![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/d9e16d-7e8c-43ec-99f7-e296cfd97209/1/ldx-jzg17lmu8g2BvAlb0rk3Ncg.roa
File: ldx-jzg17lmu8g2BvAlb0rk3Ncg.roa (raw, json)
Hash identifier: lKNBzTwzWHFq4+WuAl0sE1vT0pMSIKy68ZanU4GnIKE=
Subject key identifier: 95:DC:7E:8F:38:35:EE:59:AE:F2:0D:81:BC:09:5B:D2:B9:37:35:C8
Certificate issuer: /CN=e566e0e51628554cd92634b711ab758f8467c485
Certificate serial: 325FA19C
Authority key identifier: E5:66:E0:E5:16:28:55:4C:D9:26:34:B7:11:AB:75:8F:84:67:C4:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Wbg5RYoVUzZJjS3Eat1j4RnxIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/d9e16d-7e8c-43ec-99f7-e296cfd97209/1/ldx-jzg17lmu8g2BvAlb0rk3Ncg.roa
Signing time: Sat 01 Jan 2022 01:51:37 +0000
ROA not before: Sat 01 Jan 2022 01:51:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56837
IP address blocks: 86.39.64.0/20 maxlen: 20
31.22.16.0/24 maxlen: 24
31.22.20.0/22 maxlen: 22
2a00:6ec0:300::/40 maxlen: 40
2a00:6ec0:400::/40 maxlen: 40
2a00:6ec0:100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 845128092 (0x325fa19c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e566e0e51628554cd92634b711ab758f8467c485
Validity
Not Before: Jan 1 01:51:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95dc7e8f3835ee59aef20d81bc095bd2b93735c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:92:2a:d9:b8:3f:03:04:44:ac:15:9f:a2:fc:
45:bc:36:18:08:aa:45:b9:e1:a4:08:0b:93:b6:82:
ae:68:d8:3f:4a:7a:d0:f2:c0:83:9b:95:91:08:d9:
b5:6e:8e:fc:18:f4:b8:39:6a:22:9c:ed:98:47:cc:
85:d1:31:47:38:35:77:6c:47:07:20:1b:d7:7e:be:
e5:57:1c:47:33:25:2d:fe:01:c2:7b:37:03:41:b7:
84:47:84:fa:c3:3c:58:6b:7a:c2:2a:ae:b4:fd:0b:
ac:a1:c8:86:4b:55:b3:97:13:f8:2e:0f:95:57:ed:
ac:6a:14:00:fe:84:4e:94:47:52:b7:13:cb:98:95:
98:2c:82:ee:ed:cc:52:9b:89:1c:1e:9e:f2:5a:cc:
bd:98:10:2e:05:e8:3b:e2:5d:69:19:7e:89:00:0d:
46:16:ea:9d:2c:4c:54:86:75:9d:7a:c4:f4:34:19:
7d:e4:7d:c8:28:52:a5:97:c1:43:00:8d:07:48:ba:
c3:35:86:3b:6d:9f:64:88:ce:f2:66:7c:4a:eb:96:
df:39:bc:e4:f3:2c:1f:bb:92:67:4b:a7:ba:73:79:
26:55:99:53:ec:15:74:79:ce:2d:4f:69:4b:73:57:
23:04:5c:88:57:69:a2:55:00:59:8f:f0:c2:3c:b2:
92:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:DC:7E:8F:38:35:EE:59:AE:F2:0D:81:BC:09:5B:D2:B9:37:35:C8
X509v3 Authority Key Identifier:
keyid:E5:66:E0:E5:16:28:55:4C:D9:26:34:B7:11:AB:75:8F:84:67:C4:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Wbg5RYoVUzZJjS3Eat1j4RnxIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d9e16d-7e8c-43ec-99f7-e296cfd97209/1/ldx-jzg17lmu8g2BvAlb0rk3Ncg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d9e16d-7e8c-43ec-99f7-e296cfd97209/1/5Wbg5RYoVUzZJjS3Eat1j4RnxIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.16.0/24
31.22.20.0/22
86.39.64.0/20
IPv6:
2a00:6ec0:100::/40
2a00:6ec0:300::-2a00:6ec0:4ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6b:b5:0b:36:a7:c8:fb:87:1c:73:7e:f4:46:92:d4:5e:21:04:
a8:8c:48:64:ee:41:5a:13:1e:87:d9:95:c6:df:fa:4d:76:1f:
25:f2:a3:af:1c:11:a9:8e:bb:4a:11:9e:8c:da:07:32:58:de:
6f:46:c5:e1:4f:94:66:5b:67:24:31:c0:33:6f:2f:3f:b0:22:
b1:af:2d:29:be:19:96:03:f6:aa:1f:e0:e5:13:4a:8a:c8:27:
a7:11:fc:96:eb:16:95:fe:d4:8a:2c:96:35:9f:d3:85:cb:2c:
71:92:29:82:27:22:eb:e7:02:3a:ea:5f:5f:8e:c3:fb:29:6b:
0a:22:f8:b6:aa:3e:5d:50:d4:90:c5:9c:0b:69:f2:fb:3a:cd:
59:f3:ad:c1:f7:c9:71:68:1b:ad:1d:2e:de:25:eb:ed:7d:86:
67:77:1d:14:a4:6f:b4:b8:42:62:90:a9:72:62:ff:c7:b8:3c:
aa:07:31:d0:7e:c8:53:8e:d5:34:32:73:16:bc:59:07:00:12:
25:c2:0f:72:1f:c2:4a:7e:9a:1f:f6:1f:1e:41:34:d2:fb:50:
d5:2b:01:de:db:9e:2e:3f:4e:cf:50:92:37:af:cf:22:4d:32:
3f:32:0c:2c:99:81:8b:a3:a2:ef:07:f8:7f:b8:48:29:a9:9c:
4b:a2:bd:78
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEMl+hnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NTY2ZTBlNTE2Mjg1NTRjZDkyNjM0YjcxMWFiNzU4Zjg0NjdjNDg1MB4XDTIyMDEw
MTAxNTEzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTVkYzdlOGYzODM1
ZWU1OWFlZjIwZDgxYmMwOTViZDJiOTM3MzVjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2SKtm4PwMERKwVn6L8Rbw2GAiqRbnhpAgLk7aCrmjYP0p6
0PLAg5uVkQjZtW6O/Bj0uDlqIpztmEfMhdExRzg1d2xHByAb136+5VccRzMlLf4B
wns3A0G3hEeE+sM8WGt6wiqutP0LrKHIhktVs5cT+C4PlVftrGoUAP6ETpRHUrcT
y5iVmCyC7u3MUpuJHB6e8lrMvZgQLgXoO+JdaRl+iQANRhbqnSxMVIZ1nXrE9DQZ
feR9yChSpZfBQwCNB0i6wzWGO22fZIjO8mZ8SuuW3zm85PMsH7uSZ0ununN5JlWZ
U+wVdHnOLU9pS3NXIwRciFdpolUAWY/wwjyykgECAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBSV3H6PODXuWa7yDYG8CVvSuTc1yDAfBgNVHSMEGDAWgBTlZuDlFihVTNkm
NLcRq3WPhGfEhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVXYmc1UllvVlV6WkpqUzNFYXQxajRSbnhJVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvZDllMTZkLTdlOGMtNDNlYy05OWY3LWUyOTZjZmQ5NzIwOS8x
L2xkeC1qemcxN2xtdThnMkJ2QWxiMHJrM05jZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
ZDllMTZkLTdlOGMtNDNlYy05OWY3LWUyOTZjZmQ5NzIwOS8xLzVXYmc1UllvVlV6
WkpqUzNFYXQxajRSbnhJVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwGAQCAAEwEgMEAB8WEAMEAh8WFAMEBFYnQDAgBAIA
AjAaAwYAKgBuwAEwEAMGACoAbsADAwYAKgBuwAQwDQYJKoZIhvcNAQELBQADggEB
AGu1CzanyPuHHHN+9EaS1F4hBKiMSGTuQVoTHofZlcbf+k12HyXyo68cEamOu0oR
nozaBzJY3m9GxeFPlGZbZyQxwDNvLz+wIrGvLSm+GZYD9qof4OUTSorIJ6cR/Jbr
FpX+1IosljWf04XLLHGSKYInIuvnAjrqX1+Ow/spawoi+LaqPl1Q1JDFnAtp8vs6
zVnzrcH3yXFoG60dLt4l6+19hmd3HRSkb7S4QmKQqXJi/8e4PKoHMdB+yFOO1TQy
cxa8WQcAEiXCD3Ifwkp+mh/2Hx5BNNL7UNUrAd7bni4/Ts9QkjevzyJNMj8yDCyZ
gYujou8H+H+4SCmpnEuivXg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:09 2025 by rpki-client