Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/nawF17Y2t8yWv7vHJnA4iX0ISnk.roa
File: nawF17Y2t8yWv7vHJnA4iX0ISnk.roa (raw, json)
Hash identifier: Oo2EwyDJiSps9wRtvTUJZ7xnE+metULg5fpqiqGjzpg=
Subject key identifier: 9D:AC:05:D7:B6:36:B7:CC:96:BF:BB:C7:26:70:38:89:7D:08:4A:79
Certificate issuer: /CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Certificate serial: 014FAC82
Authority key identifier: 88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/nawF17Y2t8yWv7vHJnA4iX0ISnk.roa
Signing time: Mon 11 Apr 2022 13:59:18 +0000
ROA not before: Mon 11 Apr 2022 13:59:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3215
IP address blocks: 143.196.112.0/21 maxlen: 21
143.196.120.0/22 maxlen: 22
143.196.64.0/19 maxlen: 19
143.196.191.0/24 maxlen: 24
143.196.96.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21998722 (0x14fac82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Validity
Not Before: Apr 11 13:59:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9dac05d7b636b7cc96bfbbc7267038897d084a79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6d:72:28:60:14:6e:c2:40:d9:e2:70:45:0a:
03:b1:13:4a:71:b7:09:e0:da:22:8f:a4:98:14:8a:
15:64:38:b3:b1:4c:a8:47:db:49:f2:eb:1d:8f:3d:
c1:79:fd:03:90:c9:48:75:b5:60:12:1d:ed:c1:4d:
12:a1:f6:68:34:5e:26:52:10:55:6d:64:e7:6e:40:
74:29:81:8b:07:63:3d:ff:03:0b:07:c3:48:7d:ab:
bb:77:e6:95:0f:9e:17:ca:da:b1:d5:fa:6b:66:e3:
df:e8:7d:71:97:24:d3:ad:9e:4b:77:e5:56:a0:45:
ca:89:6e:1b:d4:29:27:59:29:47:19:fd:ca:8b:00:
27:3a:6f:d3:c2:76:61:7e:11:8c:da:bd:e7:f8:b9:
06:81:41:b9:a0:03:d6:f5:69:ff:49:94:b9:31:c7:
7f:7f:eb:55:32:1c:24:54:2a:57:e5:e6:4c:47:d7:
20:c5:a9:44:c8:da:6e:78:03:e1:cd:1f:e5:e9:a9:
e5:21:8c:63:63:19:22:0f:f2:29:ed:55:a9:76:9a:
ac:a2:b0:a8:cd:fa:98:26:06:04:a3:cc:79:19:bc:
f1:b4:01:f2:df:21:a6:37:52:3b:0e:1a:14:13:ae:
3a:42:76:ba:2d:a0:f5:46:c2:c7:4a:8a:f4:85:6d:
8c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:AC:05:D7:B6:36:B7:CC:96:BF:BB:C7:26:70:38:89:7D:08:4A:79
X509v3 Authority Key Identifier:
keyid:88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/nawF17Y2t8yWv7vHJnA4iX0ISnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.196.64.0-143.196.123.255
143.196.191.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:c9:22:d3:a8:20:e1:0b:b1:20:60:21:f6:12:dc:5b:e5:53:
7c:b0:19:8f:f9:b2:df:2f:bb:90:8c:d6:28:b9:45:1e:ca:f6:
a0:86:63:68:cd:21:eb:9a:7c:c8:a5:79:eb:a5:d1:01:f4:4d:
91:fe:ce:41:03:bb:a1:70:54:95:8c:85:3f:41:c5:22:04:29:
b4:97:d1:99:65:16:54:db:b4:5d:a5:b3:05:69:fe:9c:41:5b:
76:c6:29:78:78:4a:a4:73:df:d9:8c:a1:4f:7d:cb:c1:bf:5d:
09:56:cb:8c:bc:b7:a2:69:bd:f3:0d:1a:2c:d9:c6:35:e4:60:
69:9a:be:a0:fd:cd:54:8c:b6:ce:75:d1:53:b2:af:28:73:21:
8e:0c:68:18:9c:0f:5b:e5:7c:9b:a6:fe:00:50:0d:ce:0f:28:
02:1e:36:4f:b3:c1:7a:c0:55:c9:c5:95:fa:85:c4:4e:65:6d:
51:02:4e:b9:0d:d6:9f:b2:6a:83:29:41:14:ef:0f:81:e5:fd:
c5:5e:75:e6:7d:2b:aa:a2:ea:f5:78:a6:e8:4c:d8:0e:49:1d:
eb:0c:a0:a2:ae:6c:c8:5d:92:cf:26:58:49:b3:7b:3d:48:db:
4f:e2:f0:60:4d:27:a3:59:29:e0:f2:0c:31:9d:8f:c9:ed:b0:
5a:19:d5:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEAU+sgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODFiZDE0MDI5MjRlYzJhNjQ0ZThmNTRlNjk5NGNiNGFjOGUyNGE2MB4XDTIyMDQx
MTEzNTkxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWRhYzA1ZDdiNjM2
YjdjYzk2YmZiYmM3MjY3MDM4ODk3ZDA4NGE3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhtcihgFG7CQNnicEUKA7ETSnG3CeDaIo+kmBSKFWQ4s7FM
qEfbSfLrHY89wXn9A5DJSHW1YBId7cFNEqH2aDReJlIQVW1k525AdCmBiwdjPf8D
CwfDSH2ru3fmlQ+eF8rasdX6a2bj3+h9cZck062eS3flVqBFyoluG9QpJ1kpRxn9
yosAJzpv08J2YX4RjNq95/i5BoFBuaAD1vVp/0mUuTHHf3/rVTIcJFQqV+XmTEfX
IMWpRMjabngD4c0f5emp5SGMY2MZIg/yKe1VqXaarKKwqM36mCYGBKPMeRm88bQB
8t8hpjdSOw4aFBOuOkJ2ui2g9UbCx0qK9IVtjEUCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBSdrAXXtja3zJa/u8cmcDiJfQhKeTAfBgNVHSMEGDAWgBSIG9FAKSTsKmRO
j1TmmUy0rI4kpjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lCdlJRQ2trN0Nwa1RvOVU1cGxNdEt5T0pLWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvZGNkM2I3LTdjYzAtNGM0OS1iYWIzLTdhMGIxNDVjZjYyYi8x
L25hd0YxN1kydDh5V3Y3dkhKbkE0aVgwSVNuay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
ZGNkM2I3LTdjYzAtNGM0OS1iYWIzLTdhMGIxNDVjZjYyYi8xL2lCdlJRQ2trN0Nw
a1RvOVU1cGxNdEt5T0pLWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQGj8RAAwQCj8R4AwQAj8S/MA0G
CSqGSIb3DQEBCwUAA4IBAQAKySLTqCDhC7EgYCH2Etxb5VN8sBmP+bLfL7uQjNYo
uUUeyvaghmNozSHrmnzIpXnrpdEB9E2R/s5BA7uhcFSVjIU/QcUiBCm0l9GZZRZU
27RdpbMFaf6cQVt2xil4eEqkc9/ZjKFPfcvBv10JVsuMvLeiab3zDRos2cY15GBp
mr6g/c1UjLbOddFTsq8ocyGODGgYnA9b5Xybpv4AUA3ODygCHjZPs8F6wFXJxZX6
hcROZW1RAk65DdafsmqDKUEU7w+B5f3FXnXmfSuqour1eKboTNgOSR3rDKCirmzI
XZLPJlhJs3s9SNtP4vBgTSejWSng8gwxnY/J7bBaGdVo
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:52 2023 by rpki-client on console-ams.rpki-client.org