Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/urXjlEJqNZ7MnX5TZ7a6nRjHTQg.roa
File: urXjlEJqNZ7MnX5TZ7a6nRjHTQg.roa (raw, json)
Hash identifier: WCAEnGv5yQ/7lyvYjEBZv7Dt8Lc4nlQuvFWRQMKYeDM=
Subject key identifier: BA:B5:E3:94:42:6A:35:9E:CC:9D:7E:53:67:B6:BA:9D:18:C7:4D:08
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01842F012153D1FF8A6F0D01F06AAAC01AE3
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/urXjlEJqNZ7MnX5TZ7a6nRjHTQg.roa
Signing time: Mon 31 Oct 2022 17:05:13 +0000
ROA not before: Mon 31 Oct 2022 17:05:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 104.239.10.0/23 maxlen: 23
104.239.13.0/24 maxlen: 24
104.249.55.0/24 maxlen: 24
104.239.28.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.249.60.0/23 maxlen: 23
104.167.0.0/24 maxlen: 24
104.167.10.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
64.137.52.0/23 maxlen: 23
104.238.4.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
216.173.103.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
104.239.98.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.73.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.80.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.233.20.0/24 maxlen: 24
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
138.128.148.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
138.128.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2f:01:21:53:d1:ff:8a:6f:0d:01:f0:6a:aa:c0:1a:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 31 17:05:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bab5e394426a359ecc9d7e5367b6ba9d18c74d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:27:e4:d6:29:74:61:b9:6e:39:3b:86:aa:02:
20:f1:72:7b:c2:b7:73:a9:1d:5b:2d:22:fa:1e:05:
7f:96:cf:81:bd:df:96:7e:b0:05:d9:76:5e:90:59:
90:20:d2:26:94:9e:1e:c1:e2:68:d8:28:37:71:81:
81:28:4b:db:d6:03:bb:9d:61:b0:42:5f:8b:25:57:
11:d1:0e:aa:ba:23:07:16:ed:e1:b4:97:56:26:ac:
de:a0:1e:d3:a4:dc:d8:d3:49:2b:36:ec:30:f0:d4:
2b:ef:2e:d7:07:ee:bc:78:9d:f9:a4:1c:e5:92:21:
28:48:62:23:56:80:72:e3:0b:b3:53:61:12:97:62:
a7:da:6b:9a:1b:47:db:0d:23:c3:0a:07:ce:1d:b0:
43:13:42:96:f7:62:b2:84:ef:62:e3:fc:43:e7:a2:
b3:e8:63:1b:f9:03:df:cd:24:1c:09:5d:be:95:b2:
12:b4:cd:5c:90:52:1e:3a:a3:86:75:53:2d:b1:be:
bc:48:be:4c:b8:fb:31:42:c8:60:b8:0d:b1:11:89:
e1:0e:82:14:dd:17:79:c3:cf:a4:82:9a:fa:8a:32:
b8:9c:a3:9e:02:4f:17:ae:15:69:77:ba:c1:96:e8:
cb:22:ac:c0:9f:cf:bd:48:97:3b:f3:48:c0:3e:79:
94:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B5:E3:94:42:6A:35:9E:CC:9D:7E:53:67:B6:BA:9D:18:C7:4D:08
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/urXjlEJqNZ7MnX5TZ7a6nRjHTQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.52.0/23
104.167.0.0/24
104.167.10.0/24
104.233.20.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.239.10.0/23
104.239.13.0/24
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.86.0/24
104.239.88.0/24
104.239.90.0/23
104.239.94.0/24
104.239.98.0/24
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
104.249.55.0/24
104.249.60.0/23
138.128.148.0/24
138.128.157.0/24
138.128.159.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.110.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:84:36:cb:c6:40:ed:63:04:bd:a6:b3:a0:8c:9e:a4:14:5e:
e4:58:04:5f:f2:ee:4d:88:fb:67:07:f6:73:d0:7f:e4:6b:25:
e4:61:17:de:ec:be:08:8d:6d:8e:fa:55:07:dd:7b:6e:e9:23:
7e:76:99:5d:61:79:fc:27:9e:e7:f8:37:ea:c5:9f:22:68:2c:
26:f6:00:a5:81:46:a6:b8:2b:e9:11:8a:a0:74:6c:18:6a:46:
5c:6b:49:6e:17:6c:19:99:1e:76:d6:0c:47:5b:b9:ac:38:42:
73:40:13:ea:79:a4:a2:c7:4d:35:ba:c2:db:3d:39:d5:21:84:
3d:d7:db:b5:93:26:5a:32:8b:69:99:a0:e1:3c:3e:dc:de:0d:
50:f4:14:10:1a:99:e5:48:a1:aa:ad:40:82:33:66:c6:8d:fe:
12:f4:c4:59:43:a1:72:49:d9:3a:f9:37:4a:ae:54:cf:ac:93:
91:cc:f5:a8:95:fa:7a:41:80:8f:9d:6e:df:a0:1d:e2:6d:d8:
6c:45:c6:4e:a8:90:d7:4a:c6:06:01:99:f8:0d:b7:a0:9a:da:
89:a4:cf:54:26:65:19:4f:8a:6c:52:2a:92:08:12:b9:aa:57:
29:2f:eb:05:1a:fa:e3:af:bb:00:13:47:2c:1a:c6:39:5c:7c:
a2:33:5c:3c
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAYQvASFT0f+Kbw0B8GqqwBrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMDMxMTcwNTEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWI1ZTM5NDQyNmEzNTllY2M5ZDdlNTM2N2I2YmE5ZDE4Yzc0ZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyfk1il0YbluOTuGqgIg8XJ7wrdz
qR1bLSL6HgV/ls+Bvd+WfrAF2XZekFmQINImlJ4eweJo2Cg3cYGBKEvb1gO7nWGw
Ql+LJVcR0Q6quiMHFu3htJdWJqzeoB7TpNzY00krNuww8NQr7y7XB+68eJ35pBzl
kiEoSGIjVoBy4wuzU2ESl2Kn2muaG0fbDSPDCgfOHbBDE0KW92KyhO9i4/xD56Kz
6GMb+QPfzSQcCV2+lbIStM1ckFIeOqOGdVMtsb68SL5MuPsxQshguA2xEYnhDoIU
3Rd5w8+kgpr6ijK4nKOeAk8XrhVpd7rBlujLIqzAn8+9SJc780jAPnmUcwIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFLq145RCajWezJ1+U2e2up0Yx00IMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvdXJYamxFSnFOWjdNblg1VFo3YTZuUmpIVFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCCAQUEAgABMIH+
AwQBQIk0AwQAaKcAAwQAaKcKAwQAaOkUMAwDBANo6RgDBABo6RoDBAFo7gQwDAME
AGjuBwMEAGjuCgMEAWjvCgMEAGjvDQMEAGjvHAMEAWjvHgMEAGjvLAMEAGjvSTAM
AwQAaO9LAwQAaO9OMAwDBARo71ADBABo71IDBABo71YDBABo71gDBAFo71oDBABo
714DBABo72IDBABo72UwDAMEA2jvaAMEAGjvbAMEAGjvbzAMAwQCaO98AwQAaO9+
AwQAaPk3AwQBaPk8AwQAioCUAwQAioCdAwQAioCfAwQA2K1MAwQA2K1SMAwDBAHY
rWYDBADYrW4DBADYrXgwDQYJKoZIhvcNAQELBQADggEBAEyENsvGQO1jBL2ms6CM
nqQUXuRYBF/y7k2I+2cH9nPQf+RrJeRhF97svgiNbY76VQfde27pI352mV1hefwn
nuf4N+rFnyJoLCb2AKWBRqa4K+kRiqB0bBhqRlxrSW4XbBmZHnbWDEdbuaw4QnNA
E+p5pKLHTTW6wts9OdUhhD3X27WTJloyi2mZoOE8PtzeDVD0FBAameVIoaqtQIIz
ZsaN/hL0xFlDoXJJ2Tr5N0quVM+sk5HM9aiV+npBgI+dbt+gHeJt2GxFxk6okNdK
xgYBmfgNt6Ca2omkz1QmZRlPimxSKpIIErmqVykv6wUa+uOvuwATRywaxjlcfKIz
XDw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:38 2023 by rpki-client on console-ams.rpki-client.org