Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/FKZSq1ltCKzcswgtqz4izp7FN0o.roa
File: FKZSq1ltCKzcswgtqz4izp7FN0o.roa (raw, json)
Hash identifier: 6DWtaClL5JUbra9kQZ/tNRSxr5DQ4W9eUY95pzkcXK8=
Subject key identifier: 14:A6:52:AB:59:6D:08:AC:DC:B3:08:2D:AB:3E:22:CE:9E:C5:37:4A
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 0BE3FAA5
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/FKZSq1ltCKzcswgtqz4izp7FN0o.roa
Signing time: Sat 01 Jan 2022 12:55:01 +0000
ROA not before: Sat 01 Jan 2022 12:55:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 148971
IP address blocks: 2a0c:9a40:82f0::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 199490213 (0xbe3faa5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 12:55:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=14a652ab596d08acdcb3082dab3e22ce9ec5374a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:5a:f0:8a:28:c2:10:39:83:4e:c5:bb:31:96:
4e:80:10:f0:7c:98:e5:82:61:6b:b5:aa:47:c8:b3:
35:8e:8f:14:29:b3:47:0e:f6:cd:5b:d0:30:13:a8:
b7:c4:af:d0:53:42:12:c7:51:24:2e:b2:0f:e4:65:
35:98:10:73:ff:09:b9:a6:e6:9e:11:1b:89:e5:1c:
52:5b:e4:e5:47:c1:d1:5d:1a:41:43:a4:95:93:3a:
c9:d7:80:fd:97:9e:b6:a4:a8:14:95:1a:2a:27:04:
72:1d:0f:18:31:4e:58:ca:1c:2d:ae:30:45:f7:43:
35:6c:56:e9:f6:00:47:5b:54:83:cf:da:66:83:45:
de:d6:98:a1:ca:f4:29:7d:a9:ee:08:f9:b3:17:ad:
55:f4:38:12:41:ce:38:db:79:c1:7d:a9:66:a3:0b:
5b:7d:e3:e4:29:b9:79:6d:5d:00:06:51:33:6c:96:
1a:23:9e:d9:8a:cd:a2:89:42:2d:47:e4:7a:c9:75:
40:88:ed:14:94:8b:ae:62:da:8c:27:34:09:e0:78:
cc:da:8f:1f:31:15:b0:e5:6f:fb:4a:0c:e3:69:de:
89:c6:b1:76:93:90:c9:dc:31:f4:da:cd:b6:2c:af:
79:be:83:d2:76:05:d2:60:e1:39:34:89:9e:c3:4f:
34:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:A6:52:AB:59:6D:08:AC:DC:B3:08:2D:AB:3E:22:CE:9E:C5:37:4A
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/FKZSq1ltCKzcswgtqz4izp7FN0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:82f0::/44
Signature Algorithm: sha256WithRSAEncryption
3e:72:ab:6b:c1:c7:80:42:af:de:a6:36:1c:ee:a8:34:a9:99:
e8:90:f4:a0:04:fb:11:81:db:13:79:e3:4f:31:49:8a:45:13:
4a:7c:6b:f2:af:45:3a:74:dc:c4:b2:86:ee:b1:a5:32:a4:7d:
65:ef:62:e7:e2:45:f5:3b:fe:57:5f:75:37:72:92:49:3d:f5:
97:b7:d0:80:4f:71:f1:6f:4a:51:81:5f:a4:72:d4:6b:bf:bd:
cf:4f:eb:0b:b0:f2:d9:ab:8c:81:03:d1:5c:f5:11:70:38:97:
90:2b:c0:34:bb:c4:d1:94:57:06:fa:9f:2c:d9:df:17:0b:45:
30:03:50:95:bb:af:3d:e9:89:86:f6:23:1e:3d:a5:be:41:03:
78:29:9d:23:b1:ed:93:40:47:19:7e:2e:78:a5:62:11:c9:dc:
a5:aa:5a:3b:0a:eb:fd:4e:22:72:82:29:1b:14:ae:31:7e:06:
e9:ef:f3:2c:a9:da:d7:33:c3:84:44:b3:9a:4a:8f:a2:fa:2a:
3b:a1:6a:7f:2e:4d:1c:00:34:3c:2f:d5:df:07:47:1f:65:e8:
61:96:c8:61:d3:4c:14:f1:44:ff:b2:91:ff:e1:aa:67:7a:f6:
02:7e:e0:e3:5f:aa:b3:35:1f:f2:98:e1:ba:e9:7b:af:6b:94:
89:0c:2c:b2
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEC+P6pTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTk1YTM2MWZlMmIyYzUyOTI2MjZiYTRjNTZhNjVhODE0ZTQ4MDA4MB4XDTIyMDEw
MTEyNTUwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTRhNjUyYWI1OTZk
MDhhY2RjYjMwODJkYWIzZTIyY2U5ZWM1Mzc0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIZa8IoowhA5g07FuzGWToAQ8HyY5YJha7WqR8izNY6PFCmz
Rw72zVvQMBOot8Sv0FNCEsdRJC6yD+RlNZgQc/8JuabmnhEbieUcUlvk5UfB0V0a
QUOklZM6ydeA/ZeetqSoFJUaKicEch0PGDFOWMocLa4wRfdDNWxW6fYAR1tUg8/a
ZoNF3taYocr0KX2p7gj5sxetVfQ4EkHOONt5wX2pZqMLW33j5Cm5eW1dAAZRM2yW
GiOe2YrNoolCLUfkesl1QIjtFJSLrmLajCc0CeB4zNqPHzEVsOVv+0oM42neicax
dpOQydwx9NrNtiyveb6D0nYF0mDhOTSJnsNPNAECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQUplKrWW0IrNyzCC2rPiLOnsU3SjAfBgNVHSMEGDAWgBSelaNh/issUpJi
a6TFamWoFOSACDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25wV2pZZjRyTEZLU1ltdWt4V3BscUJUa2dBZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvZjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8x
L0ZLWlNxMWx0Q0t6Y3N3Z3RxejRpenA3Rk4wby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
Zjk2ZjczLTY2ODYtNDE2NC1iMjNmLWJmNGU1MjdiOWZhOC8xL25wV2pZZjRyTEZL
U1ltdWt4V3BscUJUa2dBZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoMmkCC8DANBgkqhkiG9w0BAQsF
AAOCAQEAPnKra8HHgEKv3qY2HO6oNKmZ6JD0oAT7EYHbE3njTzFJikUTSnxr8q9F
OnTcxLKG7rGlMqR9Ze9i5+JF9Tv+V191N3KSST31l7fQgE9x8W9KUYFfpHLUa7+9
z0/rC7Dy2auMgQPRXPURcDiXkCvANLvE0ZRXBvqfLNnfFwtFMANQlbuvPemJhvYj
Hj2lvkEDeCmdI7Htk0BHGX4ueKViEcncpapaOwrr/U4icoIpGxSuMX4G6e/zLKna
1zPDhESzmkqPovoqO6Fqfy5NHAA0PC/V3wdHH2XoYZbIYdNMFPFE/7KR/+GqZ3r2
An7g41+qszUf8pjhuul7r2uUiQwssg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:05:27 2025 by rpki-client