Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/ctgTaRaKXkL4p2KhLbSjaABFBiA.roa
File: ctgTaRaKXkL4p2KhLbSjaABFBiA.roa (raw, json)
Hash identifier: deqE3Ds/PMWXkBE++wuL0RQ7dwF0mtWfBa2I0Q0jKmY=
Subject key identifier: 72:D8:13:69:16:8A:5E:42:F8:A7:62:A1:2D:B4:A3:68:00:45:06:20
Certificate issuer: /CN=cd68f7a391b7b1649ed4903482d3e931ed34e3d8
Certificate serial: 018570DE2C320A7FE1EC401BAEE2122EEE1B
Authority key identifier: CD:68:F7:A3:91:B7:B1:64:9E:D4:90:34:82:D3:E9:31:ED:34:E3:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWj3o5G3sWSe1JA0gtPpMe0049g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/ctgTaRaKXkL4p2KhLbSjaABFBiA.roa
Signing time: Mon 02 Jan 2023 05:04:46 +0000
ROA not before: Mon 02 Jan 2023 05:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59491
IP address blocks: 91.238.134.0/23 maxlen: 23
31.6.70.0/23 maxlen: 23
31.6.68.0/23 maxlen: 23
178.19.96.0/24 maxlen: 24
178.19.99.0/24 maxlen: 24
178.19.104.0/21 maxlen: 21
212.59.229.0/24 maxlen: 24
212.59.240.0/23 maxlen: 23
212.59.243.0/24 maxlen: 24
212.59.244.0/22 maxlen: 22
91.188.125.0/24 maxlen: 24
185.24.216.0/24 maxlen: 24
185.24.218.0/23 maxlen: 23
2a02:2430:5::/48 maxlen: 48
2a02:2430:40::/42 maxlen: 42
2a02:2430:3::/48 maxlen: 48
2a02:2430:7::/48 maxlen: 48
2a02:2430:6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:2c:32:0a:7f:e1:ec:40:1b:ae:e2:12:2e:ee:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd68f7a391b7b1649ed4903482d3e931ed34e3d8
Validity
Not Before: Jan 2 05:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72d81369168a5e42f8a762a12db4a36800450620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:21:7a:f4:1f:b9:3b:8b:56:08:35:07:6e:c8:
e7:f3:bb:7e:c2:2a:52:b4:92:f0:b9:9f:42:31:c1:
c4:b6:66:11:db:9c:6e:23:d1:61:8b:a3:bc:fe:c9:
5a:0b:f2:4a:04:9c:c8:7c:45:99:d2:d0:ed:f0:49:
a1:b3:91:ad:18:49:f9:09:4e:48:3b:23:21:fb:af:
c1:e5:94:16:e0:c2:07:2a:a5:0d:9b:87:ef:ed:33:
d1:7b:41:9d:7f:a1:b7:cf:90:31:47:1f:ce:2b:9a:
31:91:ee:aa:f9:4d:b4:f8:f3:f5:fa:17:c6:14:bd:
c3:15:06:8e:f7:1d:e4:c3:81:7e:51:56:94:b4:0c:
05:23:87:16:cd:6f:2b:bb:3e:02:5e:67:9a:7a:4d:
6c:ef:bf:66:66:84:ad:9c:bb:e2:2c:c8:f5:1a:7f:
68:f8:5e:98:c1:8d:85:33:8e:fa:3a:c6:d2:53:cb:
19:ab:97:28:d6:c1:81:e8:6c:e3:90:8c:b3:73:6b:
2d:c3:92:ec:dd:46:6e:04:ca:a5:d7:19:37:32:be:
8b:7c:91:5f:fa:3e:89:ca:df:c6:29:1c:e7:f3:75:
d6:ad:97:be:dd:86:00:df:64:c7:75:52:a7:27:2e:
57:ea:80:27:e7:32:7b:ec:16:30:98:f6:6d:f6:16:
f0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D8:13:69:16:8A:5E:42:F8:A7:62:A1:2D:B4:A3:68:00:45:06:20
X509v3 Authority Key Identifier:
keyid:CD:68:F7:A3:91:B7:B1:64:9E:D4:90:34:82:D3:E9:31:ED:34:E3:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWj3o5G3sWSe1JA0gtPpMe0049g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/ctgTaRaKXkL4p2KhLbSjaABFBiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8b05bf-33f1-4b5b-88a4-1673ad8c4012/1/zWj3o5G3sWSe1JA0gtPpMe0049g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.68.0/22
91.188.125.0/24
91.238.134.0/23
178.19.96.0/24
178.19.99.0/24
178.19.104.0/21
185.24.216.0/24
185.24.218.0/23
212.59.229.0/24
212.59.240.0/23
212.59.243.0-212.59.247.255
IPv6:
2a02:2430:3::/48
2a02:2430:5::-2a02:2430:7:ffff:ffff:ffff:ffff:ffff
2a02:2430:40::/42
Signature Algorithm: sha256WithRSAEncryption
78:64:f6:de:07:e4:a3:b4:60:7e:28:cc:2b:38:10:29:7b:f0:
ef:a4:c4:c1:e9:e3:fb:d3:c7:9c:f6:b5:61:4e:c8:c3:4d:29:
47:31:f4:ae:d0:26:5e:b9:43:77:5c:13:2b:3c:ef:77:ab:e1:
57:61:c1:07:13:d7:6e:24:ce:c1:a0:3d:84:f2:ea:7c:14:84:
e6:fc:c2:cf:a5:bf:02:77:7b:91:20:48:23:cd:fb:7e:c9:4a:
e2:0a:d9:17:41:94:00:ad:63:c0:d8:c4:ec:bb:f4:07:37:38:
c4:0c:84:13:d9:b2:de:7f:36:11:76:ad:49:3d:cb:7f:b4:d5:
f5:59:81:31:7e:4a:c2:a0:4a:30:25:92:74:7f:c2:88:51:e3:
0c:05:c2:6f:2a:98:21:90:2d:56:77:51:13:3d:ba:7e:cb:ca:
88:5f:33:63:ab:8a:21:8d:9b:26:9a:17:b0:b0:19:df:05:f1:
d3:96:48:59:0f:2e:8d:1c:72:da:82:56:37:bf:89:6f:e8:c9:
16:47:02:4c:8e:5a:39:a6:a1:fc:f9:cf:3f:ed:69:64:38:a3:
b5:21:d7:f9:25:b6:d9:c4:bd:cd:e6:37:e5:ce:dc:21:65:54:
2e:10:d2:0d:12:72:62:20:05:7e:98:b2:df:08:2e:32:63:75:
46:2f:3e:6f
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYVw3iwyCn/h7EAbruISLu4bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjhmN2EzOTFiN2IxNjQ5ZWQ0OTAzNDgyZDNlOTMxZWQz
NGUzZDgwHhcNMjMwMTAyMDUwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQ4MTM2OTE2OGE1ZTQyZjhhNzYyYTEyZGI0YTM2ODAwNDUwNjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSF69B+5O4tWCDUHbsjn87t+wipS
tJLwuZ9CMcHEtmYR25xuI9Fhi6O8/slaC/JKBJzIfEWZ0tDt8Emhs5GtGEn5CU5I
OyMh+6/B5ZQW4MIHKqUNm4fv7TPRe0Gdf6G3z5AxRx/OK5oxke6q+U20+PP1+hfG
FL3DFQaO9x3kw4F+UVaUtAwFI4cWzW8ruz4CXmeaek1s779mZoStnLviLMj1Gn9o
+F6YwY2FM476OsbSU8sZq5co1sGB6GzjkIyzc2stw5Ls3UZuBMql1xk3Mr6LfJFf
+j6Jyt/GKRzn83XWrZe+3YYA32THdVKnJy5X6oAn5zJ77BYwmPZt9hbwPwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFHLYE2kWil5C+KdioS20o2gARQYgMB8GA1UdIwQY
MBaAFM1o96ORt7FkntSQNILT6THtNOPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldqM281RzNzV1NlMUpBMGd0UHBNZTAwNDlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84YjA1YmYtMzNmMS00YjViLTg4YTQt
MTY3M2FkOGM0MDEyLzEvY3RnVGFSYUtYa0w0cDJLaExiU2phQUJGQmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84YjA1YmYtMzNmMS00YjViLTg4YTQtMTY3M2FkOGM0MDEy
LzEveldqM281RzNzV1NlMUpBMGd0UHBNZTAwNDlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDBQBAIAATBKAwQCHwZE
AwQAW7x9AwQBW+6GAwQAshNgAwQAshNjAwQDshNoAwQAuRjYAwQBuRjaAwQA1Dvl
AwQB1DvwMAwDBADUO/MDBAPUO/AwLAQCAAIwJgMHACoCJDAAAzASAwcAKgIkMAAF
AwcDKgIkMAAAAwcGKgIkMABAMA0GCSqGSIb3DQEBCwUAA4IBAQB4ZPbeB+SjtGB+
KMwrOBApe/DvpMTB6eP708ec9rVhTsjDTSlHMfSu0CZeuUN3XBMrPO93q+FXYcEH
E9duJM7BoD2E8up8FITm/MLPpb8Cd3uRIEgjzft+yUriCtkXQZQArWPA2MTsu/QH
NzjEDIQT2bLefzYRdq1JPct/tNX1WYExfkrCoEowJZJ0f8KIUeMMBcJvKpghkC1W
d1ETPbp+y8qIXzNjq4ohjZsmmhewsBnfBfHTlkhZDy6NHHLaglY3v4lv6MkWRwJM
jlo5pqH8+c8/7WlkOKO1Idf5JbbZxL3N5jflztwhZVQuENINEnJiIAV+mLLfCC4y
Y3VGLz5v
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:22:51 2025 by rpki-client