Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/LGi4AFuELGnvXPqPRYVctd1aKuI.roa
File: LGi4AFuELGnvXPqPRYVctd1aKuI.roa (raw, json)
Hash identifier: 0K+FbOup/+s2V/duldaA3xAWcxgfgdr18ekGGSHXSoY=
Subject key identifier: 2C:68:B8:00:5B:84:2C:69:EF:5C:FA:8F:45:85:5C:B5:DD:5A:2A:E2
Certificate issuer: /CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Certificate serial: 0AE64508
Authority key identifier: 65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/LGi4AFuELGnvXPqPRYVctd1aKuI.roa
Signing time: Sat 01 Jan 2022 15:55:02 +0000
ROA not before: Sat 01 Jan 2022 15:55:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13306
IP address blocks: 89.106.102.0/23 maxlen: 23
89.106.104.0/23 maxlen: 23
89.106.101.0/24 maxlen: 24
109.107.70.0/23 maxlen: 23
89.106.108.0/23 maxlen: 23
89.106.107.0/24 maxlen: 24
77.76.150.0/23 maxlen: 23
89.106.127.0/24 maxlen: 24
77.76.176.0/22 maxlen: 22
188.124.92.0/22 maxlen: 22
178.75.252.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 182863112 (0xae64508)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Validity
Not Before: Jan 1 15:55:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c68b8005b842c69ef5cfa8f45855cb5dd5a2ae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:58:83:e3:91:a8:02:5b:a4:60:fa:f9:16:ed:
84:36:60:b8:24:d0:c4:64:ad:76:82:bc:6b:2b:35:
71:df:4e:63:f3:d5:a5:90:03:cb:1b:db:fd:d2:b1:
a9:e3:90:8f:13:b6:c0:f4:2f:3b:c6:c1:df:b4:e3:
8b:3e:2d:73:a0:06:08:dd:f7:e0:ec:ad:4d:1f:b8:
a8:6e:1d:15:d1:2a:4e:89:3c:ef:dc:29:f0:6a:3d:
f6:02:e4:7b:13:e7:0b:ac:29:5c:23:97:3a:01:12:
e0:f1:1b:b3:38:ca:3a:38:77:61:1b:77:61:e4:86:
86:67:73:6a:56:e6:19:c2:90:9a:e1:b1:8b:b9:ef:
b7:d8:85:fc:bb:cc:be:ec:25:12:0c:2a:d0:ae:38:
45:f0:9f:8e:58:d9:3f:a5:ca:a6:2d:ee:91:ac:21:
e1:d6:ec:3f:b9:c9:a1:e8:b2:1b:85:91:7f:56:b9:
0b:bf:f4:52:4a:22:e6:4b:f4:5f:d3:ac:89:46:81:
c0:c0:cc:8e:41:5a:8f:5d:fe:5a:04:1e:01:dc:9f:
e5:4b:3a:eb:2b:4d:18:73:7d:75:3e:ac:53:c0:57:
af:60:6f:13:7b:f5:57:fe:e1:8c:72:21:3d:2d:0c:
53:cd:98:64:7e:52:a7:8f:04:5c:3d:52:99:51:7d:
d8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:68:B8:00:5B:84:2C:69:EF:5C:FA:8F:45:85:5C:B5:DD:5A:2A:E2
X509v3 Authority Key Identifier:
keyid:65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/LGi4AFuELGnvXPqPRYVctd1aKuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.150.0/23
77.76.176.0/22
89.106.101.0-89.106.105.255
89.106.107.0-89.106.109.255
89.106.127.0/24
109.107.70.0/23
178.75.252.0/22
188.124.92.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:bf:56:c9:13:05:1f:48:c7:b0:03:7d:52:9c:f3:d0:07:8e:
27:8d:4a:7d:1c:de:5e:5f:8b:56:f5:36:1b:0c:00:8a:61:e9:
25:c0:dc:c6:67:88:1e:5a:97:e9:c7:03:14:80:c3:57:c5:b9:
cc:5e:b7:37:cd:64:60:74:54:3a:56:4e:4d:8c:5a:f9:d4:c5:
14:ef:b9:a1:c2:ad:c8:df:70:98:31:6e:99:7b:34:25:0a:2a:
67:85:f1:35:fb:aa:86:15:de:6e:a7:f4:6a:9e:a8:a4:b6:47:
33:b6:a7:12:6a:8a:74:ba:8a:bd:73:cf:59:85:77:0e:b6:e1:
e4:af:c9:5c:96:f6:2f:04:d1:c7:8a:e1:bf:9e:4f:9a:2a:e1:
42:5d:3c:2e:37:da:3e:2c:b7:cd:29:bb:8e:0c:68:32:c4:42:
b3:24:e7:6c:04:2c:24:e1:9e:aa:63:2c:4c:b6:a2:a6:29:4e:
57:8d:5c:67:c2:8c:80:37:ac:72:6d:17:ab:78:27:93:cd:77:
d9:63:de:ee:e2:2c:ab:7b:a2:60:b0:d4:28:52:79:03:c2:7c:
fe:d2:b6:17:cf:c1:e3:d8:9b:1f:91:7d:c6:85:c7:87:45:f6:
6e:7f:f5:3e:88:b2:00:11:c7:75:ee:b3:65:53:4e:3e:54:f0:
c7:84:12:f4
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIECuZFCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NTgxNjc3NGI3YzU2NjVkNjdhODZjMjBjZWI2NDg3YjViNzhiMzhkMB4XDTIyMDEw
MTE1NTUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmM2OGI4MDA1Yjg0
MmM2OWVmNWNmYThmNDU4NTVjYjVkZDVhMmFlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhYg+ORqAJbpGD6+RbthDZguCTQxGStdoK8ays1cd9OY/PV
pZADyxvb/dKxqeOQjxO2wPQvO8bB37Tjiz4tc6AGCN334OytTR+4qG4dFdEqTok8
79wp8Go99gLkexPnC6wpXCOXOgES4PEbszjKOjh3YRt3YeSGhmdzalbmGcKQmuGx
i7nvt9iF/LvMvuwlEgwq0K44RfCfjljZP6XKpi3ukawh4dbsP7nJoeiyG4WRf1a5
C7/0Ukoi5kv0X9OsiUaBwMDMjkFaj13+WgQeAdyf5Us66ytNGHN9dT6sU8BXr2Bv
E3v1V/7hjHIhPS0MU82YZH5Sp48EXD1SmVF92FkCAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBQsaLgAW4Qsae9c+o9FhVy13Voq4jAfBgNVHSMEGDAWgBRlgWd0t8VmXWeo
bCDOtkh7W3izjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pZRm5kTGZGWmwxbnFHd2d6clpJZTF0NHM0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvZjNiODI1LWNiYzAtNDlkMi04Yjc2LTZiMTQ2OWMzYjk1YS8x
L0xHaTRBRnVFTEdudlhQcVBSWVZjdGQxYUt1SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
ZjNiODI1LWNiYzAtNDlkMi04Yjc2LTZiMTQ2OWMzYjk1YS8xL1pZRm5kTGZGWmwx
bnFHd2d6clpJZTF0NHM0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwRgQCAAEwQAMEAU1MlgMEAk1MsDAMAwQAWWplAwQB
WWpoMAwDBABZamsDBAFZamwDBABZan8DBAFta0YDBAKyS/wDBAK8fFwwDQYJKoZI
hvcNAQELBQADggEBALS/VskTBR9Ix7ADfVKc89AHjieNSn0c3l5fi1b1NhsMAIph
6SXA3MZniB5al+nHAxSAw1fFucxetzfNZGB0VDpWTk2MWvnUxRTvuaHCrcjfcJgx
bpl7NCUKKmeF8TX7qoYV3m6n9GqeqKS2RzO2pxJqinS6ir1zz1mFdw624eSvyVyW
9i8E0ceK4b+eT5oq4UJdPC432j4st80pu44MaDLEQrMk52wELCThnqpjLEy2oqYp
TleNXGfCjIA3rHJtF6t4J5PNd9lj3u7iLKt7omCw1ChSeQPCfP7SthfPwePYmx+R
fcaFx4dF9m5/9T6IsgARx3Xus2VTTj5U8MeEEvQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:27 2024 by rpki-client on console-fra.rpki-client.org