Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/oNfc3ZeKLjyoQh0QqbgVsyc5t_U.roa
File: oNfc3ZeKLjyoQh0QqbgVsyc5t_U.roa (raw, json)
Hash identifier: 70OAfkW5oGiljGe4l6RbKuqtyLqDN5Ic28UDhejHXck=
Subject key identifier: A0:D7:DC:DD:97:8A:2E:3C:A8:42:1D:10:A9:B8:15:B3:27:39:B7:F5
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0A877730
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/oNfc3ZeKLjyoQh0QqbgVsyc5t_U.roa
Signing time: Sat 05 Mar 2022 22:31:20 +0000
ROA not before: Sat 05 Mar 2022 22:31:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6939
IP address blocks: 85.133.217.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176650032 (0xa877730)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Mar 5 22:31:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0d7dcdd978a2e3ca8421d10a9b815b32739b7f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:df:8c:70:2e:a8:ca:17:9c:71:60:24:02:5e:
d6:89:b2:d9:8c:40:16:e4:87:15:dc:80:d3:dd:d1:
44:e8:23:a8:67:f0:4b:33:7e:34:cf:6b:90:0d:24:
4a:61:0f:02:05:f4:b1:fb:14:88:18:c2:9f:73:9a:
a7:14:8d:e5:30:1b:b3:17:75:ff:f3:52:91:8b:f9:
0b:d4:72:e3:f5:7e:08:57:c1:12:71:0f:ce:15:d5:
d4:f8:7d:4a:5c:0c:e9:5f:f4:c4:ab:94:fd:d5:f6:
36:05:1e:8c:c0:75:36:15:32:59:62:6f:5d:5c:fb:
fb:aa:17:aa:c2:a2:75:b7:9a:27:15:f6:b5:9d:e8:
39:f4:d0:18:aa:23:9d:65:c0:bf:70:89:04:e4:17:
02:80:96:bf:f4:26:a7:0e:38:99:df:41:12:54:a7:
bc:51:d7:33:5c:6e:eb:88:17:66:13:b3:ae:d5:96:
09:38:02:e5:22:54:a3:0e:8f:e8:0d:65:bd:3e:d9:
c3:20:9a:77:6c:3d:33:46:71:13:06:90:11:18:03:
38:88:93:25:80:41:57:fe:b4:fb:1f:a0:d3:1d:7b:
5f:80:ee:d9:e1:63:44:52:32:4d:6d:57:34:fa:ba:
33:f2:2f:cf:97:6b:03:93:2f:7d:fa:4d:f7:c9:24:
07:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:D7:DC:DD:97:8A:2E:3C:A8:42:1D:10:A9:B8:15:B3:27:39:B7:F5
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/oNfc3ZeKLjyoQh0QqbgVsyc5t_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.136.0/24
85.133.164.0/23
85.133.217.0/24
85.133.236.0/24
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:93:2f:97:c9:8f:bf:5f:77:4a:52:e7:30:38:a2:af:8b:aa:
ee:72:32:38:2f:1a:b3:2b:2f:0d:c3:d8:b9:f3:dd:91:0c:ad:
2a:eb:62:f4:78:ed:26:fa:e2:42:f9:8c:ab:91:e9:7f:42:f1:
94:28:51:7e:a5:51:d8:8f:c3:e2:ce:a7:28:e5:5e:65:7e:af:
b2:46:8e:6b:3f:71:b3:4f:6c:e4:79:51:fd:92:b6:d5:d7:80:
e6:c6:b1:a7:6b:b7:49:3b:c2:4b:93:6f:d3:4e:0d:07:52:9d:
bc:7b:b2:08:bc:d0:1e:71:84:83:a6:89:e8:f8:a6:a6:83:8c:
70:23:e4:04:0a:f1:85:9d:fa:18:1c:17:65:f3:27:e3:c8:ed:
ff:c5:ab:79:5b:ef:d0:bf:f6:96:49:bc:90:c5:25:1f:62:61:
64:16:2d:79:2a:3b:14:b6:bd:12:63:9a:14:12:06:43:fc:5c:
56:71:c1:5b:8c:0c:bf:1e:7f:3e:03:c2:04:af:6b:07:9c:7a:
d2:9f:f9:de:92:36:06:86:b2:57:2f:de:86:99:fe:d7:7e:4d:
68:14:07:9b:41:60:3d:a0:c6:ed:2b:97:2b:4b:27:ef:1b:87:
97:c2:dd:54:c6:39:43:c3:8a:87:e0:63:e9:d6:10:09:a3:c5:
ac:72:64:0a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECod3MDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDVlMzk2NThhM2VmNmYxM2NhMjFjYzExYTRlMzNlYmNkOTQ2NzAyMB4XDTIyMDMw
NTIyMzEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTBkN2RjZGQ5Nzhh
MmUzY2E4NDIxZDEwYTliODE1YjMyNzM5YjdmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMDfjHAuqMoXnHFgJAJe1omy2YxAFuSHFdyA093RROgjqGfw
SzN+NM9rkA0kSmEPAgX0sfsUiBjCn3OapxSN5TAbsxd1//NSkYv5C9Ry4/V+CFfB
EnEPzhXV1Ph9SlwM6V/0xKuU/dX2NgUejMB1NhUyWWJvXVz7+6oXqsKidbeaJxX2
tZ3oOfTQGKojnWXAv3CJBOQXAoCWv/Qmpw44md9BElSnvFHXM1xu64gXZhOzrtWW
CTgC5SJUow6P6A1lvT7ZwyCad2w9M0ZxEwaQERgDOIiTJYBBV/60+x+g0x17X4Du
2eFjRFIyTW1XNPq6M/Ivz5drA5MvffpN98kkBxkCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSg19zdl4ouPKhCHRCpuBWzJzm39TAfBgNVHSMEGDAWgBTNXjllij728Tyi
HMEaTjPrzZRnAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pWNDVaWW8tOXZFOG9oekJHazR6NjgyVVp3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8x
L29OZmMzWmVLTGp5b1FoMFFxYmdWc3ljNXRfVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
ZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8xL3pWNDVaWW8tOXZF
OG9oekJHazR6NjgyVVp3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFWFiAMEAVWFpAMEAFWF2QMEAFWF
7AMEAFWF/TANBgkqhkiG9w0BAQsFAAOCAQEAjpMvl8mPv193SlLnMDiir4uq7nIy
OC8asysvDcPYufPdkQytKuti9HjtJvriQvmMq5Hpf0LxlChRfqVR2I/D4s6nKOVe
ZX6vskaOaz9xs09s5HlR/ZK21deA5saxp2u3STvCS5Nv004NB1KdvHuyCLzQHnGE
g6aJ6PimpoOMcCPkBArxhZ36GBwXZfMn48jt/8WreVvv0L/2lkm8kMUlH2JhZBYt
eSo7FLa9EmOaFBIGQ/xcVnHBW4wMvx5/PgPCBK9rB5x60p/53pI2BoayVy/ehpn+
135NaBQHm0FgPaDG7SuXK0sn7xuHl8LdVMY5Q8OKh+Bj6dYQCaPFrHJkCg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:13 2024 by rpki-client on console-fra.rpki-client.org