Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/oCMH_3AtJ8nJWkpJ01YQ1CNmJxY.roa
File: oCMH_3AtJ8nJWkpJ01YQ1CNmJxY.roa (raw, json)
Hash identifier: FD9bbUnQu07rF3SFPerut0ZKfmfirIBsSCrTXTVX1bQ=
Subject key identifier: A0:23:07:FF:70:2D:27:C9:C9:5A:4A:49:D3:56:10:D4:23:66:27:16
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 0187799EC8BACB671253DE156A9740717855
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/oCMH_3AtJ8nJWkpJ01YQ1CNmJxY.roa
Signing time: Thu 13 Apr 2023 07:57:41 +0000
ROA not before: Thu 13 Apr 2023 07:57:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.228.0/22 maxlen: 22
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.236.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.194.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.208.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.132.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.136.0/22 maxlen: 22
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.156.0/22 maxlen: 22
85.133.154.0/24 maxlen: 24
85.133.160.0/22 maxlen: 22
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/22 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.168.0/22 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:79:9e:c8:ba:cb:67:12:53:de:15:6a:97:40:71:78:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Apr 13 07:57:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a02307ff702d27c9c95a4a49d35610d423662716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0e:aa:91:68:42:a8:fe:48:26:92:98:c3:4e:
f4:bd:1a:d7:ca:e5:37:8f:dc:14:15:f9:68:2e:d0:
09:7c:55:34:27:2e:af:91:0c:6c:b3:18:53:85:61:
72:da:24:46:d9:da:14:b1:fe:96:83:30:93:33:e4:
a7:09:ed:64:f7:4a:0b:62:f7:cd:93:55:34:39:71:
74:00:60:bb:8a:0b:20:71:cd:c6:50:78:27:93:10:
08:88:f2:e9:f6:66:05:51:e8:3c:4d:ff:27:ca:98:
c9:3e:5a:2d:5b:40:00:3f:9f:18:19:c4:a9:64:80:
6a:cf:52:69:90:e2:4f:8f:e7:3a:9b:e6:0b:67:09:
ee:a1:f2:e9:b2:ee:32:34:c1:3a:8b:05:7b:c5:27:
96:c0:a2:b4:62:29:27:8f:79:7c:64:87:0f:99:3d:
65:e5:1d:36:13:93:9b:ee:a8:e6:66:61:26:5f:5a:
7f:a6:5b:ad:36:d3:6d:a7:b0:7b:26:c7:17:f9:eb:
ff:92:65:d9:61:ed:b2:45:9b:e0:1c:a1:da:89:c0:
1e:e1:d3:39:35:46:4e:f0:08:73:1d:cd:6d:c8:9f:
05:79:b8:fc:0b:0c:ea:e5:74:b1:35:58:54:cf:2d:
6c:a8:fb:7e:ed:5c:2d:e9:1a:a5:d8:20:7a:33:a8:
e6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:23:07:FF:70:2D:27:C9:C9:5A:4A:49:D3:56:10:D4:23:66:27:16
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/oCMH_3AtJ8nJWkpJ01YQ1CNmJxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
6e:88:37:54:34:04:c6:cb:5a:59:87:dc:8d:c4:9d:4a:01:23:
25:7c:97:67:09:8b:4b:d2:a5:9d:ab:fa:c9:87:e8:13:53:4d:
14:bd:fb:00:07:aa:9a:5e:ed:1e:e7:16:f5:69:41:8f:2a:1f:
4e:71:da:cb:17:5b:9c:63:8e:d1:eb:df:7d:d6:2b:03:a0:be:
2e:cf:90:f3:e5:d9:7e:21:28:85:2e:36:f8:0c:ea:39:05:88:
c3:7b:c1:dc:ee:00:10:c5:3b:3f:77:6e:35:c8:fb:46:6c:17:
7f:86:05:a5:60:1a:42:93:c2:23:39:9e:85:cd:f2:90:c7:f1:
2a:6c:f0:3d:7b:4e:fd:11:0b:a7:76:38:80:74:2c:d2:89:21:
be:77:ed:9f:d2:11:35:8c:90:59:9f:d1:62:85:a2:de:f6:17:
97:4f:f8:2e:96:d0:e3:f0:81:0f:9a:dc:f0:ee:61:46:40:f0:
1c:9b:26:62:59:fa:27:27:e3:f5:3c:55:99:9c:13:3d:26:eb:
8d:ee:a5:11:84:41:5f:67:dc:ae:fb:21:d8:22:ff:8b:3e:2b:
ea:94:50:b1:58:50:4c:31:27:61:45:19:42:99:69:e6:c8:44:
8e:c5:9a:0b:0b:85:a5:80:46:80:19:b9:02:32:42:d0:9e:27:
4c:94:10:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYd5nsi6y2cSU94VapdAcXhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNDEzMDc1NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDIzMDdmZjcwMmQyN2M5Yzk1YTRhNDlkMzU2MTBkNDIzNjYyNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjA6qkWhCqP5IJpKYw070vRrXyuU3
j9wUFfloLtAJfFU0Jy6vkQxssxhThWFy2iRG2doUsf6WgzCTM+SnCe1k90oLYvfN
k1U0OXF0AGC7igsgcc3GUHgnkxAIiPLp9mYFUeg8Tf8nypjJPlotW0AAP58YGcSp
ZIBqz1JpkOJPj+c6m+YLZwnuofLpsu4yNME6iwV7xSeWwKK0Yiknj3l8ZIcPmT1l
5R02E5Ob7qjmZmEmX1p/plutNtNtp7B7JscX+ev/kmXZYe2yRZvgHKHaicAe4dM5
NUZO8AhzHc1tyJ8Febj8Cwzq5XSxNVhUzy1sqPt+7Vwt6Rql2CB6M6jmPwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKAjB/9wLSfJyVpKSdNWENQjZicWMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvb0NNSF8zQXRKOG5KV2twSjAxWVExQ05tSnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQBuiDdUNATGy1pZh9yNxJ1K
ASMlfJdnCYtL0qWdq/rJh+gTU00UvfsAB6qaXu0e5xb1aUGPKh9OcdrLF1ucY47R
69991isDoL4uz5Dz5dl+ISiFLjb4DOo5BYjDe8Hc7gAQxTs/d241yPtGbBd/hgWl
YBpCk8IjOZ6FzfKQx/EqbPA9e079EQundjiAdCzSiSG+d+2f0hE1jJBZn9FihaLe
9heXT/gultDj8IEPmtzw7mFGQPAcmyZiWfonJ+P1PFWZnBM9JuuN7qURhEFfZ9yu
+yHYIv+LPivqlFCxWFBMMSdhRRlCmWnmyESOxZoLC4WlgEaAGbkCMkLQnidMlBAH
-----END CERTIFICATE-----
Generated at Sat May 10 21:45:21 2025 by rpki-client