Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/fa5782-801c-4893-9328-3e0b84478b9d/1/yn4IPv1Le2cu26pE2i5m9aYN9qU.roa
File: yn4IPv1Le2cu26pE2i5m9aYN9qU.roa (raw, json)
Hash identifier: DCPqxzdl0RYhBioDioJde2hgd9egSmA1dLr6GCF4xyM=
Subject key identifier: CA:7E:08:3E:FD:4B:7B:67:2E:DB:AA:44:DA:2E:66:F5:A6:0D:F6:A5
Certificate issuer: /CN=400fe172a0c7e33c43ccaaee3a1ef42cd009e91e
Certificate serial: 89782F
Authority key identifier: 40:0F:E1:72:A0:C7:E3:3C:43:CC:AA:EE:3A:1E:F4:2C:D0:09:E9:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QA_hcqDH4zxDzKruOh70LNAJ6R4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/fa5782-801c-4893-9328-3e0b84478b9d/1/yn4IPv1Le2cu26pE2i5m9aYN9qU.roa
Signing time: Sat 01 Jan 2022 01:01:16 +0000
ROA not before: Sat 01 Jan 2022 01:01:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8220
IP address blocks: 109.107.145.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9009199 (0x89782f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=400fe172a0c7e33c43ccaaee3a1ef42cd009e91e
Validity
Not Before: Jan 1 01:01:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca7e083efd4b7b672edbaa44da2e66f5a60df6a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:6b:25:12:29:3e:6c:49:c8:24:55:97:4e:0d:
ae:d1:d3:c6:d4:20:a2:fb:04:f5:93:29:03:22:e8:
d7:25:78:95:e8:e0:cd:3e:0e:1b:fe:fd:b9:11:fb:
8c:e1:28:1a:01:a7:6e:66:c0:7b:50:4d:a2:df:87:
a1:9f:5a:30:e1:93:aa:43:93:5d:50:de:45:11:ba:
75:3e:63:a6:80:1c:af:00:e9:87:f6:dc:0a:77:cd:
49:e3:6c:d6:9e:ff:52:2e:d5:7d:9e:03:39:43:b6:
21:fa:b3:8b:4a:7c:de:cb:20:46:ca:81:d2:81:0d:
c8:73:06:63:ea:28:e0:72:58:d2:eb:4e:e6:b6:41:
d5:07:f9:03:b5:5c:23:6f:8d:db:72:c1:63:d9:10:
0e:d1:80:29:4e:14:71:ef:ce:1e:24:44:e2:35:21:
c1:49:3f:dd:af:10:30:36:49:b0:a3:0a:73:6d:75:
3c:d7:c1:b1:02:5b:de:c5:b5:13:39:f3:e8:7f:07:
07:e7:a5:e2:e5:ed:00:40:53:03:88:29:e0:d3:75:
46:03:30:37:f6:b4:43:4c:b6:79:25:83:6f:4a:ca:
e5:a2:cf:14:47:91:e6:ba:72:4f:1a:57:ee:9c:84:
15:23:13:75:0e:55:77:43:1e:38:bc:b9:22:83:91:
b5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:7E:08:3E:FD:4B:7B:67:2E:DB:AA:44:DA:2E:66:F5:A6:0D:F6:A5
X509v3 Authority Key Identifier:
keyid:40:0F:E1:72:A0:C7:E3:3C:43:CC:AA:EE:3A:1E:F4:2C:D0:09:E9:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QA_hcqDH4zxDzKruOh70LNAJ6R4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/fa5782-801c-4893-9328-3e0b84478b9d/1/yn4IPv1Le2cu26pE2i5m9aYN9qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/fa5782-801c-4893-9328-3e0b84478b9d/1/QA_hcqDH4zxDzKruOh70LNAJ6R4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.145.0/24
Signature Algorithm: sha256WithRSAEncryption
59:3b:bf:72:93:c9:a1:7b:86:39:c4:dd:c6:c1:bb:76:d7:4a:
ed:8f:3e:e1:9e:65:c4:8e:6b:9d:dd:db:4c:d4:e2:5b:a4:1d:
93:e2:57:f9:11:33:85:a6:fe:e7:93:5b:f0:95:d9:37:8f:41:
4b:ce:cd:d2:b0:4a:60:9a:43:73:c8:07:53:27:13:0e:32:62:
0f:f8:71:05:08:df:90:02:98:8e:e6:ec:91:a9:2c:48:3e:6b:
c9:34:40:fd:65:3a:db:31:c5:c6:18:ec:ed:87:00:78:a7:43:
49:fc:e3:27:6f:b7:38:da:5f:98:1d:ca:be:a2:d6:e0:d6:f3:
02:94:36:39:c3:58:d5:89:d7:a4:ff:2d:f1:5b:66:0e:b7:5e:
53:01:69:fb:be:21:c9:e8:0e:62:cb:22:6f:37:85:24:19:ec:
96:aa:ca:ca:6b:97:5a:81:96:f7:00:1d:5d:e6:09:87:a7:e3:
16:d3:4e:15:6d:19:72:3e:bb:12:ac:65:a1:b1:25:1c:04:da:
dd:10:e0:3d:78:b9:94:5c:22:b4:16:56:22:a1:52:c0:fd:8d:
64:67:6a:76:79:ea:e7:dc:c1:6a:eb:af:34:53:c9:69:3a:ab:
0e:7a:21:04:04:9c:be:cc:d3:a3:a5:c9:5b:46:d6:b7:cf:d9:
9c:d1:30:56
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAIl4LzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDBmZTE3MmEwYzdlMzNjNDNjY2FhZWUzYTFlZjQyY2QwMDllOTFlMB4XDTIyMDEw
MTAxMDExNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E3ZTA4M2VmZDRi
N2I2NzJlZGJhYTQ0ZGEyZTY2ZjVhNjBkZjZhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN9rJRIpPmxJyCRVl04NrtHTxtQgovsE9ZMpAyLo1yV4lejg
zT4OG/79uRH7jOEoGgGnbmbAe1BNot+HoZ9aMOGTqkOTXVDeRRG6dT5jpoAcrwDp
h/bcCnfNSeNs1p7/Ui7VfZ4DOUO2Ifqzi0p83ssgRsqB0oENyHMGY+oo4HJY0utO
5rZB1Qf5A7VcI2+N23LBY9kQDtGAKU4Uce/OHiRE4jUhwUk/3a8QMDZJsKMKc211
PNfBsQJb3sW1Eznz6H8HB+el4uXtAEBTA4gp4NN1RgMwN/a0Q0y2eSWDb0rK5aLP
FEeR5rpyTxpX7pyEFSMTdQ5Vd0MeOLy5IoORtUcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTKfgg+/Ut7Zy7bqkTaLmb1pg32pTAfBgNVHSMEGDAWgBRAD+FyoMfjPEPM
qu46HvQs0AnpHjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FBX2hjcURINHp4RHpLcnVPaDcwTE5BSjZSNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvZmE1NzgyLTgwMWMtNDg5My05MzI4LTNlMGI4NDQ3OGI5ZC8x
L3luNElQdjFMZTJjdTI2cEUyaTVtOWFZTjlxVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
ZmE1NzgyLTgwMWMtNDg5My05MzI4LTNlMGI4NDQ3OGI5ZC8xL1FBX2hjcURINHp4
RHpLcnVPaDcwTE5BSjZSNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG1rkTANBgkqhkiG9w0BAQsFAAOC
AQEAWTu/cpPJoXuGOcTdxsG7dtdK7Y8+4Z5lxI5rnd3bTNTiW6Qdk+JX+REzhab+
55Nb8JXZN49BS87N0rBKYJpDc8gHUycTDjJiD/hxBQjfkAKYjubskaksSD5ryTRA
/WU62zHFxhjs7YcAeKdDSfzjJ2+3ONpfmB3KvqLW4NbzApQ2OcNY1YnXpP8t8Vtm
DrdeUwFp+74hyegOYssibzeFJBnslqrKymuXWoGW9wAdXeYJh6fjFtNOFW0Zcj67
EqxlobElHATa3RDgPXi5lFwitBZWIqFSwP2NZGdqdnnq59zBauuvNFPJaTqrDnoh
BAScvszTo6XJW0bWt8/ZnNEwVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:23 2024 by rpki-client on console-ams.rpki-client.org