Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/FTzR1sPX1VPqX_X7Xf1I8W9541o.roa
File: FTzR1sPX1VPqX_X7Xf1I8W9541o.roa (raw, json)
Hash identifier: AC45PpXRqJ0FVMTaA6yyMR0n6+vC2L6mzyRUcQYc04g=
Subject key identifier: 15:3C:D1:D6:C3:D7:D5:53:EA:5F:F5:FB:5D:FD:48:F1:6F:79:E3:5A
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0184B8572A4C636B4AD86F5C234523DBEE59
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/FTzR1sPX1VPqX_X7Xf1I8W9541o.roa
Signing time: Sun 27 Nov 2022 09:07:10 +0000
ROA not before: Sun 27 Nov 2022 09:07:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.228.0/22 maxlen: 22
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.236.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.237.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.205.0/24 maxlen: 24
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.202.0/24 maxlen: 24
85.133.212.0/24 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.208.0/22 maxlen: 22
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.216.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.222.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.132.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/22 maxlen: 22
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.152.0/22 maxlen: 22
85.133.151.0/24 maxlen: 24
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.156.0/22 maxlen: 22
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.160.0/22 maxlen: 22
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/22 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b8:57:2a:4c:63:6b:4a:d8:6f:5c:23:45:23:db:ee:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Nov 27 09:07:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=153cd1d6c3d7d553ea5ff5fb5dfd48f16f79e35a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1c:4e:2d:68:30:70:2e:5d:d9:bd:72:3a:e2:
ff:cc:9a:2c:4d:c4:1d:a2:f4:1f:0d:08:c0:d3:37:
be:dd:4d:b1:03:f8:ab:0d:05:cd:d2:c8:60:6a:9a:
ca:d8:f1:1a:b9:cd:71:52:df:21:6a:eb:0f:49:5e:
a6:8a:2a:15:2a:13:ed:1b:72:ec:3e:f9:ce:ba:6f:
cb:50:05:af:c2:78:cb:c7:0c:7c:cd:64:cf:c3:4d:
e2:53:17:ba:31:4a:eb:18:81:6d:ce:3e:f9:65:58:
5d:dc:35:9e:4f:c9:82:94:5e:02:77:e3:59:70:08:
90:fc:c5:43:1c:3d:48:45:4d:fb:c8:96:a4:90:c8:
82:74:1a:78:53:f4:d1:83:04:5d:7e:2f:02:ec:e9:
dc:f0:0d:6a:07:76:23:32:29:db:d8:97:f7:0e:12:
ac:c8:09:f4:de:99:3e:d1:04:37:1c:5a:4b:5e:49:
f2:60:d3:e0:f6:56:74:00:7a:af:d1:08:04:00:0c:
e3:fa:db:91:aa:54:7e:ae:03:8d:9d:4a:75:62:fa:
d6:d8:a5:45:fa:5a:13:fb:5c:92:a3:5f:a9:02:2c:
b2:f6:e8:e0:1f:0c:7c:12:f0:67:0e:f0:8a:3f:90:
ef:80:a6:35:82:08:9d:21:f8:7a:02:3e:f3:58:f2:
f0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:3C:D1:D6:C3:D7:D5:53:EA:5F:F5:FB:5D:FD:48:F1:6F:79:E3:5A
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/FTzR1sPX1VPqX_X7Xf1I8W9541o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
a5:4f:ed:63:4d:cf:45:ee:07:2e:bb:5e:58:87:9c:9c:83:85:
c4:75:ed:08:e1:61:a3:77:d2:cb:24:02:53:d2:8b:9a:d8:92:
30:e9:01:2c:f2:e5:bd:1f:50:12:66:69:56:42:6e:1d:8f:f7:
17:e0:6b:79:a0:62:90:a6:61:6f:67:3f:63:79:70:f3:22:1e:
2e:db:66:97:b4:93:bf:bb:73:6f:f2:31:3a:21:b0:ab:cb:1e:
44:28:2a:d3:a1:38:cc:57:f7:e5:36:d6:46:43:23:9c:05:b8:
71:36:8e:eb:e6:e4:52:bf:8b:a4:f2:b8:e7:a8:98:63:2d:a1:
12:6b:e7:6c:49:bf:11:1a:3c:9f:79:21:98:aa:8c:56:b3:61:
16:0d:17:de:30:8a:18:4f:de:e9:97:25:29:7e:c9:fb:2d:7b:
d2:57:c0:15:76:a3:c3:95:6a:8c:5d:75:53:de:2b:e0:d9:59:
c0:a5:50:b4:ea:a9:44:01:1a:c3:ef:d6:9b:74:9e:64:51:55:
95:cc:38:6f:81:ac:4d:0b:d2:1d:c9:fe:eb:87:f5:22:61:46:
d2:39:14:98:c5:92:b0:b7:93:57:ab:b5:35:94:03:62:d7:a2:
e8:8f:3d:21:97:4a:be:ba:05:3d:e0:3e:7f:50:6c:1d:98:0b:
22:63:96:e3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYS4VypMY2tK2G9cI0Uj2+5ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjIxMTI3MDkwNzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTNjZDFkNmMzZDdkNTUzZWE1ZmY1ZmI1ZGZkNDhmMTZmNzllMzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxxOLWgwcC5d2b1yOuL/zJosTcQd
ovQfDQjA0ze+3U2xA/irDQXN0shgaprK2PEauc1xUt8hausPSV6miioVKhPtG3Ls
PvnOum/LUAWvwnjLxwx8zWTPw03iUxe6MUrrGIFtzj75ZVhd3DWeT8mClF4Cd+NZ
cAiQ/MVDHD1IRU37yJakkMiCdBp4U/TRgwRdfi8C7Onc8A1qB3YjMinb2Jf3DhKs
yAn03pk+0QQ3HFpLXknyYNPg9lZ0AHqv0QgEAAzj+tuRqlR+rgONnUp1YvrW2KVF
+loT+1ySo1+pAiyy9ujgHwx8EvBnDvCKP5DvgKY1ggidIfh6Aj7zWPLwJwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBU80dbD19VT6l/1+139SPFveeNaMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvRlR6UjFzUFgxVlBxWF9YN1hmMUk4Vzk1NDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQClT+1jTc9F7gcu
u15Yh5ycg4XEde0I4WGjd9LLJAJT0oua2JIw6QEs8uW9H1ASZmlWQm4dj/cX4Gt5
oGKQpmFvZz9jeXDzIh4u22aXtJO/u3Nv8jE6IbCryx5EKCrToTjMV/flNtZGQyOc
BbhxNo7r5uRSv4uk8rjnqJhjLaESa+dsSb8RGjyfeSGYqoxWs2EWDRfeMIoYT97p
lyUpfsn7LXvSV8AVdqPDlWqMXXVT3ivg2VnApVC06qlEARrD79abdJ5kUVWVzDhv
gaxNC9Idyf7rh/UiYUbSORSYxZKwt5NXq7U1lANi16Lojz0hl0q+ugU94D5/UGwd
mAsiY5bj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org