Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/8825b4-ff08-4916-ae05-893fbe5911b0/1/xHU3KFYPQFr-wGHWz--v5CkpxhQ.roa
File: xHU3KFYPQFr-wGHWz--v5CkpxhQ.roa (raw, json)
Hash identifier: pCeQ41z4Ns2cL+vcxv4p7R+r7uODj2JpL+XPOYg+1dk=
Subject key identifier: C4:75:37:28:56:0F:40:5A:FE:C0:61:D6:CF:EF:AF:E4:29:29:C6:14
Certificate issuer: /CN=caafc093c3c4256d114a8edc0d06c73cb63e186d
Certificate serial: 069C9A78
Authority key identifier: CA:AF:C0:93:C3:C4:25:6D:11:4A:8E:DC:0D:06:C7:3C:B6:3E:18:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yq_Ak8PEJW0RSo7cDQbHPLY-GG0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/8825b4-ff08-4916-ae05-893fbe5911b0/1/xHU3KFYPQFr-wGHWz--v5CkpxhQ.roa
Signing time: Sat 01 Jan 2022 15:05:21 +0000
ROA not before: Sat 01 Jan 2022 15:05:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 559
IP address blocks: 160.98.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 110926456 (0x69c9a78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caafc093c3c4256d114a8edc0d06c73cb63e186d
Validity
Not Before: Jan 1 15:05:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4753728560f405afec061d6cfefafe42929c614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:08:35:c9:e3:85:1e:b4:4c:13:77:81:f4:77:
a9:99:9c:20:02:c6:16:a4:e5:2a:b4:4d:80:34:30:
72:2c:8a:e0:56:9a:8e:c3:57:16:ed:76:69:48:76:
aa:ea:af:53:f2:79:e8:47:d2:0e:fe:15:24:e4:63:
0d:c7:89:44:ca:57:79:11:9d:1b:7a:fd:e9:62:fd:
5d:6f:05:f6:a6:7a:11:ed:1b:17:a6:7d:56:6c:e6:
0b:49:fd:4b:20:a9:0e:33:08:5a:fa:cb:3d:96:cf:
0c:1f:e4:48:86:49:35:2b:30:b0:ab:fc:74:f3:bb:
15:0c:63:43:43:49:f3:cf:f2:c8:24:39:58:08:e3:
91:2b:e2:8f:bf:f9:e0:e0:72:14:63:74:3a:2b:8e:
b8:24:db:f0:59:3e:94:8c:ea:9d:d9:02:54:25:19:
36:58:29:a8:03:4e:bc:a4:e8:24:45:98:94:9e:87:
1e:42:f0:ed:ad:66:bc:4f:1a:a9:18:0a:ef:1d:ca:
9d:70:29:21:17:d9:59:c2:21:34:7c:d1:26:da:ac:
86:ac:62:9d:02:53:09:c2:d4:f8:65:3f:2c:96:8e:
06:75:b2:4a:09:86:e3:24:cd:ee:3d:03:02:d0:e9:
de:f6:3b:e8:91:80:12:20:96:1e:b8:28:32:d8:77:
aa:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:75:37:28:56:0F:40:5A:FE:C0:61:D6:CF:EF:AF:E4:29:29:C6:14
X509v3 Authority Key Identifier:
keyid:CA:AF:C0:93:C3:C4:25:6D:11:4A:8E:DC:0D:06:C7:3C:B6:3E:18:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yq_Ak8PEJW0RSo7cDQbHPLY-GG0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8825b4-ff08-4916-ae05-893fbe5911b0/1/xHU3KFYPQFr-wGHWz--v5CkpxhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/8825b4-ff08-4916-ae05-893fbe5911b0/1/yq_Ak8PEJW0RSo7cDQbHPLY-GG0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.98.0.0/16
Signature Algorithm: sha256WithRSAEncryption
95:3d:d4:c1:62:74:4d:6c:9b:1c:98:1b:bd:63:95:cf:3c:13:
4a:38:a1:72:e0:2c:c5:5f:3b:bd:d6:3a:ae:8d:f9:12:aa:0a:
c2:fd:1c:24:05:5b:40:65:9b:b6:4e:37:dd:d9:59:85:f3:50:
1d:ac:cd:d3:94:1c:24:7c:24:27:14:63:06:f5:1e:cd:69:45:
50:58:a9:01:1d:94:e6:ee:1b:e5:31:f0:16:67:e5:ce:7c:3f:
ca:50:a2:73:9d:34:8e:2a:a6:ab:e7:49:ca:9a:88:f9:5a:2f:
36:a1:f7:32:0a:73:e4:ec:5d:31:8f:82:66:e9:f7:3c:5f:73:
46:15:20:00:f7:b5:db:b2:a0:4c:79:c0:8c:75:c6:ce:7d:28:
8a:1f:ce:cd:7e:6c:5e:28:ad:35:2c:81:db:1c:5e:73:1b:de:
7a:47:53:e3:c1:81:bd:06:0b:25:b0:63:1e:49:bd:0f:a6:98:
68:a9:09:3f:03:86:46:b6:be:5e:9b:73:40:03:8d:79:cb:32:
4b:fc:fa:ce:76:11:e9:8c:9f:4a:10:e2:36:2b:bd:61:27:d6:
96:6c:8e:11:b2:06:d7:83:91:2b:dc:93:88:53:33:ee:4e:24:
99:08:dd:28:24:0f:5d:f8:c4:a2:98:22:52:aa:a8:95:58:dd:
ac:f7:62:b3
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIEBpyaeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YWFmYzA5M2MzYzQyNTZkMTE0YThlZGMwZDA2YzczY2I2M2UxODZkMB4XDTIyMDEw
MTE1MDUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQ3NTM3Mjg1NjBm
NDA1YWZlYzA2MWQ2Y2ZlZmFmZTQyOTI5YzYxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANMINcnjhR60TBN3gfR3qZmcIALGFqTlKrRNgDQwciyK4Faa
jsNXFu12aUh2quqvU/J56EfSDv4VJORjDceJRMpXeRGdG3r96WL9XW8F9qZ6Ee0b
F6Z9VmzmC0n9SyCpDjMIWvrLPZbPDB/kSIZJNSswsKv8dPO7FQxjQ0NJ88/yyCQ5
WAjjkSvij7/54OByFGN0OiuOuCTb8Fk+lIzqndkCVCUZNlgpqANOvKToJEWYlJ6H
HkLw7a1mvE8aqRgK7x3KnXApIRfZWcIhNHzRJtqshqxinQJTCcLU+GU/LJaOBnWy
SgmG4yTN7j0DAtDp3vY76JGAEiCWHrgoMth3qv8CAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBTEdTcoVg9AWv7AYdbP76/kKSnGFDAfBgNVHSMEGDAWgBTKr8CTw8QlbRFK
jtwNBsc8tj4YbTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lxX0FrOFBFSlcwUlNvN2NEUWJIUExZLUdHMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvODgyNWI0LWZmMDgtNDkxNi1hZTA1LTg5M2ZiZTU5MTFiMC8x
L3hIVTNLRllQUUZyLXdHSFd6LS12NUNrcHhoUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
ODgyNWI0LWZmMDgtNDkxNi1hZTA1LTg5M2ZiZTU5MTFiMC8xL3lxX0FrOFBFSlcw
UlNvN2NEUWJIUExZLUdHMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAKBiMA0GCSqGSIb3DQEBCwUAA4IB
AQCVPdTBYnRNbJscmBu9Y5XPPBNKOKFy4CzFXzu91jqujfkSqgrC/RwkBVtAZZu2
Tjfd2VmF81AdrM3TlBwkfCQnFGMG9R7NaUVQWKkBHZTm7hvlMfAWZ+XOfD/KUKJz
nTSOKqar50nKmoj5Wi82ofcyCnPk7F0xj4Jm6fc8X3NGFSAA97XbsqBMecCMdcbO
fSiKH87NfmxeKK01LIHbHF5zG956R1PjwYG9BgslsGMeSb0PpphoqQk/A4ZGtr5e
m3NAA415yzJL/PrOdhHpjJ9KEOI2K71hJ9aWbI4RsgbXg5Er3JOIUzPuTiSZCN0o
JA9d+MSimCJSqqiVWN2s92Kz
-----END CERTIFICATE-----
Generated at Sat Apr 19 12:26:10 2025 by rpki-client