Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/RAIj_wXZscnQXKNGwlei64H_FNY.roa
File: RAIj_wXZscnQXKNGwlei64H_FNY.roa (raw, json)
Hash identifier: xQEDy+XdG9VzKAa1O9YE1NDYKgMrNyzjYLig+Y/93/8=
Subject key identifier: 44:02:23:FF:05:D9:B1:C9:D0:5C:A3:46:C2:57:A2:EB:81:FF:14:D6
Certificate issuer: /CN=c7f04b78b2eedf998edd5cc1e88671c8d10f1865
Certificate serial: 0184C7721D8487E77BE419B1DC1469ED22B4
Authority key identifier: C7:F0:4B:78:B2:EE:DF:99:8E:DD:5C:C1:E8:86:71:C8:D1:0F:18:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x_BLeLLu35mO3VzB6IZxyNEPGGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/RAIj_wXZscnQXKNGwlei64H_FNY.roa
Signing time: Wed 30 Nov 2022 07:30:55 +0000
ROA not before: Wed 30 Nov 2022 07:30:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206618
IP address blocks: 194.114.80.0/23 maxlen: 23
194.114.85.0/24 maxlen: 24
193.23.96.0/24 maxlen: 24
194.114.96.0/24 maxlen: 24
194.114.96.0/23 maxlen: 23
194.114.96.0/22 maxlen: 22
194.114.94.0/23 maxlen: 23
194.114.98.0/23 maxlen: 23
194.114.97.0/24 maxlen: 24
194.114.100.0/22 maxlen: 22
194.114.104.0/21 maxlen: 21
194.114.104.0/24 maxlen: 24
143.163.67.0/24 maxlen: 24
194.114.112.0/22 maxlen: 22
143.163.66.0/24 maxlen: 24
143.163.66.0/23 maxlen: 23
194.114.116.0/22 maxlen: 22
194.114.125.0/24 maxlen: 24
194.114.126.0/24 maxlen: 24
194.114.32.0/23 maxlen: 23
194.114.40.0/23 maxlen: 23
143.163.1.0/24 maxlen: 24
194.114.44.0/22 maxlen: 22
194.114.48.0/21 maxlen: 21
143.163.12.0/22 maxlen: 22
194.114.56.0/22 maxlen: 22
143.163.16.0/23 maxlen: 23
194.114.61.0/24 maxlen: 24
194.114.64.0/23 maxlen: 23
194.114.62.0/23 maxlen: 23
194.114.62.0/24 maxlen: 24
194.114.63.0/24 maxlen: 24
194.114.66.0/23 maxlen: 23
194.114.70.0/23 maxlen: 23
194.114.74.0/24 maxlen: 24
194.114.78.0/23 maxlen: 23
194.114.77.0/24 maxlen: 24
2a01:4dc0::/42 maxlen: 42
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c7:72:1d:84:87:e7:7b:e4:19:b1:dc:14:69:ed:22:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7f04b78b2eedf998edd5cc1e88671c8d10f1865
Validity
Not Before: Nov 30 07:30:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=440223ff05d9b1c9d05ca346c257a2eb81ff14d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:25:be:44:bf:0c:4f:fc:8c:2d:f1:49:db:5d:
41:a0:6f:71:ee:25:f3:8a:11:de:86:f0:4f:85:33:
8d:c1:2f:bd:89:a2:90:3d:b6:41:9d:24:57:e9:70:
4c:c5:34:aa:9c:6e:69:45:20:9c:2d:c8:7d:2f:7c:
b2:5c:cb:f1:b1:d1:dd:2a:d5:f9:3c:2a:58:c7:17:
39:5e:68:1c:38:b5:3f:f9:a7:7d:3b:28:b9:b2:4b:
1f:38:e6:cd:1c:da:4f:95:80:ca:89:19:6a:87:ca:
9b:2d:bd:bd:fc:50:9a:12:26:02:4d:31:f1:2e:db:
31:ad:3c:aa:30:3e:79:85:d3:2c:dd:2f:92:7d:18:
d2:c3:f0:4a:95:e0:c5:2c:77:f4:eb:2a:b4:e7:1a:
7e:a7:5e:7b:17:99:d1:f4:47:30:32:48:36:25:bf:
8f:c4:ca:7e:0f:4a:e9:d4:c9:91:48:86:96:86:71:
5b:d3:dd:35:e0:25:61:ee:93:75:96:1c:d9:0e:be:
63:f2:39:d5:4f:8d:49:73:4f:fd:8c:70:25:79:39:
c8:fa:63:e3:56:56:cf:aa:9c:5d:62:7c:2f:98:93:
11:92:de:96:8f:ce:85:f1:fe:85:a8:53:06:1c:36:
a5:07:82:de:eb:6e:c7:d4:6d:fb:56:36:db:f6:60:
1a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:02:23:FF:05:D9:B1:C9:D0:5C:A3:46:C2:57:A2:EB:81:FF:14:D6
X509v3 Authority Key Identifier:
keyid:C7:F0:4B:78:B2:EE:DF:99:8E:DD:5C:C1:E8:86:71:C8:D1:0F:18:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x_BLeLLu35mO3VzB6IZxyNEPGGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/RAIj_wXZscnQXKNGwlei64H_FNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/x_BLeLLu35mO3VzB6IZxyNEPGGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.163.1.0/24
143.163.12.0-143.163.17.255
143.163.66.0/23
193.23.96.0/24
194.114.32.0/23
194.114.40.0/23
194.114.44.0-194.114.59.255
194.114.61.0-194.114.67.255
194.114.70.0/23
194.114.74.0/24
194.114.77.0-194.114.81.255
194.114.85.0/24
194.114.94.0-194.114.119.255
194.114.125.0-194.114.126.255
IPv6:
2a01:4dc0::/42
Signature Algorithm: sha256WithRSAEncryption
4d:48:70:91:4e:d6:0e:84:90:99:5b:e5:2c:59:c1:86:1f:ed:
42:d2:17:b9:46:10:35:8f:8d:75:ac:6d:56:d8:9e:08:da:a3:
a2:67:71:fb:55:bb:50:40:27:2e:b1:0b:8b:d4:a0:95:bf:4b:
3c:f7:ab:b1:7a:5d:4a:9b:e3:07:ad:0a:aa:d3:4f:02:bc:71:
97:0d:ef:5d:47:6f:85:1e:41:4c:92:f3:70:f7:96:a5:92:74:
fb:18:35:da:9c:89:7d:0f:c7:e5:20:f4:71:54:1d:91:83:9c:
5c:44:a8:12:8f:a5:f6:4c:2d:0b:b1:8a:09:b8:5b:ec:26:89:
64:04:84:83:1d:c1:af:e6:d9:b4:fb:f8:ab:08:51:a4:aa:f2:
1d:71:2a:44:c4:32:b5:e0:d9:5a:8d:b6:74:e7:75:71:55:f6:
d9:d4:31:23:2c:2a:05:65:81:be:d4:4f:de:76:e4:c6:7f:78:
82:b7:9c:9c:60:86:50:49:ab:8a:ec:4f:77:0a:05:93:4a:c2:
6f:d4:45:61:58:a1:30:71:12:8f:01:d5:38:de:5a:bd:0c:1f:
d9:59:f0:e7:5d:ff:1a:c8:5a:73:91:8c:f1:47:50:70:42:be:
50:18:55:01:2e:f5:70:25:0c:5d:52:59:0f:33:b1:83:b8:98:
17:1d:62:a2
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgISAYTHch2Eh+d75Bmx3BRp7SK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZjA0Yjc4YjJlZWRmOTk4ZWRkNWNjMWU4ODY3MWM4ZDEw
ZjE4NjUwHhcNMjIxMTMwMDczMDU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDAyMjNmZjA1ZDliMWM5ZDA1Y2EzNDZjMjU3YTJlYjgxZmYxNGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliW+RL8MT/yMLfFJ211BoG9x7iXz
ihHehvBPhTONwS+9iaKQPbZBnSRX6XBMxTSqnG5pRSCcLch9L3yyXMvxsdHdKtX5
PCpYxxc5XmgcOLU/+ad9Oyi5sksfOObNHNpPlYDKiRlqh8qbLb29/FCaEiYCTTHx
LtsxrTyqMD55hdMs3S+SfRjSw/BKleDFLHf06yq05xp+p157F5nR9EcwMkg2Jb+P
xMp+D0rp1MmRSIaWhnFb09014CVh7pN1lhzZDr5j8jnVT41Jc0/9jHAleTnI+mPj
VlbPqpxdYnwvmJMRkt6Wj86F8f6FqFMGHDalB4Le627H1G37Vjbb9mAaDwIDAQAB
o4ICnTCCApkwHQYDVR0OBBYEFEQCI/8F2bHJ0FyjRsJXouuB/xTWMB8GA1UdIwQY
MBaAFMfwS3iy7t+Zjt1cweiGccjRDxhlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveF9CTGVMTHUzNW1PM1Z6QjZJWnh5TkVQR0dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80NzM5MjQtNmY5OS00NzNkLWEwNzct
ZjQzNzgzOTA5NWQxLzEvUkFJal93WFpzY25RWEtOR3dsZWk2NEhfRk5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80NzM5MjQtNmY5OS00NzNkLWEwNzctZjQzNzgzOTA5NWQx
LzEveF9CTGVMTHUzNW1PM1Z6QjZJWnh5TkVQR0dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGyBggrBgEFBQcBBwEB/wSBojCBnzCBiwQCAAEwgYQDBACP
owEwDAMEAo+jDAMEAY+jEAMEAY+jQgMEAMEXYAMEAcJyIAMEAcJyKDAMAwQCwnIs
AwQCwnI4MAwDBADCcj0DBALCckADBAHCckYDBADCckowDAMEAMJyTQMEAcJyUAME
AMJyVTAMAwQBwnJeAwQDwnJwMAwDBADCcn0DBADCcn4wDwQCAAIwCQMHBioBTcAA
ADANBgkqhkiG9w0BAQsFAAOCAQEATUhwkU7WDoSQmVvlLFnBhh/tQtIXuUYQNY+N
daxtVtieCNqjomdx+1W7UEAnLrELi9Sglb9LPPersXpdSpvjB60KqtNPArxxlw3v
XUdvhR5BTJLzcPeWpZJ0+xg12pyJfQ/H5SD0cVQdkYOcXESoEo+l9kwtC7GKCbhb
7CaJZASEgx3Br+bZtPv4qwhRpKryHXEqRMQyteDZWo22dOd1cVX22dQxIywqBWWB
vtRP3nbkxn94grecnGCGUEmriuxPdwoFk0rCb9RFYVihMHESjwHVON5avQwf2Vnw
513/Gshac5GM8UdQcEK+UBhVAS71cCUMXVJZDzOxg7iYFx1iog==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:57 2024 by rpki-client on console-fra.rpki-client.org