Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/vXr-LcLvxqedV2qAgu3RVJWgYII.roa
File: vXr-LcLvxqedV2qAgu3RVJWgYII.roa (raw, json)
Hash identifier: uuewN9uQDNCcmUdOwKpXmpL+euzvqp//iP/b5uz8th8=
Subject key identifier: BD:7A:FE:2D:C2:EF:C6:A7:9D:57:6A:80:82:ED:D1:54:95:A0:60:82
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0261F4BD
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/vXr-LcLvxqedV2qAgu3RVJWgYII.roa
Signing time: Mon 02 May 2022 16:54:57 +0000
ROA not before: Mon 02 May 2022 16:54:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 104.249.30.0/23 maxlen: 23
104.249.29.0/24 maxlen: 24
104.239.10.0/23 maxlen: 23
104.249.36.0/24 maxlen: 24
104.239.13.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.249.55.0/24 maxlen: 24
104.239.28.0/24 maxlen: 24
104.249.60.0/23 maxlen: 23
216.173.120.0/24 maxlen: 24
104.238.4.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.14.0/24 maxlen: 24
104.238.19.0/24 maxlen: 24
104.238.20.0/24 maxlen: 24
216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
216.173.103.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
216.173.111.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.98.0/24 maxlen: 24
104.239.92.0/23 maxlen: 23
104.239.96.0/23 maxlen: 23
104.239.101.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
104.239.73.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.80.0/23 maxlen: 23
104.239.84.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.233.20.0/24 maxlen: 24
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
138.128.151.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
138.128.159.0/24 maxlen: 24
138.128.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39974077 (0x261f4bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 2 16:54:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd7afe2dc2efc6a79d576a8082edd15495a06082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:9d:6e:ba:d6:55:19:74:8f:c9:6c:f9:e9:19:
dc:fa:02:84:b9:55:95:b0:17:1b:86:be:e1:cd:2a:
43:06:9c:69:be:96:f5:b9:23:72:ce:16:63:72:68:
08:5c:ef:76:97:a4:9e:5f:8a:1c:d3:43:f7:6f:32:
07:c7:56:bd:74:41:2b:8e:1f:1e:31:7c:8c:5a:5a:
bd:49:04:39:35:ac:93:2e:10:25:21:2e:90:9f:98:
b1:3c:ad:db:21:21:5f:6d:b9:37:b4:ce:b6:8d:ff:
18:e1:dc:08:4e:ed:00:52:ab:3f:f1:96:d1:c6:0a:
b0:0d:50:8e:5d:e5:22:26:0d:e3:3c:36:98:cd:5e:
4a:61:c8:f6:6e:6b:b6:77:0d:38:96:ef:6c:76:83:
e9:25:99:68:8e:a2:15:65:76:22:4f:ea:01:59:bd:
c7:d4:a9:c4:59:34:1d:34:69:5c:94:36:87:5b:63:
88:68:60:af:0e:fd:53:cd:c4:a4:a9:9d:d2:cf:05:
ce:a9:23:38:be:9d:ef:e5:6c:52:f4:48:d4:ec:a4:
98:c3:ad:cf:e0:01:9a:44:28:6d:b2:c8:05:26:98:
7c:5a:2a:a7:b9:86:27:5f:cb:00:90:bb:8f:f2:d3:
06:b3:65:98:51:15:3f:88:f6:3f:fe:2c:78:b4:c3:
89:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:7A:FE:2D:C2:EF:C6:A7:9D:57:6A:80:82:ED:D1:54:95:A0:60:82
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/vXr-LcLvxqedV2qAgu3RVJWgYII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.20.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.238.14.0/24
104.238.19.0-104.238.20.255
104.239.10.0/23
104.239.13.0/24
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.84.0-104.239.86.255
104.239.88.0/24
104.239.90.0-104.239.94.255
104.239.96.0-104.239.98.255
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
104.249.29.0-104.249.31.255
104.249.36.0/24
104.249.55.0/24
104.249.60.0/23
138.128.151.0/24
138.128.153.0/24
138.128.157.0/24
138.128.159.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.111.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
58:88:e1:e9:05:79:d0:5f:09:de:44:ea:c6:ec:ad:8e:b1:72:
0a:4f:e8:8d:5b:2e:e0:87:09:61:02:be:a0:7c:2a:a2:14:c8:
ed:7e:12:ce:ed:16:13:6f:44:1d:9e:d0:11:6b:36:43:41:a9:
cd:9a:5f:d1:5e:83:c4:db:91:78:11:e7:69:86:45:48:c7:d2:
bc:3d:8d:86:06:0d:e0:ea:7c:96:0d:2e:dc:c0:78:45:fb:dc:
0c:cf:a1:e6:f6:d0:88:80:4f:47:37:10:eb:8e:a5:9f:71:3c:
77:77:b7:52:9f:38:cc:6f:c3:32:05:43:1e:91:5a:7f:b9:53:
0a:b9:3c:17:12:68:54:8b:df:6f:6f:53:c2:e8:dd:84:57:77:
88:0e:e4:7f:62:b9:a7:3a:5e:e8:7b:75:d1:fd:c7:a9:f2:f3:
45:9c:05:41:68:88:b6:31:f7:45:15:49:e6:f2:75:25:7d:6f:
3d:c5:21:f7:5b:f9:fc:f5:37:53:96:f6:37:40:b0:95:9b:2c:
03:c9:71:4e:31:1e:af:44:45:79:43:0d:bb:65:1e:f6:bd:a9:
48:f4:ec:bd:31:ce:f3:5d:ef:81:a6:9f:8d:72:f9:2e:38:d6:
1e:91:90:da:64:ef:2a:41:7f:92:3b:2d:5a:fb:7b:fc:2e:bd:
df:c1:26:20
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgIEAmH0vTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDU4MWU2NzNkODBmNzQ3NDkzNmIyMTMzN2VhZmNjMWJkYzM4NWU5MB4XDTIyMDUw
MjE2NTQ1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmQ3YWZlMmRjMmVm
YzZhNzlkNTc2YTgwODJlZGQxNTQ5NWEwNjA4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOydbrrWVRl0j8ls+ekZ3PoChLlVlbAXG4a+4c0qQwacab6W
9bkjcs4WY3JoCFzvdpeknl+KHNND928yB8dWvXRBK44fHjF8jFpavUkEOTWsky4Q
JSEukJ+YsTyt2yEhX225N7TOto3/GOHcCE7tAFKrP/GW0cYKsA1Qjl3lIiYN4zw2
mM1eSmHI9m5rtncNOJbvbHaD6SWZaI6iFWV2Ik/qAVm9x9SpxFk0HTRpXJQ2h1tj
iGhgrw79U83EpKmd0s8FzqkjOL6d7+VsUvRI1OykmMOtz+ABmkQobbLIBSaYfFoq
p7mGJ1/LAJC7j/LTBrNlmFEVP4j2P/4seLTDiS0CAwEAAaOCAzkwggM1MB0GA1Ud
DgQWBBS9ev4twu/Gp51XaoCC7dFUlaBggjAfBgNVHSMEGDAWgBRgWB5nPYD3R0k2
shM36vzBvcOF6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lGZ2VaejJBOTBkSk5ySVROLXI4d2IzRGhlay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8x
L3ZYci1MY0x2eHFlZFYycUFndTNSVkpXZ1lJSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
ZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8xL1lGZ2VaejJBOTBk
Sk5ySVROLXI4d2IzRGhlay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AU0GCCsGAQUFBwEHAQH/BIIBPDCCATgwggE0BAIAATCCASwDBABo6RQwDAMEA2jp
GAMEAGjpGgMEAWjuBDAMAwQAaO4HAwQAaO4KAwQAaO4OMAwDBABo7hMDBABo7hQD
BAFo7woDBABo7w0DBABo7xwDBAFo7x4DBABo7ywDBABo70kwDAMEAGjvSwMEAGjv
TjAMAwQEaO9QAwQAaO9SMAwDBAJo71QDBABo71YDBABo71gwDAMEAWjvWgMEAGjv
XjAMAwQFaO9gAwQAaO9iAwQAaO9lMAwDBANo72gDBABo72wDBABo728wDAMEAmjv
fAMEAGjvfjAMAwQAaPkdAwQFaPkAAwQAaPkkAwQAaPk3AwQBaPk8AwQAioCXAwQA
ioCZAwQAioCdAwQAioCfAwQA2K1MAwQA2K1SMAwDBAHYrWYDBATYrWADBADYrXgw
DQYJKoZIhvcNAQELBQADggEBAFiI4ekFedBfCd5E6sbsrY6xcgpP6I1bLuCHCWEC
vqB8KqIUyO1+Es7tFhNvRB2e0BFrNkNBqc2aX9Feg8TbkXgR52mGRUjH0rw9jYYG
DeDqfJYNLtzAeEX73AzPoeb20IiAT0c3EOuOpZ9xPHd3t1KfOMxvwzIFQx6RWn+5
Uwq5PBcSaFSL329vU8Lo3YRXd4gO5H9iuac6Xuh7ddH9x6ny80WcBUFoiLYx90UV
SebydSV9bz3FIfdb+fz1N1OW9jdAsJWbLAPJcU4xHq9ERXlDDbtlHva9qUj07L0x
zvNd74Gmn41y+S441h6RkNpk7ypBf5I7LVr7e/wuvd/BJiA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:38 2023 by rpki-client on console-ams.rpki-client.org