Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/672af8-3348-4213-b47c-0618c9a8cac4/1/LHhRipeAOdpJeca6rzYfWtSckSo.roa
File: LHhRipeAOdpJeca6rzYfWtSckSo.roa (raw, json)
Hash identifier: mbhnQRlo9o/YEedV7edB6XOqJTeD5+e08MFdPtHITDs=
Subject key identifier: 2C:78:51:8A:97:80:39:DA:49:79:C6:BA:AF:36:1F:5A:D4:9C:91:2A
Certificate issuer: /CN=8a08c28be15516290b9da5135e58f55fbb80ffb4
Certificate serial: 09C370EE
Authority key identifier: 8A:08:C2:8B:E1:55:16:29:0B:9D:A5:13:5E:58:F5:5F:BB:80:FF:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/igjCi-FVFikLnaUTXlj1X7uA_7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/672af8-3348-4213-b47c-0618c9a8cac4/1/LHhRipeAOdpJeca6rzYfWtSckSo.roa
Signing time: Sat 01 Jan 2022 08:04:44 +0000
ROA not before: Sat 01 Jan 2022 08:04:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25091
IP address blocks: 160.53.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163803374 (0x9c370ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a08c28be15516290b9da5135e58f55fbb80ffb4
Validity
Not Before: Jan 1 08:04:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c78518a978039da4979c6baaf361f5ad49c912a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:b7:b4:77:28:be:c0:4d:15:f9:6d:45:f6:84:
15:54:3a:de:66:9d:9f:3c:46:c7:7a:d6:5e:26:da:
8b:69:07:a0:e2:e9:a1:87:fd:99:53:7c:e2:50:1a:
f5:8f:41:b4:ec:a4:8a:f6:8c:b3:11:ae:96:a7:d4:
0d:b6:36:4d:25:62:3d:f2:35:4f:2b:78:c4:3d:6f:
7d:62:c5:74:ad:7c:6b:44:33:93:df:27:5d:91:0f:
40:8a:bf:f1:1a:f4:6b:6d:0e:ba:29:9b:fc:09:da:
ec:e7:7c:2b:57:fd:f5:e0:f9:ff:26:ff:68:ef:d4:
df:fd:19:a1:7a:a3:b8:b5:f6:28:fb:2f:14:15:1e:
ce:12:31:01:c1:c8:57:e0:64:e8:fb:29:39:de:b0:
26:2d:c5:32:e1:c0:80:a3:84:c3:e2:0d:9e:c5:bf:
45:17:03:88:d3:ac:61:68:e8:9f:68:ba:c3:6c:1b:
4e:ce:c1:d3:01:ac:a4:39:ee:47:dc:9f:6c:9b:c9:
83:1d:55:28:19:20:4f:75:bf:ee:bc:ea:fb:fc:a0:
6c:59:02:8d:fe:67:7c:b2:93:de:ec:54:ed:ce:a0:
07:93:e1:0c:cb:ad:b3:26:2b:19:bb:4f:ec:1f:62:
97:3f:2a:ad:da:36:6b:6f:9f:4a:db:75:0a:90:cb:
96:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:78:51:8A:97:80:39:DA:49:79:C6:BA:AF:36:1F:5A:D4:9C:91:2A
X509v3 Authority Key Identifier:
keyid:8A:08:C2:8B:E1:55:16:29:0B:9D:A5:13:5E:58:F5:5F:BB:80:FF:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/igjCi-FVFikLnaUTXlj1X7uA_7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/672af8-3348-4213-b47c-0618c9a8cac4/1/LHhRipeAOdpJeca6rzYfWtSckSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/672af8-3348-4213-b47c-0618c9a8cac4/1/igjCi-FVFikLnaUTXlj1X7uA_7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.53.242.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:60:31:ff:a0:12:15:05:2e:9d:12:e0:c4:33:4d:de:a0:70:
c8:0f:39:0f:54:39:30:da:5b:4e:40:67:16:5d:10:71:94:c0:
4a:bf:dd:ff:2b:0b:a6:89:0f:95:1a:e9:60:e4:36:b2:2a:09:
89:34:9b:1e:5c:f4:ea:52:6c:e7:52:13:a8:27:49:ff:e0:76:
00:d5:74:46:41:87:69:7e:25:8e:1b:a2:e6:31:83:d1:a0:76:
fc:94:34:4c:7b:e0:f8:cb:f2:04:b1:f6:24:2f:96:ff:9e:3a:
72:6c:92:1b:70:7b:a5:6c:b0:98:f1:b4:e1:bd:67:54:ac:f7:
46:5b:ae:3b:23:38:eb:00:7c:4b:2c:2d:8e:f7:de:7b:20:26:
eb:34:30:30:06:1f:cb:86:cb:be:b3:a4:5e:64:3f:bd:7e:fd:
57:22:be:60:4b:21:06:13:80:42:25:1f:73:97:d6:56:a2:26:
df:61:74:7e:ad:47:fc:16:74:48:e4:59:da:52:d8:08:74:4c:
ce:57:93:a2:9e:98:34:0d:9e:ea:3d:8f:4f:5c:92:25:91:fc:
35:67:e9:47:80:3f:22:73:1f:d6:2f:c2:e0:59:60:68:7a:11:
dd:17:72:f5:f7:1d:05:f6:c2:e4:a9:94:0e:1f:76:20:09:36:
cf:3b:e2:0c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECcNw7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YTA4YzI4YmUxNTUxNjI5MGI5ZGE1MTM1ZTU4ZjU1ZmJiODBmZmI0MB4XDTIyMDEw
MTA4MDQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmM3ODUxOGE5Nzgw
MzlkYTQ5NzljNmJhYWYzNjFmNWFkNDljOTEyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOi3tHcovsBNFfltRfaEFVQ63madnzxGx3rWXibai2kHoOLp
oYf9mVN84lAa9Y9BtOykivaMsxGulqfUDbY2TSViPfI1Tyt4xD1vfWLFdK18a0Qz
k98nXZEPQIq/8Rr0a20Ouimb/Ana7Od8K1f99eD5/yb/aO/U3/0ZoXqjuLX2KPsv
FBUezhIxAcHIV+Bk6PspOd6wJi3FMuHAgKOEw+INnsW/RRcDiNOsYWjon2i6w2wb
Ts7B0wGspDnuR9yfbJvJgx1VKBkgT3W/7rzq+/ygbFkCjf5nfLKT3uxU7c6gB5Ph
DMutsyYrGbtP7B9ilz8qrdo2a2+fStt1CpDLlmsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQseFGKl4A52kl5xrqvNh9a1JyRKjAfBgNVHSMEGDAWgBSKCMKL4VUWKQud
pRNeWPVfu4D/tDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lnakNpLUZWRmlrTG5hVVRYbGoxWDd1QV83US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvNjcyYWY4LTMzNDgtNDIxMy1iNDdjLTA2MThjOWE4Y2FjNC8x
L0xIaFJpcGVBT2RwSmVjYTZyellmV3RTY2tTby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
NjcyYWY4LTMzNDgtNDIxMy1iNDdjLTA2MThjOWE4Y2FjNC8xL2lnakNpLUZWRmlr
TG5hVVRYbGoxWDd1QV83US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKA18jANBgkqhkiG9w0BAQsFAAOC
AQEAx2Ax/6ASFQUunRLgxDNN3qBwyA85D1Q5MNpbTkBnFl0QcZTASr/d/ysLpokP
lRrpYOQ2sioJiTSbHlz06lJs51ITqCdJ/+B2ANV0RkGHaX4ljhui5jGD0aB2/JQ0
THvg+MvyBLH2JC+W/546cmySG3B7pWywmPG04b1nVKz3RluuOyM46wB8Sywtjvfe
eyAm6zQwMAYfy4bLvrOkXmQ/vX79VyK+YEshBhOAQiUfc5fWVqIm32F0fq1H/BZ0
SORZ2lLYCHRMzleTop6YNA2e6j2PT1ySJZH8NWfpR4A/InMf1i/C4FlgaHoR3Rdy
9fcdBfbC5KmUDh92IAk2zzviDA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:39 2025 by rpki-client