Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/ZSVh_3DWk2gEuwNlzBq7CiMG8O4.roa
File: ZSVh_3DWk2gEuwNlzBq7CiMG8O4.roa (raw, json)
Hash identifier: 1kD9foyiaHEGwfzJRy7o2cbJKJT7BW8AzAqjCLJHykg=
Subject key identifier: 65:25:61:FF:70:D6:93:68:04:BB:03:65:CC:1A:BB:0A:23:06:F0:EE
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 01856D0A8307E6AAB962996E9866FC97BBDF
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/ZSVh_3DWk2gEuwNlzBq7CiMG8O4.roa
Signing time: Sun 01 Jan 2023 11:14:43 +0000
ROA not before: Sun 01 Jan 2023 11:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57665
IP address blocks: 185.226.44.0/22 maxlen: 22
31.222.16.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:83:07:e6:aa:b9:62:99:6e:98:66:fc:97:bb:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Jan 1 11:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=652561ff70d6936804bb0365cc1abb0a2306f0ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:36:b6:30:0a:66:8d:28:d8:bf:28:ed:eb:6c:
39:f1:65:9f:3a:ef:f8:78:c2:da:59:8e:d9:4c:b2:
17:fb:62:61:0d:2f:5d:b3:6b:61:86:fe:ae:dc:25:
f0:34:4a:ec:e1:fb:0d:2f:20:65:17:39:67:b2:bd:
15:e3:21:be:57:3c:8b:14:5c:c7:e0:2f:76:97:74:
30:8a:e8:0b:2f:8f:60:34:8d:98:19:49:de:af:82:
92:4e:ff:5d:8b:ac:10:79:b6:c0:c0:85:7f:e1:42:
12:b2:33:be:dd:70:ef:d2:8d:9e:66:8f:ae:f9:41:
3b:e2:e8:67:99:08:60:b0:41:1e:e7:9b:60:13:c0:
71:ab:56:c5:db:a6:9e:50:ac:39:9d:85:80:1e:69:
01:33:c5:a4:69:d3:17:c2:c6:73:c1:1e:cb:70:e2:
39:a0:50:e9:d3:df:55:78:7c:68:29:0a:7a:cc:1a:
50:63:b3:4b:4d:68:b2:bc:87:ed:f8:c4:89:88:e5:
6b:42:5e:fb:ad:64:f1:80:09:e8:ca:74:b0:30:a4:
a0:c3:e1:09:14:e5:e7:a5:f8:55:6b:ec:02:6b:a6:
29:5c:7e:28:3c:62:ba:03:7e:39:22:fa:80:61:96:
60:21:7f:d0:59:1e:ed:a1:a2:5d:65:8a:c8:c6:69:
90:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:25:61:FF:70:D6:93:68:04:BB:03:65:CC:1A:BB:0A:23:06:F0:EE
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/ZSVh_3DWk2gEuwNlzBq7CiMG8O4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.16.0/21
185.226.44.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:4a:83:39:d8:6e:bd:9a:1c:5e:72:f8:8f:01:9c:f2:c9:99:
51:d9:b0:a2:f7:49:14:6b:52:ce:6f:68:2c:81:00:e4:e0:7f:
a7:00:f3:43:17:6a:c8:1c:cc:4a:56:15:d9:9b:e1:3f:af:6f:
91:24:9d:c0:f9:e2:55:e7:56:e4:bf:dc:68:8a:1f:99:f3:5b:
8c:a5:57:f6:21:90:2a:9a:22:f7:75:7c:39:f6:63:98:5a:76:
89:ee:4b:63:10:e8:92:77:73:3f:69:39:4c:e3:13:82:ad:b2:
46:fe:75:14:d5:59:6c:87:05:32:7d:9e:8c:03:40:5c:7f:5a:
0c:fc:06:6d:0d:d6:e7:9e:07:90:b8:b6:d5:be:e6:d3:09:62:
34:ce:7a:b9:d2:ec:65:8b:2e:1d:02:a3:99:71:38:c3:c0:b6:
c8:9c:2d:e6:f2:db:10:97:15:ff:6f:7d:09:16:ed:95:0e:3f:
18:db:21:8e:79:ed:43:0b:a7:15:4d:95:ed:3b:08:cf:f4:56:
45:fd:65:0e:74:3e:0e:52:10:d8:d8:fe:c3:b7:cb:c6:d3:38:
30:05:a5:0e:25:e4:34:f2:d5:f2:93:66:1c:8a:40:33:1a:82:
ce:d8:0e:1f:11:ba:ea:5c:d9:90:a4:57:bf:2d:33:01:c8:63:
eb:95:89:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtCoMH5qq5YplumGb8l7vfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjMwMTAxMTExNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTI1NjFmZjcwZDY5MzY4MDRiYjAzNjVjYzFhYmIwYTIzMDZmMGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Da2MApmjSjYvyjt62w58WWfOu/4
eMLaWY7ZTLIX+2JhDS9ds2thhv6u3CXwNErs4fsNLyBlFzlnsr0V4yG+VzyLFFzH
4C92l3QwiugLL49gNI2YGUner4KSTv9di6wQebbAwIV/4UISsjO+3XDv0o2eZo+u
+UE74uhnmQhgsEEe55tgE8Bxq1bF26aeUKw5nYWAHmkBM8WkadMXwsZzwR7LcOI5
oFDp099VeHxoKQp6zBpQY7NLTWiyvIft+MSJiOVrQl77rWTxgAnoynSwMKSgw+EJ
FOXnpfhVa+wCa6YpXH4oPGK6A345IvqAYZZgIX/QWR7toaJdZYrIxmmQTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGUlYf9w1pNoBLsDZcwauwojBvDuMB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvWlNWaF8zRFdrMmdFdXdObHpCcTdDaU1HOE80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH94QAwQC
ueIsMA0GCSqGSIb3DQEBCwUAA4IBAQChSoM52G69mhxecviPAZzyyZlR2bCi90kU
a1LOb2gsgQDk4H+nAPNDF2rIHMxKVhXZm+E/r2+RJJ3A+eJV51bkv9xoih+Z81uM
pVf2IZAqmiL3dXw59mOYWnaJ7ktjEOiSd3M/aTlM4xOCrbJG/nUU1VlshwUyfZ6M
A0Bcf1oM/AZtDdbnngeQuLbVvubTCWI0znq50uxliy4dAqOZcTjDwLbInC3m8tsQ
lxX/b30JFu2VDj8Y2yGOee1DC6cVTZXtOwjP9FZF/WUOdD4OUhDY2P7Dt8vG0zgw
BaUOJeQ08tXyk2YcikAzGoLO2A4fEbrqXNmQpFe/LTMByGPrlYmW
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:06:39 2025 by rpki-client