![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/J69Xa6aXkThhNA10gIJrj3uU7cw.roa
File: J69Xa6aXkThhNA10gIJrj3uU7cw.roa (raw, json)
Hash identifier: CqzrGMt6ebX8Hm/Fb07KZCMB/Moo5/+KZELvSsFGkR8=
Subject key identifier: 27:AF:57:6B:A6:97:91:38:61:34:0D:74:80:82:6B:8F:7B:94:ED:CC
Certificate issuer: /CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Certificate serial: 03E9ADCB
Authority key identifier: 23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/J69Xa6aXkThhNA10gIJrj3uU7cw.roa
Signing time: Sat 01 Jan 2022 03:55:59 +0000
ROA not before: Sat 01 Jan 2022 03:55:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210987
IP address blocks: 195.230.136.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65646027 (0x3e9adcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Validity
Not Before: Jan 1 03:55:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=27af576ba697913861340d7480826b8f7b94edcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5e:76:2b:c0:09:24:c1:81:4e:12:91:64:88:
7c:00:94:ed:b8:34:c7:fc:6e:3f:ac:24:e1:3c:9d:
4c:aa:9a:90:6b:e4:8f:e0:ad:69:99:1d:57:6a:59:
e8:ec:41:3b:f7:ce:50:34:67:ab:92:8d:68:aa:20:
2d:fe:7d:88:69:80:87:b5:6a:07:0f:c8:37:b3:61:
71:2b:cb:3d:4f:2a:b7:91:05:5c:ac:fa:a7:14:e7:
1e:f4:e5:76:d4:ae:5a:e7:a1:28:a0:d6:cc:e2:d4:
00:e5:03:0a:ee:62:ff:3a:de:2c:82:ad:08:49:34:
1f:a1:fd:0b:fb:ae:50:ec:78:97:7b:62:13:39:08:
4f:dc:61:8b:02:a2:86:89:44:66:57:b6:12:44:1d:
f0:de:46:75:a8:cb:c3:d4:5b:7e:0d:17:6b:db:16:
cf:08:ed:d7:c3:ff:08:c7:b8:e2:d5:b1:5d:92:c7:
4a:26:18:03:bc:a3:03:b7:47:b7:83:56:96:27:70:
7b:75:77:f5:0c:8d:15:57:89:3e:39:ea:c4:4e:c5:
34:70:0c:db:8d:e3:74:bd:65:38:5c:c0:53:bd:12:
22:1c:79:76:11:0f:67:4c:1c:df:32:94:24:d8:90:
50:b0:62:d1:8b:32:5c:67:70:6c:56:76:76:f3:ec:
0a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:AF:57:6B:A6:97:91:38:61:34:0D:74:80:82:6B:8F:7B:94:ED:CC
X509v3 Authority Key Identifier:
keyid:23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/J69Xa6aXkThhNA10gIJrj3uU7cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.230.136.0/24
Signature Algorithm: sha256WithRSAEncryption
11:6e:15:0d:f2:06:a8:b8:08:b7:42:39:1a:cd:e9:51:22:9d:
a6:a7:ec:55:d6:d8:ca:5a:95:e8:2a:d7:2e:a7:fe:60:a8:87:
46:b9:32:69:e7:99:d9:2f:a6:e0:ad:99:2b:a0:29:54:b5:0c:
b3:9d:6c:e3:fd:c4:d1:ff:ab:aa:a1:68:0b:f5:31:54:8b:fb:
6a:a2:a6:89:24:3d:b8:53:ea:08:f3:58:e1:71:ed:7f:8e:e6:
55:da:11:d7:7c:4a:a6:98:7b:45:3e:42:44:fb:1d:d5:38:0b:
cb:b9:de:fd:e9:35:44:13:de:12:9e:b2:f4:73:e8:69:dd:84:
30:5d:a3:27:13:39:e4:49:da:75:14:ba:6b:bf:ef:36:8a:ec:
ba:f9:72:54:da:5a:a8:fb:80:1e:f6:97:dc:1f:8d:57:ad:e3:
d2:35:1f:ae:c8:c5:a2:3e:d3:8d:21:b7:7d:32:c0:86:38:c4:
13:9a:e2:aa:84:86:3b:94:58:11:e7:67:14:06:57:a6:6c:b8:
c0:d2:22:96:1f:47:a8:94:7c:ab:40:00:71:97:92:1e:bf:32:
1f:70:bc:d7:b5:be:f7:4e:e9:43:57:5e:8c:93:8b:45:d8:a4:
29:85:28:2f:71:db:d3:9f:60:f0:09:2a:bb:3f:86:11:ac:0c:
ff:9e:3b:a0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+mtyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Mzc4YTRhOWM1MjMyNWE4NTkyMDgwOWJhMWE0ZDg5ZTIxYzAyZjE3MB4XDTIyMDEw
MTAzNTU1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjdhZjU3NmJhNjk3
OTEzODYxMzQwZDc0ODA4MjZiOGY3Yjk0ZWRjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMBedivACSTBgU4SkWSIfACU7bg0x/xuP6wk4TydTKqakGvk
j+CtaZkdV2pZ6OxBO/fOUDRnq5KNaKogLf59iGmAh7VqBw/IN7NhcSvLPU8qt5EF
XKz6pxTnHvTldtSuWuehKKDWzOLUAOUDCu5i/zreLIKtCEk0H6H9C/uuUOx4l3ti
EzkIT9xhiwKiholEZle2EkQd8N5GdajLw9Rbfg0Xa9sWzwjt18P/CMe44tWxXZLH
SiYYA7yjA7dHt4NWlidwe3V39QyNFVeJPjnqxE7FNHAM243jdL1lOFzAU70SIhx5
dhEPZ0wc3zKUJNiQULBi0YsyXGdwbFZ2dvPsClMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQnr1drppeROGE0DXSAgmuPe5TtzDAfBgNVHSMEGDAWgBQjeKSpxSMlqFkg
gJuhpNieIcAvFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0kzaWtxY1VqSmFoWklJQ2JvYVRZbmlIQUx4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvZDY1NGJlLTE3NGUtNDFmNy05Y2ZiLTkzN2UyN2VlMWI1Yi8x
L0o2OVhhNmFYa1RoaE5BMTBnSUpyajN1VTdjdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
ZDY1NGJlLTE3NGUtNDFmNy05Y2ZiLTkzN2UyN2VlMWI1Yi8xL0kzaWtxY1VqSmFo
WklJQ2JvYVRZbmlIQUx4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMPmiDANBgkqhkiG9w0BAQsFAAOC
AQEAEW4VDfIGqLgIt0I5Gs3pUSKdpqfsVdbYylqV6CrXLqf+YKiHRrkyaeeZ2S+m
4K2ZK6ApVLUMs51s4/3E0f+rqqFoC/UxVIv7aqKmiSQ9uFPqCPNY4XHtf47mVdoR
13xKpph7RT5CRPsd1TgLy7ne/ek1RBPeEp6y9HPoad2EMF2jJxM55EnadRS6a7/v
NorsuvlyVNpaqPuAHvaX3B+NV63j0jUfrsjFoj7TjSG3fTLAhjjEE5riqoSGO5RY
EednFAZXpmy4wNIilh9HqJR8q0AAcZeSHr8yH3C817W+907pQ1dejJOLRdikKYUo
L3Hb059g8Akquz+GEawM/547oA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:47 2024 by rpki-client on console-fra.rpki-client.org