Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/zxeETg0es-TZixpcceFA1wHeBG0.roa
File: zxeETg0es-TZixpcceFA1wHeBG0.roa (raw, json)
Hash identifier: D6Vr4T4VKk/+frLMIfdTyKLW0eRQBQ3SPsbSLgIu60k=
Subject key identifier: CF:17:84:4E:0D:1E:B3:E4:D9:8B:1A:5C:71:E1:40:D7:01:DE:04:6D
Certificate issuer: /CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Certificate serial: 381B2622
Authority key identifier: AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/zxeETg0es-TZixpcceFA1wHeBG0.roa
Signing time: Wed 23 Mar 2022 08:42:57 +0000
ROA not before: Wed 23 Mar 2022 08:42:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34700
IP address blocks: 31.202.0.0/17 maxlen: 18
46.160.88.0/21 maxlen: 21
178.165.0.0/17 maxlen: 18
31.202.128.0/18 maxlen: 18
185.147.96.0/22 maxlen: 22
5.255.160.0/20 maxlen: 20
79.171.120.0/21 maxlen: 21
2a00:1210::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941303330 (0x381b2622)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7a9b1745a5a70c3bf7bcc2c2ee166460aff7a8
Validity
Not Before: Mar 23 08:42:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf17844e0d1eb3e4d98b1a5c71e140d701de046d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2d:d1:c9:d4:20:05:40:2d:58:c8:16:b6:c4:
cf:32:3b:68:7d:da:7b:24:3d:79:f6:74:0d:75:1e:
75:fc:a5:55:10:d8:97:6e:2e:f5:98:fe:b5:f8:49:
f3:e9:9d:72:99:ce:50:07:c6:89:02:01:30:7d:6f:
f1:0c:fd:95:bd:e7:d1:ae:35:c5:ba:df:34:8e:63:
b8:1b:d3:52:8f:29:f0:17:f1:0e:4a:08:fc:86:7e:
17:d5:88:62:3d:b2:ee:16:cc:72:72:1b:37:2f:ec:
de:df:92:7b:6f:84:05:4a:15:c7:25:9e:c1:da:e7:
a6:2a:6c:60:a3:37:7e:e6:64:cb:e7:8e:f3:1e:69:
03:f5:9b:67:5d:0d:a3:8b:c1:39:d6:3e:36:a0:73:
ee:bc:ea:42:a8:10:bd:21:07:7c:1d:ed:31:2a:87:
83:e2:73:df:9b:78:9e:70:9c:bd:08:e0:2f:22:32:
b6:dc:ac:b2:e3:c0:9f:93:b6:0d:b3:69:2f:6e:71:
fb:d9:a9:06:04:50:75:a9:b7:ce:8f:8e:ec:c7:44:
ab:c5:db:6a:8e:47:4e:01:1b:6e:fb:07:3d:26:eb:
05:cc:2a:a8:6f:fc:28:90:a5:2a:03:56:e4:77:08:
cb:46:bb:16:9c:b0:57:86:53:1c:66:d2:f5:42:85:
c6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:17:84:4E:0D:1E:B3:E4:D9:8B:1A:5C:71:E1:40:D7:01:DE:04:6D
X509v3 Authority Key Identifier:
keyid:AE:7A:9B:17:45:A5:A7:0C:3B:F7:BC:C2:C2:EE:16:64:60:AF:F7:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnqbF0Wlpww797zCwu4WZGCv96g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/zxeETg0es-TZixpcceFA1wHeBG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6e909d-d325-48a1-9443-cc9a758c9916/1/rnqbF0Wlpww797zCwu4WZGCv96g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.160.0/20
31.202.0.0-31.202.191.255
46.160.88.0/21
79.171.120.0/21
178.165.0.0/17
185.147.96.0/22
IPv6:
2a00:1210::/32
Signature Algorithm: sha256WithRSAEncryption
9a:2c:a2:2a:3f:e5:cc:f2:3c:a1:d0:9f:74:2a:91:a1:bc:3a:
8a:3d:7e:52:fb:4d:84:8b:f7:fd:4d:9b:e0:f7:0f:15:ed:87:
46:78:02:94:5c:3b:45:b9:3c:5b:a5:78:f9:5d:b6:58:d5:0a:
bf:ed:1a:89:5f:c9:c2:b3:d8:b2:ad:2a:d5:90:d1:a7:5d:66:
f2:d8:cc:da:59:f2:01:99:5b:e6:8b:19:d7:d0:d4:ca:d8:43:
f9:62:b0:09:4f:3b:94:8d:1f:9a:af:09:82:88:93:4d:24:d7:
2a:4f:38:1d:91:26:48:4e:34:bd:cf:e4:92:e9:7a:d3:70:f5:
44:f8:64:5b:0c:dd:0b:2c:26:0b:28:21:e5:ac:8b:cb:7e:bd:
dc:17:d6:a2:a6:d4:73:10:2a:e9:46:8c:52:86:f1:4a:7b:88:
da:f3:69:06:ab:1a:19:ae:94:f2:e4:dd:06:41:17:a3:c4:c9:
e4:ed:69:21:1d:49:46:b5:ac:d7:58:c6:d6:5d:65:9f:e6:73:
b3:f7:38:a3:0e:1c:0b:71:c5:67:40:5e:f1:f6:ad:51:a2:b4:
ee:b1:67:e8:11:14:81:43:86:d5:bc:e8:bf:57:68:a4:83:fd:
b7:d1:79:1d:47:5a:ff:c6:8f:c5:88:c1:47:b5:b4:ce:9e:e8:
16:5f:b8:86
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIEOBsmIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTdhOWIxNzQ1YTVhNzBjM2JmN2JjYzJjMmVlMTY2NDYwYWZmN2E4MB4XDTIyMDMy
MzA4NDI1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2YxNzg0NGUwZDFl
YjNlNGQ5OGIxYTVjNzFlMTQwZDcwMWRlMDQ2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8t0cnUIAVALVjIFrbEzzI7aH3aeyQ9efZ0DXUedfylVRDY
l24u9Zj+tfhJ8+mdcpnOUAfGiQIBMH1v8Qz9lb3n0a41xbrfNI5juBvTUo8p8Bfx
DkoI/IZ+F9WIYj2y7hbMcnIbNy/s3t+Se2+EBUoVxyWewdrnpipsYKM3fuZky+eO
8x5pA/WbZ10No4vBOdY+NqBz7rzqQqgQvSEHfB3tMSqHg+Jz35t4nnCcvQjgLyIy
ttyssuPAn5O2DbNpL25x+9mpBgRQdam3zo+O7MdEq8Xbao5HTgEbbvsHPSbrBcwq
qG/8KJClKgNW5HcIy0a7FpywV4ZTHGbS9UKFxrkCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBTPF4RODR6z5NmLGlxx4UDXAd4EbTAfBgNVHSMEGDAWgBSuepsXRaWnDDv3
vMLC7hZkYK/3qDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JucWJGMFdscHd3Nzk3ekN3dTRXWkdDdjk2Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvNmU5MDlkLWQzMjUtNDhhMS05NDQzLWNjOWE3NThjOTkxNi8x
L3p4ZUVUZzBlcy1UWml4cGNjZUZBMXdIZUJHMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
NmU5MDlkLWQzMjUtNDhhMS05NDQzLWNjOWE3NThjOTkxNi8xL3JucWJGMFdscHd3
Nzk3ekN3dTRXWkdDdjk2Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwMQQCAAEwKwMEBAX/oDALAwMBH8oDBAYfyoADBAMu
oFgDBANPq3gDBAeypQADBAK5k2AwDQQCAAIwBwMFACoAEhAwDQYJKoZIhvcNAQEL
BQADggEBAJosoio/5czyPKHQn3QqkaG8Ooo9flL7TYSL9/1Nm+D3DxXth0Z4ApRc
O0W5PFulePldtljVCr/tGolfycKz2LKtKtWQ0addZvLYzNpZ8gGZW+aLGdfQ1MrY
Q/lisAlPO5SNH5qvCYKIk00k1ypPOB2RJkhONL3P5JLpetNw9UT4ZFsM3QssJgso
IeWsi8t+vdwX1qKm1HMQKulGjFKG8Up7iNrzaQarGhmulPLk3QZBF6PEyeTtaSEd
SUa1rNdYxtZdZZ/mc7P3OKMOHAtxxWdAXvH2rVGitO6xZ+gRFIFDhtW86L9XaKSD
/bfReR1HWv/Gj8WIwUe1tM6e6BZfuIY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:28:31 2025 by rpki-client