Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/11cdac-6411-454d-b973-4762b010ef1e/1/P9YU7Qkq8jNRru9OxAN9PNPL0ac.roa
File: P9YU7Qkq8jNRru9OxAN9PNPL0ac.roa (raw, json)
Hash identifier: 4Tdl3gEvL1ppQx7CNmR93Bk38wPB1aLaBpu4ryiq4Gc=
Subject key identifier: 3F:D6:14:ED:09:2A:F2:33:51:AE:EF:4E:C4:03:7D:3C:D3:CB:D1:A7
Certificate issuer: /CN=d0a1db466cf808206293d07e65f2121feb49a33e
Certificate serial: 045B5CE5
Authority key identifier: D0:A1:DB:46:6C:F8:08:20:62:93:D0:7E:65:F2:12:1F:EB:49:A3:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0KHbRmz4CCBik9B-ZfISH-tJoz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/11cdac-6411-454d-b973-4762b010ef1e/1/P9YU7Qkq8jNRru9OxAN9PNPL0ac.roa
Signing time: Sat 01 Jan 2022 11:04:20 +0000
ROA not before: Sat 01 Jan 2022 11:04:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212783
IP address blocks: 2001:678:e0c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73096421 (0x45b5ce5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0a1db466cf808206293d07e65f2121feb49a33e
Validity
Not Before: Jan 1 11:04:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3fd614ed092af23351aeef4ec4037d3cd3cbd1a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d3:56:57:c6:0f:9e:c1:22:c7:9d:a3:b9:6e:
47:c8:f9:11:ca:1a:5f:2c:a0:1d:ec:66:42:8c:03:
31:17:0a:b8:6d:ba:32:46:bd:36:61:05:6f:3d:47:
1f:54:a0:22:9e:36:8a:c7:f1:1c:7a:c5:25:35:b6:
0f:1c:42:ac:a1:52:05:b5:0e:25:56:65:57:e1:ca:
8c:fc:41:4b:12:92:3e:37:a8:88:81:b2:02:6a:da:
08:4f:d6:4b:a6:c9:21:2b:09:26:24:cc:da:67:01:
e7:c7:53:fe:da:3f:1c:31:43:fb:c6:08:a1:83:c1:
23:2d:94:88:df:ae:fc:1b:f3:f5:4e:ae:55:c5:78:
b6:bb:f0:c3:00:4f:c1:a4:59:11:f4:3b:c1:2c:1f:
ca:f2:ba:2a:8e:6c:76:13:dd:77:df:e6:41:19:a9:
f4:92:82:0c:c7:3d:48:be:00:82:6d:15:5e:ad:51:
10:32:5a:53:22:80:2c:51:d9:ff:79:26:0e:9f:7e:
d4:90:40:2f:38:76:56:2d:7b:56:f1:f9:4e:1a:de:
70:36:94:44:90:47:a4:a4:ef:17:f1:4f:88:98:f4:
3f:d3:7b:38:8c:7f:a7:eb:6d:c3:b6:cb:b4:f1:92:
87:b2:43:7c:de:5d:44:60:56:a0:9c:77:37:9d:a4:
9e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:D6:14:ED:09:2A:F2:33:51:AE:EF:4E:C4:03:7D:3C:D3:CB:D1:A7
X509v3 Authority Key Identifier:
keyid:D0:A1:DB:46:6C:F8:08:20:62:93:D0:7E:65:F2:12:1F:EB:49:A3:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0KHbRmz4CCBik9B-ZfISH-tJoz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/11cdac-6411-454d-b973-4762b010ef1e/1/P9YU7Qkq8jNRru9OxAN9PNPL0ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/11cdac-6411-454d-b973-4762b010ef1e/1/0KHbRmz4CCBik9B-ZfISH-tJoz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:e0c::/48
Signature Algorithm: sha256WithRSAEncryption
57:00:92:bb:0f:15:28:da:1e:3f:94:40:dd:f1:0f:d9:45:a2:
73:fb:03:91:76:99:af:68:37:0d:00:e1:79:d9:ef:83:21:6e:
9f:8a:58:08:c9:26:5a:4b:b6:a0:64:b7:42:f9:93:18:44:c5:
9a:29:9e:55:e4:7d:3a:0c:19:c4:b3:96:0d:0b:06:f8:b5:64:
0e:3f:16:40:a0:87:53:e3:02:26:8c:14:20:f7:05:9f:ca:25:
91:d4:8d:f7:6f:06:57:15:d8:7c:0c:f4:5b:51:f0:9c:df:87:
dd:b2:13:1c:03:31:0b:e6:09:b0:6a:9c:e5:06:e0:14:e4:fb:
45:87:7b:5e:45:b0:aa:a7:6c:08:4f:ad:ca:6f:57:3f:f5:b0:
6a:58:57:84:f1:19:8a:d6:2f:3a:55:c1:ad:06:37:48:c9:eb:
8f:3f:85:85:cd:3c:a3:f2:0a:3e:78:c3:c5:8f:f4:d9:46:56:
70:83:59:3a:d7:b1:8a:d0:38:ce:24:96:ac:b2:c9:19:12:5f:
fc:b8:cf:ea:ee:d6:37:9d:8b:21:50:06:4a:b1:d4:74:b9:35:
15:14:18:de:01:d9:ba:3a:1c:b1:a0:18:4f:1d:aa:91:6d:18:
cc:89:ab:17:c7:26:38:62:64:fd:32:9f:24:b4:fb:85:8c:79:
bc:fe:6f:cb
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBFtc5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MGExZGI0NjZjZjgwODIwNjI5M2QwN2U2NWYyMTIxZmViNDlhMzNlMB4XDTIyMDEw
MTExMDQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ZkNjE0ZWQwOTJh
ZjIzMzUxYWVlZjRlYzQwMzdkM2NkM2NiZDFhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMrTVlfGD57BIsedo7luR8j5EcoaXyygHexmQowDMRcKuG26
Mka9NmEFbz1HH1SgIp42isfxHHrFJTW2DxxCrKFSBbUOJVZlV+HKjPxBSxKSPjeo
iIGyAmraCE/WS6bJISsJJiTM2mcB58dT/to/HDFD+8YIoYPBIy2UiN+u/Bvz9U6u
VcV4trvwwwBPwaRZEfQ7wSwfyvK6Ko5sdhPdd9/mQRmp9JKCDMc9SL4Agm0VXq1R
EDJaUyKALFHZ/3kmDp9+1JBALzh2Vi17VvH5ThrecDaURJBHpKTvF/FPiJj0P9N7
OIx/p+ttw7bLtPGSh7JDfN5dRGBWoJx3N52kntsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQ/1hTtCSryM1Gu707EA30808vRpzAfBgNVHSMEGDAWgBTQodtGbPgIIGKT
0H5l8hIf60mjPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBLSGJSbXo0Q0NCaWs5Qi1aZklTSC10Sm96NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvMTFjZGFjLTY0MTEtNDU0ZC1iOTczLTQ3NjJiMDEwZWYxZS8x
L1A5WVU3UWtxOGpOUnJ1OU94QU45UE5QTDBhYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
MTFjZGFjLTY0MTEtNDU0ZC1iOTczLTQ3NjJiMDEwZWYxZS8xLzBLSGJSbXo0Q0NC
aWs5Qi1aZklTSC10Sm96NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngODDANBgkqhkiG9w0BAQsF
AAOCAQEAVwCSuw8VKNoeP5RA3fEP2UWic/sDkXaZr2g3DQDhednvgyFun4pYCMkm
Wku2oGS3QvmTGETFmimeVeR9OgwZxLOWDQsG+LVkDj8WQKCHU+MCJowUIPcFn8ol
kdSN928GVxXYfAz0W1HwnN+H3bITHAMxC+YJsGqc5QbgFOT7RYd7XkWwqqdsCE+t
ym9XP/WwalhXhPEZitYvOlXBrQY3SMnrjz+Fhc08o/IKPnjDxY/02UZWcINZOtex
itA4ziSWrLLJGRJf/LjP6u7WN52LIVAGSrHUdLk1FRQY3gHZujocsaAYTx2qkW0Y
zImrF8cmOGJk/TKfJLT7hYx5vP5vyw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:11:10 2025 by rpki-client