![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/GumB0-OZ2iUsvpqPy-Q_k5ER0qU.roa
File: GumB0-OZ2iUsvpqPy-Q_k5ER0qU.roa (raw, json)
Hash identifier: jBrKFTgmWszxXAxX1epDe33rOvhQPO/o2sDu4m+w2sA=
Subject key identifier: 1A:E9:81:D3:E3:99:DA:25:2C:BE:9A:8F:CB:E4:3F:93:91:11:D2:A5
Certificate issuer: /CN=588cabf6f523f26e267db03b524347841aaaa465
Certificate serial: 0183894027953F9642E81E0469E058B54EC0
Authority key identifier: 58:8C:AB:F6:F5:23:F2:6E:26:7D:B0:3B:52:43:47:84:1A:AA:A4:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIyr9vUj8m4mfbA7UkNHhBqqpGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/GumB0-OZ2iUsvpqPy-Q_k5ER0qU.roa
Signing time: Thu 29 Sep 2022 12:37:06 +0000
ROA not before: Thu 29 Sep 2022 12:37:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48635
IP address blocks: 94.126.32.0/22 maxlen: 24
62.221.192.0/19 maxlen: 24
185.87.248.0/22 maxlen: 24
86.109.16.0/22 maxlen: 24
185.21.242.0/24 maxlen: 24
2001:1460::/32 maxlen: 48
2a05:c4c0::/29 maxlen: 48
2a04:1cc0::/29 maxlen: 48
2a0d:7980::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:89:40:27:95:3f:96:42:e8:1e:04:69:e0:58:b5:4e:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=588cabf6f523f26e267db03b524347841aaaa465
Validity
Not Before: Sep 29 12:37:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ae981d3e399da252cbe9a8fcbe43f939111d2a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:15:f8:e4:8b:3f:9b:fe:4a:cc:43:81:61:30:
4e:76:21:48:7b:e4:94:a8:15:fe:08:25:a5:07:8e:
69:35:58:2e:a1:d9:8f:c5:25:fa:78:a3:0d:c5:d8:
a5:64:74:e9:79:c3:84:87:34:3f:10:45:0b:8c:b3:
6d:8d:51:50:18:c7:9d:5f:93:e0:fd:45:50:ee:ee:
96:5e:9f:16:9b:74:2f:27:3b:a0:46:22:00:19:c9:
25:57:ae:fc:be:06:25:ac:ab:21:e2:f0:9f:d0:e1:
0e:eb:33:b1:a9:7b:b3:a8:fe:89:9a:80:9e:96:9c:
ff:5d:1f:e6:30:70:3a:23:38:d0:1a:be:55:d8:41:
ec:e9:dd:ed:11:25:99:9e:49:13:53:f3:55:2b:86:
e2:6b:16:4e:69:e6:9c:cc:ec:da:3d:ca:1a:7c:ee:
ed:24:e6:15:03:97:e2:06:10:81:0d:e6:34:11:b9:
c4:10:fc:fe:f6:0c:62:5b:ed:7a:33:34:a1:d0:fa:
34:09:71:f6:af:d9:55:73:2c:53:6d:d0:6c:9c:d8:
c0:ae:48:11:c2:c4:5e:c2:d0:53:a5:88:77:e9:64:
d5:e9:3d:ad:b0:78:46:79:e6:44:50:5a:19:7c:32:
99:a3:30:98:4d:12:81:86:aa:6e:19:54:d2:f9:3e:
5b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E9:81:D3:E3:99:DA:25:2C:BE:9A:8F:CB:E4:3F:93:91:11:D2:A5
X509v3 Authority Key Identifier:
keyid:58:8C:AB:F6:F5:23:F2:6E:26:7D:B0:3B:52:43:47:84:1A:AA:A4:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIyr9vUj8m4mfbA7UkNHhBqqpGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/GumB0-OZ2iUsvpqPy-Q_k5ER0qU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0187d6-8bfc-4c59-a6c4-6ad3252a1427/1/WIyr9vUj8m4mfbA7UkNHhBqqpGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.221.192.0/19
86.109.16.0/22
94.126.32.0/22
185.21.242.0/24
185.87.248.0/22
IPv6:
2001:1460::/32
2a04:1cc0::/29
2a05:c4c0::/29
2a0d:7980::/32
Signature Algorithm: sha256WithRSAEncryption
03:d8:aa:ee:3b:7f:60:bd:f0:d0:99:b8:54:ca:9b:01:87:7e:
43:6d:5a:b6:dc:db:a0:01:2a:60:db:62:86:0a:28:13:ed:db:
a7:a2:2e:3a:55:c2:65:51:30:23:88:5d:b3:dc:09:6d:34:59:
1f:53:db:55:c8:c5:86:30:1c:cc:86:0d:71:79:cb:8d:ec:bd:
d9:69:16:c2:1f:7f:b9:dc:d0:eb:55:22:98:38:08:cd:17:4d:
d7:a1:9a:d8:3c:9a:1e:d4:c0:18:a6:4d:15:91:1a:d7:1e:46:
c5:d9:d2:35:35:63:bf:e6:27:31:cb:0c:f0:28:8a:72:80:38:
f3:de:e6:c3:e6:45:7c:3a:62:5d:cd:99:7e:b7:c1:df:18:5a:
1e:05:fb:d6:45:61:a5:37:2a:16:00:3a:93:87:a6:e2:7d:6f:
7d:33:5a:13:df:03:8a:6d:be:71:00:68:f0:c1:f2:1e:23:72:
8d:ea:42:20:2b:e6:86:3a:79:03:06:76:65:c6:ab:27:99:44:
59:46:a8:ab:f7:f4:1d:b6:17:89:d1:07:02:d3:43:55:d4:49:
0c:57:4f:c0:75:7e:93:3c:08:6d:87:a9:aa:f0:71:0d:a7:32:
b0:ac:a7:8a:0e:8b:66:7e:7a:f9:09:61:67:31:42:c1:2d:d0:
a6:9f:13:65
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYOJQCeVP5ZC6B4EaeBYtU7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4OGNhYmY2ZjUyM2YyNmUyNjdkYjAzYjUyNDM0Nzg0MWFh
YWE0NjUwHhcNMjIwOTI5MTIzNzA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWU5ODFkM2UzOTlkYTI1MmNiZTlhOGZjYmU0M2Y5MzkxMTFkMmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRX45Is/m/5KzEOBYTBOdiFIe+SU
qBX+CCWlB45pNVguodmPxSX6eKMNxdilZHTpecOEhzQ/EEULjLNtjVFQGMedX5Pg
/UVQ7u6WXp8Wm3QvJzugRiIAGcklV678vgYlrKsh4vCf0OEO6zOxqXuzqP6JmoCe
lpz/XR/mMHA6IzjQGr5V2EHs6d3tESWZnkkTU/NVK4biaxZOaeaczOzaPcoafO7t
JOYVA5fiBhCBDeY0EbnEEPz+9gxiW+16MzSh0Po0CXH2r9lVcyxTbdBsnNjArkgR
wsRewtBTpYh36WTV6T2tsHhGeeZEUFoZfDKZozCYTRKBhqpuGVTS+T5b9wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFBrpgdPjmdolLL6aj8vkP5OREdKlMB8GA1UdIwQY
MBaAFFiMq/b1I/JuJn2wO1JDR4QaqqRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0l5cjl2VWo4bTRtZmJBN1VrTkhoQnFxcEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wMTg3ZDYtOGJmYy00YzU5LWE2YzQt
NmFkMzI1MmExNDI3LzEvR3VtQjAtT1oyaVVzdnBxUHktUV9rNUVSMHFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wMTg3ZDYtOGJmYy00YzU5LWE2YzQtNmFkMzI1MmExNDI3
LzEvV0l5cjl2VWo4bTRtZmJBN1VrTkhoQnFxcEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAkBAIAATAeAwQFPt3AAwQC
Vm0QAwQCXn4gAwQAuRXyAwQCuVf4MCIEAgACMBwDBQAgARRgAwUDKgQcwAMFAyoF
xMADBQAqDXmAMA0GCSqGSIb3DQEBCwUAA4IBAQAD2KruO39gvfDQmbhUypsBh35D
bVq23NugASpg22KGCigT7dunoi46VcJlUTAjiF2z3AltNFkfU9tVyMWGMBzMhg1x
ecuN7L3ZaRbCH3+53NDrVSKYOAjNF03XoZrYPJoe1MAYpk0VkRrXHkbF2dI1NWO/
5icxywzwKIpygDjz3ubD5kV8OmJdzZl+t8HfGFoeBfvWRWGlNyoWADqTh6bifW99
M1oT3wOKbb5xAGjwwfIeI3KN6kIgK+aGOnkDBnZlxqsnmURZRqir9/QdtheJ0QcC
00NV1EkMV0/AdX6TPAhth6mq8HENpzKwrKeKDotmfnr5CWFnMULBLdCmnxNl
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:48 2025 by rpki-client