Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/b3c443-b199-4041-8247-b403d10c3e91/1/1-5wfGkbjMfxuQIs7Nr4IdouQx_A.roa
File: 1-5wfGkbjMfxuQIs7Nr4IdouQx_A.roa (raw, json)
Hash identifier: F+0GIuaG49kwvO6GmUbhlZ4nPShu210bfgbhjv/XjxU=
Subject key identifier: FB:9C:1F:1A:46:E3:31:FC:6E:40:8B:3B:36:BE:08:76:8B:90:C7:F0
Certificate issuer: /CN=8b0cd696ada8911302563ba4e442e6cfa6a28ffb
Certificate serial: 0185708CE8349036BAE81117E744BC368AA8
Authority key identifier: 8B:0C:D6:96:AD:A8:91:13:02:56:3B:A4:E4:42:E6:CF:A6:A2:8F:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iwzWlq2okRMCVjuk5ELmz6aij_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/b3c443-b199-4041-8247-b403d10c3e91/1/1-5wfGkbjMfxuQIs7Nr4IdouQx_A.roa
Signing time: Mon 02 Jan 2023 03:36:00 +0000
ROA not before: Mon 02 Jan 2023 03:36:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 786
IP address blocks: 160.6.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:e8:34:90:36:ba:e8:11:17:e7:44:bc:36:8a:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b0cd696ada8911302563ba4e442e6cfa6a28ffb
Validity
Not Before: Jan 2 03:36:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb9c1f1a46e331fc6e408b3b36be08768b90c7f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b5:38:28:9a:e0:dd:8f:31:76:d6:03:15:30:
f7:e3:c0:89:10:7a:6c:c0:bb:60:31:b9:bd:20:eb:
17:6c:e3:23:e7:d1:38:67:ef:32:d3:8b:c4:57:b2:
e3:32:80:10:79:45:15:3e:e0:12:57:7f:cb:5d:49:
59:33:07:f9:ec:33:72:26:39:76:52:29:0a:ee:f8:
12:d1:84:3c:97:dc:92:d4:59:df:84:33:d5:b6:55:
1c:b2:9a:2e:c8:33:a7:c2:fa:1c:18:78:63:bf:85:
61:b9:f9:15:30:f3:ea:94:45:a5:20:64:f5:78:97:
fd:78:55:55:a3:c0:7a:ec:82:6f:59:ae:93:c0:ec:
52:e8:53:c4:52:ab:d1:9f:5f:08:b3:01:9e:94:fa:
57:40:35:28:62:9c:10:55:7a:42:3c:f8:a7:64:29:
87:8b:98:13:ca:ae:45:54:00:1c:dc:de:9e:70:e5:
6e:38:ff:99:43:ea:04:c0:30:bf:c2:66:ca:e5:e9:
47:a3:9a:6a:ac:53:31:0f:57:8f:a4:77:42:9d:71:
01:0f:ba:de:5a:9e:6a:96:2f:05:d3:1a:c6:9b:f2:
91:54:e8:ff:c8:5a:ab:be:1c:4e:d9:36:d1:12:af:
ab:61:03:28:df:ea:ff:a2:cd:ed:fa:41:84:a0:74:
d5:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:9C:1F:1A:46:E3:31:FC:6E:40:8B:3B:36:BE:08:76:8B:90:C7:F0
X509v3 Authority Key Identifier:
keyid:8B:0C:D6:96:AD:A8:91:13:02:56:3B:A4:E4:42:E6:CF:A6:A2:8F:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iwzWlq2okRMCVjuk5ELmz6aij_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b3c443-b199-4041-8247-b403d10c3e91/1/1-5wfGkbjMfxuQIs7Nr4IdouQx_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b3c443-b199-4041-8247-b403d10c3e91/1/iwzWlq2okRMCVjuk5ELmz6aij_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.6.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a1:7d:b7:c5:7b:aa:8d:6c:4d:9e:62:9c:8b:7a:2c:06:e5:71:
21:08:b1:34:53:28:95:a9:e5:8f:2b:39:77:79:06:3f:0b:95:
5a:62:8c:5c:31:f0:eb:c3:f2:36:6a:c5:fe:bc:4d:c5:25:e8:
89:30:29:ff:2b:eb:1d:7e:55:c2:9d:bb:d1:96:d8:a1:49:36:
cd:fd:1a:4f:93:7a:fd:1d:55:a4:51:5a:d6:f4:de:8e:ba:85:
37:2d:3b:a9:0a:4b:b5:05:6a:26:1a:c7:92:20:3d:3b:56:9e:
77:aa:62:88:6a:a4:a4:33:55:59:75:c0:83:d9:01:3f:d8:8f:
28:37:eb:23:a4:dc:35:3b:ec:c6:bb:4f:01:3d:9b:8f:f3:4a:
50:20:7d:f4:12:44:81:33:7e:02:f1:49:f8:22:8f:be:02:5f:
10:82:51:f2:3f:12:fb:4f:76:c9:d2:78:27:56:f4:c8:ff:91:
a7:9e:02:3e:c4:e3:88:d6:05:1d:8a:83:3d:1b:15:03:de:e6:
ad:32:bd:0e:51:32:06:5f:ad:fa:67:b5:de:0d:e7:05:1c:2e:
ac:f7:81:f5:a0:bb:af:fd:68:f7:7e:f5:72:df:ab:b8:df:14:
58:e6:2b:e4:3b:4b:8f:33:cc:eb:8a:e0:92:c5:50:5e:f3:97:
3e:7b:7f:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwjOg0kDa66BEX50S8NoqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMGNkNjk2YWRhODkxMTMwMjU2M2JhNGU0NDJlNmNmYTZh
MjhmZmIwHhcNMjMwMTAyMDMzNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjljMWYxYTQ2ZTMzMWZjNmU0MDhiM2IzNmJlMDg3NjhiOTBjN2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLU4KJrg3Y8xdtYDFTD348CJEHps
wLtgMbm9IOsXbOMj59E4Z+8y04vEV7LjMoAQeUUVPuASV3/LXUlZMwf57DNyJjl2
UikK7vgS0YQ8l9yS1FnfhDPVtlUcspouyDOnwvocGHhjv4VhufkVMPPqlEWlIGT1
eJf9eFVVo8B67IJvWa6TwOxS6FPEUqvRn18IswGelPpXQDUoYpwQVXpCPPinZCmH
i5gTyq5FVAAc3N6ecOVuOP+ZQ+oEwDC/wmbK5elHo5pqrFMxD1ePpHdCnXEBD7re
Wp5qli8F0xrGm/KRVOj/yFqrvhxO2TbREq+rYQMo3+r/os3t+kGEoHTVtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPucHxpG4zH8bkCLOza+CHaLkMfwMB8GA1UdIwQY
MBaAFIsM1patqJETAlY7pORC5s+moo/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXd6V2xxMm9rUk1DVmp1azVFTG16NmFpal9zLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9iM2M0NDMtYjE5OS00MDQxLTgyNDct
YjQwM2QxMGMzZTkxLzEvMS01d2ZHa2JqTWZ4dVFJczdOcjRJZG91UXhfQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTYvYjNjNDQzLWIxOTktNDA0MS04MjQ3LWI0MDNkMTBjM2U5
MS8xL2l3eldscTJva1JNQ1ZqdWs1RUxtejZhaWpfcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAKAGMA0G
CSqGSIb3DQEBCwUAA4IBAQChfbfFe6qNbE2eYpyLeiwG5XEhCLE0UyiVqeWPKzl3
eQY/C5VaYoxcMfDrw/I2asX+vE3FJeiJMCn/K+sdflXCnbvRltihSTbN/RpPk3r9
HVWkUVrW9N6OuoU3LTupCku1BWomGseSID07Vp53qmKIaqSkM1VZdcCD2QE/2I8o
N+sjpNw1O+zGu08BPZuP80pQIH30EkSBM34C8Un4Io++Al8QglHyPxL7T3bJ0ngn
VvTI/5GnngI+xOOI1gUdioM9GxUD3uatMr0OUTIGX636Z7XeDecFHC6s94H1oLuv
/Wj3fvVy36u43xRY5ivkO0uPM8zriuCSxVBe85c+e38w
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:23:07 2025 by rpki-client