![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/02EgDcXHyXB6dKdpN6ccTbmKjnE.roa
File: 02EgDcXHyXB6dKdpN6ccTbmKjnE.roa (raw, json)
Hash identifier: KxhPyTa+lM+Y0JPv698U4vkmiMbxYme2/wcOFOQwxZA=
Subject key identifier: D3:61:20:0D:C5:C7:C9:70:7A:74:A7:69:37:A7:1C:4D:B9:8A:8E:71
Certificate issuer: /CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Certificate serial: 03E70724
Authority key identifier: 23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/02EgDcXHyXB6dKdpN6ccTbmKjnE.roa
Signing time: Sat 01 Jan 2022 03:55:56 +0000
ROA not before: Sat 01 Jan 2022 03:55:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43022
IP address blocks: 212.1.127.0/24 maxlen: 24
212.1.74.0/23 maxlen: 23
212.1.73.0/24 maxlen: 24
212.1.78.0/23 maxlen: 23
212.1.82.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65472292 (0x3e70724)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Validity
Not Before: Jan 1 03:55:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d361200dc5c7c9707a74a76937a71c4db98a8e71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:21:fa:80:4c:c1:bc:23:1a:4a:34:36:90:26:
54:4b:79:24:7f:21:e3:5e:3e:29:2f:92:a3:b9:e4:
a6:9f:67:a5:60:e4:1a:9e:79:c0:ce:4a:11:59:3b:
9b:2f:01:f1:96:b4:2e:fc:3d:db:fb:e2:a7:bd:9f:
07:f1:64:1e:29:0c:80:16:bd:88:28:27:c5:20:23:
95:0a:a8:c8:62:49:cb:16:42:63:f3:d4:e5:48:6a:
b3:28:cd:7b:f8:08:f2:b5:99:8d:37:8d:28:cf:af:
ef:0f:87:f2:37:b0:e5:0e:89:26:50:30:11:05:11:
59:e0:2f:ad:fd:26:85:2e:e8:90:97:2f:13:21:43:
20:97:98:24:3f:f6:63:57:45:2a:f8:81:a6:2c:51:
1f:84:2d:20:cc:e9:44:9a:a1:2b:2c:40:4b:68:44:
a1:e2:63:5c:be:9c:cc:b4:9b:8b:f0:37:be:9d:42:
b1:af:e6:0b:c2:0b:9e:e4:4d:35:c3:1e:51:ca:1b:
9e:70:44:39:99:2d:c2:38:26:05:0b:06:2f:b4:4b:
c3:62:5a:50:6b:37:4c:8b:ba:b2:0c:92:43:a8:67:
0b:b7:63:d9:1d:1a:66:da:b8:d0:3d:c9:54:0e:e8:
e1:8b:17:ce:d6:6e:3e:e5:ea:45:b6:ae:6d:91:dc:
1d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:61:20:0D:C5:C7:C9:70:7A:74:A7:69:37:A7:1C:4D:B9:8A:8E:71
X509v3 Authority Key Identifier:
keyid:23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/02EgDcXHyXB6dKdpN6ccTbmKjnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.1.73.0-212.1.75.255
212.1.78.0/23
212.1.82.0/23
212.1.127.0/24
Signature Algorithm: sha256WithRSAEncryption
87:69:c6:e1:8d:14:27:3d:d0:82:6b:e8:8e:fc:85:14:49:8e:
d0:9c:dd:e0:93:a9:13:d0:f7:e6:fd:a9:d0:6e:fb:79:68:ce:
e3:75:a6:d2:27:4d:d8:61:a2:50:db:27:3d:e7:83:cd:5b:68:
41:ab:b8:00:d8:03:55:87:a7:a6:e8:0d:52:fc:89:56:50:f9:
8d:92:c1:65:46:b0:a7:af:19:86:3a:fb:08:c9:3a:5d:ac:61:
4a:cd:8a:76:8b:4a:cf:cc:1c:f5:8b:00:c4:31:69:fc:2b:ac:
47:1b:9c:a6:1b:16:52:f1:93:59:15:ac:5f:1b:03:2f:e3:67:
c2:c7:05:4b:b6:93:00:fd:d4:b9:c4:cf:09:f2:e7:d2:2c:69:
c2:58:c7:7a:fc:b9:75:af:8b:dc:aa:1c:ee:3f:a6:0d:be:63:
33:4e:92:fb:3f:6c:cf:a3:d1:4c:cb:36:2d:75:41:71:0e:5d:
70:1a:45:c5:ca:cf:8e:ea:68:d1:ee:5c:ee:89:83:d1:47:51:
0f:62:fc:ab:d0:29:5d:56:10:8e:61:3d:71:ab:ee:1c:21:96:
99:9d:50:57:08:31:04:2a:28:a2:27:a9:27:d8:59:94:7c:4c:
19:56:ef:f3:e9:0c:19:c0:e3:c9:34:ec:d8:97:a3:bc:f1:39:
05:ad:dc:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEA+cHJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Mzc4YTRhOWM1MjMyNWE4NTkyMDgwOWJhMWE0ZDg5ZTIxYzAyZjE3MB4XDTIyMDEw
MTAzNTU1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM2MTIwMGRjNWM3
Yzk3MDdhNzRhNzY5MzdhNzFjNGRiOThhOGU3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKAh+oBMwbwjGko0NpAmVEt5JH8h414+KS+So7nkpp9npWDk
Gp55wM5KEVk7my8B8Za0Lvw92/vip72fB/FkHikMgBa9iCgnxSAjlQqoyGJJyxZC
Y/PU5UhqsyjNe/gI8rWZjTeNKM+v7w+H8jew5Q6JJlAwEQURWeAvrf0mhS7okJcv
EyFDIJeYJD/2Y1dFKviBpixRH4QtIMzpRJqhKyxAS2hEoeJjXL6czLSbi/A3vp1C
sa/mC8ILnuRNNcMeUcobnnBEOZktwjgmBQsGL7RLw2JaUGs3TIu6sgySQ6hnC7dj
2R0aZtq40D3JVA7o4YsXztZuPuXqRbaubZHcHVkCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBTTYSANxcfJcHp0p2k3pxxNuYqOcTAfBgNVHSMEGDAWgBQjeKSpxSMlqFkg
gJuhpNieIcAvFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0kzaWtxY1VqSmFoWklJQ2JvYVRZbmlIQUx4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvZDY1NGJlLTE3NGUtNDFmNy05Y2ZiLTkzN2UyN2VlMWI1Yi8x
LzAyRWdEY1hIeVhCNmRLZHBONmNjVGJtS2puRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
ZDY1NGJlLTE3NGUtNDFmNy05Y2ZiLTkzN2UyN2VlMWI1Yi8xL0kzaWtxY1VqSmFo
WklJQ2JvYVRZbmlIQUx4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQA1AFJAwQC1AFIAwQB1AFOAwQB
1AFSAwQA1AF/MA0GCSqGSIb3DQEBCwUAA4IBAQCHacbhjRQnPdCCa+iO/IUUSY7Q
nN3gk6kT0Pfm/anQbvt5aM7jdabSJ03YYaJQ2yc954PNW2hBq7gA2ANVh6em6A1S
/IlWUPmNksFlRrCnrxmGOvsIyTpdrGFKzYp2i0rPzBz1iwDEMWn8K6xHG5ymGxZS
8ZNZFaxfGwMv42fCxwVLtpMA/dS5xM8J8ufSLGnCWMd6/Ll1r4vcqhzuP6YNvmMz
TpL7P2zPo9FMyzYtdUFxDl1wGkXFys+O6mjR7lzuiYPRR1EPYvyr0CldVhCOYT1x
q+4cIZaZnVBXCDEEKiiiJ6kn2FmUfEwZVu/z6QwZwOPJNOzYl6O88TkFrdz4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:12 2024 by rpki-client on console-ams.rpki-client.org