Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/x49e2GxDkLO1RaRipS9VpgGr8sY.roa
File: x49e2GxDkLO1RaRipS9VpgGr8sY.roa (raw, json)
Hash identifier: r2YMa/3g3YKfCnIlZbjcNoGHRMQ+BrThcJ0JDAKRuTY=
Subject key identifier: C7:8F:5E:D8:6C:43:90:B3:B5:45:A4:62:A5:2F:55:A6:01:AB:F2:C6
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0183FA15BD5D32059ACF1460D6ED50350844
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/x49e2GxDkLO1RaRipS9VpgGr8sY.roa
Signing time: Fri 21 Oct 2022 10:27:52 +0000
ROA not before: Fri 21 Oct 2022 10:27:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 104.249.30.0/23 maxlen: 23
104.239.10.0/23 maxlen: 23
104.239.13.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.249.55.0/24 maxlen: 24
104.239.28.0/24 maxlen: 24
104.249.60.0/23 maxlen: 23
216.173.120.0/24 maxlen: 24
104.238.4.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.14.0/24 maxlen: 24
104.238.19.0/24 maxlen: 24
104.238.20.0/24 maxlen: 24
216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
216.173.103.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.98.0/24 maxlen: 24
104.239.92.0/23 maxlen: 23
104.239.96.0/23 maxlen: 23
104.239.104.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.73.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.84.0/23 maxlen: 23
104.239.80.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.233.24.0/23 maxlen: 23
104.233.20.0/24 maxlen: 24
104.233.26.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
138.128.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fa:15:bd:5d:32:05:9a:cf:14:60:d6:ed:50:35:08:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 21 10:27:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c78f5ed86c4390b3b545a462a52f55a601abf2c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:18:f9:ad:6d:49:06:28:a5:3d:b1:79:45:59:
8c:e4:fd:26:24:4b:4f:1e:06:4f:65:7e:5d:4c:81:
a1:24:0c:a9:57:2b:55:20:12:89:29:ef:00:43:3c:
fe:c6:e1:bd:fa:f7:c7:8a:26:ac:a6:93:56:de:c3:
50:b2:b6:01:20:c7:ec:29:c3:99:ee:8c:4e:5f:6c:
7d:24:68:ce:bf:dd:57:98:b7:36:28:06:46:97:91:
27:19:c9:a2:e1:77:8e:34:6d:a3:c3:fd:6c:53:c5:
e5:22:43:57:33:fd:fb:11:3a:37:8b:7a:89:f9:cb:
0b:02:0f:68:c6:f5:b4:fa:5e:0b:f1:a5:b1:c9:0c:
bf:53:f5:19:2f:3d:7a:f4:bb:50:26:31:49:f1:6e:
51:79:cc:99:a1:fd:4a:1c:69:e4:64:c3:4e:5d:77:
8b:7a:a3:1b:ef:e5:9a:80:3c:f5:0e:04:84:80:8e:
08:a8:b4:0c:f0:fe:aa:fe:54:29:68:87:76:d2:b4:
fe:44:ee:e4:64:39:01:38:0d:0b:a5:0c:86:e3:18:
92:0b:0d:bd:13:68:6a:b6:59:53:db:e5:b1:fc:8c:
15:60:e2:c4:11:39:c1:91:cf:a0:14:32:41:03:e9:
cb:82:ea:9f:78:f4:81:f1:96:7c:46:25:d0:76:ae:
83:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:8F:5E:D8:6C:43:90:B3:B5:45:A4:62:A5:2F:55:A6:01:AB:F2:C6
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/x49e2GxDkLO1RaRipS9VpgGr8sY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.233.20.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.238.14.0/24
104.238.19.0-104.238.20.255
104.239.10.0/23
104.239.13.0/24
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.84.0-104.239.86.255
104.239.88.0/24
104.239.90.0-104.239.94.255
104.239.96.0-104.239.98.255
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
104.249.30.0/23
104.249.55.0/24
104.249.60.0/23
138.128.157.0/24
138.128.159.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.110.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
15:09:cc:45:20:29:ad:3e:af:94:8d:1c:09:06:34:63:f3:a5:
4c:1f:30:1b:e1:a0:8f:eb:4b:92:4b:e1:a6:c0:e2:a5:0b:89:
6e:6a:f1:b4:8b:45:c2:60:10:82:77:e1:2d:5f:41:6a:cd:e9:
04:0d:3a:8f:d9:d4:81:ca:ab:d9:03:4d:1b:26:d8:8d:cf:fb:
dc:18:7f:32:cb:bf:f4:af:fe:6b:df:67:6f:c7:0c:0b:2d:73:
4d:62:cb:cf:ed:fd:9e:29:e2:33:5a:dd:fa:19:ed:16:07:7b:
53:01:e9:23:4c:52:c7:90:25:d4:65:04:d8:59:b9:3e:8b:e9:
9b:8f:30:bc:c2:b6:28:56:eb:5e:f5:1e:ee:2b:ac:32:ba:84:
8b:c7:5e:0d:c8:d2:41:5d:92:5f:71:d9:8c:b9:ad:64:01:22:
0a:9a:d1:d1:9c:ec:3a:26:68:59:8e:f2:5d:a8:39:9d:60:3b:
18:d7:85:1d:a2:b4:0c:4b:bb:1d:08:99:53:20:16:6b:a6:78:
da:f1:07:f0:78:de:25:91:7e:2d:40:6a:c9:d7:c8:da:6b:5c:
9d:04:e5:e7:25:1b:9a:45:a9:c9:12:3a:48:26:51:63:39:69:
87:6d:a6:c9:74:1b:f5:e1:47:cd:61:f9:62:82:47:e9:28:70:
1f:5a:21:4b
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISAYP6Fb1dMgWazxRg1u1QNQhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMDIxMTAyNzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzhmNWVkODZjNDM5MGIzYjU0NWE0NjJhNTJmNTVhNjAxYWJmMmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRj5rW1JBiilPbF5RVmM5P0mJEtP
HgZPZX5dTIGhJAypVytVIBKJKe8AQzz+xuG9+vfHiiasppNW3sNQsrYBIMfsKcOZ
7oxOX2x9JGjOv91XmLc2KAZGl5EnGcmi4XeONG2jw/1sU8XlIkNXM/37ETo3i3qJ
+csLAg9oxvW0+l4L8aWxyQy/U/UZLz169LtQJjFJ8W5RecyZof1KHGnkZMNOXXeL
eqMb7+WagDz1DgSEgI4IqLQM8P6q/lQpaId20rT+RO7kZDkBOA0LpQyG4xiSCw29
E2hqtllT2+Wx/IwVYOLEETnBkc+gFDJBA+nLguqfePSB8ZZ8RiXQdq6DoQIDAQAB
o4IDHzCCAxswHQYDVR0OBBYEFMePXthsQ5CztUWkYqUvVaYBq/LGMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEveDQ5ZTJHeERrTE8xUmFSaXBTOVZwZ0dyOHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMwYIKwYBBQUHAQcBAf8EggEiMIIBHjCCARoEAgABMIIB
EgMEAGjpFDAMAwQDaOkYAwQAaOkaAwQBaO4EMAwDBABo7gcDBABo7goDBABo7g4w
DAMEAGjuEwMEAGjuFAMEAWjvCgMEAGjvDQMEAGjvHAMEAWjvHgMEAGjvLAMEAGjv
STAMAwQAaO9LAwQAaO9OMAwDBARo71ADBABo71IwDAMEAmjvVAMEAGjvVgMEAGjv
WDAMAwQBaO9aAwQAaO9eMAwDBAVo72ADBABo72IDBABo72UwDAMEA2jvaAMEAGjv
bAMEAGjvbzAMAwQCaO98AwQAaO9+AwQBaPkeAwQAaPk3AwQBaPk8AwQAioCdAwQA
ioCfAwQA2K1MAwQA2K1SMAwDBAHYrWYDBADYrW4DBADYrXgwDQYJKoZIhvcNAQEL
BQADggEBABUJzEUgKa0+r5SNHAkGNGPzpUwfMBvhoI/rS5JL4abA4qULiW5q8bSL
RcJgEIJ34S1fQWrN6QQNOo/Z1IHKq9kDTRsm2I3P+9wYfzLLv/Sv/mvfZ2/HDAst
c01iy8/t/Z4p4jNa3foZ7RYHe1MB6SNMUseQJdRlBNhZuT6L6ZuPMLzCtihW6171
Hu4rrDK6hIvHXg3I0kFdkl9x2Yy5rWQBIgqa0dGc7DomaFmO8l2oOZ1gOxjXhR2i
tAxLux0ImVMgFmumeNrxB/B43iWRfi1AasnXyNprXJ0E5eclG5pFqckSOkgmUWM5
aYdtpsl0G/XhR81h+WKCR+kocB9aIUs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-fra.rpki-client.org