Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/3Aj-pNnQ08ru5dnU6E9h8glSrhc.roa
File: 3Aj-pNnQ08ru5dnU6E9h8glSrhc.roa (raw, json)
Hash identifier: jJX9ZCF5/FGZhbu4sQMSnAbXp8uYePYa8ysJaiZtnqI=
Subject key identifier: DC:08:FE:A4:D9:D0:D3:CA:EE:E5:D9:D4:E8:4F:61:F2:09:52:AE:17
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01852BB3DF0AE67AB69450F1A945A8ECF72D
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/3Aj-pNnQ08ru5dnU6E9h8glSrhc.roa
Signing time: Mon 19 Dec 2022 18:44:46 +0000
ROA not before: Mon 19 Dec 2022 18:44:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.228.0/22 maxlen: 22
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.236.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.237.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.208.0/22 maxlen: 22
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.208.0/24 maxlen: 24
85.133.209.0/24 maxlen: 24
85.133.216.0/22 maxlen: 22
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.132.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.136.0/22 maxlen: 22
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.156.0/22 maxlen: 22
85.133.154.0/24 maxlen: 24
85.133.160.0/22 maxlen: 22
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.168.0/22 maxlen: 24
185.41.0.0/24 maxlen: 24
185.41.1.0/24 maxlen: 24
185.41.2.0/24 maxlen: 24
185.41.3.0/24 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2b:b3:df:0a:e6:7a:b6:94:50:f1:a9:45:a8:ec:f7:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Dec 19 18:44:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dc08fea4d9d0d3caeee5d9d4e84f61f20952ae17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e5:43:fd:0d:0c:55:31:86:19:f5:23:ae:f1:
0b:c8:6d:78:d5:72:33:b5:d3:57:7f:0a:0e:9c:a3:
24:83:d1:85:39:70:15:14:2c:41:61:a5:ef:15:18:
69:6d:1e:d1:20:21:38:48:29:5b:8f:d7:8a:28:f2:
89:69:83:a9:e3:42:da:73:a5:07:49:b0:08:94:ab:
c0:e4:c2:f0:0e:52:56:91:00:9b:e9:85:60:5d:0b:
e6:fe:4a:ef:3c:c6:65:5d:f2:e1:66:35:9b:c3:3a:
4b:c1:b2:e6:eb:5d:d0:9b:04:ca:3e:19:9c:74:d4:
60:fe:9f:b1:06:d8:fe:48:ab:7d:80:eb:41:24:74:
54:de:4e:42:d6:50:9b:10:d3:72:e0:e0:34:f6:c0:
04:77:09:e1:96:28:8d:ec:51:52:eb:cf:fb:a6:76:
a1:52:10:81:40:e3:da:c3:1f:85:9b:82:75:a7:f1:
7b:97:08:64:41:b2:b1:8d:68:ea:47:ad:c0:a7:5b:
49:e6:4a:8c:6c:1f:0a:2d:b3:aa:ff:8f:60:62:ca:
f1:36:c6:b7:c8:8a:0d:ef:74:86:5b:0e:c9:29:76:
c0:28:8e:86:c2:9d:f4:4c:f4:e5:24:a5:6b:a6:1f:
05:b6:54:dc:04:01:ae:11:40:22:5b:4e:f5:c5:13:
cb:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:08:FE:A4:D9:D0:D3:CA:EE:E5:D9:D4:E8:4F:61:F2:09:52:AE:17
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/3Aj-pNnQ08ru5dnU6E9h8glSrhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
185.41.0.0/22
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
93:6d:c4:6b:24:89:13:41:70:da:d0:5d:db:23:b1:24:02:52:
20:9f:20:9e:13:47:db:d7:84:8a:d6:b5:03:88:84:1a:e0:ec:
1f:8a:78:8c:26:5c:1a:dc:1f:7f:c2:7c:0e:73:f7:09:e7:56:
9f:41:b6:e4:25:f9:a4:81:e4:43:f0:7b:ce:b8:49:89:3a:be:
49:ac:d7:31:94:ef:74:6d:a3:56:d3:b3:a1:99:c8:c3:eb:e7:
dd:d3:48:3d:19:dc:fc:22:ad:f9:b7:4e:72:59:be:e4:cd:64:
8a:8c:38:72:2c:d2:df:1b:4f:f2:7f:69:99:f6:06:2c:9c:59:
65:00:32:e0:1f:61:26:d0:0f:e4:9f:a9:18:e4:f4:8d:9a:e1:
8d:74:1a:d2:34:72:3e:d5:58:48:bb:d5:ad:ae:84:be:7a:b0:
3a:f5:0a:43:fa:7a:58:e1:29:3f:9a:7f:f7:10:15:ad:d3:7a:
30:24:22:24:4d:8c:15:52:63:78:f5:68:2f:1d:43:81:9f:74:
1f:c6:86:58:ea:2c:54:19:7e:4a:9b:f4:cf:f9:7c:e5:67:4e:
ec:a2:6f:cb:fe:b4:16:35:cd:1b:8d:24:0e:08:3d:29:32:66:
eb:6f:9e:3e:3d:73:07:d7:5d:26:e1:3c:99:fb:84:ec:2c:f0:
bc:65:96:9f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYUrs98K5nq2lFDxqUWo7PctMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjIxMjE5MTg0NDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzA4ZmVhNGQ5ZDBkM2NhZWVlNWQ5ZDRlODRmNjFmMjA5NTJhZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeVD/Q0MVTGGGfUjrvELyG141XIz
tdNXfwoOnKMkg9GFOXAVFCxBYaXvFRhpbR7RICE4SClbj9eKKPKJaYOp40Lac6UH
SbAIlKvA5MLwDlJWkQCb6YVgXQvm/krvPMZlXfLhZjWbwzpLwbLm613QmwTKPhmc
dNRg/p+xBtj+SKt9gOtBJHRU3k5C1lCbENNy4OA09sAEdwnhliiN7FFS68/7pnah
UhCBQOPawx+Fm4J1p/F7lwhkQbKxjWjqR63Ap1tJ5kqMbB8KLbOq/49gYsrxNsa3
yIoN73SGWw7JKXbAKI6Gwp30TPTlJKVrph8FtlTcBAGuEUAiW071xRPLhwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNwI/qTZ0NPK7uXZ1OhPYfIJUq4XMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvM0FqLXBOblEwOHJ1NWRuVTZFOWg4Z2xTcmhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHVYWAAwQC
uSkAMA0EAgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQCTbcRrJIkTQXDa
0F3bI7EkAlIgnyCeE0fb14SK1rUDiIQa4OwfiniMJlwa3B9/wnwOc/cJ51afQbbk
JfmkgeRD8HvOuEmJOr5JrNcxlO90baNW07OhmcjD6+fd00g9Gdz8Iq35t05yWb7k
zWSKjDhyLNLfG0/yf2mZ9gYsnFllADLgH2Em0A/kn6kY5PSNmuGNdBrSNHI+1VhI
u9WtroS+erA69QpD+npY4Sk/mn/3EBWt03owJCIkTYwVUmN49WgvHUOBn3QfxoZY
6ixUGX5Km/TP+XzlZ07som/L/rQWNc0bjSQOCD0pMmbrb54+PXMH110m4TyZ+4Ts
LPC8ZZaf
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:51 2023 by rpki-client on console.sobornost.net