Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/4k-uDchKDJDrphrTTY7iOo5OQX8.roa
File: 4k-uDchKDJDrphrTTY7iOo5OQX8.roa (raw, json)
Hash identifier: H/gxUEjoJIbXPOaSxgwbwtIIvMof8Q8WFbFGccxyXBc=
Subject key identifier: E2:4F:AE:0D:C8:4A:0C:90:EB:A6:1A:D3:4D:8E:E2:3A:8E:4E:41:7F
Certificate issuer: /CN=686f0a4da2373205ef3445d28e260c284684b74b
Certificate serial: A55277
Authority key identifier: 68:6F:0A:4D:A2:37:32:05:EF:34:45:D2:8E:26:0C:28:46:84:B7:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG8KTaI3MgXvNEXSjiYMKEaEt0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/4k-uDchKDJDrphrTTY7iOo5OQX8.roa
Signing time: Sat 01 Jan 2022 02:56:08 +0000
ROA not before: Sat 01 Jan 2022 02:56:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 109.107.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10834551 (0xa55277)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=686f0a4da2373205ef3445d28e260c284684b74b
Validity
Not Before: Jan 1 02:56:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e24fae0dc84a0c90eba61ad34d8ee23a8e4e417f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:02:bf:82:46:3a:e3:ad:c7:38:a8:67:ea:b5:
85:18:61:4f:70:b0:86:16:7b:d9:91:6d:f6:1a:2b:
e9:59:82:c7:90:21:97:c7:c3:f5:68:f9:cd:de:ca:
63:5a:52:4d:7b:f0:68:6d:7e:cc:77:46:b9:9a:ef:
ee:ac:c5:9b:dd:5d:53:69:00:96:91:6c:4b:73:b0:
7f:fa:33:ee:ef:7c:7d:f1:4b:78:55:fc:74:95:bb:
11:88:69:1c:99:ec:0d:cf:7d:7f:8a:ba:50:23:9f:
20:0e:1e:c0:36:db:0b:73:4c:03:c5:24:4e:21:c3:
f5:48:6e:ec:6a:2c:36:f1:41:bc:42:13:a9:78:ef:
b8:97:b0:0b:95:14:36:09:b6:6a:4f:41:cb:0c:af:
6c:33:85:26:b7:ac:7b:6e:d4:9f:29:62:53:d9:34:
a9:f5:99:c6:16:85:e2:3d:69:f0:35:bb:1e:12:2c:
83:3c:a7:ca:e2:c2:0d:1a:31:e6:e1:b4:a8:04:a6:
0a:97:c0:4b:52:0c:f8:91:e3:21:db:c9:d2:d2:b6:
c1:ee:af:99:29:fe:cc:f1:75:a1:7d:58:47:37:09:
41:73:7e:c9:ae:a1:c8:07:06:7a:a1:85:3c:38:5f:
0a:14:8a:06:80:bf:09:c3:27:11:1b:77:e2:cb:f9:
6d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:4F:AE:0D:C8:4A:0C:90:EB:A6:1A:D3:4D:8E:E2:3A:8E:4E:41:7F
X509v3 Authority Key Identifier:
keyid:68:6F:0A:4D:A2:37:32:05:EF:34:45:D2:8E:26:0C:28:46:84:B7:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG8KTaI3MgXvNEXSjiYMKEaEt0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/4k-uDchKDJDrphrTTY7iOo5OQX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/a2396c-2dfd-45f6-aa34-54c1dc574145/1/aG8KTaI3MgXvNEXSjiYMKEaEt0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.143.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:bb:88:44:7a:d6:9c:5d:35:f1:33:6b:0a:a8:ea:cf:b4:c5:
dd:f6:80:f4:34:8c:45:a6:24:00:a4:73:a1:12:c1:96:9c:9f:
7c:48:b7:11:6a:cf:0e:64:07:c8:54:68:29:13:fa:c5:dd:78:
0f:93:5a:35:36:ba:20:c0:61:45:c1:9a:0c:26:a9:e3:b3:90:
d5:0d:6d:0c:94:20:82:ae:d8:cd:a8:85:d4:c3:95:4f:69:2b:
e0:f4:ba:5d:28:be:2c:cc:4a:e1:e1:2d:29:17:2b:c8:0a:34:
d7:8f:5d:26:bc:a0:9a:b2:e4:07:80:84:62:b2:9f:71:6d:d6:
12:b5:d8:40:b7:3b:1b:24:f6:b3:a4:60:6b:97:e9:af:9e:9d:
c9:fd:93:7d:cd:31:06:28:e1:6d:ce:43:22:0a:a1:eb:3c:43:
3c:de:98:f0:af:d0:0f:6f:88:b3:35:7c:0c:39:3f:c3:43:b7:
7d:2a:e3:26:9c:ff:82:d4:45:7f:ba:5a:4a:b9:6a:84:b2:57:
df:14:84:37:bb:8b:e2:d2:9c:f7:52:28:02:ee:8f:3c:ec:f9:
07:5d:1e:8b:18:88:e1:2c:ad:a6:8f:84:47:8f:8e:70:fb:1e:
cc:d8:b6:05:89:b5:33:31:0a:d5:bf:2d:b2:3d:75:db:17:1e:
8e:55:23:ac
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAKVSdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ODZmMGE0ZGEyMzczMjA1ZWYzNDQ1ZDI4ZTI2MGMyODQ2ODRiNzRiMB4XDTIyMDEw
MTAyNTYwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTI0ZmFlMGRjODRh
MGM5MGViYTYxYWQzNGQ4ZWUyM2E4ZTRlNDE3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUCv4JGOuOtxzioZ+q1hRhhT3CwhhZ72ZFt9hor6VmCx5Ah
l8fD9Wj5zd7KY1pSTXvwaG1+zHdGuZrv7qzFm91dU2kAlpFsS3Owf/oz7u98ffFL
eFX8dJW7EYhpHJnsDc99f4q6UCOfIA4ewDbbC3NMA8UkTiHD9Uhu7GosNvFBvEIT
qXjvuJewC5UUNgm2ak9BywyvbDOFJrese27UnyliU9k0qfWZxhaF4j1p8DW7HhIs
gzynyuLCDRox5uG0qASmCpfAS1IM+JHjIdvJ0tK2we6vmSn+zPF1oX1YRzcJQXN+
ya6hyAcGeqGFPDhfChSKBoC/CcMnERt34sv5bWsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTiT64NyEoMkOumGtNNjuI6jk5BfzAfBgNVHSMEGDAWgBRobwpNojcyBe80
RdKOJgwoRoS3SzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FHOEtUYUkzTWdYdk5FWFNqaVlNS0VhRXQwcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWQvYTIzOTZjLTJkZmQtNDVmNi1hYTM0LTU0YzFkYzU3NDE0NS8x
LzRrLXVEY2hLREpEcnBoclRUWTdpT281T1FYOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWQv
YTIzOTZjLTJkZmQtNDVmNi1hYTM0LTU0YzFkYzU3NDE0NS8xL2FHOEtUYUkzTWdY
dk5FWFNqaVlNS0VhRXQwcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG1rjzANBgkqhkiG9w0BAQsFAAOC
AQEAXruIRHrWnF018TNrCqjqz7TF3faA9DSMRaYkAKRzoRLBlpyffEi3EWrPDmQH
yFRoKRP6xd14D5NaNTa6IMBhRcGaDCap47OQ1Q1tDJQggq7YzaiF1MOVT2kr4PS6
XSi+LMxK4eEtKRcryAo0149dJrygmrLkB4CEYrKfcW3WErXYQLc7GyT2s6Rga5fp
r56dyf2Tfc0xBijhbc5DIgqh6zxDPN6Y8K/QD2+IszV8DDk/w0O3fSrjJpz/gtRF
f7paSrlqhLJX3xSEN7uL4tKc91IoAu6PPOz5B10eixiI4Sytpo+ER4+OcPsezNi2
BYm1MzEK1b8tsj112xcejlUjrA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:01 2023 by rpki-client on console-fra.rpki-client.org