Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/125959-746b-4a0f-96d3-c3e8eadd00ba/1/lgg2_-wi8ytzq8Fv7_s6jkSEy-M.roa
File: lgg2_-wi8ytzq8Fv7_s6jkSEy-M.roa (raw, json)
Hash identifier: nfTZqcfIR1RF2D6jVk9vdpC6QYyRjciHNRs2OMLG3/8=
Subject key identifier: 96:08:36:FF:EC:22:F3:2B:73:AB:C1:6F:EF:FB:3A:8E:44:84:CB:E3
Certificate issuer: /CN=6d840bf8f2ea446a47db6c633906667c63ed886e
Certificate serial: 0199B588
Authority key identifier: 6D:84:0B:F8:F2:EA:44:6A:47:DB:6C:63:39:06:66:7C:63:ED:88:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bYQL-PLqRGpH22xjOQZmfGPtiG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/125959-746b-4a0f-96d3-c3e8eadd00ba/1/lgg2_-wi8ytzq8Fv7_s6jkSEy-M.roa
Signing time: Sat 01 Jan 2022 11:59:22 +0000
ROA not before: Sat 01 Jan 2022 11:59:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213206
IP address blocks: 91.239.145.0/24 maxlen: 24
2a07:e0c0:1::/48 maxlen: 48
2a07:e0c0:4::/48 maxlen: 48
2a07:e0c0:2::/48 maxlen: 48
2a07:e0c0::/30 maxlen: 30
2a07:e0c0:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26850696 (0x199b588)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d840bf8f2ea446a47db6c633906667c63ed886e
Validity
Not Before: Jan 1 11:59:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=960836ffec22f32b73abc16feffb3a8e4484cbe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3f:e9:38:5c:2e:0e:57:4d:9d:c8:1d:bc:ef:
da:84:8e:c2:2c:29:7b:d2:57:70:51:bb:0b:ac:7b:
98:b5:58:ea:ac:c9:bb:93:f5:e3:1c:25:62:33:c8:
5e:8d:ba:91:b0:aa:ed:5d:c1:78:22:64:ff:95:63:
94:51:9a:12:3c:ed:39:c4:67:1e:78:9d:ad:88:d5:
39:94:80:92:bb:08:d6:0b:68:90:c9:ac:7e:b8:d2:
8d:94:99:53:69:f6:1c:c1:42:af:37:71:d0:8c:47:
e6:44:a5:8a:01:e8:4c:1f:66:a8:73:ca:d1:67:9e:
62:d7:d1:74:59:73:19:67:85:28:d0:aa:19:45:f6:
2c:c5:00:dd:c6:93:a9:b7:63:56:c4:d0:27:a9:72:
3f:d8:75:68:23:e6:4e:ba:f8:8a:a5:9a:f0:1e:4f:
0f:6e:15:4d:8b:cb:20:f9:bd:22:ea:48:29:e4:cc:
07:ad:3d:1e:57:84:47:c6:d5:63:7a:62:38:b7:12:
71:84:96:6e:58:90:20:ff:44:93:b8:6c:bb:94:1b:
bc:21:0e:16:46:ad:fd:5a:3e:4f:ad:21:90:65:44:
7b:25:5d:37:5a:bf:74:f6:6a:df:aa:7a:fa:8f:d7:
6a:e2:7c:00:82:3f:d0:61:e5:86:7e:eb:5a:5e:0d:
d2:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:08:36:FF:EC:22:F3:2B:73:AB:C1:6F:EF:FB:3A:8E:44:84:CB:E3
X509v3 Authority Key Identifier:
keyid:6D:84:0B:F8:F2:EA:44:6A:47:DB:6C:63:39:06:66:7C:63:ED:88:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bYQL-PLqRGpH22xjOQZmfGPtiG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/125959-746b-4a0f-96d3-c3e8eadd00ba/1/lgg2_-wi8ytzq8Fv7_s6jkSEy-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/125959-746b-4a0f-96d3-c3e8eadd00ba/1/bYQL-PLqRGpH22xjOQZmfGPtiG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.145.0/24
IPv6:
2a07:e0c0::/30
Signature Algorithm: sha256WithRSAEncryption
82:54:db:75:d1:35:da:fb:b4:68:b9:57:fa:ee:76:66:f6:18:
51:76:13:52:7e:69:7a:86:44:cd:ef:db:13:0f:4d:d4:ce:f9:
d0:d7:c2:e4:b4:9a:c4:0e:1a:f7:f8:58:d1:49:f2:41:94:76:
93:9b:20:e9:4c:34:01:33:0d:8b:7a:62:fe:00:15:8b:09:45:
59:ea:5c:b7:2c:f2:61:5f:93:83:66:62:1a:fe:c2:0e:79:70:
43:5a:34:3e:bd:4f:fe:56:fb:36:79:77:55:99:29:5b:ef:d4:
a2:14:34:d3:90:a1:48:d7:0b:f9:ad:c7:e2:f2:c2:4a:4f:6c:
2e:c9:b9:79:d3:1d:b4:88:18:bc:e0:19:06:26:0b:e4:37:3f:
df:2a:85:c0:26:04:46:b4:28:c2:71:28:96:36:ff:62:a7:f4:
ff:b7:f1:33:5b:1b:0e:ec:ed:68:e5:07:cc:c6:b7:f2:ca:eb:
d8:34:f4:a3:ff:91:a7:4f:7c:9d:7b:46:b1:db:c2:e7:d6:da:
f6:65:15:61:b5:9f:17:60:3c:bb:2b:03:42:b3:dc:08:96:91:
4a:82:29:c6:8b:5b:df:8a:e9:b8:8f:d1:60:42:18:fa:7f:36:
5a:22:88:65:c7:4d:e9:de:4b:95:31:f5:00:50:06:25:ef:e3:
3a:89:14:b9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAZm1iDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDg0MGJmOGYyZWE0NDZhNDdkYjZjNjMzOTA2NjY3YzYzZWQ4ODZlMB4XDTIyMDEw
MTExNTkyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTYwODM2ZmZlYzIy
ZjMyYjczYWJjMTZmZWZmYjNhOGU0NDg0Y2JlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8/6ThcLg5XTZ3IHbzv2oSOwiwpe9JXcFG7C6x7mLVY6qzJ
u5P14xwlYjPIXo26kbCq7V3BeCJk/5VjlFGaEjztOcRnHnidrYjVOZSAkrsI1gto
kMmsfrjSjZSZU2n2HMFCrzdx0IxH5kSligHoTB9mqHPK0WeeYtfRdFlzGWeFKNCq
GUX2LMUA3caTqbdjVsTQJ6lyP9h1aCPmTrr4iqWa8B5PD24VTYvLIPm9IupIKeTM
B609HleER8bVY3piOLcScYSWbliQIP9Ek7hsu5QbvCEOFkat/Vo+T60hkGVEeyVd
N1q/dPZq36p6+o/XauJ8AII/0GHlhn7rWl4N0hUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSWCDb/7CLzK3OrwW/v+zqORITL4zAfBgNVHSMEGDAWgBRthAv48upEakfb
bGM5BmZ8Y+2IbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JZUUwtUExxUkdwSDIyeGpPUVptZkdQdGlHNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjcvMTI1OTU5LTc0NmItNGEwZi05NmQzLWMzZThlYWRkMDBiYS8x
L2xnZzJfLXdpOHl0enE4RnY3X3M2amtTRXktTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcv
MTI1OTU5LTc0NmItNGEwZi05NmQzLWMzZThlYWRkMDBiYS8xL2JZUUwtUExxUkdw
SDIyeGpPUVptZkdQdGlHNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAFvvkTANBAIAAjAHAwUCKgfgwDAN
BgkqhkiG9w0BAQsFAAOCAQEAglTbddE12vu0aLlX+u52ZvYYUXYTUn5peoZEze/b
Ew9N1M750NfC5LSaxA4a9/hY0UnyQZR2k5sg6Uw0ATMNi3pi/gAViwlFWepctyzy
YV+Tg2ZiGv7CDnlwQ1o0Pr1P/lb7Nnl3VZkpW+/UohQ005ChSNcL+a3H4vLCSk9s
Lsm5edMdtIgYvOAZBiYL5Dc/3yqFwCYERrQownEoljb/Yqf0/7fxM1sbDuztaOUH
zMa38srr2DT0o/+Rp098nXtGsdvC59ba9mUVYbWfF2A8uysDQrPcCJaRSoIpxotb
34rpuI/RYEIY+n82WiKIZcdN6d5LlTH1AFAGJe/jOokUuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:06 2024 by rpki-client on console-ams.rpki-client.org