Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/ff3422-0ecd-4bb5-8b27-5d9603638322/1/4tOQ_g5yB6s56my3vogGVHxO7fU.roa
File: 4tOQ_g5yB6s56my3vogGVHxO7fU.roa (raw, json)
Hash identifier: eYatk88IcMG99XADeRb1hgqeZINOYo+AmxmLer4ZN6I=
Subject key identifier: E2:D3:90:FE:0E:72:07:AB:39:EA:6C:B7:BE:88:06:54:7C:4E:ED:F5
Certificate issuer: /CN=ba9c1933f1efd78700efdd5fdb0dc89cc8b6734a
Certificate serial: 01C42FA9
Authority key identifier: BA:9C:19:33:F1:EF:D7:87:00:EF:DD:5F:DB:0D:C8:9C:C8:B6:73:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upwZM_Hv14cA791f2w3InMi2c0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/ff3422-0ecd-4bb5-8b27-5d9603638322/1/4tOQ_g5yB6s56my3vogGVHxO7fU.roa
Signing time: Sat 01 Jan 2022 15:58:39 +0000
ROA not before: Sat 01 Jan 2022 15:58:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 185.103.202.0/24 maxlen: 24
185.103.203.0/24 maxlen: 24
185.103.200.0/24 maxlen: 24
2a06:2d40::/48 maxlen: 48
2a06:2d40:3::/48 maxlen: 48
2a06:2d40:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29634473 (0x1c42fa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9c1933f1efd78700efdd5fdb0dc89cc8b6734a
Validity
Not Before: Jan 1 15:58:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2d390fe0e7207ab39ea6cb7be8806547c4eedf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ca:e0:a7:08:3d:26:99:84:99:aa:fc:bf:0d:
ab:b9:9f:f9:20:54:3d:83:41:5a:7d:99:5c:60:a2:
fb:56:1f:13:cd:d1:69:11:24:5b:2d:d3:2d:50:f8:
91:18:7e:3d:6d:4e:ea:7d:7a:54:0a:5e:e3:81:2e:
01:6d:11:d8:f2:e6:72:58:11:dc:23:d6:09:03:67:
19:f5:3f:3a:5c:3d:01:7b:97:73:90:13:ef:e6:6f:
95:7b:9e:75:70:88:c3:3a:1c:11:eb:a8:65:17:3e:
19:c4:95:10:8e:3a:1c:7f:f4:29:b9:10:97:bc:b6:
50:53:17:0b:cc:47:e6:90:fe:7d:d3:2a:db:48:19:
d2:dc:35:d0:ce:be:8b:7a:04:05:bc:f7:3b:63:3b:
15:a9:cb:dd:0e:26:1b:5f:ae:08:e4:80:71:e9:9a:
e8:94:6d:18:e6:8b:95:0a:35:a6:83:20:03:4a:41:
2e:01:0a:00:57:22:60:be:88:f0:cd:10:9d:43:e1:
36:b7:4a:61:d9:a1:d4:84:3d:1c:54:cb:65:14:8c:
50:53:f4:ac:27:70:83:e1:fa:cb:bb:91:fc:a8:47:
83:00:5f:c6:98:f9:80:b7:3f:0a:58:18:df:43:a6:
01:a3:9c:7a:99:c6:bc:1b:6f:6e:0c:f6:20:40:25:
c3:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D3:90:FE:0E:72:07:AB:39:EA:6C:B7:BE:88:06:54:7C:4E:ED:F5
X509v3 Authority Key Identifier:
keyid:BA:9C:19:33:F1:EF:D7:87:00:EF:DD:5F:DB:0D:C8:9C:C8:B6:73:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upwZM_Hv14cA791f2w3InMi2c0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ff3422-0ecd-4bb5-8b27-5d9603638322/1/4tOQ_g5yB6s56my3vogGVHxO7fU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/ff3422-0ecd-4bb5-8b27-5d9603638322/1/upwZM_Hv14cA791f2w3InMi2c0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.200.0/24
185.103.202.0/23
IPv6:
2a06:2d40::/47
2a06:2d40:3::/48
Signature Algorithm: sha256WithRSAEncryption
43:aa:af:6b:79:a9:e6:94:b2:12:ba:98:10:ae:bb:71:b7:6a:
a5:59:a4:fc:e9:38:b4:4e:aa:56:1d:a1:1a:c9:bd:bb:d9:f9:
3a:66:8c:6b:57:b4:93:da:2c:57:ac:68:6e:02:b8:04:d9:b2:
bd:e6:73:6b:a9:b6:9e:f5:77:ea:26:9b:16:bf:ae:cd:a6:36:
4a:3d:4c:d5:8d:5c:62:95:9c:d5:4d:d7:1f:a7:e5:20:58:c0:
4b:dc:28:4b:e0:1a:3d:c6:26:20:a1:92:d9:cb:a6:ab:a8:6c:
d3:23:4c:ab:d5:f2:4e:02:33:50:6c:02:ed:f3:9a:a7:4e:42:
11:67:81:24:76:e8:15:2a:32:0a:28:33:94:90:a3:68:38:de:
95:d8:bc:83:59:45:63:99:78:41:ca:f5:73:2f:bc:74:4c:3e:
ca:59:a4:ee:8e:52:bd:0d:aa:73:bf:c1:3d:a4:34:35:b7:0f:
18:1d:ce:13:9c:b3:7f:ae:0f:56:52:a7:38:db:21:17:5c:cd:
f6:d4:ff:c2:c5:7d:71:8a:53:88:58:d8:89:b4:1e:fe:93:b3:
fc:95:47:00:d8:1f:ab:c2:e1:9b:5a:f1:59:b1:1e:d2:0b:3e:
8e:ba:a9:ab:c1:a2:ae:d7:03:f7:0d:1e:61:5c:72:6c:b2:3e:
f2:9c:ae:f3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEAcQvqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTljMTkzM2YxZWZkNzg3MDBlZmRkNWZkYjBkYzg5Y2M4YjY3MzRhMB4XDTIyMDEw
MTE1NTgzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJkMzkwZmUwZTcy
MDdhYjM5ZWE2Y2I3YmU4ODA2NTQ3YzRlZWRmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJPK4KcIPSaZhJmq/L8Nq7mf+SBUPYNBWn2ZXGCi+1YfE83R
aREkWy3TLVD4kRh+PW1O6n16VApe44EuAW0R2PLmclgR3CPWCQNnGfU/Olw9AXuX
c5AT7+ZvlXuedXCIwzocEeuoZRc+GcSVEI46HH/0KbkQl7y2UFMXC8xH5pD+fdMq
20gZ0tw10M6+i3oEBbz3O2M7FanL3Q4mG1+uCOSAcema6JRtGOaLlQo1poMgA0pB
LgEKAFciYL6I8M0QnUPhNrdKYdmh1IQ9HFTLZRSMUFP0rCdwg+H6y7uR/KhHgwBf
xpj5gLc/ClgY30OmAaOcepnGvBtvbgz2IEAlw2sCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBTi05D+DnIHqznqbLe+iAZUfE7t9TAfBgNVHSMEGDAWgBS6nBkz8e/XhwDv
3V/bDcicyLZzSjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Vwd1pNX0h2MTRjQTc5MWYydzNJbk1pMmMwby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvZmYzNDIyLTBlY2QtNGJiNS04YjI3LTVkOTYwMzYzODMyMi8x
LzR0T1FfZzV5QjZzNTZteTN2b2dHVkh4TzdmVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
ZmYzNDIyLTBlY2QtNGJiNS04YjI3LTVkOTYwMzYzODMyMi8xL3Vwd1pNX0h2MTRj
QTc5MWYydzNJbk1pMmMwby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wEgQCAAEwDAMEALlnyAMEAblnyjAYBAIAAjASAwcB
KgYtQAAAAwcAKgYtQAADMA0GCSqGSIb3DQEBCwUAA4IBAQBDqq9reanmlLISupgQ
rrtxt2qlWaT86Ti0TqpWHaEayb272fk6ZoxrV7ST2ixXrGhuArgE2bK95nNrqbae
9XfqJpsWv67NpjZKPUzVjVxilZzVTdcfp+UgWMBL3ChL4Bo9xiYgoZLZy6arqGzT
I0yr1fJOAjNQbALt85qnTkIRZ4EkdugVKjIKKDOUkKNoON6V2LyDWUVjmXhByvVz
L7x0TD7KWaTujlK9Dapzv8E9pDQ1tw8YHc4TnLN/rg9WUqc42yEXXM321P/CxX1x
ilOIWNiJtB7+k7P8lUcA2B+rwuGbWvFZsR7SCz6OuqmrwaKu1wP3DR5hXHJssj7y
nK7z
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:16 2024 by rpki-client on console-ams.rpki-client.org