.0/23 maxlen: 23
104.239.80.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.233.24.0/23 maxlen: 23
104.233.20.0/24 maxlen: 24
104.233.26.0/24 maxlen: 24
138.128.151.0/24 maxlen: 24
138.128.153.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
138.128.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f6:63:ff:62:c1:5c:85:62:92:10:a7:f8:4e:ef:24:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 20 17:14:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af7bd1f8bb2cabc689880950e977aa273b370c40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:75:8f:aa:36:d3:88:8a:90:10:66:d6:3e:42:
5f:4f:92:66:d9:bf:ae:dd:ad:eb:23:b8:d3:7a:93:
f8:d5:8d:4a:23:c8:83:9e:3e:c1:91:7a:98:51:26:
c0:14:e5:83:10:79:2c:b2:5d:9b:03:3e:2e:64:87:
b8:6a:65:41:56:3c:72:b2:25:25:97:0a:28:49:27:
5f:cd:3d:61:af:ae:16:28:53:fb:97:85:50:4e:3f:
64:64:0c:4d:df:b1:10:ef:43:d9:5e:f9:59:74:81:
d1:7b:77:0d:0a:a4:ad:4e:e9:57:b1:b7:5f:45:70:
fe:e6:6e:d7:3b:20:4a:cd:f5:08:b6:3c:b6:5f:18:
e5:51:e3:f1:21:5a:ff:e4:16:7b:05:e5:c2:ae:b0:
b8:4a:fa:12:3a:8b:c9:88:13:8d:05:72:ce:8e:ef:
8b:f2:db:9b:cf:d4:08:c3:3e:c6:f3:72:52:79:f1:
67:a9:1a:2a:15:aa:68:a3:1d:de:21:00:39:c5:03:
28:0c:eb:59:00:0a:47:d5:d2:9d:3c:8b:b4:b1:89:
0e:fb:19:5b:c0:b7:dd:50:7f:6c:75:40:f9:a8:88:
ca:f4:5f:8c:4f:3c:10:81:34:c9:30:b9:8e:c7:17:
86:4c:bd:72:d9:e1:38:9d:bc:63:43:06:56:e6:57:
f7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:7B:D1:F8:BB:2C:AB:C6:89:88:09:50:E9:77:AA:27:3B:37:0C:40
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/r3vR-Lssq8aJiAlQ6XeqJzs3DEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.20.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.238.14.0/24
104.238.19.0-104.238.20.255
104.239.10.0/23
104.239.13.0/24
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.84.0-104.239.86.255
104.239.88.0/24
104.239.90.0-104.239.94.255
104.239.96.0-104.239.98.255
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
104.249.30.0/23
104.249.36.0/24
104.249.55.0/24
104.249.60.0/23
138.128.151.0/24
138.128.153.0/24
138.128.157.0/24
138.128.159.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.111.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:56:d2:c9:1d:61:4f:4f:83:ed:05:e2:4e:14:74:6c:98:55:
88:db:ee:16:72:89:5a:98:b8:f3:7b:4a:32:48:a7:80:5a:63:
ea:d8:e5:0e:ae:b3:f7:f4:68:7e:f6:8c:74:46:56:14:da:22:
75:de:23:b5:4f:f1:f9:29:d5:4c:8b:57:2b:74:60:49:79:f2:
8d:b7:64:ca:a8:8c:8c:96:9d:a6:0d:59:f4:9a:e1:1b:4a:8a:
c9:b9:62:58:79:a9:b0:72:64:ca:ef:c9:0e:a6:47:f1:47:fe:
9a:6b:c4:a2:64:bb:ab:a6:90:c0:22:83:57:79:f9:98:0d:65:
22:29:e0:f3:a9:e4:23:3b:20:f1:9a:3e:de:a0:8d:9e:f1:69:
6f:ae:d0:f6:00:1b:ec:2c:20:43:6f:ed:84:11:9f:c6:0c:c2:
3d:91:49:ed:8c:dd:6e:58:50:78:98:69:75:a1:6b:ce:9c:18:
b4:f8:f0:21:d1:65:de:06:45:35:b9:b5:b9:1e:6d:4a:ce:53:
f8:6d:23:08:6b:b0:0b:e4:29:9a:96:62:01:cc:f8:1f:18:d2:
a9:ef:c9:23:53:3f:9b:bb:b7:d1:b2:d9:29:de:79:a3:62:e0:
66:bb:14:d3:7d:66:b9:70:07:5f:ad:f6:fd:f9:10:60:39:87:
1f:b4:7e:b8
-----BEGIN CERTIFICATE-----
MIIGJTCCBQ2gAwIBAgISAYP2Y/9iwVyFYpIQp/hO7yRKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMDIwMTcxNDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjdiZDFmOGJiMmNhYmM2ODk4ODA5NTBlOTc3YWEyNzNiMzcwYzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHWPqjbTiIqQEGbWPkJfT5Jm2b+u
3a3rI7jTepP41Y1KI8iDnj7BkXqYUSbAFOWDEHkssl2bAz4uZIe4amVBVjxysiUl
lwooSSdfzT1hr64WKFP7l4VQTj9kZAxN37EQ70PZXvlZdIHRe3cNCqStTulXsbdf
RXD+5m7XOyBKzfUItjy2XxjlUePxIVr/5BZ7BeXCrrC4SvoSOovJiBONBXLOju+L
8tubz9QIwz7G83JSefFnqRoqFapoox3eIQA5xQMoDOtZAApH1dKdPIu0sYkO+xlb
wLfdUH9sdUD5qIjK9F+MTzwQgTTJMLmOxxeGTL1y2eE4nbxjQwZW5lf3wwIDAQAB
o4IDMTCCAy0wHQYDVR0OBBYEFK970fi7LKvGiYgJUOl3qic7NwxAMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvcjN2Ui1Mc3NxOGFKaUFsUTZYZXFKenMzREVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRQYIKwYBBQUHAQcBAf8EggE0MIIBMDCCASwEAgABMIIB
JAMEAGjpFDAMAwQDaOkYAwQAaOkaAwQBaO4EMAwDBABo7gcDBABo7goDBABo7g4w
DAMEAGjuEwMEAGjuFAMEAWjvCgMEAGjvDQMEAGjvHAMEAWjvHgMEAGjvLAMEAGjv
STAMAwQAaO9LAwQAaO9OMAwDBARo71ADBABo71IwDAMEAmjvVAMEAGjvVgMEAGjv
WDAMAwQBaO9aAwQAaO9eMAwDBAVo72ADBABo72IDBABo72UwDAMEA2jvaAMEAGjv
bAMEAGjvbzAMAwQCaO98AwQAaO9+AwQBaPkeAwQAaPkkAwQAaPk3AwQBaPk8AwQA
ioCXAwQAioCZAwQAioCdAwQAioCfAwQA2K1MAwQA2K1SMAwDBAHYrWYDBATYrWAD
BADYrXgwDQYJKoZIhvcNAQELBQADggEBAI1W0skdYU9Pg+0F4k4UdGyYVYjb7hZy
iVqYuPN7SjJIp4BaY+rY5Q6us/f0aH72jHRGVhTaInXeI7VP8fkp1UyLVyt0YEl5
8o23ZMqojIyWnaYNWfSa4RtKism5Ylh5qbByZMrvyQ6mR/FH/pprxKJku6umkMAi
g1d5+ZgNZSIp4POp5CM7IPGaPt6gjZ7xaW+u0PYAG+wsIENv7YQRn8YMwj2RSe2M
3W5YUHiYaXWha86cGLT48CHRZd4GRTW5tbkebUrOU/htIwhrsAvkKZqWYgHM+B8Y
0qnvySNTP5u7t9Gy2SneeaNi4Ga7FNN9ZrlwB1+t9v35EGA5hx+0frg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-fra.rpki-client.org