Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/y3cQZPEPJVPxUuhQ0UhdPybpuGs.roa
File: y3cQZPEPJVPxUuhQ0UhdPybpuGs.roa (raw, json)
Hash identifier: QAXJBrtv7HJ3jqco+YytEhfTgEDFDr3OrXEbOYmu0jQ=
Subject key identifier: CB:77:10:64:F1:0F:25:53:F1:52:E8:50:D1:48:5D:3F:26:E9:B8:6B
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01847C373786AF9CA5BF2089026FF1FEE128
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/y3cQZPEPJVPxUuhQ0UhdPybpuGs.roa
Signing time: Tue 15 Nov 2022 16:55:04 +0000
ROA not before: Tue 15 Nov 2022 16:55:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 104.239.10.0/23 maxlen: 23
104.249.55.0/24 maxlen: 24
104.239.28.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.249.60.0/23 maxlen: 23
104.167.0.0/24 maxlen: 24
104.167.10.0/24 maxlen: 24
216.173.120.0/24 maxlen: 24
64.137.52.0/23 maxlen: 23
104.238.4.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.7.0/24 maxlen: 24
104.238.10.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
216.173.76.0/24 maxlen: 24
216.173.82.0/24 maxlen: 24
216.173.102.0/24 maxlen: 24
216.173.104.0/24 maxlen: 24
216.173.103.0/24 maxlen: 24
216.173.105.0/24 maxlen: 24
216.173.109.0/24 maxlen: 24
216.173.108.0/24 maxlen: 24
216.173.110.0/24 maxlen: 24
216.173.106.0/24 maxlen: 24
216.173.107.0/24 maxlen: 24
104.239.98.0/24 maxlen: 24
104.239.94.0/24 maxlen: 24
104.239.101.0/24 maxlen: 24
104.239.105.0/24 maxlen: 24
104.239.104.0/24 maxlen: 24
104.239.111.0/24 maxlen: 24
104.239.106.0/24 maxlen: 24
104.239.108.0/24 maxlen: 24
104.239.107.0/24 maxlen: 24
104.239.124.0/23 maxlen: 23
104.239.126.0/24 maxlen: 24
104.239.44.0/24 maxlen: 24
104.239.76.0/23 maxlen: 23
104.239.73.0/24 maxlen: 24
104.239.75.0/24 maxlen: 24
104.239.78.0/24 maxlen: 24
104.239.80.0/23 maxlen: 23
104.239.82.0/24 maxlen: 24
104.239.90.0/23 maxlen: 23
104.239.86.0/24 maxlen: 24
104.239.88.0/24 maxlen: 24
104.233.20.0/24 maxlen: 24
104.233.24.0/23 maxlen: 23
104.233.26.0/24 maxlen: 24
138.128.148.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7c:37:37:86:af:9c:a5:bf:20:89:02:6f:f1:fe:e1:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Nov 15 16:55:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb771064f10f2553f152e850d1485d3f26e9b86b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:92:2f:e3:c8:0a:1d:8f:a6:08:f1:fa:7b:16:
3b:dd:b7:6c:f7:aa:c8:de:81:30:e3:b1:a3:43:40:
f2:2a:d6:71:f3:81:cc:98:62:81:0c:c4:22:94:6e:
cc:c2:12:34:da:78:c4:8f:e6:47:0a:6b:68:db:83:
fc:f9:58:dd:2a:1c:b4:96:f6:be:f2:61:0e:fc:d4:
65:d9:8f:e9:b6:3f:ec:07:94:7a:41:4f:60:ed:5e:
ea:38:8f:42:52:9f:12:25:51:00:de:b7:f8:cc:95:
fa:4a:76:cf:31:5f:bb:9c:ff:7f:7a:0b:b8:6c:18:
8a:74:8b:83:ab:c6:0a:cb:1b:c4:af:f3:ae:ea:5a:
41:9c:82:d2:25:0d:a6:8c:f6:c2:5a:b5:98:fe:d7:
31:f6:05:bf:72:5f:5e:2e:94:a9:e7:c8:ac:2e:2f:
c9:b1:e9:89:ba:9f:b4:1e:fa:66:55:7d:91:7a:f5:
2f:b4:ef:20:c6:86:63:85:21:58:71:a0:13:0c:f7:
35:e1:6e:e8:10:7a:80:2c:38:30:fd:82:b0:c6:ad:
31:fc:b5:14:c9:c2:d3:d7:c2:19:bb:9a:dc:7b:e6:
ed:d8:c2:ae:7a:46:3e:40:0d:1a:38:82:e0:70:7b:
74:4a:49:8e:ea:05:ff:e1:8c:bd:3b:04:ed:87:da:
30:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:77:10:64:F1:0F:25:53:F1:52:E8:50:D1:48:5D:3F:26:E9:B8:6B
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/y3cQZPEPJVPxUuhQ0UhdPybpuGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.52.0/23
104.167.0.0/24
104.167.10.0/24
104.233.20.0/24
104.233.24.0-104.233.26.255
104.238.4.0/23
104.238.7.0-104.238.10.255
104.239.10.0/23
104.239.28.0/24
104.239.30.0/23
104.239.44.0/24
104.239.73.0/24
104.239.75.0-104.239.78.255
104.239.80.0-104.239.82.255
104.239.86.0/24
104.239.88.0/24
104.239.90.0/23
104.239.94.0/24
104.239.98.0/24
104.239.101.0/24
104.239.104.0-104.239.108.255
104.239.111.0/24
104.239.124.0-104.239.126.255
104.249.55.0/24
104.249.60.0/23
138.128.148.0/24
138.128.157.0/24
216.173.76.0/24
216.173.82.0/24
216.173.102.0-216.173.110.255
216.173.120.0/24
Signature Algorithm: sha256WithRSAEncryption
35:16:15:23:29:63:33:bb:7a:38:04:35:53:5e:7c:7b:0f:b8:
ec:ee:34:51:3f:fe:07:eb:6d:07:93:f4:14:21:ea:db:53:ab:
0f:7a:7f:3f:df:7d:41:77:9d:7c:9d:1c:7d:14:5c:8e:27:1c:
59:f2:cc:86:b4:4a:ed:e8:5a:dd:88:3f:2e:19:08:45:ca:b1:
71:06:48:a0:c9:0e:91:f3:3a:b4:f4:2e:2b:0f:a9:66:5f:5b:
0c:87:fc:66:12:6c:ca:9f:0b:cc:00:f0:15:b7:e4:c4:88:5d:
28:45:fc:78:af:3f:e6:23:0a:a8:ed:fa:7f:12:d2:c9:5b:5c:
fe:ff:28:4a:19:e1:7d:53:cd:0c:9d:3d:79:49:e8:eb:9d:1a:
42:10:9a:ea:a3:e8:fb:84:4f:ca:d8:98:ac:5d:8f:40:86:20:
a6:63:04:a6:42:3c:67:10:d9:0e:b2:88:bd:c0:c5:c0:50:ab:
31:df:d6:f9:fb:22:dd:b1:29:5c:43:cb:42:1f:e9:28:e2:20:
89:eb:17:cb:df:5b:f6:23:5b:9d:12:aa:54:65:af:e6:7f:cf:
47:31:f8:f3:4f:b7:b3:ed:40:3a:50:bb:26:e3:a1:07:94:ff:
9d:c0:e1:03:f3:59:04:74:4b:2e:b8:56:b9:33:14:69:47:96:
25:f8:f6:dd
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAYR8NzeGr5ylvyCJAm/x/uEoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMTE1MTY1NTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjc3MTA2NGYxMGYyNTUzZjE1MmU4NTBkMTQ4NWQzZjI2ZTliODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZIv48gKHY+mCPH6exY73bds96rI
3oEw47GjQ0DyKtZx84HMmGKBDMQilG7MwhI02njEj+ZHCmto24P8+VjdKhy0lva+
8mEO/NRl2Y/ptj/sB5R6QU9g7V7qOI9CUp8SJVEA3rf4zJX6SnbPMV+7nP9/egu4
bBiKdIuDq8YKyxvEr/Ou6lpBnILSJQ2mjPbCWrWY/tcx9gW/cl9eLpSp58isLi/J
semJup+0HvpmVX2RevUvtO8gxoZjhSFYcaATDPc14W7oEHqALDgw/YKwxq0x/LUU
ycLT18IZu5rce+bt2MKuekY+QA0aOILgcHt0SkmO6gX/4Yy9OwTth9owaQIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFMt3EGTxDyVT8VLoUNFIXT8m6bhrMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEveTNjUVpQRVBKVlB4VXVoUTBVaGRQeWJwdUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgfkEAgABMIHyAwQB
QIk0AwQAaKcAAwQAaKcKAwQAaOkUMAwDBANo6RgDBABo6RoDBAFo7gQwDAMEAGju
BwMEAGjuCgMEAWjvCgMEAGjvHAMEAWjvHgMEAGjvLAMEAGjvSTAMAwQAaO9LAwQA
aO9OMAwDBARo71ADBABo71IDBABo71YDBABo71gDBAFo71oDBABo714DBABo72ID
BABo72UwDAMEA2jvaAMEAGjvbAMEAGjvbzAMAwQCaO98AwQAaO9+AwQAaPk3AwQB
aPk8AwQAioCUAwQAioCdAwQA2K1MAwQA2K1SMAwDBAHYrWYDBADYrW4DBADYrXgw
DQYJKoZIhvcNAQELBQADggEBADUWFSMpYzO7ejgENVNefHsPuOzuNFE//gfrbQeT
9BQh6ttTqw96fz/ffUF3nXydHH0UXI4nHFnyzIa0Su3oWt2IPy4ZCEXKsXEGSKDJ
DpHzOrT0LisPqWZfWwyH/GYSbMqfC8wA8BW35MSIXShF/HivP+YjCqjt+n8S0slb
XP7/KEoZ4X1TzQydPXlJ6OudGkIQmuqj6PuET8rYmKxdj0CGIKZjBKZCPGcQ2Q6y
iL3AxcBQqzHf1vn7It2xKVxDy0If6SjiIInrF8vfW/YjW50SqlRlr+Z/z0cx+PNP
t7PtQDpQuybjoQeU/53A4QPzWQR0Sy64VrkzFGlHliX49t0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:38 2023 by rpki-client on console-ams.rpki-client.org