Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/2p_NCZmUsZ4RJJDQmXBxCqCR_z0.roa
File: 2p_NCZmUsZ4RJJDQmXBxCqCR_z0.roa (raw, json)
Hash identifier: lCe03Dqc8UDVCHDeGVssTuhUlrqRWT1koDjys14bimY=
Subject key identifier: DA:9F:CD:09:99:94:B1:9E:11:24:90:D0:99:70:71:0A:A0:91:FF:3D
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 09E9C109
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/2p_NCZmUsZ4RJJDQmXBxCqCR_z0.roa
Signing time: Sat 01 Jan 2022 13:03:47 +0000
ROA not before: Sat 01 Jan 2022 13:03:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.228.0/22 maxlen: 22
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.236.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.237.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.205.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.202.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.208.0/22 maxlen: 22
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.216.0/22 maxlen: 22
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.216.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.225.0/24 maxlen: 24
85.133.226.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.132.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/22 maxlen: 22
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.152.0/22 maxlen: 22
85.133.151.0/24 maxlen: 24
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.156.0/22 maxlen: 22
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.160.0/22 maxlen: 22
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/22 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166314249 (0x9e9c109)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jan 1 13:03:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da9fcd099994b19e112490d09970710aa091ff3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c5:3f:0c:5f:71:45:44:80:3d:3c:77:12:f7:
79:84:cd:87:4f:92:23:1d:15:4d:1a:5b:4f:b2:4e:
c3:71:53:07:c8:f9:de:4e:2f:20:39:03:81:28:ec:
a4:2c:21:59:40:8d:ce:f3:d5:57:de:bd:a3:55:87:
37:34:84:f4:b9:24:a7:b2:e0:bb:1a:fc:d3:2e:0b:
d8:42:44:8b:07:8a:0b:e9:f0:de:3b:ac:74:ab:aa:
d6:fd:4e:3d:b4:e5:15:ee:b6:81:43:96:dd:86:04:
2c:7b:34:e6:6a:ec:6f:ae:2a:b8:62:7a:b8:93:c6:
25:83:58:9e:48:ab:11:9d:bc:a3:c4:57:34:c4:0e:
cb:0c:ef:74:54:2d:92:57:50:3f:ec:d1:b5:73:02:
78:00:41:20:24:02:47:72:93:1d:89:5f:f5:c4:ff:
c5:81:2c:d4:29:21:6f:33:ab:d6:34:83:08:48:98:
fe:b2:b4:d3:b6:08:17:33:42:0f:73:ab:ed:27:dd:
8a:1a:5f:cf:eb:89:7b:cb:e4:a8:37:be:12:21:21:
e6:a7:12:59:bf:2d:80:f5:b2:3c:10:4d:27:47:7a:
68:c5:54:ba:86:85:5e:6b:2f:85:83:33:f8:1c:9a:
5b:34:80:7e:ec:0c:c8:cb:3b:c0:57:fe:62:b1:1b:
d2:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:9F:CD:09:99:94:B1:9E:11:24:90:D0:99:70:71:0A:A0:91:FF:3D
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/2p_NCZmUsZ4RJJDQmXBxCqCR_z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
60:11:6a:fd:c0:c9:2e:d5:00:9e:7e:27:55:f9:e9:9c:4e:2c:
63:f3:ac:7b:43:ba:33:44:0d:85:c2:14:73:83:6a:2b:1a:68:
4b:15:a4:c3:52:b2:1e:8c:8e:3c:ea:46:ad:21:af:50:68:a3:
92:54:54:04:7d:47:24:34:f9:6e:07:79:49:2a:cf:22:a1:ef:
69:53:20:9b:ca:f2:5e:2a:89:2b:ec:51:97:06:19:c9:fb:45:
cd:0d:68:0a:bf:b3:77:1f:67:23:7a:0f:f2:34:c8:1c:47:73:
49:01:f5:82:db:55:57:a8:de:41:11:7d:2e:a9:b5:f4:85:cb:
05:85:54:30:31:df:e1:bc:7d:8b:fd:73:0b:dd:fb:26:9c:51:
88:18:0f:37:89:a1:4b:c9:12:9d:a8:35:a6:b3:08:7b:f9:33:
09:71:41:18:e1:b3:c6:24:28:ed:0f:28:ca:d7:25:81:6c:55:
7e:eb:2d:be:c8:f4:41:e2:fe:79:e4:b7:20:38:98:28:8d:d6:
f7:a3:60:d3:18:5f:2b:26:73:9b:9f:d8:43:06:16:63:ac:21:
8c:df:14:05:54:37:b1:1c:a3:53:53:e5:71:f0:d3:70:2c:04:
cd:a1:84:dd:97:61:f3:5f:12:dd:6e:b6:37:16:af:67:2a:ac:
04:bc:ad:a3
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECenBCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDVlMzk2NThhM2VmNmYxM2NhMjFjYzExYTRlMzNlYmNkOTQ2NzAyMB4XDTIyMDEw
MTEzMDM0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGE5ZmNkMDk5OTk0
YjE5ZTExMjQ5MGQwOTk3MDcxMGFhMDkxZmYzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANnFPwxfcUVEgD08dxL3eYTNh0+SIx0VTRpbT7JOw3FTB8j5
3k4vIDkDgSjspCwhWUCNzvPVV969o1WHNzSE9Lkkp7Lguxr80y4L2EJEiweKC+nw
3jusdKuq1v1OPbTlFe62gUOW3YYELHs05mrsb64quGJ6uJPGJYNYnkirEZ28o8RX
NMQOywzvdFQtkldQP+zRtXMCeABBICQCR3KTHYlf9cT/xYEs1CkhbzOr1jSDCEiY
/rK007YIFzNCD3Or7Sfdihpfz+uJe8vkqDe+EiEh5qcSWb8tgPWyPBBNJ0d6aMVU
uoaFXmsvhYMz+ByaWzSAfuwMyMs7wFf+YrEb0nkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTan80JmZSxnhEkkNCZcHEKoJH/PTAfBgNVHSMEGDAWgBTNXjllij728Tyi
HMEaTjPrzZRnAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pWNDVaWW8tOXZFOG9oekJHazR6NjgyVVp3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8x
LzJwX05DWm1Vc1o0UkpKRFFtWEJ4Q3FDUl96MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
ZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8xL3pWNDVaWW8tOXZF
OG9oekJHazR6NjgyVVp3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEB1WFgAMEArkpADANBAIAAjAHAwUD
KgSHwDANBgkqhkiG9w0BAQsFAAOCAQEAYBFq/cDJLtUAnn4nVfnpnE4sY/Ose0O6
M0QNhcIUc4NqKxpoSxWkw1KyHoyOPOpGrSGvUGijklRUBH1HJDT5bgd5SSrPIqHv
aVMgm8ryXiqJK+xRlwYZyftFzQ1oCr+zdx9nI3oP8jTIHEdzSQH1gttVV6jeQRF9
Lqm19IXLBYVUMDHf4bx9i/1zC937JpxRiBgPN4mhS8kSnag1prMIe/kzCXFBGOGz
xiQo7Q8oytclgWxVfustvsj0QeL+eeS3IDiYKI3W96Ng0xhfKyZzm5/YQwYWY6wh
jN8UBVQ3sRyjU1PlcfDTcCwEzaGE3Zdh818S3W62NxavZyqsBLytow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org