![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c8e8cf-13da-407e-bb5c-38975ffa8263/1/QgmyDY1ZdOxFOiK2AGv82_6xOAw.roa
File: QgmyDY1ZdOxFOiK2AGv82_6xOAw.roa (raw, json)
Hash identifier: hgPt0Eh9QXGQfby9mvtk7tCAABjiVJZd9kxnKvJOyVI=
Subject key identifier: 42:09:B2:0D:8D:59:74:EC:45:3A:22:B6:00:6B:FC:DB:FE:B1:38:0C
Certificate issuer: /CN=76a36089d917ec2396baa45944e5d4f312bdad67
Certificate serial: E1EDD9
Authority key identifier: 76:A3:60:89:D9:17:EC:23:96:BA:A4:59:44:E5:D4:F3:12:BD:AD:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqNgidkX7COWuqRZROXU8xK9rWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c8e8cf-13da-407e-bb5c-38975ffa8263/1/QgmyDY1ZdOxFOiK2AGv82_6xOAw.roa
Signing time: Sat 01 Jan 2022 12:59:35 +0000
ROA not before: Sat 01 Jan 2022 12:59:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210310
IP address blocks: 91.205.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14806489 (0xe1edd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a36089d917ec2396baa45944e5d4f312bdad67
Validity
Not Before: Jan 1 12:59:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4209b20d8d5974ec453a22b6006bfcdbfeb1380c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e5:d0:34:87:a9:7e:94:e5:6c:8e:ca:fb:53:
c7:dc:95:7d:70:b6:13:8e:3c:99:f1:73:8a:cf:6a:
42:76:54:cf:66:b8:bd:73:29:52:8e:3a:35:a7:8c:
00:db:60:86:c2:ff:dd:94:36:6b:59:b2:76:94:da:
2b:35:10:1e:6a:03:5e:fd:38:10:3d:4b:92:4c:65:
7e:9a:06:86:92:21:4c:7d:e0:d7:5b:27:53:55:e7:
fc:bb:fc:4c:ff:c3:fc:58:7b:dc:31:3a:24:7e:94:
f4:6c:df:d3:7a:f2:d0:0d:d6:f4:07:c2:f3:42:f4:
0c:59:76:08:52:41:72:9a:83:d4:75:bb:93:44:a1:
02:c8:11:79:c3:49:aa:c1:f0:61:f9:00:3b:9b:85:
ce:79:73:6f:f8:4e:5f:45:60:fa:f8:76:43:8f:ec:
fc:d3:cf:d7:57:f1:29:cb:22:4e:de:19:b7:fd:bb:
89:65:3d:be:db:32:98:24:79:ac:8a:6c:64:d0:7b:
b0:a6:25:4c:14:d4:df:92:21:e9:7e:9e:83:28:ba:
0f:02:ea:a7:59:ec:ed:54:cd:4b:6d:1a:91:18:09:
78:ba:a5:fa:73:d6:79:03:5e:a8:dd:6d:97:ce:56:
9b:ec:bb:07:d1:bb:ac:9b:33:ef:86:9c:d0:e5:4f:
fa:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:09:B2:0D:8D:59:74:EC:45:3A:22:B6:00:6B:FC:DB:FE:B1:38:0C
X509v3 Authority Key Identifier:
keyid:76:A3:60:89:D9:17:EC:23:96:BA:A4:59:44:E5:D4:F3:12:BD:AD:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqNgidkX7COWuqRZROXU8xK9rWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c8e8cf-13da-407e-bb5c-38975ffa8263/1/QgmyDY1ZdOxFOiK2AGv82_6xOAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c8e8cf-13da-407e-bb5c-38975ffa8263/1/dqNgidkX7COWuqRZROXU8xK9rWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.108.0/22
Signature Algorithm: sha256WithRSAEncryption
70:02:4c:80:41:9f:d9:05:7a:78:bf:b4:ab:25:29:8d:a5:88:
28:dc:99:73:82:ed:c7:4a:da:30:42:69:fc:c3:ce:83:cc:fb:
54:3f:2b:b8:dc:63:0b:26:bf:b0:c4:04:25:55:f3:27:aa:b9:
58:04:dd:d4:8a:dd:07:c9:2f:58:5c:04:78:64:28:31:11:51:
97:ae:d4:90:03:6c:84:be:51:8a:d8:d9:43:53:89:c7:e3:59:
8a:b1:cc:5a:a5:3f:ae:b8:c7:2b:58:18:0e:92:e0:c9:b3:cd:
d9:3c:83:58:74:0e:72:07:a4:85:68:66:69:ef:ea:73:e1:69:
b8:15:dd:f7:d4:fc:f4:ad:67:b2:4b:38:95:f2:6f:89:ae:9d:
83:e9:91:c9:0b:92:fd:17:6f:45:ab:68:68:fa:7a:7d:d5:40:
09:15:bf:4b:38:4f:18:2c:d1:9f:22:45:73:bd:e2:f6:81:4c:
25:4a:bb:16:5e:38:de:45:4c:6c:83:eb:56:ff:f6:e6:8d:dd:
81:4a:7f:c7:37:e7:8e:de:a4:91:53:65:f8:29:e9:e9:f6:8c:
04:97:e8:e1:a8:ba:8e:f2:47:ef:72:37:1a:38:99:a4:96:6b:
93:d0:2d:01:87:b3:8e:4b:52:f7:33:7c:d2:35:9a:9f:f9:20:
70:26:b4:60
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAOHt2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NmEzNjA4OWQ5MTdlYzIzOTZiYWE0NTk0NGU1ZDRmMzEyYmRhZDY3MB4XDTIyMDEw
MTEyNTkzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDIwOWIyMGQ4ZDU5
NzRlYzQ1M2EyMmI2MDA2YmZjZGJmZWIxMzgwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANPl0DSHqX6U5WyOyvtTx9yVfXC2E448mfFzis9qQnZUz2a4
vXMpUo46NaeMANtghsL/3ZQ2a1mydpTaKzUQHmoDXv04ED1LkkxlfpoGhpIhTH3g
11snU1Xn/Lv8TP/D/Fh73DE6JH6U9Gzf03ry0A3W9AfC80L0DFl2CFJBcpqD1HW7
k0ShAsgRecNJqsHwYfkAO5uFznlzb/hOX0Vg+vh2Q4/s/NPP11fxKcsiTt4Zt/27
iWU9vtsymCR5rIpsZNB7sKYlTBTU35Ih6X6egyi6DwLqp1ns7VTNS20akRgJeLql
+nPWeQNeqN1tl85Wm+y7B9G7rJsz74ac0OVP+vMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRCCbINjVl07EU6IrYAa/zb/rE4DDAfBgNVHSMEGDAWgBR2o2CJ2RfsI5a6
pFlE5dTzEr2tZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RxTmdpZGtYN0NPV3VxUlpST1hVOHhLOXJXYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvYzhlOGNmLTEzZGEtNDA3ZS1iYjVjLTM4OTc1ZmZhODI2My8x
L1FnbXlEWTFaZE94Rk9pSzJBR3Y4Ml82eE9Bdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
YzhlOGNmLTEzZGEtNDA3ZS1iYjVjLTM4OTc1ZmZhODI2My8xL2RxTmdpZGtYN0NP
V3VxUlpST1hVOHhLOXJXYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlvNbDANBgkqhkiG9w0BAQsFAAOC
AQEAcAJMgEGf2QV6eL+0qyUpjaWIKNyZc4Ltx0raMEJp/MPOg8z7VD8ruNxjCya/
sMQEJVXzJ6q5WATd1IrdB8kvWFwEeGQoMRFRl67UkANshL5RitjZQ1OJx+NZirHM
WqU/rrjHK1gYDpLgybPN2TyDWHQOcgekhWhmae/qc+FpuBXd99T89K1nsks4lfJv
ia6dg+mRyQuS/RdvRatoaPp6fdVACRW/SzhPGCzRnyJFc73i9oFMJUq7Fl443kVM
bIPrVv/25o3dgUp/xzfnjt6kkVNl+Cnp6faMBJfo4ai6jvJH73I3GjiZpJZrk9At
AYezjktS9zN80jWan/kgcCa0YA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:52 2023 by rpki-client on console-fra.rpki-client.org