Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/XkX514_lCLfQwvPqMOENzlSuiYQ.roa
File: XkX514_lCLfQwvPqMOENzlSuiYQ.roa (raw, json)
Hash identifier: c0MwaajAbQUeeWDQAW5EWzuuUkneUGHkGR9RcJ+FMbQ=
Subject key identifier: 5E:45:F9:D7:8F:E5:08:B7:D0:C2:F3:EA:30:E1:0D:CE:54:AE:89:84
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 128FFAE9
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/XkX514_lCLfQwvPqMOENzlSuiYQ.roa
Signing time: Sat 01 Jan 2022 10:05:51 +0000
ROA not before: Sat 01 Jan 2022 10:05:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201150
IP address blocks: 185.177.232.0/22 maxlen: 22
5.202.96.0/22 maxlen: 22
5.202.132.0/22 maxlen: 22
185.180.52.0/22 maxlen: 22
5.202.29.0/24 maxlen: 24
5.202.58.0/23 maxlen: 23
5.202.60.0/22 maxlen: 22
5.202.64.0/23 maxlen: 23
185.169.20.0/22 maxlen: 22
185.169.36.0/22 maxlen: 22
5.202.0.0/19 maxlen: 19
185.103.128.0/22 maxlen: 22
5.202.16.0/20 maxlen: 20
185.125.244.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 311425769 (0x128ffae9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 1 10:05:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e45f9d78fe508b7d0c2f3ea30e10dce54ae8984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e9:af:85:3e:7c:f9:a0:5d:83:0c:2b:72:25:
3d:0a:5e:65:5f:70:9b:0d:34:f0:d5:29:f1:80:70:
b6:c7:b5:3c:6f:4b:08:0c:14:f7:b3:b5:41:05:99:
14:b5:12:14:2e:91:fe:00:ed:58:8a:2f:fd:22:8c:
0e:e5:9f:a0:69:55:e7:8b:b9:ab:3a:ee:1a:5d:58:
36:61:c6:0c:c8:3a:af:c4:91:ce:f9:af:4a:5a:b7:
e2:eb:50:9c:4d:f7:d7:e0:e7:ef:62:bc:d3:43:16:
8f:13:90:39:2d:81:46:17:2a:cc:bf:14:ea:f6:9a:
be:be:40:13:f7:67:8a:9e:9b:ee:98:be:50:f6:3d:
32:51:07:28:e4:2a:47:48:04:14:70:d4:3f:9a:fb:
fa:6d:40:17:d7:7f:e0:fc:ae:e7:ff:48:9f:45:62:
ca:1e:6d:60:a9:ba:7a:52:29:ad:4a:1b:e1:dd:da:
55:8f:a6:b9:28:3a:85:3b:ef:8a:e8:1e:c1:17:3a:
a4:aa:5f:cd:f9:f4:8d:5d:ae:71:4f:6b:e0:f1:9d:
5f:2d:1a:69:28:c4:b8:b0:4f:15:98:2b:10:0f:cd:
42:2f:71:40:4e:84:53:07:d3:4d:13:4f:f3:97:07:
ed:65:45:98:65:47:49:5c:73:db:b4:f9:5d:67:fa:
d4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:45:F9:D7:8F:E5:08:B7:D0:C2:F3:EA:30:E1:0D:CE:54:AE:89:84
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/XkX514_lCLfQwvPqMOENzlSuiYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/19
5.202.58.0-5.202.65.255
5.202.96.0/22
5.202.132.0/22
185.103.128.0/22
185.125.244.0/22
185.169.20.0/22
185.169.36.0/22
185.177.232.0/22
185.180.52.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:b0:4e:f9:a0:68:23:a9:1b:40:f4:99:5f:be:95:9d:25:f4:
1f:a3:a1:03:8c:60:95:ff:5f:7a:ee:c1:5e:e8:4a:db:d2:5d:
1b:9e:2f:5d:a6:c7:9c:1c:7b:82:87:9b:70:11:74:fe:ba:66:
cb:13:e6:6f:ed:9a:9a:09:38:96:50:fd:ff:53:3a:9e:d7:6f:
61:45:06:60:f0:1b:2c:9a:14:a7:d7:f1:aa:9b:ea:e2:da:97:
f1:9b:75:49:bb:8f:d5:5f:6e:46:cb:8a:3b:3a:2b:fe:55:ce:
0c:68:59:e9:fa:e4:24:14:e0:40:bc:0b:ba:37:e2:03:99:c2:
7b:20:c1:c1:c4:5b:ff:2f:ca:82:ef:76:66:58:c3:89:0c:a0:
91:00:c2:f2:be:a2:09:78:be:6b:c6:49:c7:d0:44:3f:11:b6:
1e:5d:3c:f7:3e:16:18:1d:62:9c:df:65:9d:0d:99:0d:69:17:
38:7e:b7:bd:8e:f6:3e:fe:0b:6d:fb:c7:81:3e:c9:6a:7b:9a:
7b:b1:a7:2b:9e:cf:9e:5d:c8:9a:41:9f:4e:43:96:66:92:88:
fa:09:92:39:28:50:56:e2:76:d4:85:51:31:a1:dd:df:4a:47:
3b:b5:97:8a:9c:d8:87:b2:36:ab:ca:15:e0:16:9e:c8:a9:a9:
4e:52:c5:71
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEEo/66TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTFlNjkzNjhhYmQzNDUzOGZlNzdkZGFhYmNkYzgzNWFmNTk1ZWJhMB4XDTIyMDEw
MTEwMDU1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWU0NWY5ZDc4ZmU1
MDhiN2QwYzJmM2VhMzBlMTBkY2U1NGFlODk4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMPpr4U+fPmgXYMMK3IlPQpeZV9wmw008NUp8YBwtse1PG9L
CAwU97O1QQWZFLUSFC6R/gDtWIov/SKMDuWfoGlV54u5qzruGl1YNmHGDMg6r8SR
zvmvSlq34utQnE331+Dn72K800MWjxOQOS2BRhcqzL8U6vaavr5AE/dnip6b7pi+
UPY9MlEHKOQqR0gEFHDUP5r7+m1AF9d/4Pyu5/9In0Viyh5tYKm6elIprUob4d3a
VY+muSg6hTvviugewRc6pKpfzfn0jV2ucU9r4PGdXy0aaSjEuLBPFZgrEA/NQi9x
QE6EUwfTTRNP85cH7WVFmGVHSVxz27T5XWf61IcCAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBReRfnXj+UIt9DC8+ow4Q3OVK6JhDAfBgNVHSMEGDAWgBSaHmk2ir00U4/n
fdqrzcg1r1leujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21oNXBOb3E5TkZPUDUzM2FxODNJTmE5Wlhyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNzg4NmY0LTVmY2MtNGQ0NC1iZDYyLTEwOTgyZTA0MGQ1My8x
L1hrWDUxNF9sQ0xmUXd2UHFNT0VOemxTdWlZUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
Nzg4NmY0LTVmY2MtNGQ0NC1iZDYyLTEwOTgyZTA0MGQ1My8xL21oNXBOb3E5TkZP
UDUzM2FxODNJTmE5Wlhyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwSgQCAAEwRAMEBQXKADAMAwQBBco6AwQBBcpAAwQC
BcpgAwQCBcqEAwQCuWeAAwQCuX30AwQCuakUAwQCuakkAwQCubHoAwQCubQ0MA0G
CSqGSIb3DQEBCwUAA4IBAQBKsE75oGgjqRtA9JlfvpWdJfQfo6EDjGCV/1967sFe
6Erb0l0bni9dpsecHHuCh5twEXT+umbLE+Zv7ZqaCTiWUP3/Uzqe129hRQZg8Bss
mhSn1/Gqm+ri2pfxm3VJu4/VX25Gy4o7Oiv+Vc4MaFnp+uQkFOBAvAu6N+IDmcJ7
IMHBxFv/L8qC73ZmWMOJDKCRAMLyvqIJeL5rxknH0EQ/EbYeXTz3PhYYHWKc32Wd
DZkNaRc4fre9jvY+/gtt+8eBPslqe5p7sacrns+eXciaQZ9OQ5Zmkoj6CZI5KFBW
4nbUhVExod3fSkc7tZeKnNiHsjaryhXgFp7IqalOUsVx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org