Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/9217f9-813d-47af-ad62-32208d544a84/1/Q_pwwiMNp6ixKXfaLgx7gXRAB3c.roa
File: Q_pwwiMNp6ixKXfaLgx7gXRAB3c.roa (raw, json)
Hash identifier: rZkNgCVORHlEnNOkG3VRVDr5G5Avm4B/QvdbTe/eTHQ=
Subject key identifier: 43:FA:70:C2:23:0D:A7:A8:B1:29:77:DA:2E:0C:7B:81:74:40:07:77
Certificate issuer: /CN=181e4d608152fc244afffba2dc72b851b19b2527
Certificate serial: 01856E6FC144368C0BCF29D76CBA43EB7F58
Authority key identifier: 18:1E:4D:60:81:52:FC:24:4A:FF:FB:A2:DC:72:B8:51:B1:9B:25:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GB5NYIFS_CRK__ui3HK4UbGbJSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/9217f9-813d-47af-ad62-32208d544a84/1/Q_pwwiMNp6ixKXfaLgx7gXRAB3c.roa
Signing time: Sun 01 Jan 2023 17:44:55 +0000
ROA not before: Sun 01 Jan 2023 17:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31257
IP address blocks: 86.62.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:c1:44:36:8c:0b:cf:29:d7:6c:ba:43:eb:7f:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=181e4d608152fc244afffba2dc72b851b19b2527
Validity
Not Before: Jan 1 17:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43fa70c2230da7a8b12977da2e0c7b8174400777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a8:b8:25:e9:f3:23:ad:ee:33:74:6f:07:87:
ca:ed:7b:2f:47:a7:27:da:30:db:db:00:ee:10:19:
18:6c:2b:f3:84:0c:1d:68:b7:36:93:5a:8a:4b:44:
8c:7f:51:78:92:5b:9b:c5:85:83:ab:3e:2e:f1:fa:
c2:0b:68:eb:aa:e4:20:dd:a9:c0:ef:97:2a:2c:f0:
b0:36:53:a0:c0:cd:54:34:2f:c4:20:f0:10:68:64:
f7:c2:5b:b4:fc:2c:fd:39:86:d9:88:5d:0f:22:53:
bf:20:d5:3e:b7:d0:30:23:80:06:06:ce:2b:ea:2a:
11:84:b9:b9:1f:26:f0:3f:cc:cb:a4:e0:db:fa:00:
bb:76:86:0a:d5:c4:19:f8:8f:2e:af:61:2b:2b:c4:
99:c0:b7:bd:e4:7a:98:0c:64:2b:09:a1:80:28:de:
bf:72:5c:74:b1:30:b6:f6:c9:b1:66:46:aa:5c:5d:
f6:92:73:6c:f1:17:00:15:e4:dc:fb:c5:02:88:5f:
07:10:46:ce:cd:04:5c:3b:d1:75:53:51:28:2c:cd:
15:73:5b:70:59:60:51:ae:ab:0f:85:dd:88:fd:bc:
cd:ea:cd:30:46:c3:08:ce:53:94:b4:1c:d5:f9:ed:
69:02:e5:9e:f0:58:a1:48:6e:b2:30:d0:ce:78:46:
56:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:FA:70:C2:23:0D:A7:A8:B1:29:77:DA:2E:0C:7B:81:74:40:07:77
X509v3 Authority Key Identifier:
keyid:18:1E:4D:60:81:52:FC:24:4A:FF:FB:A2:DC:72:B8:51:B1:9B:25:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GB5NYIFS_CRK__ui3HK4UbGbJSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/9217f9-813d-47af-ad62-32208d544a84/1/Q_pwwiMNp6ixKXfaLgx7gXRAB3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/9217f9-813d-47af-ad62-32208d544a84/1/GB5NYIFS_CRK__ui3HK4UbGbJSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.62.6.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:94:d3:0f:2b:0b:48:07:62:29:ff:cd:6e:7e:c2:df:13:9c:
98:3c:87:c5:c7:82:7c:ba:7f:47:4c:12:8c:21:0e:13:3a:6b:
30:a9:7e:a8:e1:49:8b:e4:80:13:67:c1:31:e9:19:6a:ba:b7:
ea:b9:f8:d0:64:60:22:ad:29:84:d9:2e:67:d0:c1:63:8a:34:
e0:21:b4:1e:fd:81:cf:7e:94:89:9a:fc:56:0a:70:f9:9e:79:
c6:aa:3b:fa:cb:07:a8:ee:ca:41:dc:c5:45:e3:2a:5b:d3:93:
08:cb:35:ad:ea:6a:f5:83:b0:21:6f:b2:bd:4a:dc:a6:8b:d5:
ec:88:64:89:da:e7:5a:76:55:d3:a5:47:50:ea:8e:78:4f:92:
f2:bf:6c:c1:17:a3:5c:6c:de:cc:85:97:65:f2:e2:2d:ba:7d:
26:f4:4e:18:ff:95:7c:a1:e7:24:27:7f:18:6d:69:3a:b5:dd:
97:59:4d:78:cb:41:e5:7b:0e:bb:08:02:68:4f:d5:31:82:4c:
19:f7:ab:b7:14:28:8b:31:c7:82:cf:3f:e3:3c:29:68:d6:b2:
b5:ea:2b:2d:60:40:ca:d3:97:76:88:a6:81:29:8e:36:cc:d9:
1c:cb:2d:4e:9a:86:92:84:8d:f5:c6:75:2c:f0:67:46:79:e8:
3e:56:3b:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVub8FENowLzynXbLpD639YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MWU0ZDYwODE1MmZjMjQ0YWZmZmJhMmRjNzJiODUxYjE5
YjI1MjcwHhcNMjMwMTAxMTc0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2ZhNzBjMjIzMGRhN2E4YjEyOTc3ZGEyZTBjN2I4MTc0NDAwNzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlai4JenzI63uM3RvB4fK7XsvR6cn
2jDb2wDuEBkYbCvzhAwdaLc2k1qKS0SMf1F4klubxYWDqz4u8frCC2jrquQg3anA
75cqLPCwNlOgwM1UNC/EIPAQaGT3wlu0/Cz9OYbZiF0PIlO/INU+t9AwI4AGBs4r
6ioRhLm5HybwP8zLpODb+gC7doYK1cQZ+I8ur2ErK8SZwLe95HqYDGQrCaGAKN6/
clx0sTC29smxZkaqXF32knNs8RcAFeTc+8UCiF8HEEbOzQRcO9F1U1EoLM0Vc1tw
WWBRrqsPhd2I/bzN6s0wRsMIzlOUtBzV+e1pAuWe8FihSG6yMNDOeEZWTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEP6cMIjDaeosSl32i4Me4F0QAd3MB8GA1UdIwQY
MBaAFBgeTWCBUvwkSv/7otxyuFGxmyUnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0I1TllJRlNfQ1JLX191aTNISzRVYkdiSlNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85MjE3ZjktODEzZC00N2FmLWFkNjIt
MzIyMDhkNTQ0YTg0LzEvUV9wd3dpTU5wNml4S1hmYUxneDdnWFJBQjNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85MjE3ZjktODEzZC00N2FmLWFkNjItMzIyMDhkNTQ0YTg0
LzEvR0I1TllJRlNfQ1JLX191aTNISzRVYkdiSlNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVj4GMA0G
CSqGSIb3DQEBCwUAA4IBAQBslNMPKwtIB2Ip/81ufsLfE5yYPIfFx4J8un9HTBKM
IQ4TOmswqX6o4UmL5IATZ8Ex6RlqurfqufjQZGAirSmE2S5n0MFjijTgIbQe/YHP
fpSJmvxWCnD5nnnGqjv6yweo7spB3MVF4ypb05MIyzWt6mr1g7Ahb7K9Stymi9Xs
iGSJ2udadlXTpUdQ6o54T5Lyv2zBF6NcbN7MhZdl8uItun0m9E4Y/5V8oeckJ38Y
bWk6td2XWU14y0Hlew67CAJoT9UxgkwZ96u3FCiLMceCzz/jPClo1rK16istYEDK
05d2iKaBKY42zNkcyy1OmoaShI31xnUs8GdGeeg+VjuU
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:49:20 2025 by rpki-client