Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/cKDgRDtvgjvM2LGYUdeFfWEGiK8.roa
File: cKDgRDtvgjvM2LGYUdeFfWEGiK8.roa (raw, json)
Hash identifier: WBHyaQHu5XaJNu9cAX5weRRHe2pF8s5W/A1eNsFer0U=
Subject key identifier: 70:A0:E0:44:3B:6F:82:3B:CC:D8:B1:98:51:D7:85:7D:61:06:88:AF
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0B93B121
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/cKDgRDtvgjvM2LGYUdeFfWEGiK8.roa
Signing time: Sun 26 Jun 2022 11:20:05 +0000
ROA not before: Sun 26 Jun 2022 11:20:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 85.133.217.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 194228513 (0xb93b121)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jun 26 11:20:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70a0e0443b6f823bccd8b19851d7857d610688af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:84:9f:c6:35:f6:a5:01:de:c3:45:fe:7e:0a:
01:cc:16:ba:f3:56:ae:c2:47:f1:5d:e6:25:20:d7:
f6:87:2e:49:14:aa:56:7e:88:a0:70:19:d4:81:e0:
05:e2:7a:fd:ec:92:5e:84:ee:95:9e:f7:c2:d4:17:
a2:3e:60:1d:55:30:7b:9e:48:f6:65:d8:18:8b:17:
38:3a:a6:2d:58:aa:0b:56:5a:a7:43:4f:6d:cd:fb:
90:61:cd:be:b4:c5:ca:a0:5e:43:bf:4b:03:66:94:
93:db:a2:3b:0d:4f:7d:03:14:d4:64:fd:8c:bd:08:
4b:ab:bd:4a:ea:c1:59:e0:51:be:78:1c:ee:05:af:
a8:07:c2:57:ca:38:19:fe:0a:45:55:0a:5e:0d:25:
df:37:a4:c9:d4:8c:4f:5b:36:dc:37:c5:df:d8:94:
bb:50:dd:f9:1c:26:65:74:01:a7:27:e0:a7:f3:68:
d5:33:23:2c:b9:8d:60:b9:b0:9f:bd:87:ac:78:07:
9f:a5:09:04:d5:d8:ec:aa:c7:d7:e8:8d:c3:1e:75:
8a:4e:d7:ff:90:33:2a:fd:57:82:5e:62:3d:3d:8f:
2a:77:86:bb:79:aa:34:96:98:eb:cd:ed:e0:00:41:
91:09:a8:94:e5:78:31:3a:93:59:28:35:be:4e:f7:
70:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A0:E0:44:3B:6F:82:3B:CC:D8:B1:98:51:D7:85:7D:61:06:88:AF
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/cKDgRDtvgjvM2LGYUdeFfWEGiK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.136.0/24
85.133.164.0/23
85.133.217.0/24
85.133.236.0/24
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:ad:8d:b0:d9:0a:12:ac:e1:2c:93:25:e3:64:a0:cb:3c:e1:
85:40:5d:1e:aa:82:9c:e8:11:b3:d4:43:2f:40:ed:77:7d:7c:
26:4f:33:ea:7f:86:dc:f3:17:b5:7a:de:4d:d1:b8:91:ec:96:
4d:ba:59:8f:24:d7:59:a8:8a:11:61:23:99:d5:8f:13:a4:68:
b1:e4:f1:0f:39:86:1a:23:22:8c:a0:bd:54:64:7e:22:7b:d5:
62:26:ef:8d:fc:c5:15:a0:37:b7:0b:31:89:76:52:d8:d8:93:
e6:3d:cb:4b:40:61:3d:ff:d1:db:c4:a2:47:ea:af:c8:02:88:
fe:46:0e:15:ff:08:66:d6:08:64:09:b3:1f:b0:c9:ed:60:c3:
05:5f:cc:1f:3f:a3:9b:73:9c:19:69:b2:8a:b8:29:35:d0:9e:
ff:05:f0:6a:c1:e9:98:d3:aa:64:f0:a1:fe:5f:d7:3c:83:6f:
34:0f:2c:f7:55:66:cf:bd:26:dd:16:f3:df:09:3a:84:03:5b:
75:80:98:f1:df:ac:5e:58:73:cb:b1:23:60:dd:49:98:12:50:
34:2d:7f:d5:2f:b7:a2:ba:5a:8c:58:f2:a6:0d:34:57:ac:40:
c1:ab:1c:bf:62:99:4f:d4:83:c1:9a:3d:ba:b6:63:72:6c:07:
1c:c1:0c:1c
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEC5OxITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDVlMzk2NThhM2VmNmYxM2NhMjFjYzExYTRlMzNlYmNkOTQ2NzAyMB4XDTIyMDYy
NjExMjAwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzBhMGUwNDQzYjZm
ODIzYmNjZDhiMTk4NTFkNzg1N2Q2MTA2ODhhZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJyEn8Y19qUB3sNF/n4KAcwWuvNWrsJH8V3mJSDX9ocuSRSq
Vn6IoHAZ1IHgBeJ6/eySXoTulZ73wtQXoj5gHVUwe55I9mXYGIsXODqmLViqC1Za
p0NPbc37kGHNvrTFyqBeQ79LA2aUk9uiOw1PfQMU1GT9jL0IS6u9SurBWeBRvngc
7gWvqAfCV8o4Gf4KRVUKXg0l3zekydSMT1s23DfF39iUu1Dd+RwmZXQBpyfgp/No
1TMjLLmNYLmwn72HrHgHn6UJBNXY7KrH1+iNwx51ik7X/5AzKv1Xgl5iPT2PKneG
u3mqNJaY683t4ABBkQmolOV4MTqTWSg1vk73cE8CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRwoOBEO2+CO8zYsZhR14V9YQaIrzAfBgNVHSMEGDAWgBTNXjllij728Tyi
HMEaTjPrzZRnAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pWNDVaWW8tOXZFOG9oekJHazR6NjgyVVp3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8x
L2NLRGdSRHR2Z2p2TTJMR1lVZGVGZldFR2lLOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
ZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8xL3pWNDVaWW8tOXZF
OG9oekJHazR6NjgyVVp3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFWFiAMEAVWFpAMEAFWF2QMEAFWF
7AMEAFWF/TANBgkqhkiG9w0BAQsFAAOCAQEADK2NsNkKEqzhLJMl42SgyzzhhUBd
HqqCnOgRs9RDL0Dtd318Jk8z6n+G3PMXtXreTdG4keyWTbpZjyTXWaiKEWEjmdWP
E6RoseTxDzmGGiMijKC9VGR+InvVYibvjfzFFaA3twsxiXZS2NiT5j3LS0BhPf/R
28SiR+qvyAKI/kYOFf8IZtYIZAmzH7DJ7WDDBV/MHz+jm3OcGWmyirgpNdCe/wXw
asHpmNOqZPCh/l/XPINvNA8s91Vmz70m3Rbz3wk6hANbdYCY8d+sXlhzy7EjYN1J
mBJQNC1/1S+3orpajFjypg00V6xAwascv2KZT9SDwZo9urZjcmwHHMEMHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org