Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/_QeGovQnpd8Yeg12ZNsXshdN_H4.roa
File: _QeGovQnpd8Yeg12ZNsXshdN_H4.roa (raw, json)
Hash identifier: B+ZtSLtIzfdeVixBB/sVfIIKlw3Ith4XajvaCJ9ZbIM=
Subject key identifier: FD:07:86:A2:F4:27:A5:DF:18:7A:0D:76:64:DB:17:B2:17:4D:FC:7E
Certificate issuer: /CN=d9d0318f2685e32d2dba923f6662771427359738
Certificate serial: 36EBEEE1
Authority key identifier: D9:D0:31:8F:26:85:E3:2D:2D:BA:92:3F:66:62:77:14:27:35:97:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/_QeGovQnpd8Yeg12ZNsXshdN_H4.roa
Signing time: Wed 05 Jan 2022 21:03:44 +0000
ROA not before: Wed 05 Jan 2022 21:03:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205950
IP address blocks: 109.235.245.0/24 maxlen: 32
109.235.244.0/24 maxlen: 32
109.235.246.0/24 maxlen: 32
109.235.247.0/24 maxlen: 32
2001:1b28:800::/37 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 921431777 (0x36ebeee1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d0318f2685e32d2dba923f6662771427359738
Validity
Not Before: Jan 5 21:03:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd0786a2f427a5df187a0d7664db17b2174dfc7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:7e:3b:d3:ba:bc:9f:3a:b5:9b:03:48:76:e1:
c5:f1:d1:7a:9e:51:de:94:0d:42:c4:9a:61:9e:fd:
af:ea:f3:30:75:1b:02:fe:b8:49:d0:43:4e:5d:21:
06:c5:a5:d6:a7:ef:98:f3:6e:48:5e:ab:3d:a0:88:
5b:e0:97:2d:3e:12:61:db:34:e3:ed:45:4b:7b:a6:
65:de:af:3a:8b:cd:eb:e6:e9:4d:31:e1:1b:ed:f5:
c3:53:e8:7e:39:a8:37:f3:9b:af:01:2b:5f:dc:a4:
23:44:29:8c:33:0e:34:99:4a:32:d8:6a:a4:3d:57:
bc:e8:5e:71:3e:e5:16:0c:89:20:48:f2:fc:6a:c4:
56:a1:d4:e5:00:5c:de:c2:bc:29:b8:58:5f:1e:2b:
a7:55:fb:38:fa:9c:9b:9b:3d:f6:a3:bf:8d:a6:1b:
d4:52:ef:72:e9:db:cd:22:89:0c:42:31:20:ba:0d:
6a:b0:78:f9:d2:b7:e5:ac:9a:4f:a1:8e:fe:17:19:
67:39:75:d7:2b:89:7f:24:a7:e3:b8:2c:7d:4a:79:
f3:ab:dd:25:b9:17:41:54:34:04:15:6c:19:54:a9:
df:78:6b:9c:78:cc:dc:ee:61:1a:1b:d0:fa:a1:a6:
ba:fa:36:ea:bf:43:3f:6a:15:a7:f5:dc:6e:fa:d8:
58:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:07:86:A2:F4:27:A5:DF:18:7A:0D:76:64:DB:17:B2:17:4D:FC:7E
X509v3 Authority Key Identifier:
keyid:D9:D0:31:8F:26:85:E3:2D:2D:BA:92:3F:66:62:77:14:27:35:97:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/_QeGovQnpd8Yeg12ZNsXshdN_H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.244.0/22
IPv6:
2001:1b28:800::/37
Signature Algorithm: sha256WithRSAEncryption
bf:d9:07:10:e7:21:7f:c2:63:9a:02:68:87:b8:c0:31:46:f5:
61:6f:e2:6c:67:4b:72:c8:5c:df:09:22:82:08:5d:ee:a2:df:
3c:83:8a:2f:c2:bd:30:7d:8f:88:18:88:d8:49:e8:f9:d2:95:
ba:b3:2d:de:e0:66:ac:2b:cf:3f:89:b1:e6:39:c8:d4:91:db:
8f:d8:ab:e6:62:12:f7:11:05:a5:3d:1b:c7:4e:59:05:17:cd:
f9:4d:2a:8a:1e:6a:9f:c9:f9:4d:25:63:51:09:bb:94:69:e5:
7f:e4:88:6c:80:ee:40:a8:bc:6d:22:1a:05:b9:02:e8:8f:79:
56:ed:38:d7:d4:f3:1e:6d:e3:1a:ab:a8:63:a9:1c:f0:45:7c:
99:04:e5:4a:59:5c:cc:f0:75:f6:c2:72:bb:41:af:1f:5b:13:
b7:e2:17:77:ee:c8:4b:ae:74:1e:c6:d2:7f:1e:64:85:76:80:
ce:dd:a1:10:14:91:c1:85:c0:c6:ee:8c:2c:dd:e8:6d:79:26:
2e:44:6a:f4:3b:24:db:7c:8b:6e:cc:91:af:58:bd:3b:49:a6:
a1:c8:6f:31:a3:3d:86:6c:8f:18:42:d3:d1:57:e3:87:c6:6d:
99:f9:6f:52:e7:fb:4f:1f:da:c2:83:d6:0c:ce:8f:cd:bf:ba:
97:2e:c3:94
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIENuvu4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OWQwMzE4ZjI2ODVlMzJkMmRiYTkyM2Y2NjYyNzcxNDI3MzU5NzM4MB4XDTIyMDEw
NTIxMDM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQwNzg2YTJmNDI3
YTVkZjE4N2EwZDc2NjRkYjE3YjIxNzRkZmM3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANV+O9O6vJ86tZsDSHbhxfHRep5R3pQNQsSaYZ79r+rzMHUb
Av64SdBDTl0hBsWl1qfvmPNuSF6rPaCIW+CXLT4SYds04+1FS3umZd6vOovN6+bp
TTHhG+31w1PofjmoN/ObrwErX9ykI0QpjDMONJlKMthqpD1XvOhecT7lFgyJIEjy
/GrEVqHU5QBc3sK8KbhYXx4rp1X7OPqcm5s99qO/jaYb1FLvcunbzSKJDEIxILoN
arB4+dK35ayaT6GO/hcZZzl11yuJfySn47gsfUp586vdJbkXQVQ0BBVsGVSp33hr
nHjM3O5hGhvQ+qGmuvo26r9DP2oVp/XcbvrYWHECAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBT9B4ai9Cel3xh6DXZk2xeyF038fjAfBgNVHSMEGDAWgBTZ0DGPJoXjLS26
kj9mYncUJzWXODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJkQXhqeWFGNHkwdHVwSV9abUozRkNjMWx6Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvOGNlNjA5LWRiMWQtNDk5Ny05ZDhhLTk2ZGRkNWEwMjM5ZC8x
L19RZUdvdlFucGQ4WWVnMTJaTnNYc2hkTl9INC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
OGNlNjA5LWRiMWQtNDk5Ny05ZDhhLTk2ZGRkNWEwMjM5ZC8xLzJkQXhqeWFGNHkw
dHVwSV9abUozRkNjMWx6Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEAm3r9DAOBAIAAjAIAwYDIAEbKAgw
DQYJKoZIhvcNAQELBQADggEBAL/ZBxDnIX/CY5oCaIe4wDFG9WFv4mxnS3LIXN8J
IoIIXe6i3zyDii/CvTB9j4gYiNhJ6PnSlbqzLd7gZqwrzz+JseY5yNSR24/Yq+Zi
EvcRBaU9G8dOWQUXzflNKooeap/J+U0lY1EJu5Rp5X/kiGyA7kCovG0iGgW5AuiP
eVbtONfU8x5t4xqrqGOpHPBFfJkE5UpZXMzwdfbCcrtBrx9bE7fiF3fuyEuudB7G
0n8eZIV2gM7doRAUkcGFwMbujCzd6G15Ji5EavQ7JNt8i27Mka9YvTtJpqHIbzGj
PYZsjxhC09FX44fGbZn5b1Ln+08f2sKD1gzOj82/upcuw5Q=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:10 2025 by rpki-client