Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wRKR826fRESWZqORb1DZJw8DKYk.roa
File: wRKR826fRESWZqORb1DZJw8DKYk.roa (raw, json)
Hash identifier: 54PFAi5LXZXdTNt9j6hFdFuctTjEbXbtUKjjBmVIhWo=
Subject key identifier: C1:12:91:F3:6E:9F:44:44:96:66:A3:91:6F:50:D9:27:0F:03:29:89
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018C6D374083AC37D7E47251EF36254BE358
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wRKR826fRESWZqORb1DZJw8DKYk.roa
Signing time: Fri 15 Dec 2023 11:23:06 +0000
ROA not before: Fri 15 Dec 2023 11:23:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29632
IP address blocks: 2a0e:b107:27da::/48 maxlen: 48
2a0e:b107:27de::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6d:37:40:83:ac:37:d7:e4:72:51:ef:36:25:4b:e3:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 15 11:23:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c11291f36e9f44449666a3916f50d9270f032989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:60:d5:e4:4c:0b:a0:1a:57:b1:a0:44:f1:b1:
13:3f:5f:96:99:f5:53:88:de:93:e2:7f:61:af:3f:
9e:b0:65:db:02:8f:af:83:45:2b:d7:59:a1:27:72:
a1:e2:e9:96:f3:c4:b3:71:e3:df:11:aa:00:e9:0f:
ba:c8:d1:b1:a3:bd:38:a9:a6:09:de:a7:a3:70:a6:
49:dc:26:04:fb:ad:f5:f4:2c:97:74:1d:4d:1f:58:
2b:05:42:1d:24:37:5e:59:bb:09:35:0d:48:32:4e:
33:3f:1f:f8:c5:07:b5:ad:69:14:30:31:8c:1f:04:
e0:fe:48:af:c5:a5:01:71:b5:8b:75:c3:72:2c:15:
a3:61:c7:65:6a:b0:80:82:6d:7f:d4:53:89:4c:30:
9d:6e:f6:04:12:3a:ee:13:00:71:70:e6:dd:68:7b:
d9:eb:15:95:5b:40:d0:a8:fd:4a:17:71:4d:82:40:
70:68:f0:2b:a9:cf:48:10:26:a9:b1:8f:80:fa:b9:
94:82:db:d1:f3:ae:18:57:e1:c9:6d:f0:cd:7b:ac:
57:0e:00:be:e9:9f:7f:fa:5c:4b:86:6a:e3:50:30:
38:3b:51:e8:82:60:8d:53:e7:32:96:f8:cd:87:32:
ca:92:80:14:3e:81:2c:c0:19:c3:ec:27:be:a1:fd:
d8:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:12:91:F3:6E:9F:44:44:96:66:A3:91:6F:50:D9:27:0F:03:29:89
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/wRKR826fRESWZqORb1DZJw8DKYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:27da::/48
2a0e:b107:27de::/48
Signature Algorithm: sha256WithRSAEncryption
57:ba:5d:a0:21:6f:1d:73:e0:e6:08:3c:67:e8:d5:a4:8f:7d:
3a:15:64:ed:79:d2:0f:90:ef:c5:dd:5f:a1:97:3a:db:45:89:
0f:4e:8f:99:0f:eb:f0:7e:1d:c7:13:6a:46:3d:7e:4d:a3:c6:
00:f9:6f:0d:f4:89:a2:88:04:8f:f8:23:f2:ff:f6:32:cf:a7:
9e:09:03:0a:bb:38:f3:d3:0e:8d:78:07:d1:f5:13:f4:65:ca:
e8:1b:7d:88:9c:7e:d7:ba:11:8d:4f:c8:ca:93:4f:b6:c0:26:
d5:21:25:e6:53:d8:fa:1f:b2:7b:f6:2a:70:48:3d:ab:6b:04:
87:06:c0:0a:da:7a:ab:eb:3e:fb:e4:c9:2e:82:7d:0d:81:cc:
c3:b4:b3:75:97:45:fd:dd:66:7e:a5:bd:5f:09:45:9f:10:93:
b1:14:01:88:9c:8f:1f:90:8e:22:44:5c:a0:d1:eb:65:2c:0c:
09:53:ca:94:17:25:76:ea:96:74:ea:12:69:bb:9f:2a:0f:0c:
14:2b:a3:b6:c1:32:a3:c9:4a:ce:53:72:e7:45:ca:7c:ba:76:
38:4c:1f:bb:13:25:3e:ea:c8:87:b1:26:ec:9a:42:09:7a:3f:
cf:09:32:53:d7:b7:14:09:d1:01:b6:79:88:5e:c1:56:ab:31:
46:76:59:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYxtN0CDrDfX5HJR7zYlS+NYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMxMjE1MTEyMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTEyOTFmMzZlOWY0NDQ0OTY2NmEzOTE2ZjUwZDkyNzBmMDMyOTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomDV5EwLoBpXsaBE8bETP1+WmfVT
iN6T4n9hrz+esGXbAo+vg0Ur11mhJ3Kh4umW88SzcePfEaoA6Q+6yNGxo704qaYJ
3qejcKZJ3CYE+6319CyXdB1NH1grBUIdJDdeWbsJNQ1IMk4zPx/4xQe1rWkUMDGM
HwTg/kivxaUBcbWLdcNyLBWjYcdlarCAgm1/1FOJTDCdbvYEEjruEwBxcObdaHvZ
6xWVW0DQqP1KF3FNgkBwaPArqc9IECapsY+A+rmUgtvR864YV+HJbfDNe6xXDgC+
6Z9/+lxLhmrjUDA4O1HogmCNU+cylvjNhzLKkoAUPoEswBnD7Ce+of3YMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMESkfNun0RElmajkW9Q2ScPAymJMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvd1JLUjgyNmZSRVNXWnFPUmIxRFpKdzhES1lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg6xByfa
AwcAKg6xByfeMA0GCSqGSIb3DQEBCwUAA4IBAQBXul2gIW8dc+DmCDxn6NWkj306
FWTtedIPkO/F3V+hlzrbRYkPTo+ZD+vwfh3HE2pGPX5No8YA+W8N9ImiiASP+CPy
//Yyz6eeCQMKuzjz0w6NeAfR9RP0ZcroG32InH7XuhGNT8jKk0+2wCbVISXmU9j6
H7J79ipwSD2rawSHBsAK2nqr6z775Mkugn0NgczDtLN1l0X93WZ+pb1fCUWfEJOx
FAGInI8fkI4iRFyg0etlLAwJU8qUFyV26pZ06hJpu58qDwwUK6O2wTKjyUrOU3Ln
Rcp8unY4TB+7EyU+6siHsSbsmkIJej/PCTJT17cUCdEBtnmIXsFWqzFGdllD
-----END CERTIFICATE-----
Generated at Mon Jun 16 14:17:42 2025 by rpki-client