Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/lIi_mb0MZXkqLrqs54roGrq3dMc.roa
File: lIi_mb0MZXkqLrqs54roGrq3dMc.roa (raw, json)
Hash identifier: lCIv6SLSnDeKBD/oxNo2c0JsU5TjVdHpIvZ2PNJ2dNc=
Subject key identifier: 94:88:BF:99:BD:0C:65:79:2A:2E:BA:AC:E7:8A:E8:1A:BA:B7:74:C7
Certificate issuer: /CN=9eeac1cfbec494ae9457c866e6361865c4f30048
Certificate serial: 01856C2EDBB65AF227D1CC11EB602E555B19
Authority key identifier: 9E:EA:C1:CF:BE:C4:94:AE:94:57:C8:66:E6:36:18:65:C4:F3:00:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nurBz77ElK6UV8hm5jYYZcTzAEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/lIi_mb0MZXkqLrqs54roGrq3dMc.roa
Signing time: Sun 01 Jan 2023 07:14:48 +0000
ROA not before: Sun 01 Jan 2023 07:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199951
IP address blocks: 185.41.176.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:2e:db:b6:5a:f2:27:d1:cc:11:eb:60:2e:55:5b:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eeac1cfbec494ae9457c866e6361865c4f30048
Validity
Not Before: Jan 1 07:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9488bf99bd0c65792a2ebaace78ae81abab774c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:18:e6:e7:0e:d8:4a:66:23:1e:ae:d6:5d:bd:
50:ba:07:13:0c:8d:a4:1f:1e:a7:de:e0:1a:11:9e:
27:58:2d:8c:b1:7e:bf:33:11:61:26:f1:5e:45:fd:
54:b4:ea:fd:b6:d2:8e:ce:c6:50:7c:bc:5a:b4:5c:
91:2b:91:d5:c3:16:f0:4b:06:79:0d:4e:34:12:c1:
7f:3c:a0:0c:4f:df:ba:ae:f3:e5:c3:3e:a4:99:30:
e2:a2:a0:62:09:e8:b1:65:42:fb:b9:26:98:c2:a9:
cc:13:67:e9:a4:45:41:bf:6b:0f:e5:4a:88:6f:d8:
6c:72:86:0b:56:6e:71:7e:99:d1:6b:d6:fa:23:4e:
d9:4d:c7:62:62:ea:c2:44:62:85:d7:0b:00:d1:52:
26:c2:f1:9d:e2:70:16:cc:a9:6f:e8:72:67:a0:1a:
45:a1:5c:11:1e:eb:66:c2:35:7b:f7:d6:40:ac:ed:
75:bb:3e:3f:d3:00:f3:b2:8d:42:b5:a8:99:18:a2:
a1:fc:e1:07:ef:6a:ef:d7:4b:82:ad:31:ed:42:50:
02:b4:15:6a:d4:4c:52:e2:b7:0c:25:02:a2:16:6a:
58:c3:6a:59:76:4a:e3:5f:43:24:70:60:dc:34:c5:
a5:89:47:a4:fa:e4:27:08:e4:b0:85:27:e4:04:5f:
79:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:88:BF:99:BD:0C:65:79:2A:2E:BA:AC:E7:8A:E8:1A:BA:B7:74:C7
X509v3 Authority Key Identifier:
keyid:9E:EA:C1:CF:BE:C4:94:AE:94:57:C8:66:E6:36:18:65:C4:F3:00:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nurBz77ElK6UV8hm5jYYZcTzAEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/lIi_mb0MZXkqLrqs54roGrq3dMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/47e609-b6b7-443b-8a04-e285cd8cad12/1/nurBz77ElK6UV8hm5jYYZcTzAEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.176.0/22
Signature Algorithm: sha256WithRSAEncryption
70:70:81:32:57:84:a4:c7:42:75:97:da:81:87:04:d0:b5:61:
36:01:30:02:e8:47:46:b9:c2:44:3f:89:5f:46:00:fd:4e:e5:
34:10:c5:fc:d3:39:90:ba:0c:9e:c9:16:1f:3c:15:bf:66:bb:
03:03:c0:a3:f2:82:f6:3b:9a:16:97:d7:2d:1d:7d:d7:90:ad:
ac:c5:79:56:d5:a5:91:16:52:de:98:66:6b:a5:20:53:4b:c5:
d3:d8:f7:e9:eb:31:36:87:3f:d9:72:61:58:48:5d:33:55:a1:
e4:a1:fb:52:93:9a:30:ca:3b:01:b7:3e:37:71:8e:f3:c4:93:
52:8c:44:7a:17:e2:db:1d:99:7f:60:4c:f7:a8:48:db:17:73:
98:a3:1a:7f:46:50:bb:c8:fd:76:08:9a:27:f1:65:93:25:85:
45:5b:df:d8:9f:2e:d1:93:ea:ea:f8:35:4b:28:96:00:8e:f5:
5a:5a:39:65:3d:0c:2d:54:eb:a2:31:e3:6f:32:87:f3:89:3d:
9e:a7:6b:04:7a:cd:01:2f:bd:c1:3e:fd:40:77:34:0e:f2:69:
23:7f:df:df:f4:10:92:11:a6:25:89:81:80:bb:53:8e:e2:90:
fc:44:08:c5:31:fe:8f:bd:1d:1d:ef:90:0b:92:75:aa:bb:37:
62:5a:3f:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsLtu2WvIn0cwR62AuVVsZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZWFjMWNmYmVjNDk0YWU5NDU3Yzg2NmU2MzYxODY1YzRm
MzAwNDgwHhcNMjMwMTAxMDcxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDg4YmY5OWJkMGM2NTc5MmEyZWJhYWNlNzhhZTgxYWJhYjc3NGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRjm5w7YSmYjHq7WXb1QugcTDI2k
Hx6n3uAaEZ4nWC2MsX6/MxFhJvFeRf1UtOr9ttKOzsZQfLxatFyRK5HVwxbwSwZ5
DU40EsF/PKAMT9+6rvPlwz6kmTDioqBiCeixZUL7uSaYwqnME2fppEVBv2sP5UqI
b9hscoYLVm5xfpnRa9b6I07ZTcdiYurCRGKF1wsA0VImwvGd4nAWzKlv6HJnoBpF
oVwRHutmwjV799ZArO11uz4/0wDzso1CtaiZGKKh/OEH72rv10uCrTHtQlACtBVq
1ExS4rcMJQKiFmpYw2pZdkrjX0MkcGDcNMWliUek+uQnCOSwhSfkBF95IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJSIv5m9DGV5Ki66rOeK6Bq6t3THMB8GA1UdIwQY
MBaAFJ7qwc++xJSulFfIZuY2GGXE8wBIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnVyQno3N0VsSzZVVjhobTVqWVlaY1R6QUVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80N2U2MDktYjZiNy00NDNiLThhMDQt
ZTI4NWNkOGNhZDEyLzEvbElpX21iME1aWGtxTHJxczU0cm9HcnEzZE1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80N2U2MDktYjZiNy00NDNiLThhMDQtZTI4NWNkOGNhZDEy
LzEvbnVyQno3N0VsSzZVVjhobTVqWVlaY1R6QUVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSmwMA0G
CSqGSIb3DQEBCwUAA4IBAQBwcIEyV4Skx0J1l9qBhwTQtWE2ATAC6EdGucJEP4lf
RgD9TuU0EMX80zmQugyeyRYfPBW/ZrsDA8Cj8oL2O5oWl9ctHX3XkK2sxXlW1aWR
FlLemGZrpSBTS8XT2Pfp6zE2hz/ZcmFYSF0zVaHkoftSk5owyjsBtz43cY7zxJNS
jER6F+LbHZl/YEz3qEjbF3OYoxp/RlC7yP12CJon8WWTJYVFW9/Yny7Rk+rq+DVL
KJYAjvVaWjllPQwtVOuiMeNvMofziT2ep2sEes0BL73BPv1AdzQO8mkjf9/f9BCS
EaYliYGAu1OO4pD8RAjFMf6PvR0d75ALknWquzdiWj8g
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:16 2025 by rpki-client