Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/L1zIQW_jtpvM59vAYn7RvaInbzM.roa
File: L1zIQW_jtpvM59vAYn7RvaInbzM.roa (raw, json)
Hash identifier: H8fXMWGkxYHDS1Vd4fpIQMfxMIjL0Ksw6Y38gtw5Do0=
Subject key identifier: 2F:5C:C8:41:6F:E3:B6:9B:CC:E7:DB:C0:62:7E:D1:BD:A2:27:6F:33
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018738F9E826251E8AA05209768C9618AB69
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/L1zIQW_jtpvM59vAYn7RvaInbzM.roa
Signing time: Fri 31 Mar 2023 18:41:54 +0000
ROA not before: Fri 31 Mar 2023 18:41:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 85.133.178.0/24 maxlen: 24
85.133.216.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
185.41.0.0/22 maxlen: 24
85.133.165.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:38:f9:e8:26:25:1e:8a:a0:52:09:76:8c:96:18:ab:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Mar 31 18:41:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f5cc8416fe3b69bcce7dbc0627ed1bda2276f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:72:35:ca:87:f6:26:d1:15:d1:04:bc:b1:41:
92:a0:b7:ff:0b:20:77:5b:66:a5:60:54:08:e4:3e:
b9:ed:79:9c:1b:da:0f:0f:98:c4:73:6b:3d:01:99:
2b:29:5e:fa:1e:7f:2a:77:af:c9:77:ec:fb:bc:a3:
c8:88:5a:be:d0:77:f9:49:72:f0:b6:21:e7:08:18:
4b:44:4d:a5:42:31:6d:9b:b2:49:39:05:47:88:90:
ed:e1:f9:30:9b:eb:5c:09:19:ae:a1:2d:58:b7:de:
96:64:a7:ba:99:71:db:5b:8a:59:11:57:5c:d1:a0:
a3:31:22:8e:f3:1c:71:74:69:e3:b5:a0:6e:8c:47:
dc:0d:35:9f:f4:41:ae:06:a6:45:04:63:08:e1:73:
0b:9c:27:57:f0:fa:dd:20:0b:9c:ef:52:7e:c5:f3:
c5:4f:8c:9e:91:b6:95:67:bd:f4:95:40:f3:97:2d:
37:0a:c3:44:fb:13:c6:e4:89:b8:85:7e:2b:14:5b:
68:aa:06:9f:9e:8c:00:8a:14:76:cb:bb:5e:34:8f:
aa:58:cc:94:dc:3b:bc:5f:ff:e1:12:57:f8:e0:a9:
94:cd:4a:b2:88:46:b9:a2:f4:50:c3:ed:ac:20:28:
eb:a5:33:99:d3:d2:6c:57:5d:23:9c:bc:c4:3a:c0:
cc:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:5C:C8:41:6F:E3:B6:9B:CC:E7:DB:C0:62:7E:D1:BD:A2:27:6F:33
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/L1zIQW_jtpvM59vAYn7RvaInbzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.146.0/24
85.133.165.0/24
85.133.178.0/24
85.133.215.0-85.133.217.255
85.133.253.0/24
185.41.0.0/22
Signature Algorithm: sha256WithRSAEncryption
16:37:af:90:1c:70:6f:51:ba:f3:37:2f:91:af:bf:e0:7a:d7:
bf:ce:76:6c:ad:09:ad:2b:5b:d6:40:f9:1d:93:72:50:5c:1d:
92:de:11:3b:3b:55:60:69:5d:85:9d:4c:74:28:43:3a:00:94:
02:c6:f0:ee:95:9e:0d:f2:da:ec:8d:fa:5a:ab:5d:9a:c9:81:
93:49:d8:57:31:3d:7d:f0:d3:f4:52:e8:8e:e7:85:2d:e5:ab:
4d:e4:d8:4f:88:cb:2e:5f:9a:d0:24:10:8f:07:f0:f9:9b:c5:
12:0e:ea:e8:0c:0e:e3:2d:76:af:76:dd:21:01:7a:5d:ed:98:
b4:c6:1a:be:c1:af:72:de:e8:69:3e:b3:6f:84:d3:e2:4e:da:
f7:8c:11:d6:a5:0f:d9:3e:12:4d:f9:80:b1:32:82:90:34:7e:
cd:4f:6e:37:f3:0b:cc:7c:89:0c:c6:00:b6:62:06:95:62:58:
62:2f:b9:12:39:a1:0b:93:0d:0c:98:dc:50:c9:ad:d4:d0:c3:
1d:01:66:08:ea:01:10:7c:7f:ab:76:2a:f1:95:41:a6:58:13:
21:58:c6:5a:ec:8f:db:62:3f:04:f5:19:69:2b:c3:04:b3:66:
11:db:18:53:7e:47:ff:20:00:cc:5f:90:7d:57:6b:c2:66:7d:
99:aa:76:e5
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYc4+egmJR6KoFIJdoyWGKtpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwMzMxMTg0MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjVjYzg0MTZmZTNiNjliY2NlN2RiYzA2MjdlZDFiZGEyMjc2ZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHI1yof2JtEV0QS8sUGSoLf/CyB3
W2alYFQI5D657XmcG9oPD5jEc2s9AZkrKV76Hn8qd6/Jd+z7vKPIiFq+0Hf5SXLw
tiHnCBhLRE2lQjFtm7JJOQVHiJDt4fkwm+tcCRmuoS1Yt96WZKe6mXHbW4pZEVdc
0aCjMSKO8xxxdGnjtaBujEfcDTWf9EGuBqZFBGMI4XMLnCdX8PrdIAuc71J+xfPF
T4yekbaVZ730lUDzly03CsNE+xPG5Im4hX4rFFtoqgafnowAihR2y7teNI+qWMyU
3Du8X//hElf44KmUzUqyiEa5ovRQw+2sICjrpTOZ09JsV10jnLzEOsDM6wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFC9cyEFv47abzOfbwGJ+0b2iJ28zMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvTDF6SVFXX2p0cHZNNTl2QVluN1J2YUluYnpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAVYWSAwQA
VYWlAwQAVYWyMAwDBABVhdcDBAFVhdgDBABVhf0DBAK5KQAwDQYJKoZIhvcNAQEL
BQADggEBABY3r5AccG9RuvM3L5Gvv+B617/OdmytCa0rW9ZA+R2TclBcHZLeETs7
VWBpXYWdTHQoQzoAlALG8O6Vng3y2uyN+lqrXZrJgZNJ2FcxPX3w0/RS6I7nhS3l
q03k2E+Iyy5fmtAkEI8H8PmbxRIO6ugMDuMtdq923SEBel3tmLTGGr7Br3Le6Gk+
s2+E0+JO2veMEdalD9k+Ek35gLEygpA0fs1PbjfzC8x8iQzGALZiBpViWGIvuRI5
oQuTDQyY3FDJrdTQwx0BZgjqARB8f6t2KvGVQaZYEyFYxlrsj9tiPwT1GWkrwwSz
ZhHbGFN+R/8gAMxfkH1Xa8JmfZmqduU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:55:37 2025 by rpki-client