Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/8825b4-ff08-4916-ae05-893fbe5911b0/1/mAs68o8HNMIY0AFkQF6y9eq4VRI.roa
File: mAs68o8HNMIY0AFkQF6y9eq4VRI.roa (raw, json)
Hash identifier: t+2RKfddAbrO9AP9+/ujMSTgVskxgK6F+R+nFjMOtD0=
Subject key identifier: 98:0B:3A:F2:8F:07:34:C2:18:D0:01:64:40:5E:B2:F5:EA:B8:55:12
Certificate issuer: /CN=caafc093c3c4256d114a8edc0d06c73cb63e186d
Certificate serial: 01856D0161627AAA6CDFC51A8A2A1686361A
Authority key identifier: CA:AF:C0:93:C3:C4:25:6D:11:4A:8E:DC:0D:06:C7:3C:B6:3E:18:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yq_Ak8PEJW0RSo7cDQbHPLY-GG0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/8825b4-ff08-4916-ae05-893fbe5911b0/1/mAs68o8HNMIY0AFkQF6y9eq4VRI.roa
Signing time: Sun 01 Jan 2023 11:04:45 +0000
ROA not before: Sun 01 Jan 2023 11:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 559
IP address blocks: 160.98.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:61:62:7a:aa:6c:df:c5:1a:8a:2a:16:86:36:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caafc093c3c4256d114a8edc0d06c73cb63e186d
Validity
Not Before: Jan 1 11:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=980b3af28f0734c218d00164405eb2f5eab85512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0c:7b:dc:3e:98:57:52:0a:ec:c6:15:88:6e:
ed:c4:bd:d3:bf:56:d4:30:02:65:5d:c9:d7:50:8e:
48:0b:33:91:fb:a3:30:5c:55:ea:71:63:55:18:a0:
74:d1:c2:56:6f:38:af:1c:79:1f:98:d1:36:1f:f9:
8a:7e:a6:c3:ca:12:ce:9e:36:1d:34:0d:b5:bc:0d:
1a:91:58:d3:a1:aa:46:12:37:a3:fb:7d:3e:78:f2:
f3:f4:ca:3a:37:b3:f8:f2:fa:cc:09:8e:a4:a1:bc:
a7:27:6f:f0:fd:c0:71:0f:f2:99:e8:ff:6c:bd:1c:
60:d0:59:70:14:46:04:41:01:4f:82:b1:66:af:66:
aa:fb:91:38:f6:63:9e:a4:a3:c3:9c:34:7f:cf:1e:
43:f4:2e:14:fc:8b:cd:ed:4f:b4:1c:0f:48:17:ff:
df:65:5a:32:db:c2:1b:ba:d5:14:be:65:fd:1b:e7:
b0:65:58:4b:07:f0:82:9c:66:60:bd:2e:9c:cd:94:
8c:92:e2:9a:51:57:a2:58:2b:59:44:c8:cc:29:ac:
78:96:50:96:99:ae:02:21:c5:e9:cd:1e:ed:66:53:
20:e7:13:90:92:bc:e1:1e:ee:f0:43:9a:ba:41:21:
4b:fb:d8:e9:6d:60:04:81:b8:fa:e9:79:36:99:2d:
bf:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:0B:3A:F2:8F:07:34:C2:18:D0:01:64:40:5E:B2:F5:EA:B8:55:12
X509v3 Authority Key Identifier:
keyid:CA:AF:C0:93:C3:C4:25:6D:11:4A:8E:DC:0D:06:C7:3C:B6:3E:18:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yq_Ak8PEJW0RSo7cDQbHPLY-GG0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8825b4-ff08-4916-ae05-893fbe5911b0/1/mAs68o8HNMIY0AFkQF6y9eq4VRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8825b4-ff08-4916-ae05-893fbe5911b0/1/yq_Ak8PEJW0RSo7cDQbHPLY-GG0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.98.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b7:93:58:75:aa:29:1b:d8:f3:f3:56:7e:d4:22:7b:f8:3f:82:
96:c9:7e:44:69:4d:3d:75:36:74:83:95:28:17:d0:af:af:2c:
4e:94:74:b6:59:5a:6c:f5:88:e0:fe:03:d8:11:4c:41:31:8f:
76:d2:30:e6:b6:3f:37:63:44:3b:f9:a4:ba:64:ae:74:f3:c2:
e9:0c:88:ab:51:41:a6:4c:53:e5:c4:15:19:40:bd:4b:bb:a6:
b4:c0:f6:59:40:9a:6c:1d:05:b1:a7:c6:8b:4d:2b:7e:d8:99:
a1:da:2f:b3:1c:d7:a3:d5:68:eb:59:fd:19:94:5c:2b:47:84:
84:3d:bf:c5:55:db:25:d2:8f:4b:6a:bc:f3:e4:94:0b:5f:6d:
82:39:e5:ed:e4:0b:35:60:1a:71:87:08:a3:b5:21:9d:49:d7:
53:95:33:fd:33:92:f6:fa:23:c8:3a:62:e1:b7:95:ee:24:03:
eb:51:0a:d9:39:98:4e:71:11:c5:cc:9c:ca:f2:56:5b:e7:a1:
90:9d:26:90:05:67:ff:c5:fa:d9:0d:cc:5c:a4:d8:26:28:9e:
bd:5f:87:e6:1c:ab:d3:ab:f3:05:8a:3a:83:33:47:ba:a2:b8:
91:7d:6d:35:15:ea:30:51:a3:a2:32:c2:91:59:03:58:9c:73:
37:03:12:ff
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVtAWFieqps38UaiioWhjYaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhYWZjMDkzYzNjNDI1NmQxMTRhOGVkYzBkMDZjNzNjYjYz
ZTE4NmQwHhcNMjMwMTAxMTEwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODBiM2FmMjhmMDczNGMyMThkMDAxNjQ0MDVlYjJmNWVhYjg1NTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgx73D6YV1IK7MYViG7txL3Tv1bU
MAJlXcnXUI5ICzOR+6MwXFXqcWNVGKB00cJWbzivHHkfmNE2H/mKfqbDyhLOnjYd
NA21vA0akVjToapGEjej+30+ePLz9Mo6N7P48vrMCY6kobynJ2/w/cBxD/KZ6P9s
vRxg0FlwFEYEQQFPgrFmr2aq+5E49mOepKPDnDR/zx5D9C4U/IvN7U+0HA9IF//f
ZVoy28IbutUUvmX9G+ewZVhLB/CCnGZgvS6czZSMkuKaUVeiWCtZRMjMKax4llCW
ma4CIcXpzR7tZlMg5xOQkrzhHu7wQ5q6QSFL+9jpbWAEgbj66Xk2mS2/3QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFJgLOvKPBzTCGNABZEBesvXquFUSMB8GA1UdIwQY
MBaAFMqvwJPDxCVtEUqO3A0Gxzy2PhhtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXFfQWs4UEVKVzBSU283Y0RRYkhQTFktR0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC84ODI1YjQtZmYwOC00OTE2LWFlMDUt
ODkzZmJlNTkxMWIwLzEvbUFzNjhvOEhOTUlZMEFGa1FGNnk5ZXE0VlJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC84ODI1YjQtZmYwOC00OTE2LWFlMDUtODkzZmJlNTkxMWIw
LzEveXFfQWs4UEVKVzBSU283Y0RRYkhQTFktR0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAoGIwDQYJ
KoZIhvcNAQELBQADggEBALeTWHWqKRvY8/NWftQie/g/gpbJfkRpTT11NnSDlSgX
0K+vLE6UdLZZWmz1iOD+A9gRTEExj3bSMOa2PzdjRDv5pLpkrnTzwukMiKtRQaZM
U+XEFRlAvUu7prTA9llAmmwdBbGnxotNK37YmaHaL7Mc16PVaOtZ/RmUXCtHhIQ9
v8VV2yXSj0tqvPPklAtfbYI55e3kCzVgGnGHCKO1IZ1J11OVM/0zkvb6I8g6YuG3
le4kA+tRCtk5mE5xEcXMnMryVlvnoZCdJpAFZ//F+tkNzFyk2CYonr1fh+Ycq9Or
8wWKOoMzR7qiuJF9bTUV6jBRo6IywpFZA1icczcDEv8=
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:29:44 2025 by rpki-client