Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/179ed5-d253-4255-9017-88df125ba663/1/zg-7b9DR1staq4WK2JgSrFttC-A.roa
File: zg-7b9DR1staq4WK2JgSrFttC-A.roa (raw, json)
Hash identifier: xdJdSzQBs/iYyJvrr7hlXEN5NN4lI7pBPpX0josd51A=
Subject key identifier: CE:0F:BB:6F:D0:D1:D6:CB:5A:AB:85:8A:D8:98:12:AC:5B:6D:0B:E0
Certificate issuer: /CN=4ce98606bc9a5d44074ff8cbedcbdbcfc35f0562
Certificate serial: 01856F428EBEE5669F3D8F601543E788BD29
Authority key identifier: 4C:E9:86:06:BC:9A:5D:44:07:4F:F8:CB:ED:CB:DB:CF:C3:5F:05:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TOmGBryaXUQHT_jL7cvbz8NfBWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/179ed5-d253-4255-9017-88df125ba663/1/zg-7b9DR1staq4WK2JgSrFttC-A.roa
Signing time: Sun 01 Jan 2023 21:35:10 +0000
ROA not before: Sun 01 Jan 2023 21:35:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31510
IP address blocks: 212.56.160.0/19 maxlen: 19
185.72.72.0/22 maxlen: 22
83.175.126.0/24 maxlen: 24
156.67.200.0/21 maxlen: 21
156.67.200.0/24 maxlen: 24
83.175.64.0/18 maxlen: 18
83.175.86.0/24 maxlen: 24
2a02:6180::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:8e:be:e5:66:9f:3d:8f:60:15:43:e7:88:bd:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ce98606bc9a5d44074ff8cbedcbdbcfc35f0562
Validity
Not Before: Jan 1 21:35:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce0fbb6fd0d1d6cb5aab858ad89812ac5b6d0be0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:53:04:6f:bb:8e:b6:84:00:cf:e5:7f:7f:3c:
fa:f7:7c:72:79:c1:40:6b:61:05:6e:30:f2:3b:72:
0e:c5:0b:b1:20:56:bd:8a:8b:a4:fd:0d:3c:de:77:
ad:ba:96:51:f4:7f:96:e2:6f:05:42:af:d8:6f:4a:
06:28:22:97:a0:b6:a6:18:60:45:3f:ad:55:76:69:
eb:6d:1c:94:2f:8e:66:8f:67:d8:0d:83:be:49:86:
27:de:ed:a1:2a:ca:86:37:a2:6b:c7:67:49:6a:4c:
3e:67:48:eb:12:07:cb:5d:a8:4f:d0:4e:fa:33:75:
5f:79:a5:4d:ad:90:ff:fe:be:70:c3:22:0e:e2:1e:
b9:62:e9:bd:27:ef:e1:a5:89:3e:55:6e:54:b7:c6:
59:f6:92:d8:93:87:70:17:4e:03:ef:af:61:16:1a:
eb:af:6f:3d:06:af:67:d5:ca:27:3a:fc:43:93:2a:
9e:15:75:0d:88:0c:d3:9f:d6:ef:a9:14:2c:18:93:
7b:59:fb:72:42:82:ed:1d:8d:02:ca:e1:09:b9:f2:
5f:8b:ba:5f:34:14:8e:84:78:49:6a:ed:ff:c4:ff:
e1:05:2a:99:12:a0:e7:80:b2:7b:b4:e3:21:47:cd:
74:c6:ef:70:42:33:e3:78:d3:9b:71:fb:17:57:65:
23:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:0F:BB:6F:D0:D1:D6:CB:5A:AB:85:8A:D8:98:12:AC:5B:6D:0B:E0
X509v3 Authority Key Identifier:
keyid:4C:E9:86:06:BC:9A:5D:44:07:4F:F8:CB:ED:CB:DB:CF:C3:5F:05:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOmGBryaXUQHT_jL7cvbz8NfBWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/179ed5-d253-4255-9017-88df125ba663/1/zg-7b9DR1staq4WK2JgSrFttC-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/179ed5-d253-4255-9017-88df125ba663/1/TOmGBryaXUQHT_jL7cvbz8NfBWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.175.64.0/18
156.67.200.0/21
185.72.72.0/22
212.56.160.0/19
IPv6:
2a02:6180::/32
Signature Algorithm: sha256WithRSAEncryption
33:2b:24:a4:9f:8e:a0:ae:2c:48:36:0f:a3:d8:7d:f5:45:5b:
11:15:25:ab:a7:e5:a7:c9:4a:09:eb:de:a9:19:2e:89:7d:ae:
30:f5:82:10:07:08:46:f8:3d:d9:48:a9:3c:8b:4b:e6:f0:3a:
8a:93:29:90:6b:8e:f3:e0:15:75:a3:7a:4f:bd:55:ed:4e:0a:
39:e4:fd:89:8b:0d:c1:c4:27:82:1c:fc:ae:e7:c1:d3:8c:7d:
d1:44:7a:3a:63:1f:64:95:f7:75:26:e6:51:c3:5c:a3:74:37:
67:1d:9c:94:df:e5:33:45:29:b3:d3:a7:3d:ae:0e:d5:dd:f4:
d6:8f:b2:bd:ab:b9:12:5e:9c:e5:19:89:34:31:14:37:95:fc:
6c:86:85:c6:6c:78:17:74:7c:49:62:4b:1f:6d:4e:83:ff:65:
a1:bb:23:c0:42:54:23:c7:da:29:df:64:92:26:8f:bf:03:34:
1d:d4:57:39:aa:4a:ac:7a:67:77:c1:79:cc:2e:9f:24:c3:60:
7a:22:2a:6b:6b:d0:4d:39:ac:2d:ff:9c:d9:f0:7d:e2:46:0d:
dc:e0:33:62:2b:7f:7b:76:e0:f1:c4:20:b5:d6:fb:9d:59:fb:
8d:a8:0f:d2:f8:4b:f4:c0:4e:4f:34:18:7d:c9:d6:42:e4:bb:
b4:0f:57:94
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVvQo6+5WafPY9gFUPniL0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZTk4NjA2YmM5YTVkNDQwNzRmZjhjYmVkY2JkYmNmYzM1
ZjA1NjIwHhcNMjMwMTAxMjEzNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTBmYmI2ZmQwZDFkNmNiNWFhYjg1OGFkODk4MTJhYzViNmQwYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllMEb7uOtoQAz+V/fzz693xyecFA
a2EFbjDyO3IOxQuxIFa9iouk/Q083netupZR9H+W4m8FQq/Yb0oGKCKXoLamGGBF
P61VdmnrbRyUL45mj2fYDYO+SYYn3u2hKsqGN6Jrx2dJakw+Z0jrEgfLXahP0E76
M3VfeaVNrZD//r5wwyIO4h65Yum9J+/hpYk+VW5Ut8ZZ9pLYk4dwF04D769hFhrr
r289Bq9n1conOvxDkyqeFXUNiAzTn9bvqRQsGJN7WftyQoLtHY0CyuEJufJfi7pf
NBSOhHhJau3/xP/hBSqZEqDngLJ7tOMhR810xu9wQjPjeNObcfsXV2UjZQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFM4Pu2/Q0dbLWquFitiYEqxbbQvgMB8GA1UdIwQY
MBaAFEzphga8ml1EB0/4y+3L28/DXwViMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVE9tR0JyeWFYVVFIVF9qTDdjdmJ6OE5mQldJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xNzllZDUtZDI1My00MjU1LTkwMTct
ODhkZjEyNWJhNjYzLzEvemctN2I5RFIxc3RhcTRXSzJKZ1NyRnR0Qy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xNzllZDUtZDI1My00MjU1LTkwMTctODhkZjEyNWJhNjYz
LzEvVE9tR0JyeWFYVVFIVF9qTDdjdmJ6OE5mQldJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGU69AAwQD
nEPIAwQCuUhIAwQF1DigMA0EAgACMAcDBQAqAmGAMA0GCSqGSIb3DQEBCwUAA4IB
AQAzKySkn46grixINg+j2H31RVsRFSWrp+WnyUoJ696pGS6Jfa4w9YIQBwhG+D3Z
SKk8i0vm8DqKkymQa47z4BV1o3pPvVXtTgo55P2Jiw3BxCeCHPyu58HTjH3RRHo6
Yx9klfd1JuZRw1yjdDdnHZyU3+UzRSmz06c9rg7V3fTWj7K9q7kSXpzlGYk0MRQ3
lfxshoXGbHgXdHxJYksfbU6D/2WhuyPAQlQjx9op32SSJo+/AzQd1Fc5qkqsemd3
wXnMLp8kw2B6Iipra9BNOawt/5zZ8H3iRg3c4DNiK397duDxxCC11vudWfuNqA/S
+Ev0wE5PNBh9ydZC5Lu0D1eU
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:49:53 2025 by rpki-client