Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/li890LrMuhxajaSU0ur3fSqMjTc.roa
File: li890LrMuhxajaSU0ur3fSqMjTc.roa (raw, json)
Hash identifier: BCqlPx2uDn3zmgelKz5og7CfdHtyH04D0wmmmx3Jhrc=
Subject key identifier: 96:2F:3D:D0:BA:CC:BA:1C:5A:8D:A4:94:D2:EA:F7:7D:2A:8C:8D:37
Certificate issuer: /CN=002c8865bc2a07e4acfeb263b4d9cf62460fd523
Certificate serial: 01856C9CDC837D2492352CFFAADDFBFDC5E2
Authority key identifier: 00:2C:88:65:BC:2A:07:E4:AC:FE:B2:63:B4:D9:CF:62:46:0F:D5:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/li890LrMuhxajaSU0ur3fSqMjTc.roa
Signing time: Sun 01 Jan 2023 09:14:57 +0000
ROA not before: Sun 01 Jan 2023 09:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47282
IP address blocks: 185.99.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:dc:83:7d:24:92:35:2c:ff:aa:dd:fb:fd:c5:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=002c8865bc2a07e4acfeb263b4d9cf62460fd523
Validity
Not Before: Jan 1 09:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=962f3dd0baccba1c5a8da494d2eaf77d2a8c8d37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d5:8e:bc:0f:56:57:5a:2d:fc:62:74:a4:1f:
10:7d:4f:f8:99:49:0e:80:93:2a:4e:25:2f:0c:b7:
e0:ac:cf:0b:68:64:07:94:95:e4:96:f2:2a:70:a7:
6a:eb:a6:80:de:3e:d8:99:7a:c5:75:fe:1f:0c:99:
c4:2c:52:2c:9d:be:fc:e9:4c:47:f8:c4:8e:61:fc:
1a:e7:65:c3:79:0d:88:28:38:30:a6:ee:1e:03:4d:
34:ea:2a:b9:44:72:21:04:6d:ab:ac:d6:48:02:1d:
2f:68:10:72:50:f1:90:1a:d5:24:9a:a1:56:36:c9:
92:33:f8:ab:d4:4f:68:a1:eb:14:f7:69:a9:06:58:
ef:32:ce:db:85:15:77:9c:b6:32:de:37:ea:00:2f:
70:35:38:47:59:7d:07:51:3e:58:16:7d:cc:b7:45:
43:e5:e2:af:88:b6:86:84:40:55:4c:d0:20:1d:03:
cd:c6:4e:dc:bf:63:a1:c6:3c:e0:7d:61:4a:e4:ee:
c4:36:c6:9a:45:1e:53:a8:94:42:76:39:5a:29:88:
58:05:f5:5f:fe:e1:8a:2d:a3:83:50:12:6b:b0:44:
40:38:e3:ff:f6:40:56:db:52:db:b1:9a:0d:3e:bd:
47:2d:4d:26:d1:c7:7f:2c:e8:4f:0a:37:55:5c:58:
f1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:2F:3D:D0:BA:CC:BA:1C:5A:8D:A4:94:D2:EA:F7:7D:2A:8C:8D:37
X509v3 Authority Key Identifier:
keyid:00:2C:88:65:BC:2A:07:E4:AC:FE:B2:63:B4:D9:CF:62:46:0F:D5:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/li890LrMuhxajaSU0ur3fSqMjTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/d7fadc-1ebf-42da-9b22-a60c20c8f717/1/ACyIZbwqB-Ss_rJjtNnPYkYP1SM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.7.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:b2:15:06:e3:b9:e0:5b:0f:b7:36:d4:06:df:58:21:d2:8e:
a8:1d:97:5f:31:ad:c3:5d:9d:fa:9a:b8:de:27:f8:91:27:71:
fb:66:dd:a8:25:64:07:3f:f0:81:2e:e6:c5:e5:4c:08:2b:d2:
2e:6f:1f:d4:f5:6b:20:94:a0:b6:aa:2e:fa:43:1a:c0:aa:42:
c1:0c:1a:00:15:60:84:99:7c:b3:77:5f:9c:5f:df:fd:0a:ec:
22:f9:c1:81:48:6b:c3:00:36:c5:53:11:23:0d:63:a4:66:7b:
4b:7e:07:17:15:35:24:6f:6a:e3:9d:5f:bf:92:e3:26:d3:2d:
49:d9:81:f6:3a:07:24:a5:dd:ba:8b:e0:47:8d:64:5c:df:c3:
9d:04:52:14:9e:30:9c:16:d0:44:bf:d5:7f:da:1c:35:f7:83:
72:11:9e:a6:d7:4c:51:b2:c2:30:5e:2f:ed:18:83:c8:ad:80:
24:4e:fc:b0:76:d7:91:ac:e6:55:17:9f:c6:4a:ff:46:fc:90:
19:1e:5e:5f:fd:51:7b:c0:93:2e:4c:77:d1:60:6d:4b:7a:ea:
2a:84:30:87:3a:04:82:01:8c:b7:ee:6c:1b:fd:5a:d1:c1:31:
50:10:38:65:f7:4c:a5:03:1b:ab:27:86:95:49:3e:e8:14:48:
93:25:8b:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsnNyDfSSSNSz/qt37/cXiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMmM4ODY1YmMyYTA3ZTRhY2ZlYjI2M2I0ZDljZjYyNDYw
ZmQ1MjMwHhcNMjMwMTAxMDkxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjJmM2RkMGJhY2NiYTFjNWE4ZGE0OTRkMmVhZjc3ZDJhOGM4ZDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtWOvA9WV1ot/GJ0pB8QfU/4mUkO
gJMqTiUvDLfgrM8LaGQHlJXklvIqcKdq66aA3j7YmXrFdf4fDJnELFIsnb786UxH
+MSOYfwa52XDeQ2IKDgwpu4eA0006iq5RHIhBG2rrNZIAh0vaBByUPGQGtUkmqFW
NsmSM/ir1E9ooesU92mpBljvMs7bhRV3nLYy3jfqAC9wNThHWX0HUT5YFn3Mt0VD
5eKviLaGhEBVTNAgHQPNxk7cv2OhxjzgfWFK5O7ENsaaRR5TqJRCdjlaKYhYBfVf
/uGKLaODUBJrsERAOOP/9kBW21LbsZoNPr1HLU0m0cd/LOhPCjdVXFjxrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJYvPdC6zLocWo2klNLq930qjI03MB8GA1UdIwQY
MBaAFAAsiGW8KgfkrP6yY7TZz2JGD9UjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUN5SVpid3FCLVNzX3JKanROblBZa1lQMVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9kN2ZhZGMtMWViZi00MmRhLTliMjIt
YTYwYzIwYzhmNzE3LzEvbGk4OTBMck11aHhhamFTVTB1cjNmU3FNalRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9kN2ZhZGMtMWViZi00MmRhLTliMjItYTYwYzIwYzhmNzE3
LzEvQUN5SVpid3FCLVNzX3JKanROblBZa1lQMVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWMHMA0G
CSqGSIb3DQEBCwUAA4IBAQAushUG47ngWw+3NtQG31gh0o6oHZdfMa3DXZ36mrje
J/iRJ3H7Zt2oJWQHP/CBLubF5UwIK9Iubx/U9WsglKC2qi76QxrAqkLBDBoAFWCE
mXyzd1+cX9/9Cuwi+cGBSGvDADbFUxEjDWOkZntLfgcXFTUkb2rjnV+/kuMm0y1J
2YH2Ogckpd26i+BHjWRc38OdBFIUnjCcFtBEv9V/2hw194NyEZ6m10xRssIwXi/t
GIPIrYAkTvywdteRrOZVF5/GSv9G/JAZHl5f/VF7wJMuTHfRYG1LeuoqhDCHOgSC
AYy37mwb/VrRwTFQEDhl90ylAxurJ4aVST7oFEiTJYsI
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:39 2025 by rpki-client