Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/lh1pFDuA3peG6aVl7QijypcJnXs.roa
File: lh1pFDuA3peG6aVl7QijypcJnXs.roa (raw, json)
Hash identifier: zX/+KOOQpOtim3IbS6/XMd3sOBBVHqCdZdAS4I3rvTs=
Subject key identifier: 96:1D:69:14:3B:80:DE:97:86:E9:A5:65:ED:08:A3:CA:97:09:9D:7B
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 01840F21869819515F4C2C9A46ACD253E5E9
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/lh1pFDuA3peG6aVl7QijypcJnXs.roa
Signing time: Tue 25 Oct 2022 12:32:46 +0000
ROA not before: Tue 25 Oct 2022 12:32:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201150
IP address blocks: 185.169.20.0/22 maxlen: 22
5.202.96.0/22 maxlen: 22
185.169.36.0/22 maxlen: 22
5.202.0.0/19 maxlen: 19
185.103.128.0/22 maxlen: 22
5.202.16.0/20 maxlen: 20
5.202.132.0/22 maxlen: 22
185.180.52.0/22 maxlen: 22
5.202.29.0/24 maxlen: 24
5.202.58.0/23 maxlen: 23
5.202.60.0/22 maxlen: 22
5.202.64.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0f:21:86:98:19:51:5f:4c:2c:9a:46:ac:d2:53:e5:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Oct 25 12:32:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=961d69143b80de9786e9a565ed08a3ca97099d7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e9:27:9b:3f:6b:c3:e1:e5:f6:99:da:e9:d6:
20:23:51:f1:1a:3b:bd:67:89:57:ea:74:64:97:95:
47:6e:64:26:51:56:3a:eb:0b:89:0d:c7:d4:de:a4:
aa:8c:1d:d3:ab:a3:5a:0d:32:2d:87:d9:2d:c1:84:
4f:ad:36:49:f8:e5:2f:25:82:fa:42:22:93:a5:07:
16:4f:2a:c7:37:ea:3a:f2:ec:02:b0:31:b0:70:a7:
2d:56:f0:92:73:0a:6d:4e:f6:de:6c:dc:f9:aa:55:
d2:00:f9:66:e4:fe:ea:be:9d:60:4a:62:8d:45:fc:
b8:bf:4b:eb:d4:30:b3:1f:47:42:a6:00:5c:0e:5d:
ff:26:8e:db:8f:75:b3:8f:b8:20:95:ae:20:8d:14:
18:ad:1f:33:7c:96:e4:8b:5a:a5:58:0b:12:8d:45:
c6:fc:4d:f9:01:73:c1:ef:14:44:72:32:4f:43:93:
05:62:db:b3:7a:f8:bd:ad:b3:30:34:ae:10:58:4b:
45:b7:36:3d:bb:28:47:53:77:2c:9c:aa:82:bc:3f:
a3:5e:a7:48:e5:26:84:6d:0a:af:6a:8a:92:62:be:
bd:80:5f:12:e1:a6:0e:c8:b5:5d:de:b8:4b:1c:a0:
9f:81:9b:cb:5e:2e:b8:79:ff:53:26:2f:3f:c6:25:
28:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:1D:69:14:3B:80:DE:97:86:E9:A5:65:ED:08:A3:CA:97:09:9D:7B
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/lh1pFDuA3peG6aVl7QijypcJnXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.0.0/19
5.202.58.0-5.202.65.255
5.202.96.0/22
5.202.132.0/22
185.103.128.0/22
185.169.20.0/22
185.169.36.0/22
185.180.52.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:79:4f:c5:51:52:80:ae:a1:0b:35:74:cd:29:75:72:76:7d:
c2:b8:bc:c0:93:87:b8:aa:f9:ac:ca:c3:f0:65:18:91:af:d0:
86:2d:cf:ad:28:66:2f:7c:6f:77:62:f6:c7:01:1d:ab:95:0a:
90:6d:cc:0b:4a:4a:e2:1f:33:65:81:1b:5d:65:bd:19:e1:8b:
c7:c8:b1:88:9b:3c:e5:02:21:99:cc:05:49:86:8f:0e:f1:56:
94:ab:86:5e:9b:89:51:1c:05:64:fa:b9:91:f4:a3:26:c8:ec:
0b:b9:0e:61:fd:5b:ae:f9:3a:95:84:b7:30:dc:64:a5:f9:bd:
2f:b0:ef:cb:10:15:53:3f:8e:f6:7d:90:cd:0a:b4:2d:76:b1:
3b:8a:b6:ab:c6:1e:2c:0a:2c:1e:b4:b6:a1:09:aa:29:30:35:
26:f9:e6:b2:39:37:b2:f2:27:27:ab:1b:c7:e4:fa:fc:0a:5b:
61:d9:25:a5:1d:fa:79:68:5e:08:e7:77:68:3b:4e:0a:2c:25:
30:de:5d:60:10:d5:bf:12:a6:dd:c8:18:0b:fd:de:c5:f8:bd:
ad:a4:1e:67:2f:55:58:5c:47:33:3a:6b:e4:a1:00:a1:42:84:
84:7e:dc:8f:19:6a:e9:cd:a2:71:27:b5:f2:4f:1a:47:d5:c0:
ba:16:6a:e6
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYQPIYaYGVFfTCyaRqzSU+XpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjIxMDI1MTIzMjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjFkNjkxNDNiODBkZTk3ODZlOWE1NjVlZDA4YTNjYTk3MDk5ZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+knmz9rw+Hl9pna6dYgI1HxGju9
Z4lX6nRkl5VHbmQmUVY66wuJDcfU3qSqjB3Tq6NaDTIth9ktwYRPrTZJ+OUvJYL6
QiKTpQcWTyrHN+o68uwCsDGwcKctVvCScwptTvbebNz5qlXSAPlm5P7qvp1gSmKN
Rfy4v0vr1DCzH0dCpgBcDl3/Jo7bj3Wzj7ggla4gjRQYrR8zfJbki1qlWAsSjUXG
/E35AXPB7xREcjJPQ5MFYtuzevi9rbMwNK4QWEtFtzY9uyhHU3csnKqCvD+jXqdI
5SaEbQqvaoqSYr69gF8S4aYOyLVd3rhLHKCfgZvLXi64ef9TJi8/xiUo5wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJYdaRQ7gN6XhumlZe0Io8qXCZ17MB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvbGgxcEZEdUEzcGVHNmFWbDdRaWp5cGNKblhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQFBcoAMAwD
BAEFyjoDBAEFykADBAIFymADBAIFyoQDBAK5Z4ADBAK5qRQDBAK5qSQDBAK5tDQw
DQYJKoZIhvcNAQELBQADggEBAD15T8VRUoCuoQs1dM0pdXJ2fcK4vMCTh7iq+azK
w/BlGJGv0IYtz60oZi98b3di9scBHauVCpBtzAtKSuIfM2WBG11lvRnhi8fIsYib
POUCIZnMBUmGjw7xVpSrhl6biVEcBWT6uZH0oybI7Au5DmH9W675OpWEtzDcZKX5
vS+w78sQFVM/jvZ9kM0KtC12sTuKtqvGHiwKLB60tqEJqikwNSb55rI5N7LyJyer
G8fk+vwKW2HZJaUd+nloXgjnd2g7TgosJTDeXWAQ1b8Spt3IGAv93sX4va2kHmcv
VVhcRzM6a+ShAKFChIR+3I8ZaunNonEntfJPGkfVwLoWauY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org