Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/yoVNA9_B1ZhDUjWRr84PBb7OpGs.roa
File: yoVNA9_B1ZhDUjWRr84PBb7OpGs.roa (raw, json)
Hash identifier: ijim1vsLX8fb74J0ut2M9C2UzfAUScRJODnFblOrNhU=
Subject key identifier: CA:85:4D:03:DF:C1:D5:98:43:52:35:91:AF:CE:0F:05:BE:CE:A4:6B
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0A5D156C
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/yoVNA9_B1ZhDUjWRr84PBb7OpGs.roa
Signing time: Sat 19 Feb 2022 13:42:57 +0000
ROA not before: Sat 19 Feb 2022 13:42:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60025
IP address blocks: 85.133.194.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173872492 (0xa5d156c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Feb 19 13:42:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca854d03dfc1d59843523591afce0f05becea46b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:1e:54:f9:70:92:08:66:00:fd:94:78:3d:0b:
d0:5b:cf:53:41:0d:18:00:27:cf:90:45:c8:29:b1:
86:15:6d:fa:26:6e:12:13:d4:90:14:3f:bf:10:83:
b2:dc:06:a0:45:76:d8:43:44:13:cd:ab:c7:f7:72:
f0:f2:5f:a5:66:94:96:74:a6:8e:0a:61:97:b6:da:
ca:9b:a9:85:cb:84:57:c0:61:cb:e1:cd:a3:9d:1a:
fd:19:80:ee:69:21:f9:df:33:54:cf:c8:7e:7a:fd:
d0:9c:0c:41:a8:21:b1:24:de:a6:8a:41:63:af:05:
84:56:dc:93:71:b9:ba:3b:b9:76:5f:b2:23:58:56:
18:df:9a:2f:e2:b5:58:bc:76:d1:bb:ff:ea:ed:5a:
50:70:58:af:38:3a:77:7f:88:bf:31:be:a7:01:8c:
08:38:4a:10:57:3d:04:ac:cb:86:94:1c:f5:b7:13:
9e:c4:e7:51:a7:5a:83:5a:eb:59:32:02:4b:44:9f:
ad:17:aa:89:53:a2:41:d2:f9:b7:4f:03:1d:1b:79:
a5:18:4f:f0:69:87:5f:ba:fb:fe:ae:ba:83:58:aa:
a6:b2:c4:a9:7b:03:1d:c8:63:83:e8:28:31:bc:51:
c7:0b:09:ea:7d:be:99:47:23:35:be:ba:3a:1f:44:
85:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:85:4D:03:DF:C1:D5:98:43:52:35:91:AF:CE:0F:05:BE:CE:A4:6B
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/yoVNA9_B1ZhDUjWRr84PBb7OpGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.136.0/23
85.133.164.0/23
85.133.194.0/24
85.133.217.0/24
85.133.234.0/24
85.133.236.0/24
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
18:91:37:cf:c0:1b:84:8d:09:c3:04:43:6e:dd:ab:35:7f:5b:
ee:d7:bc:97:91:c0:b0:9e:2f:bf:d9:66:49:8d:f8:95:3c:77:
5b:27:18:68:28:7e:f1:b5:2c:40:97:d7:e2:40:ca:1a:91:6d:
a4:2a:cc:e3:62:ae:b3:67:77:f5:48:f2:ec:df:7b:a9:88:fa:
65:e3:89:85:42:50:41:e8:e3:4a:63:43:6c:84:35:d5:ff:c6:
64:d3:b7:6d:74:47:48:74:a3:b0:9a:9d:f4:10:2c:5c:82:2f:
57:86:af:92:25:d8:7e:60:f6:f7:2a:57:99:8e:2b:f5:16:f7:
a4:0c:ec:c9:74:d5:f0:28:f4:a6:3a:47:d3:4d:c7:d8:32:d6:
39:90:b8:33:fb:6c:dd:8e:3d:5f:91:1e:ad:95:3b:8e:35:6f:
7c:30:17:59:65:9e:2c:67:34:9d:52:ec:af:47:e8:f2:4b:2b:
e0:fd:07:33:d3:72:8d:8f:f3:eb:c7:68:f9:fa:7a:a2:ba:70:
53:8a:77:17:ec:88:04:39:62:ed:c7:e7:19:b4:8e:34:46:9f:
22:aa:65:2d:61:b2:49:1f:65:a2:1c:4f:a4:ab:7c:74:27:4f:
6f:be:f5:ab:56:8d:c3:e5:ff:6f:4b:fd:35:ef:3c:9c:5c:89:
f6:84:4c:42
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIECl0VbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDVlMzk2NThhM2VmNmYxM2NhMjFjYzExYTRlMzNlYmNkOTQ2NzAyMB4XDTIyMDIx
OTEzNDI1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2E4NTRkMDNkZmMx
ZDU5ODQzNTIzNTkxYWZjZTBmMDViZWNlYTQ2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANYeVPlwkghmAP2UeD0L0FvPU0ENGAAnz5BFyCmxhhVt+iZu
EhPUkBQ/vxCDstwGoEV22ENEE82rx/dy8PJfpWaUlnSmjgphl7baypuphcuEV8Bh
y+HNo50a/RmA7mkh+d8zVM/Ifnr90JwMQaghsSTepopBY68FhFbck3G5uju5dl+y
I1hWGN+aL+K1WLx20bv/6u1aUHBYrzg6d3+IvzG+pwGMCDhKEFc9BKzLhpQc9bcT
nsTnUadag1rrWTICS0SfrReqiVOiQdL5t08DHRt5pRhP8GmHX7r7/q66g1iqprLE
qXsDHchjg+goMbxRxwsJ6n2+mUcjNb66Oh9EhaMCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBTKhU0D38HVmENSNZGvzg8Fvs6kazAfBgNVHSMEGDAWgBTNXjllij728Tyi
HMEaTjPrzZRnAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pWNDVaWW8tOXZFOG9oekJHazR6NjgyVVp3SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8x
L3lvVk5BOV9CMVpoRFVqV1JyODRQQmI3T3BHcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
ZWY1MzZjLTAzZDMtNGFjNS1iMTI1LTVkMWZhNjZjMzYzYi8xL3pWNDVaWW8tOXZF
OG9oekJHazR6NjgyVVp3SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAVWFiAMEAVWFpAMEAFWFwgMEAFWF
2QMEAFWF6gMEAFWF7AMEAFWF/TANBgkqhkiG9w0BAQsFAAOCAQEAGJE3z8AbhI0J
wwRDbt2rNX9b7te8l5HAsJ4vv9lmSY34lTx3WycYaCh+8bUsQJfX4kDKGpFtpCrM
42Kus2d39Ujy7N97qYj6ZeOJhUJQQejjSmNDbIQ11f/GZNO3bXRHSHSjsJqd9BAs
XIIvV4avkiXYfmD29ypXmY4r9Rb3pAzsyXTV8Cj0pjpH003H2DLWOZC4M/ts3Y49
X5EerZU7jjVvfDAXWWWeLGc0nVLsr0fo8ksr4P0HM9NyjY/z68do+fp6orpwU4p3
F+yIBDli7cfnGbSONEafIqplLWGySR9lohxPpKt8dCdPb771q1aNw+X/b0v9Ne88
nFyJ9oRMQg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:10 2023 by rpki-client on console-ams.rpki-client.org