Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/Ku6_47SZRY2ewN6-JX4BlP1Bkls.roa
File: Ku6_47SZRY2ewN6-JX4BlP1Bkls.roa (raw, json)
Hash identifier: 5wqnNyiy3kvXvwgWxnDggXAuu3ElYN9Fx1kSIMZetMw=
Subject key identifier: 2A:EE:BF:E3:B4:99:45:8D:9E:C0:DE:BE:25:7E:01:94:FD:41:92:5B
Certificate issuer: /CN=a6e8a25a93792a58b3a2d80fb1aad959e65aeddf
Certificate serial: 01856CAF106DBB40ECF0ECD77F136117A95A
Authority key identifier: A6:E8:A2:5A:93:79:2A:58:B3:A2:D8:0F:B1:AA:D9:59:E6:5A:ED:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/puiiWpN5KlizotgPsarZWeZa7d8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/Ku6_47SZRY2ewN6-JX4BlP1Bkls.roa
Signing time: Sun 01 Jan 2023 09:34:50 +0000
ROA not before: Sun 01 Jan 2023 09:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29070
IP address blocks: 185.103.21.0/24 maxlen: 24
185.103.23.0/24 maxlen: 24
185.103.20.0/24 maxlen: 24
185.103.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:10:6d:bb:40:ec:f0:ec:d7:7f:13:61:17:a9:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6e8a25a93792a58b3a2d80fb1aad959e65aeddf
Validity
Not Before: Jan 1 09:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2aeebfe3b499458d9ec0debe257e0194fd41925b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fd:88:8f:3c:00:82:c9:7a:48:33:c0:6d:43:
e9:08:6d:5f:54:29:2d:64:6a:0d:18:7e:1c:db:e2:
6c:48:b3:82:e4:2e:dd:b2:f9:0e:53:6e:bd:3d:d5:
0b:5e:a4:a1:ef:e1:cc:10:a1:e3:95:f1:2b:d8:b1:
21:b9:e4:e7:4c:83:79:9f:e1:4c:8c:c4:cf:7f:53:
0a:b9:76:53:08:18:1c:c8:44:0e:b5:f8:83:28:65:
0e:0b:51:85:39:e3:5f:d7:24:81:a1:c7:44:d4:ce:
9b:1d:81:2b:23:06:d1:4c:23:c0:77:85:b2:1d:01:
eb:bb:b0:0d:e4:bf:8f:7a:79:f5:13:59:9e:ac:dd:
2a:79:49:83:a2:51:62:d0:6f:c0:98:c2:0a:03:04:
ee:ff:bb:49:ed:d1:a1:b2:dc:1f:65:02:e2:6b:3b:
e4:88:c7:e0:a5:35:9c:84:0b:97:0b:79:ce:2b:27:
70:3d:9a:1c:4f:70:b0:96:74:b5:b6:52:a4:a5:3d:
29:6c:95:3b:61:0b:0a:fb:87:99:32:df:60:b6:6b:
65:e7:fb:43:eb:e7:14:c3:34:b9:51:1f:96:ab:8e:
06:02:da:07:4d:af:e4:15:40:b7:08:07:d5:3b:fb:
ab:e9:41:e0:ad:2a:e4:64:da:33:34:ee:31:be:7a:
1c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:EE:BF:E3:B4:99:45:8D:9E:C0:DE:BE:25:7E:01:94:FD:41:92:5B
X509v3 Authority Key Identifier:
keyid:A6:E8:A2:5A:93:79:2A:58:B3:A2:D8:0F:B1:AA:D9:59:E6:5A:ED:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/puiiWpN5KlizotgPsarZWeZa7d8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/Ku6_47SZRY2ewN6-JX4BlP1Bkls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4c6e75-a800-4d4f-8ac7-4eaeb2a23b27/1/puiiWpN5KlizotgPsarZWeZa7d8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.20.0/22
Signature Algorithm: sha256WithRSAEncryption
43:35:65:79:b5:23:b5:c7:89:a2:36:1f:9a:1a:10:63:54:83:
2f:3f:91:fe:82:0a:6b:38:f1:c2:2f:df:8a:17:51:2f:e8:59:
e8:36:ba:13:71:b9:1d:74:be:4a:a4:5a:b0:55:67:ec:e7:ac:
73:a9:f0:28:3f:23:4c:45:aa:6e:da:fa:9c:25:ca:7a:4f:35:
c8:4b:88:9b:db:49:b0:08:aa:7f:66:82:31:c0:0a:82:50:d4:
17:4e:1e:f7:c2:5a:3f:96:2d:bb:65:de:5a:03:98:a4:ba:87:
e6:11:aa:c5:d2:4c:f6:c3:ce:2e:b3:3d:8a:24:25:06:4b:7b:
2b:0d:5e:68:46:f8:bd:6d:46:bd:52:0c:02:02:9a:03:f9:55:
45:54:00:61:41:f4:bb:81:e7:48:84:cc:74:9f:d0:2b:ce:32:
17:25:27:5e:d1:44:c1:b6:8c:46:04:6f:18:90:e5:9c:f5:84:
3d:10:0a:b5:6d:7e:97:94:6b:02:c3:6b:26:9c:5b:95:50:9d:
ed:20:62:21:d0:eb:41:d1:17:55:73:0b:a4:06:d3:68:53:39:
4b:b3:dd:62:9d:16:c1:79:64:eb:f0:af:45:a5:55:f2:0b:ed:
69:a8:b4:28:6a:68:65:9b:9d:17:a5:2b:b7:2a:c3:ad:f9:bd:
3c:3a:bd:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrxBtu0Ds8OzXfxNhF6laMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZThhMjVhOTM3OTJhNThiM2EyZDgwZmIxYWFkOTU5ZTY1
YWVkZGYwHhcNMjMwMTAxMDkzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWVlYmZlM2I0OTk0NThkOWVjMGRlYmUyNTdlMDE5NGZkNDE5MjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/2IjzwAgsl6SDPAbUPpCG1fVCkt
ZGoNGH4c2+JsSLOC5C7dsvkOU269PdULXqSh7+HMEKHjlfEr2LEhueTnTIN5n+FM
jMTPf1MKuXZTCBgcyEQOtfiDKGUOC1GFOeNf1ySBocdE1M6bHYErIwbRTCPAd4Wy
HQHru7AN5L+Penn1E1merN0qeUmDolFi0G/AmMIKAwTu/7tJ7dGhstwfZQLiazvk
iMfgpTWchAuXC3nOKydwPZocT3CwlnS1tlKkpT0pbJU7YQsK+4eZMt9gtmtl5/tD
6+cUwzS5UR+Wq44GAtoHTa/kFUC3CAfVO/ur6UHgrSrkZNozNO4xvnoc1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCruv+O0mUWNnsDeviV+AZT9QZJbMB8GA1UdIwQY
MBaAFKboolqTeSpYs6LYD7Gq2VnmWu3fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHVpaVdwTjVLbGl6b3RnUHNhclpXZVphN2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80YzZlNzUtYTgwMC00ZDRmLThhYzct
NGVhZWIyYTIzYjI3LzEvS3U2XzQ3U1pSWTJld042LUpYNEJsUDFCa2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80YzZlNzUtYTgwMC00ZDRmLThhYzctNGVhZWIyYTIzYjI3
LzEvcHVpaVdwTjVLbGl6b3RnUHNhclpXZVphN2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWcUMA0G
CSqGSIb3DQEBCwUAA4IBAQBDNWV5tSO1x4miNh+aGhBjVIMvP5H+ggprOPHCL9+K
F1Ev6FnoNroTcbkddL5KpFqwVWfs56xzqfAoPyNMRapu2vqcJcp6TzXIS4ib20mw
CKp/ZoIxwAqCUNQXTh73wlo/li27Zd5aA5ikuofmEarF0kz2w84usz2KJCUGS3sr
DV5oRvi9bUa9UgwCApoD+VVFVABhQfS7gedIhMx0n9ArzjIXJSde0UTBtoxGBG8Y
kOWc9YQ9EAq1bX6XlGsCw2smnFuVUJ3tIGIh0OtB0RdVcwukBtNoUzlLs91inRbB
eWTr8K9FpVXyC+1pqLQoamhlm50XpSu3KsOt+b08Or2L
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:33:26 2025 by rpki-client