Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gwLGEcrZu0X5-yjhg_nbvPSnUkg.roa
File: gwLGEcrZu0X5-yjhg_nbvPSnUkg.roa (raw, json)
Hash identifier: UDTvdHF6gdWJbh1lQpHlIkB09YJ86jH0refqqo55dbM=
Subject key identifier: 83:02:C6:11:CA:D9:BB:45:F9:FB:28:E1:83:F9:DB:BC:F4:A7:52:48
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018A536A3A15190F073DC9CF94252B4B0A89
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gwLGEcrZu0X5-yjhg_nbvPSnUkg.roa
Signing time: Sat 02 Sep 2023 01:03:05 +0000
ROA not before: Sat 02 Sep 2023 01:03:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49195
IP address blocks: 2a0e:b107:1810::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:53:6a:3a:15:19:0f:07:3d:c9:cf:94:25:2b:4b:0a:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Sep 2 01:03:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8302c611cad9bb45f9fb28e183f9dbbcf4a75248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4e:a6:ad:89:9c:39:5c:17:c3:73:4c:f5:9f:
21:85:8f:a9:40:88:2a:b3:29:3b:15:3e:b2:47:77:
1d:50:9c:99:6d:00:6a:fa:ca:e3:da:3a:43:56:96:
31:07:eb:53:b0:f6:df:d1:d8:84:12:b2:30:dc:a1:
60:0e:7c:5a:df:ec:84:91:b6:01:43:08:5e:b9:65:
ae:c5:fa:d1:32:fd:47:1f:fd:3c:be:0a:57:1f:d6:
47:f7:20:3b:70:55:a4:95:fe:d9:2a:b7:a4:79:90:
8f:bd:84:2d:0d:00:7e:8f:53:6e:36:83:40:7e:47:
d1:1c:f6:b5:2d:90:48:c9:48:37:02:f0:bd:39:d2:
dc:16:5f:b6:01:e3:e5:f4:3d:c8:2d:65:95:bc:2a:
ec:1d:2a:2e:3a:8a:c9:3c:d2:fb:65:56:16:b1:89:
95:27:bf:3d:bd:f4:ad:45:a6:8e:1f:d8:34:6c:b5:
be:0b:fb:0c:b4:c6:27:a4:9e:ac:a9:14:da:82:0b:
36:a5:9e:a7:74:10:53:c0:47:d9:97:dd:9f:80:46:
fe:bb:25:51:26:b6:7e:d6:71:cb:91:45:1d:b4:5a:
5b:a1:0f:c6:72:ad:af:48:e7:83:b0:11:e4:5d:76:
43:d2:ed:01:fc:8d:47:84:e8:72:79:54:cf:79:bc:
ef:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:02:C6:11:CA:D9:BB:45:F9:FB:28:E1:83:F9:DB:BC:F4:A7:52:48
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/gwLGEcrZu0X5-yjhg_nbvPSnUkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:1810::/44
Signature Algorithm: sha256WithRSAEncryption
63:59:09:0e:2e:cb:14:4a:9c:82:40:5a:75:ec:96:aa:4b:54:
e0:09:c2:53:58:af:32:8a:5c:e9:4b:92:8e:2a:7a:01:6e:c4:
85:1a:0e:f7:f5:71:c0:1d:a7:7e:ac:42:d3:77:86:46:9d:13:
7b:2d:3b:92:ea:f1:bb:e2:5c:87:55:6c:91:56:6f:11:39:b3:
25:31:11:71:70:28:01:5d:d1:ef:a1:71:7e:b9:72:cd:dd:5a:
db:5d:27:38:d7:90:c4:bc:6e:ee:26:c8:6b:9b:0b:24:7b:ec:
78:7e:ea:4a:b3:14:1d:da:47:dc:fb:7a:e7:53:2c:fd:af:e6:
31:6f:84:6a:ef:f9:fb:4d:1a:fe:a7:65:aa:06:f3:78:82:c3:
34:f0:3f:34:2e:da:d2:a1:97:e2:95:c8:fb:00:fd:9f:82:c1:
9a:25:52:cb:ca:3e:a1:8c:fa:b7:c9:6e:af:2a:5a:9e:c7:1a:
b5:d9:45:69:d4:09:86:16:74:82:5a:e7:27:73:1e:08:f7:eb:
68:9c:a3:c1:08:2d:36:f9:c4:76:40:ff:34:63:89:23:b2:6e:
90:96:f1:6b:8d:0f:aa:0a:b9:6c:5e:7f:e1:3a:07:fb:76:de:
74:6c:c8:75:f2:c7:f0:d5:53:9b:74:78:87:1d:ab:7e:b0:55:
aa:8e:b8:f3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYpTajoVGQ8HPcnPlCUrSwqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwOTAyMDEwMzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzAyYzYxMWNhZDliYjQ1ZjlmYjI4ZTE4M2Y5ZGJiY2Y0YTc1MjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArk6mrYmcOVwXw3NM9Z8hhY+pQIgq
syk7FT6yR3cdUJyZbQBq+srj2jpDVpYxB+tTsPbf0diEErIw3KFgDnxa3+yEkbYB
QwheuWWuxfrRMv1HH/08vgpXH9ZH9yA7cFWklf7ZKrekeZCPvYQtDQB+j1NuNoNA
fkfRHPa1LZBIyUg3AvC9OdLcFl+2AePl9D3ILWWVvCrsHSouOorJPNL7ZVYWsYmV
J789vfStRaaOH9g0bLW+C/sMtMYnpJ6sqRTaggs2pZ6ndBBTwEfZl92fgEb+uyVR
JrZ+1nHLkUUdtFpboQ/Gcq2vSOeDsBHkXXZD0u0B/I1HhOhyeVTPebzvAwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIMCxhHK2btF+fso4YP527z0p1JIMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZ3dMR0Vjclp1MFg1LXlqaGdfbmJ2UFNuVWtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6xBxgQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBjWQkOLssUSpyCQFp17JaqS1TgCcJTWK8yilzp
S5KOKnoBbsSFGg739XHAHad+rELTd4ZGnRN7LTuS6vG74lyHVWyRVm8RObMlMRFx
cCgBXdHvoXF+uXLN3VrbXSc415DEvG7uJshrmwske+x4fupKsxQd2kfc+3rnUyz9
r+Yxb4Rq7/n7TRr+p2WqBvN4gsM08D80LtrSoZfilcj7AP2fgsGaJVLLyj6hjPq3
yW6vKlqexxq12UVp1AmGFnSCWucncx4I9+tonKPBCC02+cR2QP80Y4kjsm6QlvFr
jQ+qCrlsXn/hOgf7dt50bMh18sfw1VObdHiHHat+sFWqjrjz
-----END CERTIFICATE-----
Generated at Wed Jun 18 03:16:06 2025 by rpki-client