![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/p7yQ34Qv1buY9PPkwnKABgh-QaI.roa
File: p7yQ34Qv1buY9PPkwnKABgh-QaI.roa (raw, json)
Hash identifier: P03USKjgOFFHZQJhxA51kcfIy1rCvaJFSb7wgL3cUkg=
Subject key identifier: A7:BC:90:DF:84:2F:D5:BB:98:F4:F3:E4:C2:72:80:06:08:7E:41:A2
Certificate issuer: /CN=9b986fc646fda0cf145e10d93fe1b10eb0dee625
Certificate serial: 095B28B8
Authority key identifier: 9B:98:6F:C6:46:FD:A0:CF:14:5E:10:D9:3F:E1:B1:0E:B0:DE:E6:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m5hvxkb9oM8UXhDZP-GxDrDe5iU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/p7yQ34Qv1buY9PPkwnKABgh-QaI.roa
Signing time: Sat 01 Jan 2022 16:10:53 +0000
ROA not before: Sat 01 Jan 2022 16:10:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57472
IP address blocks: 2a00:126f::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156969144 (0x95b28b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b986fc646fda0cf145e10d93fe1b10eb0dee625
Validity
Not Before: Jan 1 16:10:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a7bc90df842fd5bb98f4f3e4c2728006087e41a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7d:1e:86:09:ba:af:49:af:1d:ec:23:f1:bd:
11:52:c1:e8:ee:5f:18:28:87:a4:6f:56:a4:76:09:
6d:67:80:5b:a4:7f:01:30:13:9c:68:3c:d5:0b:08:
5e:41:f5:37:4f:0f:a7:3a:ff:61:e3:d3:bd:3e:2c:
8c:f1:d3:3c:45:d8:97:24:e0:98:4b:d4:fa:0c:fa:
d3:3c:42:77:1b:21:76:10:26:c2:7d:67:78:5c:08:
b1:4d:ba:b7:44:37:15:ca:1b:9e:65:62:83:ca:73:
a2:37:65:45:5c:c6:94:17:2f:64:2e:72:ce:fc:45:
69:85:30:4b:41:d2:1d:b2:3e:b8:72:2f:54:3e:e5:
cb:f0:33:46:3f:79:42:3a:f1:da:81:ea:c5:46:fa:
08:b6:9e:ac:d0:39:ab:6d:41:15:00:6e:f4:c3:07:
a5:a0:2d:6e:5a:29:b0:e1:a4:45:d9:7e:be:49:dc:
f9:c0:0f:fa:11:68:d7:ff:dd:58:08:49:a4:83:7d:
fb:c7:45:b3:1b:68:8e:70:83:c8:5b:68:94:92:07:
ea:cf:1d:21:58:1b:e4:b1:90:a6:ac:fd:5c:09:d7:
5c:5b:10:6c:4b:44:e9:81:f2:9b:15:dc:a2:31:87:
ab:fc:d8:90:f8:eb:a5:30:f6:20:85:af:a9:09:40:
2a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:BC:90:DF:84:2F:D5:BB:98:F4:F3:E4:C2:72:80:06:08:7E:41:A2
X509v3 Authority Key Identifier:
keyid:9B:98:6F:C6:46:FD:A0:CF:14:5E:10:D9:3F:E1:B1:0E:B0:DE:E6:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m5hvxkb9oM8UXhDZP-GxDrDe5iU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/p7yQ34Qv1buY9PPkwnKABgh-QaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/34bb77-c847-4111-96f3-bdd5cc440396/1/m5hvxkb9oM8UXhDZP-GxDrDe5iU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:126f::/32
Signature Algorithm: sha256WithRSAEncryption
c7:0f:55:a2:fe:6f:39:cf:23:0e:6f:c9:03:22:ea:99:a8:73:
ae:d3:5e:5f:93:81:eb:16:da:6e:cd:8d:08:cf:f4:c6:ff:aa:
94:54:04:41:e2:ae:ce:26:f4:b2:48:e0:47:68:88:31:df:5c:
41:ad:d6:88:d7:c0:37:1e:ae:72:2d:14:57:20:42:72:60:0a:
c3:4c:1a:8c:99:8d:23:47:d9:38:c7:31:22:ac:2a:91:c0:ee:
58:4a:15:44:90:fc:09:f7:5d:c7:e8:a2:e7:d4:9f:15:6a:6f:
19:0e:1e:ff:6c:aa:69:24:f2:cf:39:99:a6:14:d3:db:26:46:
18:ef:3f:ef:59:90:b6:e9:df:4d:1d:5a:4f:ba:f9:e2:b6:b9:
00:ff:bb:7c:e0:31:d6:83:c6:d6:64:00:1b:57:25:d0:b6:1d:
a5:50:43:b0:5f:4e:93:83:ac:48:f5:3a:6d:cf:e4:66:fc:54:
fa:1c:eb:ea:9b:0c:6f:17:46:f9:f7:4c:a1:3a:a7:3c:97:0a:
b4:ed:d8:d1:e5:67:5a:36:47:bc:de:b6:f1:a5:4e:ed:93:c1:
c2:41:5d:27:2a:16:e3:35:12:9a:f5:dc:57:f4:66:7c:6a:30:
47:09:a9:98:8e:b0:23:ac:ee:5e:06:9d:a3:71:95:a1:bc:6b:
8a:40:6a:5d
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIECVsouDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Yjk4NmZjNjQ2ZmRhMGNmMTQ1ZTEwZDkzZmUxYjEwZWIwZGVlNjI1MB4XDTIyMDEw
MTE2MTA1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTdiYzkwZGY4NDJm
ZDViYjk4ZjRmM2U0YzI3MjgwMDYwODdlNDFhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJh9HoYJuq9Jrx3sI/G9EVLB6O5fGCiHpG9WpHYJbWeAW6R/
ATATnGg81QsIXkH1N08Ppzr/YePTvT4sjPHTPEXYlyTgmEvU+gz60zxCdxshdhAm
wn1neFwIsU26t0Q3FcobnmVig8pzojdlRVzGlBcvZC5yzvxFaYUwS0HSHbI+uHIv
VD7ly/AzRj95Qjrx2oHqxUb6CLaerNA5q21BFQBu9MMHpaAtblopsOGkRdl+vknc
+cAP+hFo1//dWAhJpIN9+8dFsxtojnCDyFtolJIH6s8dIVgb5LGQpqz9XAnXXFsQ
bEtE6YHymxXcojGHq/zYkPjrpTD2IIWvqQlAKpsCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBSnvJDfhC/Vu5j08+TCcoAGCH5BojAfBgNVHSMEGDAWgBSbmG/GRv2gzxRe
ENk/4bEOsN7mJTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L201aHZ4a2I5b004VVhoRFpQLUd4RHJEZTVpVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGEvMzRiYjc3LWM4NDctNDExMS05NmYzLWJkZDVjYzQ0MDM5Ni8x
L3A3eVEzNFF2MWJ1WTlQUGt3bktBQmdoLVFhSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEv
MzRiYjc3LWM4NDctNDExMS05NmYzLWJkZDVjYzQ0MDM5Ni8xL201aHZ4a2I5b004
VVhoRFpQLUd4RHJEZTVpVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoAEm8wDQYJKoZIhvcNAQELBQAD
ggEBAMcPVaL+bznPIw5vyQMi6pmoc67TXl+TgesW2m7NjQjP9Mb/qpRUBEHirs4m
9LJI4EdoiDHfXEGt1ojXwDcernItFFcgQnJgCsNMGoyZjSNH2TjHMSKsKpHA7lhK
FUSQ/An3XcfooufUnxVqbxkOHv9sqmkk8s85maYU09smRhjvP+9ZkLbp300dWk+6
+eK2uQD/u3zgMdaDxtZkABtXJdC2HaVQQ7BfTpODrEj1Om3P5Gb8VPoc6+qbDG8X
Rvn3TKE6pzyXCrTt2NHlZ1o2R7zetvGlTu2TwcJBXScqFuM1Epr13Ff0ZnxqMEcJ
qZiOsCOs7l4GnaNxlaG8a4pAal0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:43 2025 by rpki-client