Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/LBRXgJ8IQvLw5G4Q1qzcT57q7Rk.roa
File: LBRXgJ8IQvLw5G4Q1qzcT57q7Rk.roa (raw, json)
Hash identifier: YvFCZJrkwFBneysGbinlXnpsjxAanKp4P8wgsJ41pM8=
Subject key identifier: 2C:14:57:80:9F:08:42:F2:F0:E4:6E:10:D6:AC:DC:4F:9E:EA:ED:19
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184F1463F36F221899E0AE7EA53E0A9738A
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/LBRXgJ8IQvLw5G4Q1qzcT57q7Rk.roa
Signing time: Thu 08 Dec 2022 10:27:03 +0000
ROA not before: Thu 08 Dec 2022 10:27:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31213
IP address blocks: 109.188.0.0/16 maxlen: 24
195.16.96.0/19 maxlen: 24
85.26.128.0/20 maxlen: 20
193.201.228.0/22 maxlen: 24
85.26.208.0/22 maxlen: 22
85.26.212.0/22 maxlen: 22
85.26.216.0/22 maxlen: 22
85.26.220.0/22 maxlen: 22
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
188.170.80.0/21 maxlen: 21
78.25.120.0/22 maxlen: 22
188.170.92.0/22 maxlen: 22
212.69.96.0/19 maxlen: 24
37.28.160.0/21 maxlen: 21
185.210.140.0/22 maxlen: 24
37.28.168.0/21 maxlen: 21
212.119.160.0/19 maxlen: 24
78.25.96.0/21 maxlen: 21
78.25.104.0/22 maxlen: 22
188.170.68.0/24 maxlen: 24
188.170.65.0/24 maxlen: 24
188.170.66.0/24 maxlen: 24
188.170.67.0/24 maxlen: 24
78.25.108.0/22 maxlen: 22
188.170.72.0/21 maxlen: 21
94.25.228.0/23 maxlen: 23
94.25.232.0/21 maxlen: 21
37.29.71.0/24 maxlen: 24
37.29.68.0/23 maxlen: 23
37.29.70.0/24 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
94.25.208.0/22 maxlen: 22
37.29.48.0/21 maxlen: 21
37.29.56.0/21 maxlen: 21
94.25.216.0/21 maxlen: 21
94.25.224.0/21 maxlen: 21
37.29.64.0/22 maxlen: 22
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
188.94.168.0/21 maxlen: 24
85.26.248.0/22 maxlen: 22
85.26.252.0/22 maxlen: 22
213.243.64.0/18 maxlen: 24
83.149.0.0/21 maxlen: 21
217.115.80.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:46:3f:36:f2:21:89:9e:0a:e7:ea:53:e0:a9:73:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 8 10:27:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c1457809f0842f2f0e46e10d6acdc4f9eeaed19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ef:06:53:a3:ae:db:68:4d:3c:1d:1f:d9:65:
d0:e7:f0:8d:c9:41:3f:7e:a9:71:6e:c8:05:fc:a6:
68:8c:0c:19:eb:01:34:20:48:a1:12:5a:a1:2b:65:
a0:7d:2e:20:ba:c3:80:5d:78:f0:a2:ee:2f:80:d0:
bb:cb:70:2e:ff:45:18:9e:dd:65:a1:39:a5:07:2e:
c0:00:c3:55:a2:04:5e:cd:ab:9a:09:1f:53:b0:3f:
95:18:98:2b:c3:0b:03:51:ae:55:81:e9:38:0b:51:
33:ed:be:56:b8:df:45:5c:84:d9:b4:e8:47:68:20:
1b:c4:96:93:a3:d3:bc:75:81:30:41:45:f5:91:c6:
9f:76:72:c9:11:88:8c:48:d6:11:e4:b1:d4:3a:d2:
ea:31:aa:8e:f4:6a:79:41:be:24:ee:40:a4:48:52:
7b:73:91:6e:65:76:f2:97:1c:e1:82:3f:bf:bf:dd:
e6:fa:87:fb:00:7f:da:dd:a7:1c:de:df:5a:f3:5f:
bc:3f:8e:d5:0a:c6:46:cf:53:21:78:40:0f:14:fc:
06:48:fc:2b:57:91:eb:18:8f:45:d3:75:03:e6:b4:
42:6f:db:66:c6:6d:58:1b:c0:1b:d5:3d:1a:8b:0f:
6e:d6:47:92:66:b6:d5:56:ba:8b:ca:c1:86:b1:26:
3c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:14:57:80:9F:08:42:F2:F0:E4:6E:10:D6:AC:DC:4F:9E:EA:ED:19
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/LBRXgJ8IQvLw5G4Q1qzcT57q7Rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.28.160.0/20
37.29.48.0-37.29.71.255
78.25.96.0/20
78.25.120.0/22
83.149.0.0/21
85.26.128.0/20
85.26.208.0/20
85.26.248.0/21
94.25.208.0/22
94.25.216.0-94.25.239.255
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
188.170.65.0-188.170.68.255
188.170.72.0-188.170.87.255
188.170.92.0/22
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
40:e5:78:a9:f4:f9:36:d0:56:0d:82:1f:44:35:30:7e:14:07:
0e:4e:83:ee:2f:35:77:7f:68:17:eb:62:44:d9:c8:2d:de:f4:
5a:96:ed:98:49:69:e7:70:c3:5c:2d:bc:01:db:3a:4d:08:7c:
05:99:99:93:7a:c2:d8:8f:e8:20:83:73:4e:35:2a:47:ad:cf:
64:6d:c8:2e:51:a6:ab:75:ac:d0:fb:30:86:de:b1:11:23:49:
14:83:41:7c:c1:d3:ba:f2:60:a0:87:ae:d7:67:a0:11:cb:10:
b7:1a:62:32:72:ec:bb:a4:43:6c:7b:48:61:c4:38:be:92:51:
7b:57:fb:21:39:db:93:02:87:83:29:62:b4:be:c3:40:83:5f:
2f:46:4d:84:6b:fa:38:d6:60:06:96:06:c9:cc:f9:05:08:b6:
f9:68:77:8d:1b:2c:58:60:c9:aa:47:75:3e:46:36:b5:02:2d:
a5:ce:dd:40:ae:f6:b1:ef:90:01:0d:e4:d0:4c:e5:c4:0c:ba:
b7:3a:1a:bc:ab:c3:2a:dc:e1:ef:2e:52:ff:cc:b7:54:c2:5a:
42:be:09:5b:13:da:78:d9:dd:4b:a0:a3:03:7a:c7:36:c9:84:
43:f3:ac:04:a5:23:e8:43:5b:ea:89:62:b2:7b:e6:29:b6:3d:
2b:a9:13:11
-----BEGIN CERTIFICATE-----
MIIF9TCCBN2gAwIBAgISAYTxRj828iGJngrn6lPgqXOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA4MTAyNzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzE0NTc4MDlmMDg0MmYyZjBlNDZlMTBkNmFjZGM0ZjllZWFlZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgO8GU6Ou22hNPB0f2WXQ5/CNyUE/
fqlxbsgF/KZojAwZ6wE0IEihElqhK2WgfS4gusOAXXjwou4vgNC7y3Au/0UYnt1l
oTmlBy7AAMNVogRezauaCR9TsD+VGJgrwwsDUa5Vgek4C1Ez7b5WuN9FXITZtOhH
aCAbxJaTo9O8dYEwQUX1kcafdnLJEYiMSNYR5LHUOtLqMaqO9Gp5Qb4k7kCkSFJ7
c5FuZXbylxzhgj+/v93m+of7AH/a3acc3t9a81+8P47VCsZGz1MheEAPFPwGSPwr
V5HrGI9F03UD5rRCb9tmxm1YG8Ab1T0aiw9u1keSZrbVVrqLysGGsSY8uQIDAQAB
o4IDATCCAv0wHQYDVR0OBBYEFCwUV4CfCELy8ORuENas3E+e6u0ZMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvTEJSWGdKOElRdkx3NUc0UTFxemNUNTdxN1JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFQYIKwYBBQUHAQcBAf8EggEEMIIBADCB/QQCAAEwgfYD
BAQlHKAwDAMEBCUdMAMEAyUdQAMEBE4ZYAMEAk4ZeAMEA1OVAAMEBFUagAMEBFUa
0AMEA1Ua+AMEAl4Z0DAMAwQDXhnYAwQEXhngAwQEbUpwAwQGbXxAAwMAbbwDBAaA
zEADBAOyF5ADBAK5AyADBAK50owDBAO8XqgDAwC8ojAMAwQAvKpBAwQAvKpEMAwD
BAO8qkgDBAO8qlADBAK8qlwDBALByeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8D
BAXD5kADBAXUDqADBAXULEADBAXURWADBAXUd6ADBAXVmqADBAXVqCADBAbV80AD
BATZc1AwDQYJKoZIhvcNAQELBQADggEBAEDleKn0+TbQVg2CH0Q1MH4UBw5Og+4v
NXd/aBfrYkTZyC3e9FqW7ZhJaedww1wtvAHbOk0IfAWZmZN6wtiP6CCDc041Kket
z2RtyC5Rpqt1rND7MIbesREjSRSDQXzB07ryYKCHrtdnoBHLELcaYjJy7LukQ2x7
SGHEOL6SUXtX+yE525MCh4MpYrS+w0CDXy9GTYRr+jjWYAaWBsnM+QUItvlod40b
LFhgyapHdT5GNrUCLaXO3UCu9rHvkAEN5NBM5cQMurc6Gryrwyrc4e8uUv/Mt1TC
WkK+CVsT2njZ3UugowN6xzbJhEPzrASlI+hDW+qJYrJ75im2PSupExE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:12 2025 by rpki-client