
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/XabU60duhlS4xfGT2R5rptigx4A.roa
File: XabU60duhlS4xfGT2R5rptigx4A.roa (raw, json)
Hash identifier: xMX2+QBHHDysGP84OBRJCV5WuAa2gM29fcLQ2o94MZ8=
Subject key identifier: 5D:A6:D4:EB:47:6E:86:54:B8:C5:F1:93:D9:1E:6B:A6:D8:A0:C7:80
Certificate issuer: /CN=5bf81435ed13789895f375dc34d04ce91aca4744
Certificate serial: 018571955C63E6B429CA13F804DCEF4CE96A
Authority key identifier: 5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/XabU60duhlS4xfGT2R5rptigx4A.roa
Signing time: Mon 02 Jan 2023 08:24:51 +0000
ROA not before: Mon 02 Jan 2023 08:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201271
IP address blocks: 158.233.228.0/24 maxlen: 24
158.233.228.0/23 maxlen: 23
158.233.227.0/24 maxlen: 24
158.233.229.0/24 maxlen: 24
158.233.242.0/24 maxlen: 24
158.233.242.0/23 maxlen: 23
158.233.244.0/24 maxlen: 24
158.233.244.0/23 maxlen: 23
158.233.243.0/24 maxlen: 24
158.233.245.0/24 maxlen: 24
158.233.246.0/23 maxlen: 23
158.233.246.0/24 maxlen: 24
158.233.247.0/24 maxlen: 24
158.233.249.0/24 maxlen: 24
158.233.248.0/24 maxlen: 24
158.233.248.0/23 maxlen: 23
158.233.251.0/24 maxlen: 24
158.233.250.0/24 maxlen: 24
158.233.250.0/23 maxlen: 23
158.233.224.0/24 maxlen: 24
2001:67c:2af0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:5c:63:e6:b4:29:ca:13:f8:04:dc:ef:4c:e9:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bf81435ed13789895f375dc34d04ce91aca4744
Validity
Not Before: Jan 2 08:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5da6d4eb476e8654b8c5f193d91e6ba6d8a0c780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d4:4d:cc:1b:4b:06:51:05:0c:41:68:4c:99:
07:46:9b:04:d0:35:8d:ef:ff:17:be:7d:0b:c9:da:
30:83:91:67:18:61:fd:2a:63:65:01:57:8b:75:c1:
f1:f1:f9:81:9c:14:86:cc:90:dc:2b:68:2e:eb:f7:
12:42:f9:06:9a:21:d0:85:b2:2c:d2:ff:6f:3b:38:
cd:f1:1f:56:d4:f9:53:e9:b1:05:d0:a9:b9:8a:65:
ad:ae:e4:95:f4:e5:df:c4:91:aa:cb:ef:84:ea:34:
06:38:46:b1:9a:e0:d0:5b:5d:f4:38:d1:2a:0c:fb:
55:56:bb:d9:66:67:35:2d:73:c0:c1:a5:fb:72:4e:
79:c1:2e:1a:00:47:6f:53:66:88:16:20:27:34:c4:
a2:ab:19:5e:e1:27:f9:2f:43:fe:14:97:36:ae:ee:
64:6c:c2:96:32:8e:b0:ea:84:cc:6f:67:77:98:c6:
3f:a7:98:ae:7f:50:e1:0a:cd:62:46:8e:89:3d:31:
cb:e8:c7:bb:50:9c:20:5d:ba:e9:a3:c3:66:1b:a3:
0f:13:fe:5b:7b:b5:15:87:47:a2:86:45:b6:64:02:
f8:09:c6:37:d0:1e:30:f0:13:27:26:d7:f5:cc:ef:
c9:2d:8a:30:d4:97:74:13:29:f0:99:f2:35:42:19:
c4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A6:D4:EB:47:6E:86:54:B8:C5:F1:93:D9:1E:6B:A6:D8:A0:C7:80
X509v3 Authority Key Identifier:
keyid:5B:F8:14:35:ED:13:78:98:95:F3:75:DC:34:D0:4C:E9:1A:CA:47:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W_gUNe0TeJiV83XcNNBM6RrKR0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/XabU60duhlS4xfGT2R5rptigx4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/3d4bc5-c363-415f-b3da-48e4cc6b33a3/1/W_gUNe0TeJiV83XcNNBM6RrKR0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.233.224.0/24
158.233.227.0-158.233.229.255
158.233.242.0-158.233.251.255
IPv6:
2001:67c:2af0::/48
Signature Algorithm: sha256WithRSAEncryption
74:fb:f5:0d:fc:36:e0:cf:d4:88:53:31:84:ba:29:03:9f:43:
39:c9:d9:88:97:3e:23:cd:24:09:f5:b5:f6:07:00:40:61:1f:
84:34:2f:5b:50:f7:96:58:37:8d:c2:d9:cb:a1:6e:73:49:b0:
e2:7f:c7:78:0e:88:6e:6d:a0:51:90:76:78:03:68:ce:50:c3:
ac:6d:00:15:93:d2:6b:a2:7a:b8:be:7d:7c:83:45:42:96:94:
e1:2f:d1:9b:98:3d:28:39:89:25:76:07:ab:37:47:d6:12:75:
3d:3a:f4:e4:c5:8b:0b:1b:4a:f0:0b:25:c2:60:c0:62:45:81:
d8:7e:98:bf:9a:e3:d2:aa:28:5c:85:24:37:a4:9d:ce:f2:59:
c1:43:eb:45:ce:ed:fc:ea:67:6f:35:2f:36:ca:cd:c5:b9:cd:
e7:dd:2c:65:3f:25:dc:a9:d1:86:d6:68:1c:fd:06:23:6f:e4:
c6:3b:e8:0f:6f:0d:0e:ac:bb:d6:eb:cc:a1:f1:30:a5:b5:f7:
1c:ce:18:c9:37:e9:08:2a:e1:10:8f:04:de:b6:37:d0:7a:1d:
12:ce:a6:0c:25:09:89:91:62:0b:cd:26:0b:44:2d:44:1e:b6:
ad:89:25:1e:32:f2:ee:42:6b:ca:44:50:7f:64:a4:37:d7:07:
a0:52:81:f6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVxlVxj5rQpyhP4BNzvTOlqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZjgxNDM1ZWQxMzc4OTg5NWYzNzVkYzM0ZDA0Y2U5MWFj
YTQ3NDQwHhcNMjMwMTAyMDgyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGE2ZDRlYjQ3NmU4NjU0YjhjNWYxOTNkOTFlNmJhNmQ4YTBjNzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldRNzBtLBlEFDEFoTJkHRpsE0DWN
7/8Xvn0Lydowg5FnGGH9KmNlAVeLdcHx8fmBnBSGzJDcK2gu6/cSQvkGmiHQhbIs
0v9vOzjN8R9W1PlT6bEF0Km5imWtruSV9OXfxJGqy++E6jQGOEaxmuDQW130ONEq
DPtVVrvZZmc1LXPAwaX7ck55wS4aAEdvU2aIFiAnNMSiqxle4Sf5L0P+FJc2ru5k
bMKWMo6w6oTMb2d3mMY/p5iuf1DhCs1iRo6JPTHL6Me7UJwgXbrpo8NmG6MPE/5b
e7UVh0eihkW2ZAL4CcY30B4w8BMnJtf1zO/JLYow1Jd0EynwmfI1QhnEqwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFF2m1OtHboZUuMXxk9kea6bYoMeAMB8GA1UdIwQY
MBaAFFv4FDXtE3iYlfN13DTQTOkaykdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV19nVU5lMFRlSmlWODNYY05OQk02UnJLUjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zZDRiYzUtYzM2My00MTVmLWIzZGEt
NDhlNGNjNmIzM2EzLzEvWGFiVTYwZHVobFM0eGZHVDJSNXJwdGlneDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zZDRiYzUtYzM2My00MTVmLWIzZGEtNDhlNGNjNmIzM2Ez
LzEvV19nVU5lMFRlSmlWODNYY05OQk02UnJLUjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAoBAIAATAiAwQAnungMAwD
BACe6eMDBAGe6eQwDAMEAZ7p8gMEAp7p+DAPBAIAAjAJAwcAIAEGfCrwMA0GCSqG
SIb3DQEBCwUAA4IBAQB0+/UN/Dbgz9SIUzGEuikDn0M5ydmIlz4jzSQJ9bX2BwBA
YR+ENC9bUPeWWDeNwtnLoW5zSbDif8d4DohubaBRkHZ4A2jOUMOsbQAVk9Jronq4
vn18g0VClpThL9GbmD0oOYkldgerN0fWEnU9OvTkxYsLG0rwCyXCYMBiRYHYfpi/
muPSqihchSQ3pJ3O8lnBQ+tFzu386mdvNS82ys3Fuc3n3SxlPyXcqdGG1mgc/QYj
b+TGO+gPbw0OrLvW68yh8TCltfcczhjJN+kIKuEQjwTetjfQeh0SzqYMJQmJkWIL
zSYLRC1EHratiSUeMvLuQmvKRFB/ZKQ31wegUoH2
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:49:31 2025 by rpki-client