Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/fc5af5-0b50-4531-9374-ebeb9a991488/1/LR4SJP04H32bA4-8zoWrn-GTQIc.roa
File: LR4SJP04H32bA4-8zoWrn-GTQIc.roa (raw, json)
Hash identifier: 98SmR4SuEQdyq1svlFQxWbqFjy9TGSL6TvneMOQJBkM=
Subject key identifier: 2D:1E:12:24:FD:38:1F:7D:9B:03:8F:BC:CE:85:AB:9F:E1:93:40:87
Certificate issuer: /CN=06b8ed985ef2034e8e307c447f3496c32adad2c8
Certificate serial: 0185703064F68C91A73C655550D7ECA121B7
Authority key identifier: 06:B8:ED:98:5E:F2:03:4E:8E:30:7C:44:7F:34:96:C3:2A:DA:D2:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BrjtmF7yA06OMHxEfzSWwyra0sg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/fc5af5-0b50-4531-9374-ebeb9a991488/1/LR4SJP04H32bA4-8zoWrn-GTQIc.roa
Signing time: Mon 02 Jan 2023 01:54:57 +0000
ROA not before: Mon 02 Jan 2023 01:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39605
IP address blocks: 185.99.148.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:64:f6:8c:91:a7:3c:65:55:50:d7:ec:a1:21:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06b8ed985ef2034e8e307c447f3496c32adad2c8
Validity
Not Before: Jan 2 01:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d1e1224fd381f7d9b038fbcce85ab9fe1934087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b0:be:fe:a0:b1:fe:ed:59:53:7d:e4:da:f5:
e2:89:3a:a9:55:06:8b:a3:1d:f8:49:04:64:91:af:
0f:f6:a0:c5:ea:cf:cd:89:c5:0a:3f:c3:a2:a1:f1:
bc:b1:f6:30:75:74:b8:7b:56:c6:86:4f:17:ea:ab:
ce:dd:24:37:c9:4d:4f:36:1f:8d:6f:87:52:47:30:
f6:4e:be:fe:a5:db:12:38:fa:f8:0f:6b:3a:94:43:
f9:74:72:55:d2:e8:31:28:5b:b1:c3:03:1a:83:13:
21:de:78:82:dc:24:70:b9:2a:16:e7:e4:5d:d3:a4:
db:fb:4e:70:16:42:11:f7:bf:3e:ee:30:ef:44:70:
5a:58:d1:f7:91:19:51:37:bb:e0:a2:a9:93:7e:1f:
5d:d8:6d:35:84:7c:52:f4:35:d4:a6:1a:a9:59:d3:
8f:83:cd:11:27:49:f7:09:b6:61:2c:c4:85:09:45:
80:27:86:5b:75:62:9a:f9:28:e4:90:3a:d3:a6:89:
17:1e:71:70:cf:51:62:c4:f6:c0:1d:b7:fe:a9:43:
41:55:f7:f8:e4:06:4b:8f:2b:ec:dd:50:59:aa:5f:
56:b6:49:58:1a:15:81:82:5d:5d:67:a9:91:01:14:
c9:45:46:1c:ba:45:af:5d:12:05:32:2a:a7:8e:4f:
ea:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:1E:12:24:FD:38:1F:7D:9B:03:8F:BC:CE:85:AB:9F:E1:93:40:87
X509v3 Authority Key Identifier:
keyid:06:B8:ED:98:5E:F2:03:4E:8E:30:7C:44:7F:34:96:C3:2A:DA:D2:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BrjtmF7yA06OMHxEfzSWwyra0sg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/fc5af5-0b50-4531-9374-ebeb9a991488/1/LR4SJP04H32bA4-8zoWrn-GTQIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/fc5af5-0b50-4531-9374-ebeb9a991488/1/BrjtmF7yA06OMHxEfzSWwyra0sg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.148.0/22
Signature Algorithm: sha256WithRSAEncryption
17:32:a6:45:d8:1f:f4:3d:e5:0f:f7:47:6a:2c:5c:70:ed:ad:
e4:d7:2a:8f:bb:e9:b8:f6:14:c3:9c:35:0e:46:e2:ec:96:59:
68:07:90:62:ac:fc:0c:a3:49:56:fb:3e:98:ea:48:7b:22:8f:
5e:17:88:f1:ec:60:d6:37:9f:65:38:e7:25:52:dc:80:79:e0:
59:0a:bc:27:6a:e0:a7:26:d5:27:e7:7e:af:1a:4d:fd:f7:cc:
14:bc:85:15:e3:dc:f9:68:65:59:5a:cf:bc:31:5a:c2:f6:e1:
33:3d:81:d7:81:da:77:42:0c:53:8e:64:71:8f:58:15:9e:51:
91:25:4a:da:33:81:3b:89:86:27:fb:82:f6:e8:4f:67:6a:02:
c8:d5:48:6f:5e:74:47:3c:7e:6b:3b:67:8c:68:26:a5:1a:3c:
f1:a7:90:e4:e8:db:d9:fa:9f:64:d6:4b:26:7f:06:d9:a4:fc:
fd:4a:11:b8:c3:23:3b:8f:8f:9c:04:f6:d9:a6:33:d6:de:35:
84:35:a5:eb:42:74:e0:7f:c3:60:45:fb:b1:97:2a:66:3b:e0:
45:25:3f:ba:f6:00:f7:f3:a3:c9:7d:ee:c7:32:7f:b8:cc:44:
16:be:b1:55:ee:b1:67:18:8a:f6:a2:51:16:ec:73:c6:b0:64:
93:94:4f:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMGT2jJGnPGVVUNfsoSG3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YjhlZDk4NWVmMjAzNGU4ZTMwN2M0NDdmMzQ5NmMzMmFk
YWQyYzgwHhcNMjMwMTAyMDE1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDFlMTIyNGZkMzgxZjdkOWIwMzhmYmNjZTg1YWI5ZmUxOTM0MDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrC+/qCx/u1ZU33k2vXiiTqpVQaL
ox34SQRkka8P9qDF6s/NicUKP8OiofG8sfYwdXS4e1bGhk8X6qvO3SQ3yU1PNh+N
b4dSRzD2Tr7+pdsSOPr4D2s6lEP5dHJV0ugxKFuxwwMagxMh3niC3CRwuSoW5+Rd
06Tb+05wFkIR978+7jDvRHBaWNH3kRlRN7vgoqmTfh9d2G01hHxS9DXUphqpWdOP
g80RJ0n3CbZhLMSFCUWAJ4ZbdWKa+SjkkDrTpokXHnFwz1FixPbAHbf+qUNBVff4
5AZLjyvs3VBZql9WtklYGhWBgl1dZ6mRARTJRUYcukWvXRIFMiqnjk/qTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC0eEiT9OB99mwOPvM6Fq5/hk0CHMB8GA1UdIwQY
MBaAFAa47Zhe8gNOjjB8RH80lsMq2tLIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnJqdG1GN3lBMDZPTUh4RWZ6U1d3eXJhMHNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mYzVhZjUtMGI1MC00NTMxLTkzNzQt
ZWJlYjlhOTkxNDg4LzEvTFI0U0pQMDRIMzJiQTQtOHpvV3JuLUdUUUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mYzVhZjUtMGI1MC00NTMxLTkzNzQtZWJlYjlhOTkxNDg4
LzEvQnJqdG1GN3lBMDZPTUh4RWZ6U1d3eXJhMHNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWOUMA0G
CSqGSIb3DQEBCwUAA4IBAQAXMqZF2B/0PeUP90dqLFxw7a3k1yqPu+m49hTDnDUO
RuLsllloB5BirPwMo0lW+z6Y6kh7Io9eF4jx7GDWN59lOOclUtyAeeBZCrwnauCn
JtUn536vGk3998wUvIUV49z5aGVZWs+8MVrC9uEzPYHXgdp3QgxTjmRxj1gVnlGR
JUraM4E7iYYn+4L26E9nagLI1UhvXnRHPH5rO2eMaCalGjzxp5Dk6NvZ+p9k1ksm
fwbZpPz9ShG4wyM7j4+cBPbZpjPW3jWENaXrQnTgf8NgRfuxlypmO+BFJT+69gD3
86PJfe7HMn+4zEQWvrFV7rFnGIr2olEW7HPGsGSTlE+j
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:31:35 2025 by rpki-client