Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/gwOpiKvGICsZZFE4O6UCFVW-30w.roa
File: gwOpiKvGICsZZFE4O6UCFVW-30w.roa (raw, json)
Hash identifier: HSOafXS5VwQXXY7MGgU6o0SnMThy+AHRXODHQ0N0jYE=
Subject key identifier: 83:03:A9:88:AB:C6:20:2B:19:64:51:38:3B:A5:02:15:55:BE:DF:4C
Certificate issuer: /CN=19a43d81657a3c38c150de55797f1c7b5f0c2ebb
Certificate serial: 018A27F06378150DF016500006A5FC4E03DB
Authority key identifier: 19:A4:3D:81:65:7A:3C:38:C1:50:DE:55:79:7F:1C:7B:5F:0C:2E:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GaQ9gWV6PDjBUN5VeX8ce18MLrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/gwOpiKvGICsZZFE4O6UCFVW-30w.roa
Signing time: Thu 24 Aug 2023 14:26:20 +0000
ROA not before: Thu 24 Aug 2023 14:26:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207375
IP address blocks: 93.88.24.0/22 maxlen: 25
45.145.108.0/22 maxlen: 25
2a0e:fdc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:27:f0:63:78:15:0d:f0:16:50:00:06:a5:fc:4e:03:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19a43d81657a3c38c150de55797f1c7b5f0c2ebb
Validity
Not Before: Aug 24 14:26:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8303a988abc6202b196451383ba5021555bedf4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:af:8d:c8:22:f5:9e:4f:16:c9:b7:7a:9b:23:
12:95:eb:b7:22:16:72:2f:1e:f1:ed:06:19:1b:6a:
a3:b1:30:ea:7d:d2:18:9c:cd:79:d0:c7:dd:ae:57:
71:c7:a8:3e:4f:ba:25:67:1f:f6:c5:1e:c7:d9:57:
83:e7:d0:34:51:af:b3:65:a4:e0:61:b6:67:59:90:
97:68:6c:3b:dc:73:dc:d6:ef:8a:b0:db:01:87:ad:
ef:33:e9:7d:07:c4:47:27:33:71:12:58:65:66:48:
2b:21:92:52:4a:a5:36:ae:5a:1b:6f:03:36:19:3a:
ff:91:e5:a3:9c:24:f2:ea:72:f5:28:4f:b6:2b:b0:
63:f8:e6:2b:96:8c:6e:e1:f0:39:e9:2a:b9:83:99:
4c:3b:ed:c5:27:49:48:25:5e:09:ca:a0:27:15:84:
4c:89:54:08:77:6f:d2:05:5d:c8:c1:f5:76:3b:73:
8d:3a:32:7e:64:af:4b:48:cd:01:bf:a4:c0:53:06:
c9:ed:25:72:59:91:3a:dc:75:84:94:d0:97:c8:d8:
48:b5:0d:2b:71:8c:69:62:31:46:81:aa:fc:04:78:
f6:15:32:c9:90:90:e6:f7:4f:3d:db:8a:a1:3d:4e:
c8:dc:e1:30:55:40:53:75:87:c5:12:77:53:c3:9a:
1c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:03:A9:88:AB:C6:20:2B:19:64:51:38:3B:A5:02:15:55:BE:DF:4C
X509v3 Authority Key Identifier:
keyid:19:A4:3D:81:65:7A:3C:38:C1:50:DE:55:79:7F:1C:7B:5F:0C:2E:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GaQ9gWV6PDjBUN5VeX8ce18MLrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/gwOpiKvGICsZZFE4O6UCFVW-30w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/GaQ9gWV6PDjBUN5VeX8ce18MLrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.108.0/22
93.88.24.0/22
IPv6:
2a0e:fdc0::/29
Signature Algorithm: sha256WithRSAEncryption
46:4f:d0:d3:3b:d9:99:97:ab:55:ca:cd:dd:7e:c5:4f:5f:83:
f5:24:03:76:88:c5:e5:1c:fd:d6:02:95:77:01:c9:a7:2a:cb:
6c:39:5c:53:3a:4a:80:af:d0:26:7b:8c:12:b9:33:c8:c9:12:
60:37:d6:98:6d:84:63:8f:61:74:1d:d6:81:ae:a7:d1:c6:1a:
b3:95:36:25:17:94:b8:cf:c6:ef:85:7f:7e:2b:20:00:75:af:
c3:4b:0c:60:95:42:61:14:2d:0d:cb:fd:34:d5:00:e1:74:54:
0e:c2:e0:7b:10:f1:19:2c:07:22:f1:91:cb:35:f2:62:ba:13:
e2:f8:d7:64:1a:c5:85:63:64:b7:de:81:96:0b:10:cc:a8:99:
db:b4:e8:aa:68:ed:0e:de:4a:d8:fd:52:1d:59:2b:97:56:61:
ed:12:ab:bc:fb:8e:57:3e:d3:42:a1:05:a1:de:98:ca:3e:3e:
e9:07:72:eb:0e:ff:1f:04:ad:34:a8:ae:ab:b5:fa:25:4b:ac:
4a:0c:e7:4f:41:2b:3c:ea:5f:d8:df:ed:1c:b4:a2:a1:ae:6e:
50:43:e3:10:fc:28:f4:0d:cb:f2:c8:35:7e:6d:14:39:eb:6b:
d4:bb:20:54:8a:66:5f:b5:f7:ec:78:fa:d1:54:36:4d:03:b5:
6b:09:71:16
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYon8GN4FQ3wFlAABqX8TgPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YTQzZDgxNjU3YTNjMzhjMTUwZGU1NTc5N2YxYzdiNWYw
YzJlYmIwHhcNMjMwODI0MTQyNjIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzAzYTk4OGFiYzYyMDJiMTk2NDUxMzgzYmE1MDIxNTU1YmVkZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtK+NyCL1nk8Wybd6myMSleu3IhZy
Lx7x7QYZG2qjsTDqfdIYnM150Mfdrldxx6g+T7olZx/2xR7H2VeD59A0Ua+zZaTg
YbZnWZCXaGw73HPc1u+KsNsBh63vM+l9B8RHJzNxElhlZkgrIZJSSqU2rlobbwM2
GTr/keWjnCTy6nL1KE+2K7Bj+OYrloxu4fA56Sq5g5lMO+3FJ0lIJV4JyqAnFYRM
iVQId2/SBV3IwfV2O3ONOjJ+ZK9LSM0Bv6TAUwbJ7SVyWZE63HWElNCXyNhItQ0r
cYxpYjFGgar8BHj2FTLJkJDm908924qhPU7I3OEwVUBTdYfFEndTw5oc5wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIMDqYirxiArGWRRODulAhVVvt9MMB8GA1UdIwQY
MBaAFBmkPYFlejw4wVDeVXl/HHtfDC67MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2FROWdXVjZQRGpCVU41VmVYOGNlMThNTHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8wZjNjNjEtMDJkZi00YWY3LWI5M2Yt
MDdmNzRjMDE5NzMyLzEvZ3dPcGlLdkdJQ3NaWkZFNE82VUNGVlctMzB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8wZjNjNjEtMDJkZi00YWY3LWI5M2YtMDdmNzRjMDE5NzMy
LzEvR2FROWdXVjZQRGpCVU41VmVYOGNlMThNTHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZFsAwQC
XVgYMA0EAgACMAcDBQMqDv3AMA0GCSqGSIb3DQEBCwUAA4IBAQBGT9DTO9mZl6tV
ys3dfsVPX4P1JAN2iMXlHP3WApV3AcmnKstsOVxTOkqAr9Ame4wSuTPIyRJgN9aY
bYRjj2F0HdaBrqfRxhqzlTYlF5S4z8bvhX9+KyAAda/DSwxglUJhFC0Ny/001QDh
dFQOwuB7EPEZLAci8ZHLNfJiuhPi+NdkGsWFY2S33oGWCxDMqJnbtOiqaO0O3krY
/VIdWSuXVmHtEqu8+45XPtNCoQWh3pjKPj7pB3LrDv8fBK00qK6rtfolS6xKDOdP
QSs86l/Y3+0ctKKhrm5QQ+MQ/Cj0DcvyyDV+bRQ562vUuyBUimZftffsePrRVDZN
A7VrCXEW
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:15:52 2025 by rpki-client