Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/XihR8NpeqknS7o0AP7yxY5AYYJk.roa
File: XihR8NpeqknS7o0AP7yxY5AYYJk.roa (raw, json)
Hash identifier: V1ieGf5uhFKZDlovsUrdfpi3uCkDXXhABapqR9XS52E=
Subject key identifier: 5E:28:51:F0:DA:5E:AA:49:D2:EE:8D:00:3F:BC:B1:63:90:18:60:99
Certificate issuer: /CN=c7f04b78b2eedf998edd5cc1e88671c8d10f1865
Certificate serial: 01856F66D98E2CE4F212737A7A173C92E4F0
Authority key identifier: C7:F0:4B:78:B2:EE:DF:99:8E:DD:5C:C1:E8:86:71:C8:D1:0F:18:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x_BLeLLu35mO3VzB6IZxyNEPGGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/XihR8NpeqknS7o0AP7yxY5AYYJk.roa
Signing time: Sun 01 Jan 2023 22:14:49 +0000
ROA not before: Sun 01 Jan 2023 22:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206618
IP address blocks: 194.114.80.0/23 maxlen: 23
194.114.85.0/24 maxlen: 24
193.23.96.0/24 maxlen: 24
194.114.96.0/24 maxlen: 24
194.114.96.0/23 maxlen: 23
194.114.96.0/22 maxlen: 22
194.114.94.0/23 maxlen: 23
194.114.98.0/23 maxlen: 23
194.114.97.0/24 maxlen: 24
194.114.100.0/22 maxlen: 22
194.114.104.0/21 maxlen: 21
194.114.104.0/24 maxlen: 24
143.163.67.0/24 maxlen: 24
194.114.112.0/22 maxlen: 22
143.163.66.0/24 maxlen: 24
143.163.66.0/23 maxlen: 23
194.114.116.0/22 maxlen: 22
194.114.125.0/24 maxlen: 24
194.114.126.0/24 maxlen: 24
194.114.32.0/23 maxlen: 23
194.114.40.0/23 maxlen: 23
143.163.1.0/24 maxlen: 24
194.114.44.0/22 maxlen: 22
194.114.48.0/21 maxlen: 21
143.163.12.0/22 maxlen: 22
194.114.56.0/22 maxlen: 22
143.163.16.0/23 maxlen: 23
194.114.61.0/24 maxlen: 24
194.114.64.0/23 maxlen: 23
194.114.62.0/23 maxlen: 23
194.114.62.0/24 maxlen: 24
194.114.63.0/24 maxlen: 24
194.114.66.0/23 maxlen: 23
194.114.70.0/23 maxlen: 23
194.114.74.0/24 maxlen: 24
194.114.78.0/23 maxlen: 23
194.114.77.0/24 maxlen: 24
2a01:4dc0::/42 maxlen: 42
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:d9:8e:2c:e4:f2:12:73:7a:7a:17:3c:92:e4:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7f04b78b2eedf998edd5cc1e88671c8d10f1865
Validity
Not Before: Jan 1 22:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e2851f0da5eaa49d2ee8d003fbcb16390186099
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:09:01:ac:56:c7:b9:03:92:ae:9b:fb:27:46:
38:b9:bb:90:d0:6b:7a:f5:e4:8b:89:64:b4:f0:bd:
95:44:79:0e:27:61:10:bc:48:70:04:b4:90:6b:78:
65:22:85:47:d1:d6:25:25:aa:89:87:df:e6:1f:fc:
f0:eb:9e:1c:ac:2c:93:97:5f:76:c4:26:80:90:6b:
f2:0e:8e:51:75:9e:4c:fa:ba:03:12:98:6e:a3:c7:
dd:82:be:f5:d0:b5:bb:56:3e:51:e1:ec:ad:d2:14:
b4:f1:f8:bb:dc:0c:b5:a8:34:8d:00:1a:5a:ec:11:
ae:4c:6a:8f:9d:87:24:76:c6:ad:6b:fa:8b:17:9b:
f4:e2:93:96:fa:09:9a:3e:3d:96:ab:a9:c1:53:2b:
da:ec:84:5a:06:a0:25:76:2a:3d:85:cb:fa:6d:39:
04:b2:bd:e3:5e:8a:07:7b:bc:59:93:41:d4:9a:f6:
38:db:15:7f:95:38:3c:dd:ef:d7:ac:e5:5f:52:03:
57:8d:70:27:af:c0:1f:02:b4:35:b5:f1:21:f6:ad:
f5:39:33:e6:e9:0d:d4:44:98:9a:5d:c9:98:2a:ca:
43:e3:2a:52:75:28:f1:13:24:60:a8:18:b0:89:75:
5b:96:ed:3a:c1:3c:22:b7:84:d3:40:7c:a0:95:bb:
e5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:28:51:F0:DA:5E:AA:49:D2:EE:8D:00:3F:BC:B1:63:90:18:60:99
X509v3 Authority Key Identifier:
keyid:C7:F0:4B:78:B2:EE:DF:99:8E:DD:5C:C1:E8:86:71:C8:D1:0F:18:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x_BLeLLu35mO3VzB6IZxyNEPGGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/XihR8NpeqknS7o0AP7yxY5AYYJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/473924-6f99-473d-a077-f437839095d1/1/x_BLeLLu35mO3VzB6IZxyNEPGGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.163.1.0/24
143.163.12.0-143.163.17.255
143.163.66.0/23
193.23.96.0/24
194.114.32.0/23
194.114.40.0/23
194.114.44.0-194.114.59.255
194.114.61.0-194.114.67.255
194.114.70.0/23
194.114.74.0/24
194.114.77.0-194.114.81.255
194.114.85.0/24
194.114.94.0-194.114.119.255
194.114.125.0-194.114.126.255
IPv6:
2a01:4dc0::/42
Signature Algorithm: sha256WithRSAEncryption
b4:51:ea:3e:7b:e4:3d:1f:34:29:28:e0:39:73:fe:1c:67:80:
09:57:88:7f:62:94:52:ee:eb:c8:69:0f:8a:e5:60:af:88:1b:
3e:10:18:4e:4d:30:47:76:ef:50:e3:ad:64:2b:63:c7:18:5b:
55:aa:ff:f2:84:e4:bc:b9:59:bf:11:fd:81:6d:cc:5b:d6:fc:
e9:fe:77:49:e3:92:05:72:44:4b:02:7a:87:37:4b:e9:73:bc:
08:f8:62:a0:35:49:3d:fd:0d:4d:25:5b:90:32:c3:b8:b2:bd:
ca:ef:7c:8a:64:68:36:47:72:78:68:2f:21:b8:05:81:ad:2a:
62:9c:90:59:e3:3d:d9:52:17:6e:7b:86:89:99:a9:ee:dd:c3:
55:2c:a9:2a:9f:89:c1:fa:cb:97:cc:ac:db:f1:9e:65:01:d5:
aa:02:c4:27:0f:64:4f:d1:ad:d8:d6:9f:fe:26:80:e8:b6:a5:
83:c2:4c:d7:5d:63:8a:60:f4:05:16:5e:05:0b:df:22:a9:80:
9a:44:11:2f:ab:36:d4:dd:b2:41:32:6d:cb:c1:0e:c4:5b:45:
e6:54:3d:3e:8b:05:09:b4:72:0d:a7:09:0d:8f:10:64:e9:dd:
49:27:79:b6:2e:33:01:7a:91:e1:41:77:9d:31:47:a9:62:8b:
ed:6b:10:48
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgISAYVvZtmOLOTyEnN6ehc8kuTwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZjA0Yjc4YjJlZWRmOTk4ZWRkNWNjMWU4ODY3MWM4ZDEw
ZjE4NjUwHhcNMjMwMTAxMjIxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTI4NTFmMGRhNWVhYTQ5ZDJlZThkMDAzZmJjYjE2MzkwMTg2MDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwkBrFbHuQOSrpv7J0Y4ubuQ0Gt6
9eSLiWS08L2VRHkOJ2EQvEhwBLSQa3hlIoVH0dYlJaqJh9/mH/zw654crCyTl192
xCaAkGvyDo5RdZ5M+roDEphuo8fdgr710LW7Vj5R4eyt0hS08fi73Ay1qDSNABpa
7BGuTGqPnYckdsata/qLF5v04pOW+gmaPj2Wq6nBUyva7IRaBqAldio9hcv6bTkE
sr3jXooHe7xZk0HUmvY42xV/lTg83e/XrOVfUgNXjXAnr8AfArQ1tfEh9q31OTPm
6Q3URJiaXcmYKspD4ypSdSjxEyRgqBiwiXVblu06wTwit4TTQHyglbvl2QIDAQAB
o4ICnTCCApkwHQYDVR0OBBYEFF4oUfDaXqpJ0u6NAD+8sWOQGGCZMB8GA1UdIwQY
MBaAFMfwS3iy7t+Zjt1cweiGccjRDxhlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveF9CTGVMTHUzNW1PM1Z6QjZJWnh5TkVQR0dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80NzM5MjQtNmY5OS00NzNkLWEwNzct
ZjQzNzgzOTA5NWQxLzEvWGloUjhOcGVxa25TN28wQVA3eXhZNUFZWUprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy80NzM5MjQtNmY5OS00NzNkLWEwNzctZjQzNzgzOTA5NWQx
LzEveF9CTGVMTHUzNW1PM1Z6QjZJWnh5TkVQR0dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGyBggrBgEFBQcBBwEB/wSBojCBnzCBiwQCAAEwgYQDBACP
owEwDAMEAo+jDAMEAY+jEAMEAY+jQgMEAMEXYAMEAcJyIAMEAcJyKDAMAwQCwnIs
AwQCwnI4MAwDBADCcj0DBALCckADBAHCckYDBADCckowDAMEAMJyTQMEAcJyUAME
AMJyVTAMAwQBwnJeAwQDwnJwMAwDBADCcn0DBADCcn4wDwQCAAIwCQMHBioBTcAA
ADANBgkqhkiG9w0BAQsFAAOCAQEAtFHqPnvkPR80KSjgOXP+HGeACVeIf2KUUu7r
yGkPiuVgr4gbPhAYTk0wR3bvUOOtZCtjxxhbVar/8oTkvLlZvxH9gW3MW9b86f53
SeOSBXJESwJ6hzdL6XO8CPhioDVJPf0NTSVbkDLDuLK9yu98imRoNkdyeGgvIbgF
ga0qYpyQWeM92VIXbnuGiZmp7t3DVSypKp+JwfrLl8ys2/GeZQHVqgLEJw9kT9Gt
2Naf/iaA6Lalg8JM111jimD0BRZeBQvfIqmAmkQRL6s21N2yQTJty8EOxFtF5lQ9
PosFCbRyDacJDY8QZOndSSd5ti4zAXqR4UF3nTFHqWKL7WsQSA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:14 2025 by rpki-client