Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/CtrgDlaFoxd_zMSWJpLoFSAxhZk.roa
File: CtrgDlaFoxd_zMSWJpLoFSAxhZk.roa (raw, json)
Hash identifier: NGFddTO5xEMOklHZFp2HYFtbSwIqm8svCPesQqso858=
Subject key identifier: 0A:DA:E0:0E:56:85:A3:17:7F:CC:C4:96:26:92:E8:15:20:31:85:99
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 01852EB31595B51326949107E33FA5D3D183
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/CtrgDlaFoxd_zMSWJpLoFSAxhZk.roa
Signing time: Tue 20 Dec 2022 08:42:46 +0000
ROA not before: Tue 20 Dec 2022 08:42:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 397563
IP address blocks: 213.142.136.0/24 maxlen: 24
213.142.133.0/24 maxlen: 24
213.142.137.0/24 maxlen: 24
213.142.144.0/24 maxlen: 32
213.142.145.0/24 maxlen: 32
213.142.142.0/24 maxlen: 32
213.142.152.0/24 maxlen: 24
213.142.153.0/24 maxlen: 24
213.142.128.0/24 maxlen: 24
213.142.129.0/24 maxlen: 24
213.142.131.0/24 maxlen: 24
213.142.132.0/24 maxlen: 24
213.142.130.0/24 maxlen: 24
91.151.92.0/24 maxlen: 24
80.253.252.0/24 maxlen: 24
80.253.253.0/24 maxlen: 24
91.151.80.0/24 maxlen: 24
91.151.82.0/24 maxlen: 24
91.151.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2e:b3:15:95:b5:13:26:94:91:07:e3:3f:a5:d3:d1:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Dec 20 08:42:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0adae00e5685a3177fccc4962692e81520318599
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a0:e2:5e:dc:19:33:70:33:c0:53:33:ab:d2:
8f:a4:bf:31:73:a4:6f:15:f0:e3:14:92:cc:2d:14:
ae:cf:40:e5:c2:2a:64:9b:1d:de:e9:1c:91:8b:a7:
cf:21:d7:96:be:e8:f8:20:59:1b:3b:a7:a4:db:97:
c8:55:44:93:68:5e:f6:42:84:f0:86:ee:2f:3e:52:
d7:9a:55:99:23:f3:82:c0:cd:14:68:0f:ea:1f:a2:
8c:5a:2d:9c:f9:a2:9a:9d:c0:22:c3:0e:94:dc:a4:
fe:e7:88:56:24:b6:d4:fb:0e:e8:d4:40:1f:5b:d3:
b3:30:ec:39:d3:d8:b4:8f:6f:97:41:2e:a5:54:37:
e4:23:b4:61:21:d2:2c:5a:5a:d2:15:88:25:4a:4e:
76:d9:d4:99:ae:d2:52:21:21:85:fa:06:c3:04:96:
26:ac:ab:a6:7e:c2:3e:c0:05:29:3e:19:4f:c9:43:
8d:b9:7f:70:c3:d0:2f:f0:54:4f:82:db:f0:f2:f6:
ff:12:80:b7:6b:f9:ce:56:15:39:de:6e:12:65:0c:
92:51:ce:b2:f1:8b:f5:8c:8b:20:d0:bb:15:64:d8:
03:cd:91:78:fc:c0:3d:80:57:ed:d0:f9:66:f2:b8:
57:54:b7:90:c3:97:1d:e7:2e:cf:af:67:f5:24:b9:
30:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:DA:E0:0E:56:85:A3:17:7F:CC:C4:96:26:92:E8:15:20:31:85:99
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/CtrgDlaFoxd_zMSWJpLoFSAxhZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.252.0/23
91.151.80.0/24
91.151.82.0/24
91.151.91.0-91.151.92.255
213.142.128.0-213.142.133.255
213.142.136.0/23
213.142.142.0/24
213.142.144.0/23
213.142.152.0/23
Signature Algorithm: sha256WithRSAEncryption
41:a0:31:a7:9d:65:ec:a9:da:83:44:d6:81:d1:b8:c1:77:75:
7d:58:92:14:0c:42:1d:db:b2:36:a2:c4:e2:e3:b9:99:1a:4d:
d6:22:f5:03:29:ea:13:77:72:2d:0b:f2:b8:5e:cc:4c:ad:37:
fd:48:30:dc:4e:bf:d1:75:6a:bc:be:92:ee:aa:03:9f:10:50:
f6:e1:4e:94:35:37:87:f2:30:88:7c:ac:77:a5:f4:ee:74:e8:
f9:eb:52:c4:c2:69:4a:83:76:15:56:89:2e:15:5f:ec:4f:03:
84:8d:ff:2f:54:1e:87:d4:40:82:be:82:fe:35:c0:da:af:0d:
9a:dd:11:60:b6:70:ed:a0:3e:cb:a8:bc:25:90:c8:5d:e5:14:
b7:48:6f:99:80:1c:22:1a:07:83:cb:a4:2e:63:40:99:41:28:
b9:8e:d2:d5:36:a2:ec:93:b8:03:5e:e1:5a:05:5b:c0:f3:17:
be:ba:54:80:68:32:aa:fe:6d:5a:c8:5e:17:6c:7a:89:aa:89:
49:67:51:20:25:2a:2c:98:7a:f9:03:ec:71:b1:9e:d5:6b:d1:
08:20:fc:dc:09:82:3a:fa:fe:52:87:15:96:95:8e:eb:51:b1:
69:a9:b5:2d:16:7d:4f:4d:cb:30:03:df:02:e4:25:43:ba:96:
38:04:02:60
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYUusxWVtRMmlJEH4z+l09GDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjIxMjIwMDg0MjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWRhZTAwZTU2ODVhMzE3N2ZjY2M0OTYyNjkyZTgxNTIwMzE4NTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqDiXtwZM3AzwFMzq9KPpL8xc6Rv
FfDjFJLMLRSuz0Dlwipkmx3e6RyRi6fPIdeWvuj4IFkbO6ek25fIVUSTaF72QoTw
hu4vPlLXmlWZI/OCwM0UaA/qH6KMWi2c+aKancAiww6U3KT+54hWJLbU+w7o1EAf
W9OzMOw509i0j2+XQS6lVDfkI7RhIdIsWlrSFYglSk522dSZrtJSISGF+gbDBJYm
rKumfsI+wAUpPhlPyUONuX9ww9Av8FRPgtvw8vb/EoC3a/nOVhU53m4SZQySUc6y
8Yv1jIsg0LsVZNgDzZF4/MA9gFft0Plm8rhXVLeQw5cd5y7Pr2f1JLkwMwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFAra4A5WhaMXf8zEliaS6BUgMYWZMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvQ3RyZ0RsYUZveGRfek1TV0pwTG9GU0F4aFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQBUP38AwQA
W5dQAwQAW5dSMAwDBABbl1sDBABbl1wwDAMEB9WOgAMEAdWOhAMEAdWOiAMEANWO
jgMEAdWOkAMEAdWOmDANBgkqhkiG9w0BAQsFAAOCAQEAQaAxp51l7Knag0TWgdG4
wXd1fViSFAxCHduyNqLE4uO5mRpN1iL1AynqE3dyLQvyuF7MTK03/Ugw3E6/0XVq
vL6S7qoDnxBQ9uFOlDU3h/IwiHysd6X07nTo+etSxMJpSoN2FVaJLhVf7E8DhI3/
L1Qeh9RAgr6C/jXA2q8Nmt0RYLZw7aA+y6i8JZDIXeUUt0hvmYAcIhoHg8ukLmNA
mUEouY7S1Tai7JO4A17hWgVbwPMXvrpUgGgyqv5tWsheF2x6iaqJSWdRICUqLJh6
+QPscbGe1WvRCCD83AmCOvr+UocVlpWO61Gxaam1LRZ9T03LMAPfAuQlQ7qWOAQC
YA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:04 2023 by rpki-client on console-ams.rpki-client.org