Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/DXD-ZIxLmtfkPhMDC-522XzJmwQ.roa
File: DXD-ZIxLmtfkPhMDC-522XzJmwQ.roa (raw, json)
Hash identifier: 7L+agXNLMDtogcbiUeeBI9b/ausmRYPE/MUQ/dR8ip8=
Subject key identifier: 0D:70:FE:64:8C:4B:9A:D7:E4:3E:13:03:0B:EE:76:D9:7C:C9:9B:04
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0A83D85E
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/DXD-ZIxLmtfkPhMDC-522XzJmwQ.roa
Signing time: Sat 05 Mar 2022 10:41:11 +0000
ROA not before: Sat 05 Mar 2022 10:41:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60025
IP address blocks: 85.133.217.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176412766 (0xa83d85e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Mar 5 10:41:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d70fe648c4b9ad7e43e13030bee76d97cc99b04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:29:3c:70:57:de:f1:fc:bf:5c:27:b0:59:50:
56:27:01:34:9c:d8:44:a6:c1:7d:1b:ce:2f:12:76:
a8:43:34:2a:b2:15:8a:56:92:54:53:58:a7:ff:54:
af:8b:08:b3:4b:0b:39:55:46:eb:b2:e9:4e:37:84:
68:d5:4b:aa:c4:cd:90:af:45:04:30:48:af:80:74:
ec:b3:06:17:1c:bc:c6:8b:6f:61:b0:0e:31:37:2f:
67:57:f6:af:11:4d:2e:a2:2c:a1:4e:a3:12:66:e7:
ef:6e:8b:17:cc:ad:10:ef:de:8d:d9:5e:ca:bf:4e:
0a:93:47:5d:4e:55:d3:65:79:f6:b5:05:7c:24:0f:
12:37:b3:35:cf:c6:a1:64:b2:a6:82:eb:18:5e:e1:
46:18:5e:97:e7:04:e7:5d:6f:55:67:5a:77:06:cf:
b2:47:3e:ac:de:c4:f5:47:a0:78:d9:7a:e8:c5:ad:
e4:79:76:7d:65:8c:b4:50:73:f3:ee:99:5f:56:39:
c3:3b:98:e4:23:dc:f7:2c:95:41:53:8d:5f:b2:8f:
8d:ea:ac:02:a0:7c:2b:81:69:70:39:5a:65:f3:8a:
a6:2b:19:51:d4:f2:d2:19:40:5a:fd:3b:5b:6e:98:
92:2c:25:19:e9:d4:a4:16:0d:a8:9f:bc:44:4d:7f:
98:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:70:FE:64:8C:4B:9A:D7:E4:3E:13:03:0B:EE:76:D9:7C:C9:9B:04
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/DXD-ZIxLmtfkPhMDC-522XzJmwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.165.0/24
85.133.217.0/24
85.133.236.0/24
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
46:35:27:06:69:a9:6e:89:e6:1d:b6:77:f3:23:1d:18:ab:a2:
6b:75:c5:3e:77:41:ea:2c:59:50:23:56:68:e9:00:d8:03:45:
92:e3:6d:e6:aa:24:68:c5:bd:cc:92:27:05:53:b7:41:17:03:
c9:e0:0e:4b:a5:30:ea:7e:80:25:64:1a:3e:22:72:08:0f:a5:
69:11:aa:40:00:3f:60:d4:c7:af:24:98:1d:f4:c0:28:3e:b3:
d5:5c:f9:c6:5d:b5:79:08:2c:06:f6:3c:ce:88:38:de:ff:08:
56:7e:6b:36:e2:6e:76:a1:bf:1c:5c:a4:15:06:8d:b6:ea:e0:
ae:20:a3:e6:cd:b9:79:f8:53:6c:e0:1b:9f:62:2e:09:a0:53:
33:1a:ec:09:a4:be:5a:c1:b9:ef:ab:d2:87:d3:b0:92:98:17:
74:4a:8c:c2:4f:94:07:96:b4:56:e3:29:22:7f:99:39:b9:25:
fd:b0:92:79:ef:a9:af:f6:e8:0b:50:9b:2e:c3:3c:59:e4:60:
0e:d2:4e:ea:e5:5b:ce:e4:8f:b3:fb:4f:49:c6:e3:cd:75:ab:
cd:87:7c:c9:b2:1b:ec:de:6e:2f:73:1a:c5:a8:be:42:b7:4f:
d9:47:b9:00:52:c5:ab:79:ca:77:b1:2d:c2:53:9d:58:d0:6d:
84:29:07:71
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECoPYXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDVlMzk2NThhM2VmNmYxM2NhMjFjYzExYTRlMzNlYmNkOTQ2NzAyMB4XDTIyMDMw
NTEwNDExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQ3MGZlNjQ4YzRi
OWFkN2U0M2UxMzAzMGJlZTc2ZDk3Y2M5OWIwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMYpPHBX3vH8v1wnsFlQVicBNJzYRKbBfRvOLxJ2qEM0KrIV
ilaSVFNYp/9Ur4sIs0sLOVVG67LpTjeEaNVLqsTNkK9FBDBIr4B07LMGFxy8xotv
YbAOMTcvZ1f2rxFNLqIsoU6jEmbn726LF8ytEO/ejdleyr9OCpNHXU5V02V59rUF
fCQPEjezNc/GoWSypoLrGF7hRhhel+cE511vVWdadwbPskc+rN7E9UegeNl66MWt
5Hl2fWWMtFBz8+6ZX1Y5wzuY5CPc9yyVQVONX7KPjeqsAqB8K4FpcDlaZfOKpisZ
UdTy0hlAWv07W26YkiwlGenUpBYNqJ+8RE1/mFcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQNcP5kjEua1+Q+EwML7nbZfMmbBDAfBgNVHSMEGDAWgBTNXjllij728Tyi
HMEaTjPrzZRnAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pWNDVaWW8tOXZFOG9oekJHazR6NjgyVVp3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8x
L0RYRC1aSXhMbXRma1BoTURDLTUyMlh6Sm13US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
ZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8xL3pWNDVaWW8tOXZF
OG9oekJHazR6NjgyVVp3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFWFpQMEAFWF2QMEAFWF7AMEAFWF
/TANBgkqhkiG9w0BAQsFAAOCAQEARjUnBmmpbonmHbZ38yMdGKuia3XFPndB6ixZ
UCNWaOkA2ANFkuNt5qokaMW9zJInBVO3QRcDyeAOS6Uw6n6AJWQaPiJyCA+laRGq
QAA/YNTHrySYHfTAKD6z1Vz5xl21eQgsBvY8zog43v8IVn5rNuJudqG/HFykFQaN
turgriCj5s25efhTbOAbn2IuCaBTMxrsCaS+WsG576vSh9OwkpgXdEqMwk+UB5a0
VuMpIn+ZObkl/bCSee+pr/boC1CbLsM8WeRgDtJO6uVbzuSPs/tPScbjzXWrzYd8
ybIb7N5uL3Maxai+QrdP2Ue5AFLFq3nKd7EtwlOdWNBthCkHcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org