Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/1-DrlqlkKDw5I4yWVcSc1UGJyOiM.roa
File: 1-DrlqlkKDw5I4yWVcSc1UGJyOiM.roa (raw, json)
Hash identifier: eJbqXZ6dSRoK/0JoZcIf4zlKDpNESdxPmggJ/M3x7xo=
Subject key identifier: F8:3A:E5:AA:59:0A:0F:0E:48:E3:25:95:71:27:35:50:62:72:3A:23
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01852BC36E8729E9D15B9B68E864C87FFA72
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/1-DrlqlkKDw5I4yWVcSc1UGJyOiM.roa
Signing time: Mon 19 Dec 2022 19:01:46 +0000
ROA not before: Mon 19 Dec 2022 19:01:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 85.133.215.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2b:c3:6e:87:29:e9:d1:5b:9b:68:e8:64:c8:7f:fa:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Dec 19 19:01:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f83ae5aa590a0f0e48e325957127355062723a23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0c:9e:33:a6:39:3b:93:97:c8:9d:d4:65:9d:
35:84:ed:17:30:08:9a:1c:94:10:67:eb:93:17:08:
2e:ed:e8:6c:64:97:6c:3c:24:b7:15:91:ea:ab:61:
7a:a8:b1:1a:7d:2f:4b:ee:eb:e7:87:4f:4c:d3:d7:
7a:de:13:6a:18:3b:a2:96:82:9b:47:e7:5c:1b:9f:
fa:de:44:1a:4c:cc:04:2a:70:66:01:87:a0:47:bc:
97:de:94:cb:15:e2:90:70:77:70:98:b1:88:49:d2:
ae:b6:5f:0b:53:41:87:39:a1:f1:42:6b:3c:e1:6e:
4a:7c:59:32:05:23:2e:d1:ed:15:95:96:40:9f:95:
20:12:ca:da:fe:cd:b0:3f:01:7c:52:1b:3c:b1:dc:
f4:22:35:20:79:1d:53:80:3f:23:b1:97:2f:c5:ac:
f5:af:5f:6b:73:ae:13:81:90:2a:64:23:01:c0:1d:
d3:5e:c1:0b:88:95:f4:00:ec:94:ac:7d:3f:82:c9:
d9:5b:0c:84:a3:e0:91:30:1d:e9:be:00:3d:71:a4:
08:30:f4:79:ce:10:0e:73:7b:74:4c:63:c9:e6:d6:
f6:3c:81:62:45:35:48:76:62:f5:8f:67:a5:84:fb:
6f:dd:10:2d:a0:4b:4b:d3:92:76:e0:14:78:54:6d:
de:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:3A:E5:AA:59:0A:0F:0E:48:E3:25:95:71:27:35:50:62:72:3A:23
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/1-DrlqlkKDw5I4yWVcSc1UGJyOiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.146.0/24
85.133.215.0/24
Signature Algorithm: sha256WithRSAEncryption
66:bc:cf:23:94:f4:8b:c3:9c:db:e3:b1:17:49:70:ca:d8:9b:
43:d6:c6:56:3e:3b:d1:c3:14:aa:b7:9c:6f:7d:98:d2:07:5f:
91:aa:da:11:a9:67:11:fb:ca:f3:a9:1d:ee:4b:84:54:f3:27:
65:95:d0:63:d7:ca:5c:2d:cc:55:08:93:28:74:68:e2:ed:49:
bd:17:86:cc:57:8c:49:2f:2c:3e:a4:18:3f:b8:f6:aa:b1:a4:
a5:4f:95:d5:31:e2:30:48:d1:5e:09:9d:f8:6e:f7:5b:5c:8d:
32:24:09:11:05:16:36:c8:42:d5:20:2c:b6:77:02:3a:97:7a:
14:8b:3a:8c:51:ac:66:ee:05:bd:af:f1:4c:3f:89:1b:4a:a1:
fe:8c:43:a9:8e:4f:14:4a:a7:5c:d0:75:f5:7b:18:23:e0:98:
e1:4c:f0:7a:04:7d:f1:8b:54:92:03:17:c7:36:d6:ce:df:0f:
88:0b:c7:1a:98:f4:b7:b7:aa:1f:75:05:59:ec:70:da:e1:c8:
2b:44:a0:65:c1:70:a4:8d:07:b8:c9:7d:a0:2e:d0:ea:20:62:
67:51:98:03:5a:d7:e3:4c:66:19:d5:89:fc:63:d1:f4:fe:97:
be:33:8e:ff:72:9c:b3:61:d1:51:b4:8e:57:41:18:08:07:2a:
cf:f8:b7:1d
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYUrw26HKenRW5to6GTIf/pyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjIxMjE5MTkwMTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODNhZTVhYTU5MGEwZjBlNDhlMzI1OTU3MTI3MzU1MDYyNzIzYTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQyeM6Y5O5OXyJ3UZZ01hO0XMAia
HJQQZ+uTFwgu7ehsZJdsPCS3FZHqq2F6qLEafS9L7uvnh09M09d63hNqGDuiloKb
R+dcG5/63kQaTMwEKnBmAYegR7yX3pTLFeKQcHdwmLGISdKutl8LU0GHOaHxQms8
4W5KfFkyBSMu0e0VlZZAn5UgEsra/s2wPwF8Uhs8sdz0IjUgeR1TgD8jsZcvxaz1
r19rc64TgZAqZCMBwB3TXsELiJX0AOyUrH0/gsnZWwyEo+CRMB3pvgA9caQIMPR5
zhAOc3t0TGPJ5tb2PIFiRTVIdmL1j2elhPtv3RAtoEtL05J24BR4VG3e0QIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPg65apZCg8OSOMllXEnNVBicjojMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvMS1EcmxxbGtLRHc1STR5V1ZjU2MxVUdKeU9pTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjAvZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYz
Yi8xL3pWNDVaWW8tOXZFOG9oekJHazR6NjgyVVp3SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFWFkgME
AFWF1zANBgkqhkiG9w0BAQsFAAOCAQEAZrzPI5T0i8Oc2+OxF0lwytibQ9bGVj47
0cMUqrecb32Y0gdfkaraEalnEfvK86kd7kuEVPMnZZXQY9fKXC3MVQiTKHRo4u1J
vReGzFeMSS8sPqQYP7j2qrGkpU+V1THiMEjRXgmd+G73W1yNMiQJEQUWNshC1SAs
tncCOpd6FIs6jFGsZu4Fva/xTD+JG0qh/oxDqY5PFEqnXNB19XsYI+CY4UzwegR9
8YtUkgMXxzbWzt8PiAvHGpj0t7eqH3UFWexw2uHIK0SgZcFwpI0HuMl9oC7Q6iBi
Z1GYA1rX40xmGdWJ/GPR9P6XvjOO/3Kcs2HRUbSOV0EYCAcqz/i3HQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:12 2024 by rpki-client on console-fra.rpki-client.org