Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/rwgCh2YQ2-6ENW6lhEOsGPurdDs.roa
File: rwgCh2YQ2-6ENW6lhEOsGPurdDs.roa (raw, json)
Hash identifier: 0tubhWj54CHjfGPrqlxrb1ZZkFa3twDf82R2CI31dBI=
Subject key identifier: AF:08:02:87:66:10:DB:EE:84:35:6E:A5:84:43:AC:18:FB:AB:74:3B
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 018738F9E79F91DEEDC5362EC84B86F3A408
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/rwgCh2YQ2-6ENW6lhEOsGPurdDs.roa
Signing time: Fri 31 Mar 2023 18:41:54 +0000
ROA not before: Fri 31 Mar 2023 18:41:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25098
IP address blocks: 85.133.179.0/24 maxlen: 24
85.133.202.0/24 maxlen: 24
85.133.225.0/24 maxlen: 24
85.133.137.0/24 maxlen: 24
85.133.136.0/24 maxlen: 24
85.133.156.0/24 maxlen: 24
85.133.164.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:38:f9:e7:9f:91:de:ed:c5:36:2e:c8:4b:86:f3:a4:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Mar 31 18:41:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af0802876610dbee84356ea58443ac18fbab743b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:64:70:a5:33:58:e5:3d:5b:00:ce:d4:e2:fe:
e0:fa:5f:d0:34:06:c1:47:46:d4:73:18:bf:91:a7:
f0:32:bc:63:8f:da:ab:60:b6:a8:4a:cc:51:db:ba:
9f:40:96:5b:e9:db:3b:f6:8a:c5:02:3d:d5:39:aa:
ca:de:06:71:2f:36:13:29:66:26:1d:46:ef:49:b9:
aa:1c:02:dc:f2:0f:15:9e:6e:9b:0e:f4:6a:4a:f7:
cb:b1:f5:83:ad:b1:d3:ea:69:cb:19:77:f2:f2:6d:
dc:9a:09:ca:c1:24:7b:b5:52:c5:47:22:94:81:24:
d7:9a:81:1b:2e:02:85:e6:1c:8a:d6:d1:1d:7d:55:
e9:95:86:85:c7:31:ff:3f:49:b2:f0:23:0f:60:ee:
73:69:e6:cb:e2:0c:35:e2:83:44:f8:2d:8e:81:44:
b3:a3:b7:6e:b9:12:65:1c:b5:a7:e0:55:d3:17:b6:
25:bd:0f:99:9d:ac:a0:b2:1b:b1:e7:56:be:09:b7:
82:4d:3f:34:d5:a5:e0:98:12:89:81:8e:3b:a4:c7:
6c:3d:62:48:b8:7a:8d:22:d9:c1:a3:d8:49:2e:ce:
a2:60:b3:ae:1e:b0:46:82:91:29:37:de:39:38:ab:
48:b5:c4:34:59:ab:df:5c:8d:73:65:7c:d5:e9:7b:
55:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:08:02:87:66:10:DB:EE:84:35:6E:A5:84:43:AC:18:FB:AB:74:3B
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/rwgCh2YQ2-6ENW6lhEOsGPurdDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.136.0/23
85.133.156.0/24
85.133.164.0/24
85.133.179.0/24
85.133.202.0/24
85.133.225.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:eb:b4:6a:da:71:b8:f1:bb:94:c4:88:67:08:80:77:18:55:
94:49:76:b4:b2:d8:cf:bf:2b:7b:e0:8b:7f:a8:16:1f:28:1f:
ba:76:3a:ba:88:83:8f:a0:73:36:06:b1:51:eb:45:4a:78:e4:
b3:95:15:ca:fe:0c:29:94:ff:77:27:b3:d1:03:52:28:35:61:
f3:83:a8:45:3e:e1:a9:11:06:5e:3c:0c:d1:7f:75:4c:75:db:
5b:de:30:77:11:52:e0:df:8d:12:42:cd:81:77:65:49:f2:55:
f1:46:2d:26:30:70:19:26:f0:74:d4:59:73:33:d8:d7:5c:a4:
0b:0f:2d:6a:4d:21:14:46:55:2c:8b:ce:da:87:c1:5b:ea:e6:
a0:c1:7e:86:d5:7f:e0:3f:76:02:ad:e4:75:dc:8b:4c:b5:69:
d7:39:45:4d:ca:72:61:57:c7:56:a8:9d:87:d6:81:b4:93:3a:
31:be:bd:16:bc:4c:db:6f:16:f0:11:73:b9:9a:b0:39:39:c6:
20:1a:61:0f:f2:1a:73:7e:b0:c2:b9:af:31:ca:9d:8e:c6:e2:
f1:b1:df:d0:92:d8:a5:41:32:28:bd:53:73:28:cd:ef:fe:7d:
c6:b6:3e:15:30:6f:95:b0:ac:86:b4:b1:80:94:26:00:2e:93:
fc:75:31:9e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYc4+eefkd7txTYuyEuG86QIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjMwMzMxMTg0MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjA4MDI4NzY2MTBkYmVlODQzNTZlYTU4NDQzYWMxOGZiYWI3NDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmRwpTNY5T1bAM7U4v7g+l/QNAbB
R0bUcxi/kafwMrxjj9qrYLaoSsxR27qfQJZb6ds79orFAj3VOarK3gZxLzYTKWYm
HUbvSbmqHALc8g8Vnm6bDvRqSvfLsfWDrbHT6mnLGXfy8m3cmgnKwSR7tVLFRyKU
gSTXmoEbLgKF5hyK1tEdfVXplYaFxzH/P0my8CMPYO5zaebL4gw14oNE+C2OgUSz
o7duuRJlHLWn4FXTF7YlvQ+Znaygshux51a+CbeCTT801aXgmBKJgY47pMdsPWJI
uHqNItnBo9hJLs6iYLOuHrBGgpEpN945OKtItcQ0WavfXI1zZXzV6XtVSQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK8IAodmENvuhDVupYRDrBj7q3Q7MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvcndnQ2gyWVEyLTZFTlc2bGhFT3NHUHVyZERzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBVYWIAwQA
VYWcAwQAVYWkAwQAVYWzAwQAVYXKAwQAVYXhMA0GCSqGSIb3DQEBCwUAA4IBAQB7
67Rq2nG48buUxIhnCIB3GFWUSXa0stjPvyt74It/qBYfKB+6djq6iIOPoHM2BrFR
60VKeOSzlRXK/gwplP93J7PRA1IoNWHzg6hFPuGpEQZePAzRf3VMddtb3jB3EVLg
340SQs2Bd2VJ8lXxRi0mMHAZJvB01FlzM9jXXKQLDy1qTSEURlUsi87ah8Fb6uag
wX6G1X/gP3YCreR13ItMtWnXOUVNynJhV8dWqJ2H1oG0kzoxvr0WvEzbbxbwEXO5
mrA5OcYgGmEP8hpzfrDCua8xyp2OxuLxsd/QktilQTIovVNzKM3v/n3Gtj4VMG+V
sKyGtLGAlCYALpP8dTGe
-----END CERTIFICATE-----
Generated at Tue Apr 29 08:33:09 2025 by rpki-client