Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/TQlXQD8T6c0bOP1SkSLfK5c1-xI.roa
File: TQlXQD8T6c0bOP1SkSLfK5c1-xI.roa (raw, json)
Hash identifier: Omhuzu9Y8NvNAT5983+MRIzCKQXKUME++q6iacIzfiE=
Subject key identifier: 4D:09:57:40:3F:13:E9:CD:1B:38:FD:52:91:22:DF:2B:97:35:FB:12
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018804AF7E041AD499ABE38D95CF53944A33
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/TQlXQD8T6c0bOP1SkSLfK5c1-xI.roa
Signing time: Wed 10 May 2023 08:03:09 +0000
ROA not before: Wed 10 May 2023 08:03:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54339
IP address blocks: 85.133.227.0/24 maxlen: 24
85.133.228.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.253.0/24 maxlen: 24
85.133.178.0/24 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.199.0/24 maxlen: 24
85.133.194.0/24 maxlen: 24
85.133.205.0/24 maxlen: 24
85.133.208.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.221.0/24 maxlen: 24
85.133.132.0/22 maxlen: 22
85.133.135.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.151.0/24 maxlen: 24
85.133.153.0/24 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:04:af:7e:04:1a:d4:99:ab:e3:8d:95:cf:53:94:4a:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: May 10 08:03:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d0957403f13e9cd1b38fd529122df2b9735fb12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:eb:de:93:07:9d:74:e9:4c:76:04:6e:8e:ac:
b8:de:40:00:2c:b2:8c:2b:95:cb:ac:88:9d:50:5d:
3a:ac:c2:4f:e5:70:83:3c:6c:19:49:fc:2b:bd:3f:
10:87:4a:e7:51:20:d0:bf:c7:ef:86:61:81:27:8e:
26:b0:9c:10:cf:2e:0c:ce:09:84:9a:24:c8:35:45:
df:ac:b0:dc:f3:12:0f:ba:9b:40:2c:06:a3:60:1a:
65:e3:69:30:18:8b:2a:92:8b:33:6a:0a:88:63:9e:
15:7f:c9:1a:46:97:9b:81:f7:8c:da:1c:04:aa:2a:
34:d8:f9:fb:5c:bf:6a:71:25:1b:56:34:06:00:9e:
c4:e1:97:54:1f:a7:7d:99:4f:e7:21:44:51:c3:3e:
cb:8f:91:01:ca:db:b1:e5:8d:ea:b9:83:93:5f:8e:
ad:12:f5:ff:19:dc:1f:0b:d8:1f:47:ec:47:71:84:
ea:5f:64:09:80:b8:f1:0d:a0:09:05:58:09:0b:39:
0f:f8:d5:9c:7e:e5:99:32:14:be:02:2e:45:cb:1e:
61:99:27:eb:ce:e0:21:16:6e:d4:83:e1:c3:dd:6a:
02:ef:80:65:a5:fa:81:e7:f1:01:cf:ee:ec:af:f7:
dd:e1:99:c5:db:a3:bb:75:d8:61:16:1c:4f:d6:f1:
cb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:09:57:40:3F:13:E9:CD:1B:38:FD:52:91:22:DF:2B:97:35:FB:12
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/TQlXQD8T6c0bOP1SkSLfK5c1-xI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.132.0/22
85.133.143.0/24
85.133.151.0/24
85.133.153.0/24
85.133.160.0/23
85.133.166.0/24
85.133.174.0/24
85.133.178.0/24
85.133.194.0/24
85.133.199.0/24
85.133.205.0/24
85.133.208.0/24
85.133.219.0/24
85.133.221.0/24
85.133.227.0-85.133.228.255
85.133.238.0/24
85.133.253.0/24
Signature Algorithm: sha256WithRSAEncryption
82:9f:bd:4a:d6:c2:bd:b2:d3:32:97:80:00:78:1e:9c:28:05:
c9:a9:32:b2:f8:16:2e:1b:04:fd:c8:e7:e5:70:af:ce:71:d6:
12:b1:43:0c:bc:8b:a0:21:25:40:a3:73:ca:59:5e:40:26:5b:
79:da:44:26:9d:13:e7:14:e4:d4:0e:8f:b4:f6:a6:f7:4e:c2:
03:75:ca:24:63:c8:97:17:36:cc:8f:49:95:44:af:8a:99:00:
c1:82:ce:62:51:e7:8d:e7:53:bc:b5:67:54:7f:85:2e:d8:fd:
df:ee:3a:65:b9:85:2b:f3:f2:7a:58:b8:ad:3d:05:cf:1f:60:
1c:27:65:42:70:de:b1:b3:30:a2:9d:ad:31:5a:fc:ea:49:71:
87:5f:09:00:34:66:9c:65:10:55:4b:50:dc:60:79:a3:0b:1e:
68:67:59:fb:75:f8:4b:07:45:f8:34:e2:9d:fa:86:2e:c3:e7:
84:e4:c5:e0:b0:fc:a6:ab:a2:cc:48:90:1b:40:8b:17:19:5b:
96:dd:24:14:16:9e:32:1a:26:b1:60:57:f4:5c:f5:59:1e:07:
a5:c8:a6:20:2a:f3:d4:f7:08:25:49:0a:14:f0:d4:09:59:0c:
21:27:ab:6d:c0:96:80:16:e2:98:a7:40:83:15:fc:b7:bb:a9:
b4:6c:ce:be
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYgEr34EGtSZq+ONlc9TlEozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNTEwMDgwMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDA5NTc0MDNmMTNlOWNkMWIzOGZkNTI5MTIyZGYyYjk3MzVmYjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyevekweddOlMdgRujqy43kAALLKM
K5XLrIidUF06rMJP5XCDPGwZSfwrvT8Qh0rnUSDQv8fvhmGBJ44msJwQzy4MzgmE
miTINUXfrLDc8xIPuptALAajYBpl42kwGIsqkoszagqIY54Vf8kaRpebgfeM2hwE
qio02Pn7XL9qcSUbVjQGAJ7E4ZdUH6d9mU/nIURRwz7Lj5EBytux5Y3quYOTX46t
EvX/GdwfC9gfR+xHcYTqX2QJgLjxDaAJBVgJCzkP+NWcfuWZMhS+Ai5Fyx5hmSfr
zuAhFm7Ug+HD3WoC74BlpfqB5/EBz+7sr/fd4ZnF26O7ddhhFhxP1vHL5wIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFE0JV0A/E+nNGzj9UpEi3yuXNfsSMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvVFFsWFFEOFQ2YzBiT1AxU2tTTGZLNWMxLXhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAlWFhAME
AFWFjwMEAFWFlwMEAFWFmQMEAVWFoAMEAFWFpgMEAFWFrgMEAFWFsgMEAFWFwgME
AFWFxwMEAFWFzQMEAFWF0AMEAFWF2wMEAFWF3TAMAwQAVYXjAwQAVYXkAwQAVYXu
AwQAVYX9MA0GCSqGSIb3DQEBCwUAA4IBAQCCn71K1sK9stMyl4AAeB6cKAXJqTKy
+BYuGwT9yOflcK/OcdYSsUMMvIugISVAo3PKWV5AJlt52kQmnRPnFOTUDo+09qb3
TsIDdcokY8iXFzbMj0mVRK+KmQDBgs5iUeeN51O8tWdUf4Uu2P3f7jpluYUr8/J6
WLitPQXPH2AcJ2VCcN6xszCina0xWvzqSXGHXwkANGacZRBVS1DcYHmjCx5oZ1n7
dfhLB0X4NOKd+oYuw+eE5MXgsPymq6LMSJAbQIsXGVuW3SQUFp4yGiaxYFf0XPVZ
HgelyKYgKvPU9wglSQoU8NQJWQwhJ6ttwJaAFuKYp0CDFfy3u6m0bM6+
-----END CERTIFICATE-----
Generated at Sat May 10 08:28:11 2025 by rpki-client