Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ApEkZrvvPv-Vgn2Ihe66iYmR3UY.roa
File: ApEkZrvvPv-Vgn2Ihe66iYmR3UY.roa (raw, json)
Hash identifier: blv74Z/Jb35624Pnaism6J+ze/YgKoPELBnrA7aVM0A=
Subject key identifier: 02:91:24:66:BB:EF:3E:FF:95:82:7D:88:85:EE:BA:89:89:91:DD:46
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01851A201991D028109C919632CB92096A5C
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ApEkZrvvPv-Vgn2Ihe66iYmR3UY.roa
Signing time: Fri 16 Dec 2022 08:49:49 +0000
ROA not before: Fri 16 Dec 2022 08:49:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 85.133.228.0/24 maxlen: 24
85.133.233.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
85.133.237.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.236.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.194.0/24 maxlen: 24
85.133.199.0/24 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.216.0/24 maxlen: 24
85.133.217.0/24 maxlen: 24
85.133.215.0/24 maxlen: 24
85.133.218.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.132.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.135.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
85.133.165.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:20:19:91:d0:28:10:9c:91:96:32:cb:92:09:6a:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Dec 16 08:49:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02912466bbef3eff95827d8885eeba898991dd46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ff:c3:12:9e:13:d2:7d:31:25:d9:3f:9a:0a:
4e:5e:4b:b9:78:91:4a:5c:bb:14:d3:9d:b4:bd:b4:
73:38:2c:ef:22:7f:80:dc:cf:b8:f3:70:c4:cd:00:
a9:d6:d2:54:5c:6c:28:26:96:72:7f:9a:3f:4e:2c:
aa:0d:0d:8e:16:de:4c:21:97:56:2d:4a:91:e5:a8:
f1:53:25:49:00:31:59:56:19:b3:7c:d3:93:e7:e4:
55:c3:8c:71:b7:61:eb:bf:4c:46:26:42:aa:6c:4d:
21:36:88:ad:d2:13:0c:ae:d0:c5:21:9e:6d:8a:3c:
6c:e4:d2:ba:c8:8b:1e:e3:6d:23:d4:7e:81:0d:bf:
83:39:fa:a0:a1:5b:49:b8:a1:c0:66:13:cf:22:3a:
15:43:d5:1e:4b:ae:1d:c8:ce:ac:f8:d6:35:9b:84:
00:cf:94:f3:fb:80:3a:41:9d:03:6e:c5:50:f6:a7:
2a:5d:0f:de:5a:7d:99:f1:62:85:d8:f6:db:a8:b1:
f7:c6:fa:8f:77:95:84:0f:ce:76:77:05:7b:c7:69:
1c:e7:ab:66:8d:a2:45:e0:32:ae:cd:a4:9d:e1:52:
e7:54:de:5e:65:b2:9d:8d:14:83:83:19:13:ef:00:
9d:b2:db:75:0b:b7:52:ae:9a:27:a0:8d:a0:c8:17:
76:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:91:24:66:BB:EF:3E:FF:95:82:7D:88:85:EE:BA:89:89:91:DD:46
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/ApEkZrvvPv-Vgn2Ihe66iYmR3UY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.132.0/24
85.133.135.0-85.133.137.255
85.133.143.0/24
85.133.146.0/24
85.133.151.0/24
85.133.153.0/24
85.133.156.0/24
85.133.160.0/23
85.133.164.0-85.133.166.255
85.133.174.0/24
85.133.178.0/23
85.133.194.0/24
85.133.199.0/24
85.133.202.0/24
85.133.205.0/24
85.133.208.0/24
85.133.215.0-85.133.219.255
85.133.225.0/24
85.133.228.0/24
85.133.233.0-85.133.234.255
85.133.236.0-85.133.238.255
85.133.241.0-85.133.242.255
85.133.250.0/24
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
07:20:08:be:13:6a:12:f2:1c:80:75:94:63:d1:59:d4:5d:20:
6e:37:5b:54:38:c6:10:4b:f2:58:3e:d5:a8:00:b7:c6:bc:b5:
82:01:e4:c9:de:b0:41:a0:a8:f8:00:ad:e4:86:4a:9a:a8:9f:
d9:ff:d4:da:c3:6c:09:d7:c3:28:04:dc:ed:3d:3a:4f:38:44:
bb:57:90:21:43:6d:05:a8:7c:31:08:54:d1:ae:92:cc:40:36:
c2:83:a9:9c:9b:06:76:02:c2:4a:97:0e:5c:ad:06:e3:4a:4a:
28:7f:ed:38:5b:70:9a:a6:2e:19:19:78:ed:f9:c4:60:3f:5d:
7a:53:ca:7b:d4:36:0c:70:01:b4:95:ed:8c:d9:90:80:dc:9b:
d0:cf:a8:c3:d9:32:4d:d0:24:34:0e:13:7c:f1:5f:43:4e:3a:
9e:b3:3b:3c:43:9d:4d:98:d0:9c:c7:18:6d:07:c7:20:8c:21:
7b:c5:f5:3f:42:93:df:0d:27:98:69:b2:98:d4:8d:6c:6f:8b:
68:80:5e:f3:27:5a:a1:48:a5:91:28:98:e5:01:6e:d9:3f:2a:
7e:28:af:a3:33:28:d8:35:31:b9:e1:20:23:be:00:d0:ce:da:
b9:66:ad:78:4b:d0:d2:0b:b0:9d:55:34:73:52:30:c0:57:5d:
f5:7a:ff:48
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgISAYUaIBmR0CgQnJGWMsuSCWpcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjIxMjE2MDg0OTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjkxMjQ2NmJiZWYzZWZmOTU4MjdkODg4NWVlYmE4OTg5OTFkZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl//DEp4T0n0xJdk/mgpOXku5eJFK
XLsU0520vbRzOCzvIn+A3M+483DEzQCp1tJUXGwoJpZyf5o/TiyqDQ2OFt5MIZdW
LUqR5ajxUyVJADFZVhmzfNOT5+RVw4xxt2Hrv0xGJkKqbE0hNoit0hMMrtDFIZ5t
ijxs5NK6yIse420j1H6BDb+DOfqgoVtJuKHAZhPPIjoVQ9UeS64dyM6s+NY1m4QA
z5Tz+4A6QZ0DbsVQ9qcqXQ/eWn2Z8WKF2PbbqLH3xvqPd5WED852dwV7x2kc56tm
jaJF4DKuzaSd4VLnVN5eZbKdjRSDgxkT7wCdstt1C7dSrponoI2gyBd2QwIDAQAB
o4ICyDCCAsQwHQYDVR0OBBYEFAKRJGa77z7/lYJ9iIXuuomJkd1GMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvQXBFa1pydnZQdi1WZ24ySWhlNjZpWW1SM1VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHdBggrBgEFBQcBBwEB/wSBzTCByjCBxwQCAAEwgcADBABV
hYQwDAMEAFWFhwMEAVWFiAMEAFWFjwMEAFWFkgMEAFWFlwMEAFWFmQMEAFWFnAME
AVWFoDAMAwQCVYWkAwQAVYWmAwQAVYWuAwQBVYWyAwQAVYXCAwQAVYXHAwQAVYXK
AwQAVYXNAwQAVYXQMAwDBABVhdcDBAJVhdgDBABVheEDBABVheQwDAMEAFWF6QME
AFWF6jAMAwQCVYXsAwQAVYXuMAwDBABVhfEDBABVhfIDBABVhfoDBABVhf0wDQYJ
KoZIhvcNAQELBQADggEBAAcgCL4TahLyHIB1lGPRWdRdIG43W1Q4xhBL8lg+1agA
t8a8tYIB5MnesEGgqPgAreSGSpqon9n/1NrDbAnXwygE3O09Ok84RLtXkCFDbQWo
fDEIVNGuksxANsKDqZybBnYCwkqXDlytBuNKSih/7ThbcJqmLhkZeO35xGA/XXpT
ynvUNgxwAbSV7YzZkIDcm9DPqMPZMk3QJDQOE3zxX0NOOp6zOzxDnU2Y0JzHGG0H
xyCMIXvF9T9Ck98NJ5hpspjUjWxvi2iAXvMnWqFIpZEomOUBbtk/Kn4or6MzKNg1
MbnhICO+ANDO2rlmrXhL0NILsJ1VNHNSMMBXXfV6/0g=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:51 2023 by rpki-client on console.sobornost.net