Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/41446b-e49a-4ae7-81e5-9425856ec542/1/xNiP_DrVmBiB70Dn7erj36F85a0.roa
File: xNiP_DrVmBiB70Dn7erj36F85a0.roa (raw, json)
Hash identifier: jhnqG1sS5Zd7jhVxabqRxM22rFhJW7FaJ4VDj/TA5mc=
Subject key identifier: C4:D8:8F:FC:3A:D5:98:18:81:EF:40:E7:ED:EA:E3:DF:A1:7C:E5:AD
Certificate issuer: /CN=4ae8d08909d185af41d0a0c3be5ea28c352f0226
Certificate serial: 04CD6D67
Authority key identifier: 4A:E8:D0:89:09:D1:85:AF:41:D0:A0:C3:BE:5E:A2:8C:35:2F:02:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SujQiQnRha9B0KDDvl6ijDUvAiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/41446b-e49a-4ae7-81e5-9425856ec542/1/xNiP_DrVmBiB70Dn7erj36F85a0.roa
Signing time: Sat 01 Jan 2022 14:04:28 +0000
ROA not before: Sat 01 Jan 2022 14:04:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212989
IP address blocks: 2001:678:ddc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 80571751 (0x4cd6d67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ae8d08909d185af41d0a0c3be5ea28c352f0226
Validity
Not Before: Jan 1 14:04:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4d88ffc3ad5981881ef40e7edeae3dfa17ce5ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3d:95:26:30:5b:e4:17:de:40:07:e5:60:b1:
14:d1:bc:d4:7e:c8:f5:99:32:ac:7b:46:90:38:e0:
d0:b1:5c:a7:0b:47:8c:76:3e:5d:aa:63:b8:8c:1e:
1c:85:a2:a5:d6:19:c8:76:8a:68:51:d5:d5:e3:8c:
49:3a:be:6c:91:3e:b9:40:6c:d4:a5:d4:a2:63:20:
70:e1:91:ee:de:37:4f:c3:bc:00:d9:82:93:82:ec:
95:0c:5c:29:4f:90:4a:6a:e4:24:2a:20:3d:c3:00:
fd:af:c3:e9:ac:c1:c3:e0:72:92:ff:82:6b:0f:1d:
5b:0e:69:86:86:c6:5f:9c:50:53:2e:e3:ca:14:d4:
b7:55:52:56:47:de:d1:70:10:71:66:1a:a8:c5:7c:
d3:4b:c9:b6:f8:06:76:50:26:6b:be:eb:55:a6:0d:
2b:3c:74:51:62:fe:ed:2a:1a:9b:55:ee:c8:a6:40:
7f:cb:f7:ad:41:65:ee:39:73:72:5d:e6:19:78:c6:
b4:a2:d1:75:16:1c:5f:a6:54:cf:a0:a5:ad:df:a8:
24:b3:66:65:88:8e:ef:93:e5:cf:67:74:10:e4:08:
f6:53:67:5f:ad:e5:19:71:68:f2:f2:eb:6f:9a:5a:
5a:c7:b6:b0:04:e2:04:3e:a8:83:3b:99:16:b6:19:
19:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:D8:8F:FC:3A:D5:98:18:81:EF:40:E7:ED:EA:E3:DF:A1:7C:E5:AD
X509v3 Authority Key Identifier:
keyid:4A:E8:D0:89:09:D1:85:AF:41:D0:A0:C3:BE:5E:A2:8C:35:2F:02:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SujQiQnRha9B0KDDvl6ijDUvAiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/41446b-e49a-4ae7-81e5-9425856ec542/1/xNiP_DrVmBiB70Dn7erj36F85a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/41446b-e49a-4ae7-81e5-9425856ec542/1/SujQiQnRha9B0KDDvl6ijDUvAiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:ddc::/48
Signature Algorithm: sha256WithRSAEncryption
9c:71:4d:20:ca:a2:68:66:1b:63:0a:c7:d5:b1:0a:52:50:83:
ad:ce:03:c9:16:f6:d6:c7:bf:e0:81:2b:cc:42:e0:cf:07:23:
38:21:dc:af:af:62:ce:bc:12:c3:5d:61:18:75:6b:a4:7d:1a:
65:3d:c8:0b:0a:2d:cd:b9:a7:d3:bd:2f:e8:42:99:40:e5:58:
bc:3c:5c:c4:78:1e:32:3f:68:5d:ce:6b:14:c8:23:4b:6d:56:
bc:df:5b:91:96:e2:37:33:d5:02:fa:38:9e:91:85:e2:36:53:
bb:97:6c:39:e4:8f:d5:86:a0:a0:2c:1b:04:4e:e3:79:e2:87:
9a:4d:48:3d:2b:ad:9e:73:bf:83:8a:78:b7:6a:6e:b4:d7:1d:
62:5d:0d:ed:fc:75:4c:21:12:9a:52:2f:b1:fe:bc:a4:ff:f9:
76:e2:d9:b3:c7:2c:a6:3e:4c:e6:bf:1f:b0:77:e0:c9:99:8e:
b3:d6:8a:c1:09:38:0b:62:03:22:43:08:c0:20:d1:9a:c3:8b:
e6:5d:65:6c:75:1c:cb:a0:09:ef:79:64:e6:2e:80:ed:3d:e8:
87:1d:2f:a1:9b:a7:f2:4c:0b:68:30:f8:0d:ef:a6:bb:c6:7b:
13:61:d7:d2:16:5a:a8:01:f7:74:4e:18:8a:ae:61:8b:53:e9:
86:68:0d:ac
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBM1tZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YWU4ZDA4OTA5ZDE4NWFmNDFkMGEwYzNiZTVlYTI4YzM1MmYwMjI2MB4XDTIyMDEw
MTE0MDQyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzRkODhmZmMzYWQ1
OTgxODgxZWY0MGU3ZWRlYWUzZGZhMTdjZTVhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKg9lSYwW+QX3kAH5WCxFNG81H7I9ZkyrHtGkDjg0LFcpwtH
jHY+XapjuIweHIWipdYZyHaKaFHV1eOMSTq+bJE+uUBs1KXUomMgcOGR7t43T8O8
ANmCk4LslQxcKU+QSmrkJCogPcMA/a/D6azBw+Bykv+Caw8dWw5phobGX5xQUy7j
yhTUt1VSVkfe0XAQcWYaqMV800vJtvgGdlAma77rVaYNKzx0UWL+7Soam1XuyKZA
f8v3rUFl7jlzcl3mGXjGtKLRdRYcX6ZUz6Clrd+oJLNmZYiO75Plz2d0EOQI9lNn
X63lGXFo8vLrb5paWse2sATiBD6ogzuZFrYZGZ8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTE2I/8OtWYGIHvQOft6uPfoXzlrTAfBgNVHSMEGDAWgBRK6NCJCdGFr0HQ
oMO+XqKMNS8CJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1N1alFpUW5SaGE5QjBLRER2bDZpakRVdkFpWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNDE0NDZiLWU0OWEtNGFlNy04MWU1LTk0MjU4NTZlYzU0Mi8x
L3hOaVBfRHJWbUJpQjcwRG43ZXJqMzZGODVhMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NDE0NDZiLWU0OWEtNGFlNy04MWU1LTk0MjU4NTZlYzU0Mi8xL1N1alFpUW5SaGE5
QjBLRER2bDZpakRVdkFpWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngN3DANBgkqhkiG9w0BAQsF
AAOCAQEAnHFNIMqiaGYbYwrH1bEKUlCDrc4DyRb21se/4IErzELgzwcjOCHcr69i
zrwSw11hGHVrpH0aZT3ICwotzbmn070v6EKZQOVYvDxcxHgeMj9oXc5rFMgjS21W
vN9bkZbiNzPVAvo4npGF4jZTu5dsOeSP1YagoCwbBE7jeeKHmk1IPSutnnO/g4p4
t2putNcdYl0N7fx1TCESmlIvsf68pP/5duLZs8cspj5M5r8fsHfgyZmOs9aKwQk4
C2IDIkMIwCDRmsOL5l1lbHUcy6AJ73lk5i6A7T3ohx0voZun8kwLaDD4De+mu8Z7
E2HX0hZaqAH3dE4Yiq5hi1PphmgNrA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:25 2025 by rpki-client