Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/LRGxgo7Bb061FyL6ZB_wMtehwiU.roa
File: LRGxgo7Bb061FyL6ZB_wMtehwiU.roa (raw, json)
Hash identifier: B40EgzZuth8y9s8ia0wLRFlXcJfJa0J25V/vvEgnck0=
Subject key identifier: 2D:11:B1:82:8E:C1:6F:4E:B5:17:22:FA:64:1F:F0:32:D7:A1:C2:25
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0184E2AF524444E88A55733B76088E6E5131
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/LRGxgo7Bb061FyL6ZB_wMtehwiU.roa
Signing time: Mon 05 Dec 2022 14:27:31 +0000
ROA not before: Mon 05 Dec 2022 14:27:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31224
IP address blocks: 109.188.0.0/16 maxlen: 24
195.16.96.0/19 maxlen: 24
193.201.228.0/22 maxlen: 24
178.178.88.0/22 maxlen: 22
178.178.92.0/22 maxlen: 22
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
185.3.32.0/22 maxlen: 24
94.25.128.0/17 maxlen: 24
93.153.128.0/17 maxlen: 24
86.109.192.0/19 maxlen: 24
212.69.96.0/19 maxlen: 24
31.173.122.0/24 maxlen: 24
31.173.125.0/24 maxlen: 24
31.173.120.0/24 maxlen: 24
31.173.123.0/24 maxlen: 24
31.173.121.0/24 maxlen: 24
31.173.124.0/24 maxlen: 24
31.173.127.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
31.173.126.0/24 maxlen: 24
212.119.160.0/19 maxlen: 24
78.25.88.0/22 maxlen: 22
91.193.212.0/22 maxlen: 24
195.5.128.0/19 maxlen: 24
128.204.64.0/18 maxlen: 24
37.29.44.0/22 maxlen: 22
95.137.0.0/17 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
178.176.104.0/21 maxlen: 21
83.149.32.0/22 maxlen: 22
83.149.36.0/22 maxlen: 22
83.149.34.0/24 maxlen: 24
83.149.37.0/24 maxlen: 24
83.149.39.0/24 maxlen: 24
195.78.116.0/23 maxlen: 24
31.173.96.0/24 maxlen: 24
31.173.97.0/24 maxlen: 24
31.173.103.0/24 maxlen: 24
31.173.101.0/24 maxlen: 24
31.173.102.0/24 maxlen: 24
31.173.99.0/24 maxlen: 24
31.173.100.0/24 maxlen: 24
31.173.100.0/23 maxlen: 23
178.176.112.0/24 maxlen: 24
178.176.113.0/24 maxlen: 24
83.169.216.0/24 maxlen: 24
188.162.0.0/16 maxlen: 24
188.94.168.0/21 maxlen: 24
109.74.112.0/20 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
212.44.64.0/19 maxlen: 24
46.229.132.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:af:52:44:44:e8:8a:55:73:3b:76:08:8e:6e:51:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 5 14:27:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d11b1828ec16f4eb51722fa641ff032d7a1c225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:99:f7:94:ad:5c:68:27:e7:df:a4:ff:fd:38:
f1:b5:cb:eb:40:08:04:6b:dc:bc:eb:4d:df:f7:d4:
08:f2:9e:51:75:38:24:87:91:8b:47:b4:e5:99:f2:
1d:6a:b9:82:4f:d9:b9:50:86:4a:35:6a:18:74:00:
76:42:ad:ab:60:22:be:8e:3a:e2:83:76:a6:09:4a:
0a:8e:97:e9:86:9f:c9:3e:cc:53:a1:d2:7d:e0:e5:
df:e5:82:5b:b9:e9:5a:24:34:13:53:0a:62:20:0c:
40:bf:7a:26:e3:01:29:24:63:ee:74:f8:38:7d:0a:
25:0c:5c:f7:94:af:b5:38:6c:35:ee:40:45:08:1f:
67:5c:3d:b8:0c:63:3c:19:f1:01:0a:ff:6b:a3:cf:
9c:e2:b7:07:85:76:1e:79:17:c9:a0:59:86:7c:33:
cd:e5:f9:98:aa:f6:a0:92:97:d1:4f:34:77:de:2b:
50:98:c4:06:26:97:6b:04:7a:29:78:94:9c:24:a7:
93:54:86:71:05:12:8b:b7:93:49:54:34:bd:2d:bf:
74:b7:39:21:86:8b:33:40:11:99:7f:32:c4:82:3d:
30:80:4d:8e:40:49:08:ed:44:98:aa:b1:53:21:da:
7e:d5:1e:20:2a:4b:70:3a:28:6b:87:2c:3f:23:61:
b2:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:11:B1:82:8E:C1:6F:4E:B5:17:22:FA:64:1F:F0:32:D7:A1:C2:25
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/LRGxgo7Bb061FyL6ZB_wMtehwiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.96.0/23
31.173.99.0-31.173.103.255
31.173.120.0/21
37.29.44.0/22
46.229.132.0/22
78.25.88.0/22
83.149.32.0/21
83.169.216.0/24
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.104.0-178.176.113.255
178.178.88.0/21
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
8f:04:da:03:4a:3f:64:b2:af:ff:92:d2:f3:5b:97:d2:d7:6d:
0d:f5:a2:c4:45:09:dc:0d:d0:80:e8:11:24:e8:5e:23:0c:75:
46:fd:e7:c7:66:ef:ca:78:f3:9e:85:60:0b:e2:74:6b:03:99:
80:30:75:5c:c0:35:ca:10:98:96:cf:4a:43:d4:78:c0:20:18:
50:fe:28:42:fe:e3:36:54:02:58:c0:a6:42:c9:a1:3d:05:53:
c2:64:77:1d:5d:c8:6d:6a:c8:c9:af:d6:02:d5:15:ee:6e:34:
32:0b:fc:07:62:3f:4c:8c:5a:84:49:db:78:c4:32:16:a2:3a:
8e:75:ed:77:25:6c:ef:88:c5:d5:38:96:09:68:c3:6a:3c:2f:
99:ca:a8:01:7b:67:b1:ad:7b:09:11:65:45:22:d4:55:87:bb:
dc:cd:03:ba:f3:33:ab:56:f1:54:89:c8:45:81:d5:ca:32:e1:
75:4b:6a:9e:42:0b:0a:55:5c:e9:94:8a:8a:e1:02:40:2f:a5:
7b:15:52:bd:6f:f0:72:82:b1:15:01:1b:01:5e:03:98:d6:8c:
3e:3b:62:dc:15:06:c4:77:82:3a:17:b4:fb:81:16:5f:2e:f2:
fd:88:f2:40:0c:f3:17:fc:7c:25:b7:ba:f3:c3:db:e8:8c:76:
f0:a1:d1:2b
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAYTir1JEROiKVXM7dgiOblExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjA1MTQyNzMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDExYjE4MjhlYzE2ZjRlYjUxNzIyZmE2NDFmZjAzMmQ3YTFjMjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJn3lK1caCfn36T//TjxtcvrQAgE
a9y8603f99QI8p5RdTgkh5GLR7TlmfIdarmCT9m5UIZKNWoYdAB2Qq2rYCK+jjri
g3amCUoKjpfphp/JPsxTodJ94OXf5YJbuelaJDQTUwpiIAxAv3om4wEpJGPudPg4
fQolDFz3lK+1OGw17kBFCB9nXD24DGM8GfEBCv9ro8+c4rcHhXYeeRfJoFmGfDPN
5fmYqvagkpfRTzR33itQmMQGJpdrBHopeJScJKeTVIZxBRKLt5NJVDS9Lb90tzkh
hoszQBGZfzLEgj0wgE2OQEkI7USYqrFTIdp+1R4gKktwOihrhyw/I2GyVwIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFC0RsYKOwW9OtRci+mQf8DLXocIlMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvTFJHeGdvN0JiMDYxRnlMNlpCX3dNdGVod2lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgfkEAgABMIHyAwQB
H61gMAwDBAAfrWMDBAMfrWADBAMfrXgDBAIlHSwDBAIu5YQDBAJOGVgDBANTlSAD
BABTqdgDBAVWbcADBAJbwdQDBAddmYADBAdeGYADBAdfiQADBARtSnADBAZtfEAD
AwBtvAMEBoDMQAMEA7IXkDAMAwQDsrBoAwQBsrBwAwQDsrJYAwQCuQMgAwQCudKM
AwQDvF6oAwMAvKIDBALByeQDBAXDBYADBAXDEGADBAHDTnQDBADDlW8DBAXD5kAD
BAXUDqADBAXULEADBAXURWADBAXUd6ADBAXVmqADBAXVqCADBAbV80ADBATZc1Aw
DQYJKoZIhvcNAQELBQADggEBAI8E2gNKP2Syr/+S0vNbl9LXbQ31osRFCdwN0IDo
ESToXiMMdUb958dm78p4856FYAvidGsDmYAwdVzANcoQmJbPSkPUeMAgGFD+KEL+
4zZUAljApkLJoT0FU8Jkdx1dyG1qyMmv1gLVFe5uNDIL/AdiP0yMWoRJ23jEMhai
Oo517XclbO+IxdU4lglow2o8L5nKqAF7Z7GtewkRZUUi1FWHu9zNA7rzM6tW8VSJ
yEWB1coy4XVLap5CCwpVXOmUiorhAkAvpXsVUr1v8HKCsRUBGwFeA5jWjD47YtwV
BsR3gjoXtPuBFl8u8v2I8kAM8xf8fCW3uvPD2+iMdvCh0Ss=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:25 2024 by rpki-client on console-fra.rpki-client.org