![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/990513-f49c-45fb-a7bb-5f045688bb99/1/tk4T-cXpO3NfhjZ3wH8ofgAaGXw.roa
File: tk4T-cXpO3NfhjZ3wH8ofgAaGXw.roa (raw, json)
Hash identifier: 4KlghQyPjBeRoBgwKt+nSb+KmynGapLdlfSdBuFEF+U=
Subject key identifier: B6:4E:13:F9:C5:E9:3B:73:5F:86:36:77:C0:7F:28:7E:00:1A:19:7C
Certificate issuer: /CN=7020f9115d194031fc5c849f15abbfd80e08622b
Certificate serial: 01857070697534ECC1E76DB78F3188903259
Authority key identifier: 70:20:F9:11:5D:19:40:31:FC:5C:84:9F:15:AB:BF:D8:0E:08:62:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cCD5EV0ZQDH8XISfFau_2A4IYis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/990513-f49c-45fb-a7bb-5f045688bb99/1/tk4T-cXpO3NfhjZ3wH8ofgAaGXw.roa
Signing time: Mon 02 Jan 2023 03:04:53 +0000
ROA not before: Mon 02 Jan 2023 03:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211453
IP address blocks: 176.113.44.0/24 maxlen: 24
2a0c:8840:1000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:70:69:75:34:ec:c1:e7:6d:b7:8f:31:88:90:32:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7020f9115d194031fc5c849f15abbfd80e08622b
Validity
Not Before: Jan 2 03:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b64e13f9c5e93b735f863677c07f287e001a197c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ba:56:81:09:ab:52:71:86:4a:d8:cc:16:07:
76:fa:ee:57:ac:17:c8:2c:c6:b7:04:86:2d:c7:c0:
89:ec:53:4c:aa:9a:a4:d8:ca:66:b9:1f:a0:76:09:
a1:66:78:16:8e:da:fe:f6:c7:c7:12:9e:72:30:1a:
70:7c:c6:3a:c7:e1:10:75:3a:e0:5e:f4:d0:ff:dd:
02:b9:87:8a:72:4d:5b:40:7f:46:40:41:97:94:ab:
c5:88:52:db:60:61:32:75:e8:6c:27:ac:92:36:79:
35:18:d9:7e:82:38:39:f6:3f:18:df:f8:bf:d5:13:
10:68:61:3c:89:cd:82:c6:02:89:da:7b:60:7e:06:
7d:ee:96:09:c8:b3:fb:14:c3:fc:2f:5e:3c:74:4b:
c0:ee:8f:a2:b0:f2:86:40:3c:5a:53:34:8c:2a:9a:
af:f1:b2:8e:0f:df:0a:28:32:43:14:ba:14:3c:40:
1f:6e:22:db:ce:03:a0:58:bb:47:a1:05:e1:d8:cf:
a7:c6:e0:e6:02:82:69:5a:bd:e2:e8:3c:c7:b4:87:
ee:23:65:a2:09:c8:0c:e3:e3:83:9e:b5:2f:17:e1:
39:92:f5:2b:9f:6d:7f:f3:d7:70:b0:0c:ad:93:e9:
fd:bc:58:37:c9:c3:63:34:af:d4:e5:a0:d2:c1:8a:
5e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:4E:13:F9:C5:E9:3B:73:5F:86:36:77:C0:7F:28:7E:00:1A:19:7C
X509v3 Authority Key Identifier:
keyid:70:20:F9:11:5D:19:40:31:FC:5C:84:9F:15:AB:BF:D8:0E:08:62:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cCD5EV0ZQDH8XISfFau_2A4IYis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/990513-f49c-45fb-a7bb-5f045688bb99/1/tk4T-cXpO3NfhjZ3wH8ofgAaGXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/990513-f49c-45fb-a7bb-5f045688bb99/1/cCD5EV0ZQDH8XISfFau_2A4IYis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.113.44.0/24
IPv6:
2a0c:8840:1000::/36
Signature Algorithm: sha256WithRSAEncryption
0f:f8:f4:2a:10:37:12:4a:63:0b:7a:47:5d:1d:61:e5:91:a0:
bf:0b:b4:8e:1d:23:38:a5:9e:2e:ca:c7:a5:10:13:6a:96:d2:
18:b5:2b:9a:a3:f3:34:f1:11:0a:e0:41:a8:d9:97:94:9d:01:
dc:f6:f9:b5:47:7e:02:aa:25:9d:52:58:9e:61:2b:ed:bd:de:
ee:11:17:3a:3d:96:82:c1:4d:c8:85:6c:84:7f:24:93:c7:a6:
80:6d:0f:e1:a3:b2:0f:60:9e:e1:66:63:6e:6d:f8:e0:77:d3:
57:6a:eb:5d:68:10:39:48:6e:4a:5b:c3:b6:0c:67:3b:26:92:
f3:c0:61:d8:78:2a:2d:af:10:bf:31:dd:49:8f:96:40:c9:fc:
0b:55:ab:98:35:11:d3:e1:e7:8a:b2:3c:69:ba:b6:29:63:35:
2b:b8:97:16:b0:81:e3:9a:91:91:28:72:93:10:b3:d6:44:90:
4c:b3:63:78:1c:1c:d8:11:59:41:a2:1a:13:75:fb:0d:bb:4d:
c8:96:63:d2:95:3b:8c:a5:2f:0b:af:d2:ea:6a:af:89:15:e8:
77:5a:aa:06:a7:b3:b1:f9:56:c5:2f:15:99:43:b7:64:ce:49:
29:d4:99:31:be:12:d8:00:6a:29:36:b4:c0:b5:be:05:eb:50:
cd:fd:48:bc
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVwcGl1NOzB5223jzGIkDJZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMjBmOTExNWQxOTQwMzFmYzVjODQ5ZjE1YWJiZmQ4MGUw
ODYyMmIwHhcNMjMwMTAyMDMwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjRlMTNmOWM1ZTkzYjczNWY4NjM2NzdjMDdmMjg3ZTAwMWExOTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLpWgQmrUnGGStjMFgd2+u5XrBfI
LMa3BIYtx8CJ7FNMqpqk2MpmuR+gdgmhZngWjtr+9sfHEp5yMBpwfMY6x+EQdTrg
XvTQ/90CuYeKck1bQH9GQEGXlKvFiFLbYGEydehsJ6ySNnk1GNl+gjg59j8Y3/i/
1RMQaGE8ic2CxgKJ2ntgfgZ97pYJyLP7FMP8L148dEvA7o+isPKGQDxaUzSMKpqv
8bKOD98KKDJDFLoUPEAfbiLbzgOgWLtHoQXh2M+nxuDmAoJpWr3i6DzHtIfuI2Wi
CcgM4+ODnrUvF+E5kvUrn21/89dwsAytk+n9vFg3ycNjNK/U5aDSwYpewwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFLZOE/nF6TtzX4Y2d8B/KH4AGhl8MB8GA1UdIwQY
MBaAFHAg+RFdGUAx/FyEnxWrv9gOCGIrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0NENUVWMFpRREg4WElTZkZhdV8yQTRJWWlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85OTA1MTMtZjQ5Yy00NWZiLWE3YmIt
NWYwNDU2ODhiYjk5LzEvdGs0VC1jWHBPM05maGpaM3dIOG9mZ0FhR1h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85OTA1MTMtZjQ5Yy00NWZiLWE3YmItNWYwNDU2ODhiYjk5
LzEvY0NENUVWMFpRREg4WElTZkZhdV8yQTRJWWlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAsHEsMA4E
AgACMAgDBgQqDIhAEDANBgkqhkiG9w0BAQsFAAOCAQEAD/j0KhA3EkpjC3pHXR1h
5ZGgvwu0jh0jOKWeLsrHpRATapbSGLUrmqPzNPERCuBBqNmXlJ0B3Pb5tUd+Aqol
nVJYnmEr7b3e7hEXOj2WgsFNyIVshH8kk8emgG0P4aOyD2Ce4WZjbm344HfTV2rr
XWgQOUhuSlvDtgxnOyaS88Bh2HgqLa8QvzHdSY+WQMn8C1WrmDUR0+HnirI8abq2
KWM1K7iXFrCB45qRkShykxCz1kSQTLNjeBwc2BFZQaIaE3X7DbtNyJZj0pU7jKUv
C6/S6mqviRXod1qqBqezsflWxS8VmUO3ZM5JKdSZMb4S2ABqKTa0wLW+BetQzf1I
vA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:34 2025 by rpki-client