Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/CNTtsXgUYQ_u9IPqVW-u-ZWsXCs.roa
File: CNTtsXgUYQ_u9IPqVW-u-ZWsXCs.roa (raw, json)
Hash identifier: c9X9ZnwMb55Vdbg9f1Q2XhFucogu9TVIBNct0wpU5dg=
Subject key identifier: 08:D4:ED:B1:78:14:61:0F:EE:F4:83:EA:55:6F:AE:F9:95:AC:5C:2B
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01877BDA6517113BB1F92D3771FC020656AD
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/CNTtsXgUYQ_u9IPqVW-u-ZWsXCs.roa
Signing time: Thu 13 Apr 2023 18:22:02 +0000
ROA not before: Thu 13 Apr 2023 18:22:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39074
IP address blocks: 85.133.228.0/24 maxlen: 24
85.133.231.0/24 maxlen: 24
85.133.232.0/24 maxlen: 24
85.133.233.0/24 maxlen: 24
85.133.228.0/22 maxlen: 22
85.133.232.0/22 maxlen: 22
85.133.229.0/24 maxlen: 24
85.133.230.0/24 maxlen: 24
85.133.227.0/24 maxlen: 24
85.133.238.0/24 maxlen: 24
85.133.239.0/24 maxlen: 24
85.133.236.0/22 maxlen: 22
85.133.240.0/24 maxlen: 24
85.133.235.0/24 maxlen: 24
85.133.240.0/22 maxlen: 22
85.133.237.0/24 maxlen: 24
85.133.234.0/24 maxlen: 24
85.133.245.0/24 maxlen: 24
85.133.246.0/24 maxlen: 24
85.133.242.0/24 maxlen: 24
85.133.243.0/24 maxlen: 24
85.133.244.0/24 maxlen: 24
85.133.241.0/24 maxlen: 24
85.133.247.0/24 maxlen: 24
85.133.248.0/22 maxlen: 22
85.133.249.0/24 maxlen: 24
85.133.250.0/24 maxlen: 24
85.133.251.0/24 maxlen: 24
85.133.252.0/22 maxlen: 22
85.133.254.0/24 maxlen: 24
85.133.255.0/24 maxlen: 24
85.133.179.0/24 maxlen: 24
85.133.176.0/22 maxlen: 24
85.133.174.0/24 maxlen: 24
85.133.184.0/22 maxlen: 24
85.133.180.0/22 maxlen: 24
85.133.189.0/24 maxlen: 24
85.133.188.0/22 maxlen: 22
85.133.192.0/22 maxlen: 22
85.133.196.0/24 maxlen: 24
85.133.197.0/24 maxlen: 24
85.133.194.0/24 maxlen: 24
85.133.196.0/22 maxlen: 22
85.133.203.0/24 maxlen: 24
85.133.204.0/24 maxlen: 24
85.133.200.0/22 maxlen: 22
85.133.206.0/24 maxlen: 24
85.133.200.0/24 maxlen: 24
85.133.201.0/24 maxlen: 24
85.133.204.0/22 maxlen: 22
85.133.210.0/24 maxlen: 24
85.133.211.0/24 maxlen: 24
85.133.208.0/22 maxlen: 22
85.133.212.0/24 maxlen: 24
85.133.213.0/24 maxlen: 24
85.133.207.0/24 maxlen: 24
85.133.212.0/22 maxlen: 22
85.133.209.0/24 maxlen: 24
85.133.219.0/24 maxlen: 24
85.133.220.0/24 maxlen: 24
85.133.220.0/22 maxlen: 22
85.133.226.0/24 maxlen: 24
85.133.223.0/24 maxlen: 24
85.133.224.0/22 maxlen: 22
85.133.132.0/22 maxlen: 22
85.133.130.0/24 maxlen: 24
85.133.131.0/24 maxlen: 24
85.133.128.0/17 maxlen: 24
85.133.128.0/24 maxlen: 24
85.133.129.0/24 maxlen: 24
85.133.128.0/22 maxlen: 22
85.133.134.0/24 maxlen: 24
85.133.136.0/22 maxlen: 22
85.133.133.0/24 maxlen: 24
85.133.138.0/24 maxlen: 24
85.133.139.0/24 maxlen: 24
85.133.144.0/22 maxlen: 22
85.133.144.0/24 maxlen: 24
85.133.145.0/24 maxlen: 24
85.133.140.0/22 maxlen: 22
85.133.141.0/24 maxlen: 24
85.133.142.0/24 maxlen: 24
85.133.143.0/24 maxlen: 24
85.133.140.0/24 maxlen: 24
85.133.148.0/24 maxlen: 24
85.133.149.0/24 maxlen: 24
85.133.150.0/24 maxlen: 24
85.133.146.0/24 maxlen: 24
85.133.148.0/22 maxlen: 22
85.133.147.0/24 maxlen: 24
85.133.152.0/22 maxlen: 22
85.133.152.0/24 maxlen: 24
85.133.158.0/24 maxlen: 24
85.133.159.0/24 maxlen: 24
85.133.155.0/24 maxlen: 24
85.133.157.0/24 maxlen: 24
85.133.156.0/22 maxlen: 22
85.133.154.0/24 maxlen: 24
85.133.160.0/22 maxlen: 22
85.133.162.0/24 maxlen: 24
85.133.163.0/24 maxlen: 24
85.133.164.0/22 maxlen: 24
85.133.160.0/24 maxlen: 24
85.133.161.0/24 maxlen: 24
85.133.166.0/24 maxlen: 24
85.133.172.0/24 maxlen: 24
85.133.172.0/22 maxlen: 24
85.133.168.0/22 maxlen: 24
2a04:87c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7b:da:65:17:11:3b:b1:f9:2d:37:71:fc:02:06:56:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Apr 13 18:22:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08d4edb17814610feef483ea556faef995ac5c2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a0:f9:fd:0a:17:2d:22:c0:4d:cb:84:13:b3:
ca:3a:37:91:a0:7d:ce:5d:09:a8:94:cf:05:18:c8:
3d:41:c5:e8:65:80:60:b5:5b:68:3d:36:c0:38:c9:
81:f8:d1:b6:bb:0a:21:c0:dc:29:9d:a1:e7:df:c4:
d3:73:66:bd:51:11:17:17:fa:67:0d:ae:81:07:27:
ef:c4:3b:f6:02:18:b6:8e:35:d2:03:0e:a9:c6:1a:
77:8a:b0:97:4e:79:e6:37:c3:42:3c:7e:ce:1e:75:
11:de:15:12:87:43:5b:c2:1c:3c:b5:27:80:65:46:
db:6c:49:01:a5:4a:ce:84:2f:8f:cc:a2:99:dd:2b:
12:0b:25:5f:ea:16:4a:35:91:ba:3b:0b:7b:47:2c:
89:18:38:98:27:38:c8:8f:7f:e7:14:12:d7:6f:bb:
2c:02:05:45:50:d1:fe:6b:e3:61:e0:6b:c4:d6:af:
42:56:fa:1c:0b:c5:36:3c:46:0d:4d:04:7b:33:59:
50:92:a7:2d:62:e2:10:61:c1:a0:9a:3d:6a:e0:b4:
da:8e:fb:f9:5f:1f:ad:ac:b9:be:a9:99:08:b1:c3:
c2:8b:81:a5:9e:09:a5:20:ee:e0:bc:47:4b:3d:ca:
d9:bd:1b:c1:5c:03:d5:1b:98:e5:8d:c1:79:46:f3:
51:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D4:ED:B1:78:14:61:0F:EE:F4:83:EA:55:6F:AE:F9:95:AC:5C:2B
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/CNTtsXgUYQ_u9IPqVW-u-ZWsXCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.128.0/17
IPv6:
2a04:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
13:e4:80:8d:dd:de:68:07:27:46:7d:7e:c9:0b:d4:44:86:a4:
e4:35:d8:23:0d:d3:0d:20:17:02:31:76:30:e5:41:bd:7d:53:
bb:eb:37:9f:ed:2f:76:2d:3f:0c:5d:47:7c:a8:e7:67:4c:9a:
80:58:29:4b:cd:42:de:e5:72:b9:77:87:2e:96:21:d4:d7:b4:
80:ae:0f:f9:94:0b:c7:3f:71:d7:ed:1b:d9:e4:48:ea:01:e0:
5a:b1:fb:f8:a3:aa:f1:b1:3d:f0:0b:10:f8:63:85:cb:a1:3f:
81:67:46:d9:ad:f1:a4:7e:b5:80:32:d5:7d:9c:c6:a6:71:0a:
71:22:89:5a:c6:b0:ad:3c:fa:9e:55:7c:9b:99:9a:db:26:74:
0d:62:9a:f9:fb:98:03:33:f8:73:7e:e1:47:af:d3:7c:c4:15:
53:d6:d9:e0:df:10:33:b7:33:c7:ae:6a:29:92:01:a0:6a:ca:
6d:93:f5:a9:7b:c9:43:7f:6c:c3:69:a7:f9:e2:73:5b:6a:5d:
2d:7a:61:f0:f5:7f:29:03:16:59:1c:32:93:fc:8e:1b:0a:e1:
86:d7:ac:b4:83:1e:da:3a:9f:31:44:47:06:c3:0e:5b:81:b2:
a6:54:b2:da:d4:bf:b9:73:3b:61:d2:71:f9:5f:08:cd:1f:00:
25:42:30:bc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYd72mUXETux+S03cfwCBlatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwNDEzMTgyMjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQ0ZWRiMTc4MTQ2MTBmZWVmNDgzZWE1NTZmYWVmOTk1YWM1YzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qD5/QoXLSLATcuEE7PKOjeRoH3O
XQmolM8FGMg9QcXoZYBgtVtoPTbAOMmB+NG2uwohwNwpnaHn38TTc2a9UREXF/pn
Da6BByfvxDv2Ahi2jjXSAw6pxhp3irCXTnnmN8NCPH7OHnUR3hUSh0Nbwhw8tSeA
ZUbbbEkBpUrOhC+PzKKZ3SsSCyVf6hZKNZG6Owt7RyyJGDiYJzjIj3/nFBLXb7ss
AgVFUNH+a+Nh4GvE1q9CVvocC8U2PEYNTQR7M1lQkqctYuIQYcGgmj1q4LTajvv5
Xx+trLm+qZkIscPCi4GlngmlIO7gvEdLPcrZvRvBXAPVG5jljcF5RvNRAQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAjU7bF4FGEP7vSD6lVvrvmVrFwrMB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvQ05UdHNYZ1VZUV91OUlQcVZXLXUtWldzWENzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHVYWAMA0E
AgACMAcDBQMqBIfAMA0GCSqGSIb3DQEBCwUAA4IBAQAT5ICN3d5oBydGfX7JC9RE
hqTkNdgjDdMNIBcCMXYw5UG9fVO76zef7S92LT8MXUd8qOdnTJqAWClLzULe5XK5
d4culiHU17SArg/5lAvHP3HX7RvZ5EjqAeBasfv4o6rxsT3wCxD4Y4XLoT+BZ0bZ
rfGkfrWAMtV9nMamcQpxIolaxrCtPPqeVXybmZrbJnQNYpr5+5gDM/hzfuFHr9N8
xBVT1tng3xAztzPHrmopkgGgasptk/Wpe8lDf2zDaaf54nNbal0temHw9X8pAxZZ
HDKT/I4bCuGG16y0gx7aOp8xREcGww5bgbKmVLLa1L+5czth0nH5XwjNHwAlQjC8
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:19:45 2025 by rpki-client