Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/jzqiNbCzQeqsdyfmS08bwr9JFt0.roa
File: jzqiNbCzQeqsdyfmS08bwr9JFt0.roa (raw, json)
Hash identifier: TqrRZ7TotnOwHNfHzvwXScTcRKDJzYk748grZ6sqqZw=
Subject key identifier: 8F:3A:A2:35:B0:B3:41:EA:AC:77:27:E6:4B:4F:1B:C2:BF:49:16:DD
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01822FFC57234455FA28FCD37BC94F9940AA
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/jzqiNbCzQeqsdyfmS08bwr9JFt0.roa
Signing time: Sun 24 Jul 2022 11:34:02 +0000
ROA not before: Sun 24 Jul 2022 11:34:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51765
IP address blocks: 85.133.216.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:2f:fc:57:23:44:55:fa:28:fc:d3:7b:c9:4f:99:40:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Jul 24 11:34:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f3aa235b0b341eaac7727e64b4f1bc2bf4916dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3b:da:a4:7f:ca:70:85:0e:86:c2:36:67:5a:
69:f1:cd:e4:62:d3:cf:e6:2c:e3:86:e1:2c:7a:94:
05:e9:85:04:81:95:a1:b7:cd:39:90:54:fd:01:05:
ac:70:59:3c:9e:58:b8:30:0c:90:09:e4:3f:67:80:
b3:d9:6e:16:6e:7a:97:c9:75:cc:d6:68:1c:8b:d5:
ee:3f:4b:c2:2c:95:12:73:73:e4:29:eb:6c:25:35:
8a:00:b1:85:95:17:56:45:af:80:e0:22:05:df:61:
7a:42:2b:51:88:85:40:93:cd:f5:12:0d:00:b1:f0:
56:73:b5:b6:dc:7e:ba:56:0e:e8:bd:ca:02:5e:c9:
f8:ed:6e:88:c7:75:ec:78:c2:25:9b:a8:44:2c:c1:
1d:b9:42:69:3a:4e:0a:8e:e4:a4:cb:83:a2:4b:7b:
36:ce:7d:36:d6:71:3d:f2:43:9b:6c:a7:f9:42:91:
4a:d3:6d:90:8b:57:58:15:d1:9a:86:c0:56:2e:11:
83:93:84:af:5a:42:47:08:9e:52:ed:8f:3b:10:95:
ba:f4:94:8f:2a:15:70:4d:14:b3:ac:89:44:7a:f3:
9b:32:94:4e:a1:6b:71:e5:47:f4:7f:4b:40:35:6f:
06:4c:2c:7c:54:4c:57:d3:40:f5:82:d9:32:6f:0d:
fb:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:3A:A2:35:B0:B3:41:EA:AC:77:27:E6:4B:4F:1B:C2:BF:49:16:DD
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/jzqiNbCzQeqsdyfmS08bwr9JFt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.215.0-85.133.216.255
85.133.218.0/23
85.133.225.0/24
Signature Algorithm: sha256WithRSAEncryption
03:e5:aa:4b:59:cb:df:b4:e5:7e:fe:1c:7c:9c:f0:4f:c3:a1:
99:cc:fc:9a:ab:a8:ca:f5:1d:8f:0e:7d:7f:34:6d:1e:10:6e:
53:9d:51:5e:5a:bb:b3:35:ca:f6:59:a1:8e:21:49:74:2a:25:
e3:ed:a3:84:f3:8b:93:47:34:fa:a7:fd:3b:78:82:a0:6f:26:
f8:ef:31:ad:14:94:a0:21:51:91:a0:81:3f:a0:85:57:ff:da:
9c:d4:5b:ca:14:3a:ab:d7:d2:27:32:04:fb:83:5b:77:38:0b:
3e:47:03:97:69:cb:3f:0f:3c:25:c6:97:fe:a6:2a:93:bd:37:
c7:2a:17:a1:46:6f:cc:fc:b4:6f:2d:91:f0:e7:c7:91:87:22:
3d:aa:ce:77:bd:34:78:b8:3b:35:e6:c4:cb:11:ae:77:1a:ab:
16:5c:19:3c:b0:60:db:bc:e8:8b:7b:aa:b7:94:d3:54:05:70:
08:72:2c:41:49:86:3d:ff:71:4c:e4:e4:ed:d4:a3:60:d9:52:
48:f3:8b:58:93:ea:67:96:c8:7e:25:17:5a:05:df:ac:c9:0f:
47:0d:ea:05:36:cd:3e:eb:2f:38:55:37:18:8b:c1:97:a3:be:
02:2f:28:a1:78:eb:15:c6:9d:f4:87:21:22:30:c3:1d:29:75:
e8:31:f3:5e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYIv/FcjRFX6KPzTe8lPmUCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjIwNzI0MTEzNDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjNhYTIzNWIwYjM0MWVhYWM3NzI3ZTY0YjRmMWJjMmJmNDkxNmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojvapH/KcIUOhsI2Z1pp8c3kYtPP
5izjhuEsepQF6YUEgZWht805kFT9AQWscFk8nli4MAyQCeQ/Z4Cz2W4WbnqXyXXM
1mgci9XuP0vCLJUSc3PkKetsJTWKALGFlRdWRa+A4CIF32F6QitRiIVAk831Eg0A
sfBWc7W23H66Vg7ovcoCXsn47W6Ix3XseMIlm6hELMEduUJpOk4KjuSky4OiS3s2
zn021nE98kObbKf5QpFK022Qi1dYFdGahsBWLhGDk4SvWkJHCJ5S7Y87EJW69JSP
KhVwTRSzrIlEevObMpROoWtx5Uf0f0tANW8GTCx8VExX00D1gtkybw370wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFI86ojWws0HqrHcn5ktPG8K/SRbdMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvanpxaU5iQ3pRZXFzZHlmbVMwOGJ3cjlKRnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABVhdcD
BABVhdgDBAFVhdoDBABVheEwDQYJKoZIhvcNAQELBQADggEBAAPlqktZy9+05X7+
HHyc8E/DoZnM/JqrqMr1HY8OfX80bR4QblOdUV5au7M1yvZZoY4hSXQqJePto4Tz
i5NHNPqn/Tt4gqBvJvjvMa0UlKAhUZGggT+ghVf/2pzUW8oUOqvX0icyBPuDW3c4
Cz5HA5dpyz8PPCXGl/6mKpO9N8cqF6FGb8z8tG8tkfDnx5GHIj2qzne9NHi4OzXm
xMsRrncaqxZcGTywYNu86It7qreU01QFcAhyLEFJhj3/cUzk5O3Uo2DZUkjzi1iT
6meWyH4lF1oF36zJD0cN6gU2zT7rLzhVNxiLwZejvgIvKKF46xXGnfSHISIwwx0p
degx814=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org