Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/KNnTQJBWNWZOwqEloeJRzPl-Ct4.roa
File: KNnTQJBWNWZOwqEloeJRzPl-Ct4.roa (raw, json)
Hash identifier: kOQRKgHnlJTtCyS6/rm78eZII3L2pjThmF//WSpK5U0=
Subject key identifier: 28:D9:D3:40:90:56:35:66:4E:C2:A1:25:A1:E2:51:CC:F9:7E:0A:DE
Certificate issuer: /CN=14a4780f5cd07e948be6fa4b4925a7313906d5eb
Certificate serial: 042382A3
Authority key identifier: 14:A4:78:0F:5C:D0:7E:94:8B:E6:FA:4B:49:25:A7:31:39:06:D5:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FKR4D1zQfpSL5vpLSSWnMTkG1es.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/KNnTQJBWNWZOwqEloeJRzPl-Ct4.roa
Signing time: Sat 01 Jan 2022 08:53:40 +0000
ROA not before: Sat 01 Jan 2022 08:53:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208169
IP address blocks: 2001:678:e3c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69436067 (0x42382a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14a4780f5cd07e948be6fa4b4925a7313906d5eb
Validity
Not Before: Jan 1 08:53:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28d9d340905635664ec2a125a1e251ccf97e0ade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6f:b4:75:61:44:51:03:02:17:c6:c6:aa:a6:
92:d3:f3:2c:b0:c9:4c:1c:01:23:87:c3:da:87:f1:
ba:f5:1c:45:3d:b6:06:46:98:46:53:c2:b8:3e:e7:
93:42:46:c5:50:7a:1f:63:19:aa:dc:b2:94:e8:08:
95:b0:3b:19:33:92:7a:0f:c2:6e:ff:4a:62:0c:6f:
49:75:ed:07:80:f1:1a:ca:2a:18:31:72:cb:52:45:
b6:05:7a:8c:94:ff:7d:a0:59:4e:93:af:8e:25:f2:
7d:80:5f:ca:92:2c:11:60:19:92:c6:e6:2b:0e:86:
44:51:d3:50:ad:ca:4e:50:7f:66:2c:a2:56:91:e8:
31:4c:ca:ed:08:30:e3:c6:84:dc:27:75:f9:da:b9:
b5:40:10:34:0d:9f:5d:3b:97:59:17:1b:51:fc:4a:
68:d9:e8:b8:b0:dc:b9:69:2a:21:63:a7:7c:bf:52:
e1:00:08:16:95:f9:b9:b4:6d:4b:a6:66:d7:b8:6f:
33:c5:2a:96:97:5d:b2:54:64:dc:9e:9c:6a:b9:c6:
02:91:94:65:a9:69:28:ae:10:59:4b:b9:71:19:f7:
5d:0b:c9:4b:06:76:55:e8:83:c3:7e:63:65:4e:54:
4e:e5:1e:39:62:26:b8:1c:d2:be:55:a6:63:95:a6:
7d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D9:D3:40:90:56:35:66:4E:C2:A1:25:A1:E2:51:CC:F9:7E:0A:DE
X509v3 Authority Key Identifier:
keyid:14:A4:78:0F:5C:D0:7E:94:8B:E6:FA:4B:49:25:A7:31:39:06:D5:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FKR4D1zQfpSL5vpLSSWnMTkG1es.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/KNnTQJBWNWZOwqEloeJRzPl-Ct4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/FKR4D1zQfpSL5vpLSSWnMTkG1es.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:e3c::/48
Signature Algorithm: sha256WithRSAEncryption
ad:09:bc:b9:8b:64:55:4c:11:df:48:18:89:6b:ae:c8:c3:3a:
d4:86:34:4e:c5:04:9a:08:25:39:50:01:9a:0c:f5:ad:64:24:
59:ba:33:2b:e8:27:93:70:00:61:3b:50:8c:72:3e:13:24:85:
c5:c0:cb:58:5d:7e:56:64:0a:4b:46:23:ab:66:56:7d:c9:04:
70:ce:f4:6d:be:15:50:14:1e:ac:44:e2:e9:c7:31:84:ca:ef:
c0:e4:c6:c2:f6:e3:61:9b:76:c6:a8:2e:55:b2:2b:21:fa:d9:
c3:3f:dc:c6:1f:d8:18:e5:a7:dd:15:72:c4:99:20:96:02:d2:
a4:6b:fb:4f:c4:bf:70:81:d1:3e:45:de:02:c8:7e:31:37:45:
cd:dc:c8:8e:15:41:57:96:76:5c:3c:5a:7a:62:0d:b0:03:e9:
bf:5a:68:1e:df:05:b1:e0:6f:fa:45:9c:db:42:b7:3d:69:e2:
66:7d:fc:b1:45:d4:4b:32:1f:b7:02:22:2d:5b:ce:11:aa:80:
b0:19:8a:9d:16:99:69:18:87:26:07:5d:31:e5:71:a6:fe:99:
d7:a0:57:f4:af:e7:ff:97:d3:db:3a:91:48:fa:41:f0:f8:9c:
04:bf:a4:74:02:d0:2d:c4:cc:98:1f:3b:90:df:c3:19:38:38:
10:83:58:b6
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEBCOCozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NGE0NzgwZjVjZDA3ZTk0OGJlNmZhNGI0OTI1YTczMTM5MDZkNWViMB4XDTIyMDEw
MTA4NTM0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjhkOWQzNDA5MDU2
MzU2NjRlYzJhMTI1YTFlMjUxY2NmOTdlMGFkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJvtHVhRFEDAhfGxqqmktPzLLDJTBwBI4fD2ofxuvUcRT22
BkaYRlPCuD7nk0JGxVB6H2MZqtyylOgIlbA7GTOSeg/Cbv9KYgxvSXXtB4DxGsoq
GDFyy1JFtgV6jJT/faBZTpOvjiXyfYBfypIsEWAZksbmKw6GRFHTUK3KTlB/Ziyi
VpHoMUzK7Qgw48aE3Cd1+dq5tUAQNA2fXTuXWRcbUfxKaNnouLDcuWkqIWOnfL9S
4QAIFpX5ubRtS6Zm17hvM8UqlpddslRk3J6carnGApGUZalpKK4QWUu5cRn3XQvJ
SwZ2VeiDw35jZU5UTuUeOWImuBzSvlWmY5WmfdsCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQo2dNAkFY1Zk7CoSWh4lHM+X4K3jAfBgNVHSMEGDAWgBQUpHgPXNB+lIvm
+ktJJacxOQbV6zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZLUjREMXpRZnBTTDV2cExTU1duTVRrRzFlcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvNDJjZGFiLTIwMjktNDYyNC05ZjRiLTk5MzIzNjg2MjE2ZC8x
L0tOblRRSkJXTldaT3dxRWxvZUpSelBsLUN0NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
NDJjZGFiLTIwMjktNDYyNC05ZjRiLTk5MzIzNjg2MjE2ZC8xL0ZLUjREMXpRZnBT
TDV2cExTU1duTVRrRzFlcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngOPDANBgkqhkiG9w0BAQsF
AAOCAQEArQm8uYtkVUwR30gYiWuuyMM61IY0TsUEmgglOVABmgz1rWQkWbozK+gn
k3AAYTtQjHI+EySFxcDLWF1+VmQKS0Yjq2ZWfckEcM70bb4VUBQerETi6ccxhMrv
wOTGwvbjYZt2xqguVbIrIfrZwz/cxh/YGOWn3RVyxJkglgLSpGv7T8S/cIHRPkXe
Ash+MTdFzdzIjhVBV5Z2XDxaemINsAPpv1poHt8FseBv+kWc20K3PWniZn38sUXU
SzIftwIiLVvOEaqAsBmKnRaZaRiHJgddMeVxpv6Z16BX9K/n/5fT2zqRSPpB8Pic
BL+kdALQLcTMmB87kN/DGTg4EINYtg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:39:10 2025 by rpki-client