Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/rmhZciKqNtAWXXaub5KWdbWc9cg.roa
File: rmhZciKqNtAWXXaub5KWdbWc9cg.roa (raw, json)
Hash identifier: idUrB/lFyRo2DNpiZ7o1sZR0LYJtYSvrhv7rkKAw8mQ=
Subject key identifier: AE:68:59:72:22:AA:36:D0:16:5D:76:AE:6F:92:96:75:B5:9C:F5:C8
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01852B6A9FABBA60235626F6918B247BCBB6
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/rmhZciKqNtAWXXaub5KWdbWc9cg.roa
Signing time: Mon 19 Dec 2022 17:24:46 +0000
ROA not before: Mon 19 Dec 2022 17:24:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.228.0/22 maxlen: 22
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.236.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.237.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.208.0/22 maxlen: 22
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.216.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.132.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.136.0/22 maxlen: 22
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.147.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.152.0/22 maxlen: 22
85.133.151.0/24 maxlen: 24
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.156.0/22 maxlen: 22
85.133.153.0/24 maxlen: 24
85.133.154.0/24 maxlen: 24
85.133.160.0/22 maxlen: 22
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/22 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2b:6a:9f:ab:ba:60:23:56:26:f6:91:8b:24:7b:cb:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Dec 19 17:24:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae68597222aa36d0165d76ae6f929675b59cf5c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:69:af:d7:6e:df:9c:b9:5a:b2:94:02:f5:f9:
9b:5a:1e:02:b5:76:7a:4d:f8:95:83:b6:93:9c:59:
75:24:95:e0:68:19:fc:ad:cc:99:f8:49:47:64:e6:
aa:6e:8d:54:67:e4:cf:34:82:1e:53:03:18:1f:76:
c0:c2:ab:88:df:6e:92:30:7d:18:30:62:91:79:90:
7c:aa:02:4d:d4:70:c5:e9:b6:b7:93:7a:70:eb:51:
7e:68:37:a6:b8:4f:1e:91:8b:5c:d6:9e:e9:27:ed:
d0:3d:eb:ff:b7:bd:46:01:f9:1f:b1:de:b3:76:dc:
72:c9:9e:9d:d8:f0:aa:b2:c8:cc:f3:3f:16:70:01:
e1:4a:71:21:49:ba:3a:48:e9:bf:bf:87:cb:3a:8b:
c6:ec:7b:88:43:f3:0a:a3:80:19:94:be:6a:ca:b5:
d9:8b:57:86:5f:84:d1:65:40:02:e8:05:95:e7:a5:
95:77:93:9a:51:15:03:63:5a:8a:7e:ff:fd:d4:21:
f8:17:e9:f0:0f:f0:54:ea:7b:21:c9:60:2c:f9:4e:
08:bf:42:f2:cb:22:bb:1b:5b:76:fa:4e:26:8a:58:
be:1f:1d:b4:48:82:1b:84:c5:0f:b0:ff:f2:cf:90:
d9:97:38:8f:8f:0e:f5:89:c8:b7:8e:6e:94:41:ed:
8e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:68:59:72:22:AA:36:D0:16:5D:76:AE:6F:92:96:75:B5:9C:F5:C8
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/rmhZciKqNtAWXXaub5KWdbWc9cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
62:ad:b0:b1:5e:93:f3:0c:5c:64:3f:50:64:66:6f:cc:8f:83:
69:33:10:55:5a:bc:b8:19:db:eb:dc:aa:dd:7a:01:93:a6:0a:
ed:e4:53:61:de:a9:a7:54:0f:4d:13:4b:64:7a:41:2f:8b:0c:
f2:c5:a8:9e:e9:74:b0:ab:40:ac:52:91:a1:10:65:dc:b6:88:
30:f9:28:46:2e:04:f7:63:a1:a7:f7:6b:51:51:21:1a:da:e7:
89:92:d0:6c:dd:ff:df:5f:6e:b3:15:a1:10:e2:8d:01:48:62:
d8:46:22:77:88:d8:51:0d:2a:76:3c:c5:d0:4a:08:50:f6:23:
90:cd:4e:7e:d6:93:61:81:a5:a0:a5:6d:3f:d3:01:af:0e:c8:
e4:1a:83:d9:c4:9c:9a:7b:90:4c:33:51:72:de:4a:55:cd:bd:
47:df:8a:4a:d3:ef:57:d4:1a:12:9b:74:65:37:c6:22:d7:3d:
5a:65:37:3a:f2:ed:57:b8:17:58:a3:d5:f6:6a:71:e9:d0:1f:
e2:3f:fa:23:41:82:17:c2:83:bc:6e:19:39:56:be:2f:be:39:
e0:ca:55:a9:cd:e1:c5:78:76:f6:04:25:16:73:d0:7c:3f:72:
29:b8:30:c9:3d:e4:43:33:0a:15:c1:3e:69:9c:3c:f0:b7:ee:
7e:4a:35:6c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYUrap+rumAjVib2kYske8u2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjIxMjE5MTcyNDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTY4NTk3MjIyYWEzNmQwMTY1ZDc2YWU2ZjkyOTY3NWI1OWNmNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGmv127fnLlaspQC9fmbWh4CtXZ6
TfiVg7aTnFl1JJXgaBn8rcyZ+ElHZOaqbo1UZ+TPNIIeUwMYH3bAwquI326SMH0Y
MGKReZB8qgJN1HDF6ba3k3pw61F+aDemuE8ekYtc1p7pJ+3QPev/t71GAfkfsd6z
dtxyyZ6d2PCqssjM8z8WcAHhSnEhSbo6SOm/v4fLOovG7HuIQ/MKo4AZlL5qyrXZ
i1eGX4TRZUAC6AWV56WVd5OaURUDY1qKfv/91CH4F+nwD/BU6nshyWAs+U4Iv0Ly
yyK7G1t2+k4mili+Hx20SIIbhMUPsP/yz5DZlziPjw71ici3jm6UQe2OsQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK5oWXIiqjbQFl12rm+SlnW1nPXIMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvcm1oWmNpS3FOdEFXWFhhdWI1S1dkYldjOWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQBirbCxXpPzDFxk
P1BkZm/Mj4NpMxBVWry4Gdvr3KrdegGTpgrt5FNh3qmnVA9NE0tkekEviwzyxaie
6XSwq0CsUpGhEGXctogw+ShGLgT3Y6Gn92tRUSEa2ueJktBs3f/fX26zFaEQ4o0B
SGLYRiJ3iNhRDSp2PMXQSghQ9iOQzU5+1pNhgaWgpW0/0wGvDsjkGoPZxJyae5BM
M1Fy3kpVzb1H34pK0+9X1BoSm3RlN8Yi1z1aZTc68u1XuBdYo9X2anHp0B/iP/oj
QYIXwoO8bhk5Vr4vvjngylWpzeHFeHb2BCUWc9B8P3IpuDDJPeRDMwoVwT5pnDzw
t+5+SjVs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:02 2024 by rpki-client on console-ams.rpki-client.org