Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/lz6kiuBR5M36tYFq5VTiR8g4kNI.roa
File: lz6kiuBR5M36tYFq5VTiR8g4kNI.roa (raw, json)
Hash identifier: b2EyjlditwenPu1j16+gEIeNBliqgy8d81X7TSsl+4w=
Subject key identifier: 97:3E:A4:8A:E0:51:E4:CD:FA:B5:81:6A:E5:54:E2:47:C8:38:90:D2
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01847633517BE9281A9A6EBEFB560FD3ED34
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/lz6kiuBR5M36tYFq5VTiR8g4kNI.roa
Signing time: Mon 14 Nov 2022 12:53:05 +0000
ROA not before: Mon 14 Nov 2022 12:53:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29648
IP address blocks: 109.188.0.0/16 maxlen: 24
85.26.128.0/17 maxlen: 24
193.201.228.0/22 maxlen: 24
213.154.160.0/19 maxlen: 24
213.168.32.0/19 maxlen: 24
93.153.128.0/17 maxlen: 24
94.25.128.0/17 maxlen: 24
78.25.64.0/18 maxlen: 24
31.173.119.0/24 maxlen: 24
212.119.160.0/19 maxlen: 24
80.247.176.0/20 maxlen: 24
91.193.212.0/22 maxlen: 24
195.5.128.0/19 maxlen: 24
77.233.160.0/19 maxlen: 24
81.24.128.0/20 maxlen: 24
195.78.116.0/23 maxlen: 24
31.173.104.0/24 maxlen: 24
31.173.105.0/24 maxlen: 24
31.173.112.0/24 maxlen: 24
31.173.109.0/24 maxlen: 24
31.173.110.0/24 maxlen: 24
31.173.107.0/24 maxlen: 24
31.173.108.0/24 maxlen: 24
31.173.106.0/24 maxlen: 24
31.173.111.0/24 maxlen: 24
31.173.117.0/24 maxlen: 24
31.173.118.0/24 maxlen: 24
31.173.115.0/24 maxlen: 24
31.173.116.0/24 maxlen: 24
31.173.113.0/24 maxlen: 24
31.173.114.0/24 maxlen: 24
46.232.200.0/21 maxlen: 24
62.64.0.0/19 maxlen: 24
212.44.64.0/19 maxlen: 24
46.29.192.0/21 maxlen: 24
195.16.96.0/19 maxlen: 24
79.171.8.0/21 maxlen: 24
178.23.144.0/21 maxlen: 24
109.124.64.0/18 maxlen: 24
185.3.32.0/22 maxlen: 24
86.109.192.0/19 maxlen: 24
188.170.98.0/24 maxlen: 24
188.170.97.0/24 maxlen: 24
188.170.96.0/24 maxlen: 24
188.170.103.0/24 maxlen: 24
188.170.100.0/24 maxlen: 24
188.170.105.0/24 maxlen: 24
188.170.102.0/24 maxlen: 24
188.170.99.0/24 maxlen: 24
188.170.104.0/24 maxlen: 24
188.170.101.0/24 maxlen: 24
188.170.106.0/24 maxlen: 24
188.170.111.0/24 maxlen: 24
188.170.108.0/24 maxlen: 24
188.170.110.0/24 maxlen: 24
188.170.107.0/24 maxlen: 24
212.69.96.0/19 maxlen: 24
188.170.109.0/24 maxlen: 24
188.170.112.0/24 maxlen: 24
188.170.114.0/24 maxlen: 24
188.170.113.0/24 maxlen: 24
188.170.116.0/24 maxlen: 24
188.170.115.0/24 maxlen: 24
188.170.118.0/24 maxlen: 24
188.170.117.0/24 maxlen: 24
188.170.119.0/24 maxlen: 24
188.170.122.0/24 maxlen: 24
188.170.121.0/24 maxlen: 24
188.170.124.0/24 maxlen: 24
188.170.123.0/24 maxlen: 24
188.170.125.0/24 maxlen: 24
188.170.120.0/24 maxlen: 24
188.170.127.0/24 maxlen: 24
188.170.126.0/24 maxlen: 24
78.109.120.0/24 maxlen: 24
78.109.121.0/24 maxlen: 24
185.210.140.0/22 maxlen: 24
128.204.64.0/18 maxlen: 24
95.137.0.0/17 maxlen: 24
212.14.160.0/19 maxlen: 24
195.230.64.0/19 maxlen: 24
195.149.111.0/24 maxlen: 24
178.176.96.0/24 maxlen: 24
178.176.98.0/24 maxlen: 24
178.176.97.0/24 maxlen: 24
178.176.102.0/24 maxlen: 24
178.176.99.0/24 maxlen: 24
178.176.101.0/24 maxlen: 24
178.176.103.0/24 maxlen: 24
178.176.100.0/24 maxlen: 24
78.41.100.0/22 maxlen: 24
178.176.118.0/24 maxlen: 24
178.176.115.0/24 maxlen: 24
178.176.117.0/24 maxlen: 24
178.176.114.0/24 maxlen: 24
178.176.116.0/24 maxlen: 24
178.176.123.0/24 maxlen: 24
178.176.120.0/24 maxlen: 24
178.176.125.0/24 maxlen: 24
178.176.122.0/24 maxlen: 24
178.176.119.0/24 maxlen: 24
178.176.124.0/24 maxlen: 24
178.176.121.0/24 maxlen: 24
178.176.126.0/24 maxlen: 24
178.176.127.0/24 maxlen: 24
83.169.192.0/18 maxlen: 24
188.94.168.0/21 maxlen: 24
188.162.0.0/16 maxlen: 24
109.74.112.0/20 maxlen: 24
213.243.64.0/18 maxlen: 24
217.115.80.0/20 maxlen: 24
83.222.192.0/19 maxlen: 24
83.229.128.0/17 maxlen: 24
46.229.128.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:33:51:7b:e9:28:1a:9a:6e:be:fb:56:0f:d3:ed:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Nov 14 12:53:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=973ea48ae051e4cdfab5816ae554e247c83890d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:68:d2:6c:01:51:cb:b9:b3:63:68:42:da:07:
04:2a:f1:16:b3:2b:76:1a:0b:a6:6e:1e:6c:db:1e:
ae:a2:2b:4e:e2:8a:70:7a:72:fe:26:71:89:4b:06:
88:30:80:4c:f9:42:c5:ae:e3:ef:a2:c3:72:fa:98:
0a:3a:95:77:f6:24:d9:15:b0:0b:b7:3b:16:ec:55:
c2:c3:22:95:cf:cf:cb:dc:5e:cf:6d:dc:f9:15:f6:
bb:22:d1:16:c9:fe:bb:fe:1c:33:af:8f:41:a1:28:
3d:2a:34:91:2e:2d:79:9b:53:c4:dd:d2:b1:42:68:
cc:2c:9f:3e:e5:34:41:b5:f5:51:ce:1c:f3:59:93:
2f:95:70:3b:64:6e:fa:d0:36:76:4a:e8:cb:a3:e5:
0f:54:16:4c:a8:b2:9d:8d:f5:cb:71:e2:bf:4e:1a:
78:25:44:c5:bd:1a:8d:0f:2c:ee:ab:c4:6d:e7:38:
60:1e:b2:69:97:6b:df:c5:65:48:b9:5a:3f:ed:09:
eb:23:cb:4d:5e:fe:58:cd:79:8e:ab:0d:28:28:63:
92:ab:c6:5a:70:02:24:6f:e4:60:1f:eb:57:54:be:
21:a9:40:f6:89:3b:2a:76:b9:b9:d1:cd:09:69:da:
26:51:a8:bb:54:c8:0e:47:92:0e:d1:24:e0:65:18:
9a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:3E:A4:8A:E0:51:E4:CD:FA:B5:81:6A:E5:54:E2:47:C8:38:90:D2
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/lz6kiuBR5M36tYFq5VTiR8g4kNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.104.0-31.173.119.255
46.29.192.0/21
46.229.128.0/20
46.232.200.0/21
62.64.0.0/19
77.233.160.0/19
78.25.64.0/18
78.41.100.0/22
78.109.120.0/23
79.171.8.0/21
80.247.176.0/20
81.24.128.0/20
83.169.192.0/18
83.222.192.0/19
83.229.128.0/17
85.26.128.0/17
86.109.192.0/19
91.193.212.0/22
93.153.128.0/17
94.25.128.0/17
95.137.0.0/17
109.74.112.0/20
109.124.64.0/18
109.188.0.0/16
128.204.64.0/18
178.23.144.0/21
178.176.96.0/21
178.176.114.0-178.176.127.255
185.3.32.0/22
185.210.140.0/22
188.94.168.0/21
188.162.0.0/16
188.170.96.0/19
193.201.228.0/22
195.5.128.0/19
195.16.96.0/19
195.78.116.0/23
195.149.111.0/24
195.230.64.0/19
212.14.160.0/19
212.44.64.0/19
212.69.96.0/19
212.119.160.0/19
213.154.160.0/19
213.168.32.0/19
213.243.64.0/18
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
4f:98:6c:4a:0a:a7:84:4d:4d:e9:b4:38:fd:8f:28:bb:e3:e1:
bb:72:01:d9:3d:6d:c5:be:e0:27:e1:ab:72:15:8c:39:19:0e:
1e:8e:73:2a:5e:99:78:7f:ae:54:a6:c9:d6:ef:5e:ae:e7:55:
76:55:b8:34:f1:46:83:7d:f2:f7:7d:c9:6e:31:ce:91:dc:e9:
67:33:8b:9f:b8:6e:43:af:bf:98:4f:a7:67:8e:4f:95:0f:8a:
5e:a6:c1:c1:64:5f:37:d8:8c:ab:c1:e8:76:18:61:15:a7:1b:
39:4d:e4:5f:e0:94:7b:6d:6e:70:5b:e7:19:98:a6:c4:92:f9:
0e:ac:64:d0:e0:57:37:4e:af:66:b3:71:80:67:e6:8f:02:f5:
c9:1b:d7:62:1d:15:e2:d3:67:a4:87:b8:cc:fd:85:c7:d1:88:
fa:e7:07:ec:25:69:73:4e:79:2a:b0:c2:4c:9b:51:31:1a:f2:
27:01:10:d4:60:21:1b:1a:b3:d1:b9:50:76:cf:8e:87:37:ff:
92:9a:5d:bd:a8:cf:23:89:61:d1:8a:0c:b6:a4:11:ae:4b:cb:
b6:3f:96:0c:7b:b7:a2:25:cc:a7:e7:58:c4:66:63:59:04:57:
b5:dc:0f:f6:60:bb:7b:fe:08:17:39:58:d2:34:e6:c4:91:3e:
10:1f:8c:ff
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgISAYR2M1F76Sgamm6++1YP0+00MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMTE0MTI1MzA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzNlYTQ4YWUwNTFlNGNkZmFiNTgxNmFlNTU0ZTI0N2M4Mzg5MGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWjSbAFRy7mzY2hC2gcEKvEWsyt2
Ggumbh5s2x6uoitO4opwenL+JnGJSwaIMIBM+ULFruPvosNy+pgKOpV39iTZFbAL
tzsW7FXCwyKVz8/L3F7Pbdz5Ffa7ItEWyf67/hwzr49BoSg9KjSRLi15m1PE3dKx
QmjMLJ8+5TRBtfVRzhzzWZMvlXA7ZG760DZ2SujLo+UPVBZMqLKdjfXLceK/Thp4
JUTFvRqNDyzuq8Rt5zhgHrJpl2vfxWVIuVo/7QnrI8tNXv5YzXmOqw0oKGOSq8Za
cAIkb+RgH+tXVL4hqUD2iTsqdrm50c0JadomUai7VMgOR5IO0STgZRiaEQIDAQAB
o4IDNTCCAzEwHQYDVR0OBBYEFJc+pIrgUeTN+rWBauVU4kfIOJDSMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvbHo2a2l1QlI1TTM2dFlGcTVWVGlSOGc0a05JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBSQYIKwYBBQUHAQcBAf8EggE4MIIBNDCCATAEAgABMIIB
KDAMAwQDH61oAwQDH61wAwQDLh3AAwQELuWAAwQDLujIAwQFPkAAAwQFTemgAwQG
ThlAAwQCTilkAwQBTm14AwQDT6sIAwQEUPewAwQEURiAAwQGU6nAAwQFU97AAwQH
U+WAAwQHVRqAAwQFVm3AAwQCW8HUAwQHXZmAAwQHXhmAAwQHX4kAAwQEbUpwAwQG
bXxAAwMAbbwDBAaAzEADBAOyF5ADBAOysGAwDAMEAbKwcgMEB7KwAAMEArkDIAME
ArnSjAMEA7xeqAMDALyiAwQFvKpgAwQCwcnkAwQFwwWAAwQFwxBgAwQBw050AwQA
w5VvAwQFw+ZAAwQF1A6gAwQF1CxAAwQF1EVgAwQF1HegAwQF1ZqgAwQF1aggAwQG
1fNAAwQE2XNQMA0GCSqGSIb3DQEBCwUAA4IBAQBPmGxKCqeETU3ptDj9jyi74+G7
cgHZPW3FvuAn4atyFYw5GQ4ejnMqXpl4f65UpsnW716u51V2Vbg08UaDffL3fclu
Mc6R3OlnM4ufuG5Dr7+YT6dnjk+VD4pepsHBZF832Iyrweh2GGEVpxs5TeRf4JR7
bW5wW+cZmKbEkvkOrGTQ4Fc3Tq9ms3GAZ+aPAvXJG9diHRXi02ekh7jM/YXH0Yj6
5wfsJWlzTnkqsMJMm1ExGvInARDUYCEbGrPRuVB2z46HN/+Sml29qM8jiWHRigy2
pBGuS8u2P5YMe7eiJcyn51jEZmNZBFe13A/2YLt7/ggXOVjSNObEkT4QH4z/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:58 2025 by rpki-client