Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/TaUps2BhSw5RrI-SKf4EN5wFRJg.roa
File: TaUps2BhSw5RrI-SKf4EN5wFRJg.roa (raw, json)
Hash identifier: JpCPyMzo2dGgN4wOFNGfaFglFOEjuGdAM86bJEROhQ8=
Subject key identifier: 4D:A5:29:B3:60:61:4B:0E:51:AC:8F:92:29:FE:04:37:9C:05:44:98
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0A4C3663
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/TaUps2BhSw5RrI-SKf4EN5wFRJg.roa
Signing time: Mon 14 Feb 2022 16:13:28 +0000
ROA not before: Mon 14 Feb 2022 16:13:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12679
IP address blocks: 85.133.194.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172766819 (0xa4c3663)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Feb 14 16:13:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4da529b360614b0e51ac8f9229fe04379c054498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:df:9e:a5:2b:c6:d7:ed:9d:04:30:bc:67:bc:
df:f9:10:3c:a5:5b:c0:56:33:ba:6f:fd:5a:4f:88:
87:fc:2d:1d:10:c6:d7:90:19:e8:f8:50:b5:f4:ba:
26:27:f8:c7:fe:32:51:98:b6:bd:24:f7:48:10:04:
4c:7c:58:60:43:90:16:9f:ad:ed:95:b3:ea:76:f4:
9f:77:8c:35:a6:1e:3a:64:57:18:63:61:53:34:36:
a1:57:1a:b9:18:ba:d6:55:f8:4f:f4:ca:6a:f2:0e:
2f:17:d9:50:ed:75:21:89:53:d2:1c:6f:58:29:22:
90:ed:ab:89:e9:a0:8f:50:01:2a:06:6c:e7:f4:e2:
b0:41:dd:07:76:fd:86:ac:99:2f:ae:a4:5c:a3:dd:
4e:64:94:37:b3:6d:62:db:36:17:fb:9b:26:8c:9c:
a5:91:94:cb:48:1e:41:dc:ea:fd:d1:8c:e3:69:9b:
ab:4f:e4:6d:9a:4c:8d:b2:27:b4:57:d0:55:81:c0:
f9:eb:a1:09:97:b5:e8:5b:6a:a9:f0:b3:d5:8f:ad:
09:ff:28:c0:bf:c9:f6:dd:31:96:82:0a:60:d1:cb:
85:cb:5d:64:bd:35:a5:05:01:70:03:de:53:ca:71:
40:23:a7:0e:08:0f:fa:42:e2:50:bf:1f:ee:eb:f7:
b8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A5:29:B3:60:61:4B:0E:51:AC:8F:92:29:FE:04:37:9C:05:44:98
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/TaUps2BhSw5RrI-SKf4EN5wFRJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.136.0/23
85.133.164.0/23
85.133.169.0/24
85.133.194.0/24
85.133.217.0/24
85.133.234.0/24
85.133.236.0/24
85.133.238.0/24
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
83:71:4b:ef:f2:62:1b:a8:d1:4e:7b:b8:71:0b:59:79:1f:40:
e1:1c:d8:7f:49:2b:5e:e5:a8:43:0c:b5:61:72:0f:db:e1:d0:
b4:0d:e2:23:33:ee:e3:19:bd:99:84:dc:92:ee:39:6a:6d:07:
80:97:84:4e:b0:47:12:56:e3:bf:7b:9b:18:94:d4:3d:51:23:
24:96:c0:7c:9e:77:2d:1a:18:a7:03:34:f5:4f:65:5f:c6:84:
96:2a:99:9b:ee:7a:d4:e2:f0:32:b1:35:db:44:7f:6b:c6:fa:
ca:7c:aa:ea:53:cd:25:66:46:a0:b2:0e:62:e7:5e:5d:c2:66:
a0:d0:f7:78:d0:33:f6:b1:e4:f3:48:4e:ad:11:95:3c:fd:80:
98:f3:ca:bd:c6:3b:21:a7:eb:fe:5b:65:66:e0:9c:42:07:d1:
d9:bc:ea:19:33:d2:5d:a9:1f:5e:8d:98:32:db:28:9e:e5:25:
a6:7d:a9:d1:ff:40:4f:98:fa:60:e1:19:b4:36:1b:79:b9:5a:
36:a8:aa:2b:71:9a:13:12:21:e3:5e:66:12:b3:b4:8e:f9:0e:
4a:bc:3e:af:01:b6:fb:d8:da:f7:99:ca:b0:ef:13:83:14:4a:
4e:43:d2:70:d8:b1:48:a9:7a:b1:2d:79:d7:91:c1:e4:c5:06:
c2:17:4b:8c
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIECkw2YzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDVlMzk2NThhM2VmNmYxM2NhMjFjYzExYTRlMzNlYmNkOTQ2NzAyMB4XDTIyMDIx
NDE2MTMyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGRhNTI5YjM2MDYx
NGIwZTUxYWM4ZjkyMjlmZTA0Mzc5YzA1NDQ5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTfnqUrxtftnQQwvGe83/kQPKVbwFYzum/9Wk+Ih/wtHRDG
15AZ6PhQtfS6Jif4x/4yUZi2vST3SBAETHxYYEOQFp+t7ZWz6nb0n3eMNaYeOmRX
GGNhUzQ2oVcauRi61lX4T/TKavIOLxfZUO11IYlT0hxvWCkikO2riemgj1ABKgZs
5/TisEHdB3b9hqyZL66kXKPdTmSUN7NtYts2F/ubJoycpZGUy0geQdzq/dGM42mb
q0/kbZpMjbIntFfQVYHA+euhCZe16FtqqfCz1Y+tCf8owL/J9t0xloIKYNHLhctd
ZL01pQUBcAPeU8pxQCOnDggP+kLiUL8f7uv3uDcCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBRNpSmzYGFLDlGsj5Ip/gQ3nAVEmDAfBgNVHSMEGDAWgBTNXjllij728Tyi
HMEaTjPrzZRnAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pWNDVaWW8tOXZFOG9oekJHazR6NjgyVVp3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8x
L1RhVXBzMkJoU3c1UnJJLVNLZjRFTjV3RlJKZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
ZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8xL3pWNDVaWW8tOXZF
OG9oekJHazR6NjgyVVp3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAVWFiAMEAVWFpAMEAFWFqQMEAFWF
wgMEAFWF2QMEAFWF6gMEAFWF7AMEAFWF7gMEAFWF/TANBgkqhkiG9w0BAQsFAAOC
AQEAg3FL7/JiG6jRTnu4cQtZeR9A4RzYf0krXuWoQwy1YXIP2+HQtA3iIzPu4xm9
mYTcku45am0HgJeETrBHElbjv3ubGJTUPVEjJJbAfJ53LRoYpwM09U9lX8aEliqZ
m+561OLwMrE120R/a8b6ynyq6lPNJWZGoLIOYudeXcJmoND3eNAz9rHk80hOrRGV
PP2AmPPKvcY7Iafr/ltlZuCcQgfR2bzqGTPSXakfXo2YMtsonuUlpn2p0f9AT5j6
YOEZtDYbeblaNqiqK3GaExIh415mErO0jvkOSrw+rwG2+9ja95nKsO8TgxRKTkPS
cNixSKl6sS1515HB5MUGwhdLjA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:01 2024 by rpki-client on console-ams.rpki-client.org