Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/LGxUC_k0TW1HC_6X7m7rl8kARY0.roa
File: LGxUC_k0TW1HC_6X7m7rl8kARY0.roa (raw, json)
Hash identifier: TdgziC7Yl+zidasS/k1xKMtN6ET7LSaErQOTiQVrDJo=
Subject key identifier: 2C:6C:54:0B:F9:34:4D:6D:47:0B:FE:97:EE:6E:EB:97:C9:00:45:8D
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018379797ECA7A5A8975CB5929A64BDCFA4F
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/LGxUC_k0TW1HC_6X7m7rl8kARY0.roa
Signing time: Mon 26 Sep 2022 11:05:48 +0000
ROA not before: Mon 26 Sep 2022 11:05:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201150
IP address blocks: 185.177.232.0/22 maxlen: 22
5.202.96.0/22 maxlen: 22
5.202.132.0/22 maxlen: 22
185.180.52.0/22 maxlen: 22
5.202.29.0/24 maxlen: 24
5.202.58.0/23 maxlen: 23
5.202.60.0/22 maxlen: 22
5.202.64.0/23 maxlen: 23
185.169.20.0/22 maxlen: 22
185.169.36.0/22 maxlen: 22
5.202.0.0/19 maxlen: 19
185.103.128.0/22 maxlen: 22
5.202.16.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:79:79:7e:ca:7a:5a:89:75:cb:59:29:a6:4b:dc:fa:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Sep 26 11:05:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c6c540bf9344d6d470bfe97ee6eeb97c900458d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f8:97:61:3b:b3:01:ad:b4:6e:b6:d6:8d:86:
62:4f:9b:5b:d5:d7:92:8d:16:4b:2d:1f:89:0e:9a:
99:d3:31:f5:c7:df:8c:02:d8:63:1a:07:c8:a9:41:
d5:e4:e6:b5:37:71:c9:41:b4:e8:3f:4f:c7:3e:86:
40:b5:17:69:e8:61:5a:1b:c7:84:82:d8:20:4e:bb:
b0:6f:8f:ff:bd:a2:7c:91:7a:66:da:32:8e:30:b0:
b9:65:d5:f8:98:9c:4d:bb:b9:f0:92:17:c4:5a:a6:
ac:dd:7d:ce:e7:75:c6:1f:61:4a:fd:d4:b8:70:35:
5a:e3:71:7b:2e:cb:fa:1f:37:dc:f2:33:1e:0e:a0:
17:69:ee:4c:c1:ef:24:b3:c3:9a:31:57:85:21:87:
18:9d:e5:76:5a:95:05:1c:3f:2f:3e:a1:cb:57:3d:
56:61:af:13:dc:2f:51:a8:11:dd:ba:7f:5b:4f:8b:
72:42:7f:b8:e3:ce:3a:76:6f:d8:5b:dc:19:79:5f:
b3:7f:d7:4d:9a:d9:c3:eb:4b:7f:ac:21:69:70:7c:
cf:1c:0a:aa:ba:60:3c:7d:87:c8:bb:78:82:be:91:
e9:46:91:bb:e1:67:b1:af:2f:33:a7:d7:55:60:b1:
00:bc:04:ae:72:31:58:99:ae:d4:08:9c:50:0b:c0:
f9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:6C:54:0B:F9:34:4D:6D:47:0B:FE:97:EE:6E:EB:97:C9:00:45:8D
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/LGxUC_k0TW1HC_6X7m7rl8kARY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/19
5.202.58.0-5.202.65.255
5.202.96.0/22
5.202.132.0/22
185.103.128.0/22
185.169.20.0/22
185.169.36.0/22
185.177.232.0/22
185.180.52.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:50:42:1a:eb:03:ab:c1:de:39:b9:fa:ee:91:5f:da:b3:ff:
25:63:95:09:fa:29:52:94:93:4c:8c:af:b1:70:29:52:84:19:
98:00:e9:1a:64:65:68:37:41:d4:92:56:4a:93:2c:dc:8c:61:
ac:f0:c1:13:6a:9c:68:79:6b:f1:01:47:fc:0b:28:e1:1c:5b:
33:40:40:fe:2e:84:c1:e3:86:0f:e8:52:9b:cb:a0:09:cc:b9:
f0:3a:f2:cd:18:52:75:d5:83:01:84:48:b0:cf:78:1c:b0:53:
b8:55:55:d7:7c:3d:b9:c9:5e:20:16:52:2a:c4:55:80:57:82:
0a:fe:d4:4e:f5:87:7d:17:6f:c8:1a:68:e4:7b:0f:c1:bc:e2:
af:eb:a7:2e:98:3d:6b:87:6b:2a:55:ab:c6:90:6c:d8:ed:cd:
58:3c:a0:cc:bd:4c:3c:02:e8:ce:37:44:ef:1a:cb:b3:6b:14:
07:7d:8d:30:b5:db:a6:d1:89:03:6f:5a:8a:ec:d2:14:e5:33:
95:00:e3:31:b8:41:7a:99:86:43:c1:11:c3:c7:3a:7f:13:b1:
de:31:5c:6e:2a:d7:77:c9:78:71:83:bb:aa:7b:85:99:c4:1e:
be:89:be:2b:11:d8:97:3a:67:ad:b0:4c:40:cc:2d:24:01:2d:
d8:63:e4:58
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYN5eX7KelqJdctZKaZL3PpPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjIwOTI2MTEwNTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzZjNTQwYmY5MzQ0ZDZkNDcwYmZlOTdlZTZlZWI5N2M5MDA0NThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/iXYTuzAa20brbWjYZiT5tb1deS
jRZLLR+JDpqZ0zH1x9+MAthjGgfIqUHV5Oa1N3HJQbToP0/HPoZAtRdp6GFaG8eE
gtggTruwb4//vaJ8kXpm2jKOMLC5ZdX4mJxNu7nwkhfEWqas3X3O53XGH2FK/dS4
cDVa43F7Lsv6Hzfc8jMeDqAXae5Mwe8ks8OaMVeFIYcYneV2WpUFHD8vPqHLVz1W
Ya8T3C9RqBHdun9bT4tyQn+44846dm/YW9wZeV+zf9dNmtnD60t/rCFpcHzPHAqq
umA8fYfIu3iCvpHpRpG74Wexry8zp9dVYLEAvASucjFYma7UCJxQC8D5gwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFCxsVAv5NE1tRwv+l+5u65fJAEWNMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvTEd4VUNfazBUVzFIQ182WDdtN3JsOGtBUlkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQFBcoAMAwD
BAEFyjoDBAEFykADBAIFymADBAIFyoQDBAK5Z4ADBAK5qRQDBAK5qSQDBAK5segD
BAK5tDQwDQYJKoZIhvcNAQELBQADggEBAHpQQhrrA6vB3jm5+u6RX9qz/yVjlQn6
KVKUk0yMr7FwKVKEGZgA6RpkZWg3QdSSVkqTLNyMYazwwRNqnGh5a/EBR/wLKOEc
WzNAQP4uhMHjhg/oUpvLoAnMufA68s0YUnXVgwGESLDPeBywU7hVVdd8PbnJXiAW
UirEVYBXggr+1E71h30Xb8gaaOR7D8G84q/rpy6YPWuHaypVq8aQbNjtzVg8oMy9
TDwC6M43RO8ay7NrFAd9jTC126bRiQNvWors0hTlM5UA4zG4QXqZhkPBEcPHOn8T
sd4xXG4q13fJeHGDu6p7hZnEHr6JvisR2Jc6Z62wTEDMLSQBLdhj5Fg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:33 2024 by rpki-client on console-ams.rpki-client.org