![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/9062e2-95ae-4656-b2ee-984a8eb51e45/1/vgW4_X8be2bAoBfIvgTIhm2p7aU.roa
File: vgW4_X8be2bAoBfIvgTIhm2p7aU.roa (raw, json)
Hash identifier: NEo5Sm5CXOvu6K38+H/jneonlO/nViPTIjGLDYsgvZc=
Subject key identifier: BE:05:B8:FD:7F:1B:7B:66:C0:A0:17:C8:BE:04:C8:86:6D:A9:ED:A5
Certificate issuer: /CN=32cb3c05d6a2c51c2ff52dd9dcb9e2b55c4048f9
Certificate serial: 0185729F008697932CDCDA11BDD704630247
Authority key identifier: 32:CB:3C:05:D6:A2:C5:1C:2F:F5:2D:D9:DC:B9:E2:B5:5C:40:48:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mss8BdaixRwv9S3Z3LnitVxASPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/9062e2-95ae-4656-b2ee-984a8eb51e45/1/vgW4_X8be2bAoBfIvgTIhm2p7aU.roa
Signing time: Mon 02 Jan 2023 13:15:01 +0000
ROA not before: Mon 02 Jan 2023 13:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202054
IP address blocks: 185.14.56.0/22 maxlen: 24
46.16.132.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9f:00:86:97:93:2c:dc:da:11:bd:d7:04:63:02:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32cb3c05d6a2c51c2ff52dd9dcb9e2b55c4048f9
Validity
Not Before: Jan 2 13:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be05b8fd7f1b7b66c0a017c8be04c8866da9eda5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ae:b5:a5:81:af:72:62:0e:1e:03:d3:51:5e:
81:90:1a:f9:2e:17:48:29:a9:50:f3:2e:cb:53:4f:
f6:d9:3f:ec:70:48:25:e5:5e:ca:c6:39:eb:0d:c4:
fd:f1:db:87:bc:33:bc:8d:ad:19:ea:4a:73:b8:87:
1e:68:25:3b:73:df:47:c4:03:53:06:77:8c:66:73:
40:52:dc:3c:98:02:73:97:46:0b:fa:1a:3d:aa:2c:
27:3c:a2:a8:ee:6c:5b:37:7a:45:b1:41:d7:59:70:
b2:ee:bc:ee:c3:27:ab:5f:b2:84:bd:3a:e6:13:9e:
e6:f2:2e:85:36:f6:b1:68:05:e1:2b:d8:55:2c:3e:
50:03:10:82:78:cb:2c:10:4a:f1:b2:65:e5:fd:b2:
73:39:b7:63:48:a0:64:23:9b:b7:20:7c:85:21:65:
c3:77:5a:29:7a:52:69:41:4c:d2:52:1f:91:17:98:
7a:af:d8:b0:d7:f2:0c:2b:1a:81:96:08:d6:63:05:
98:79:08:b1:56:01:ac:db:fa:01:3c:08:0e:da:da:
4b:e0:4b:49:f2:f2:e3:92:42:77:8c:10:73:0b:91:
38:e6:94:a9:5b:a2:dc:f0:86:46:a0:e3:f1:9f:33:
ea:e2:6e:22:3d:d8:79:d0:16:6a:48:31:f5:9e:38:
1d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:05:B8:FD:7F:1B:7B:66:C0:A0:17:C8:BE:04:C8:86:6D:A9:ED:A5
X509v3 Authority Key Identifier:
keyid:32:CB:3C:05:D6:A2:C5:1C:2F:F5:2D:D9:DC:B9:E2:B5:5C:40:48:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mss8BdaixRwv9S3Z3LnitVxASPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/9062e2-95ae-4656-b2ee-984a8eb51e45/1/vgW4_X8be2bAoBfIvgTIhm2p7aU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/9062e2-95ae-4656-b2ee-984a8eb51e45/1/Mss8BdaixRwv9S3Z3LnitVxASPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.132.0/22
185.14.56.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:92:4e:9c:38:4b:4a:15:46:40:4d:d3:ac:44:1b:5d:74:db:
95:87:7a:2f:f6:33:08:64:4a:a8:06:17:fb:08:9f:53:54:4b:
73:4a:52:83:aa:03:67:1c:b4:53:9d:6a:35:10:6c:a5:93:5b:
d2:ee:6b:13:56:b2:96:a5:87:8f:25:39:4e:e2:9b:a6:d6:b3:
d4:92:61:fd:2a:48:81:20:d5:ee:e0:51:d7:63:f8:17:70:dd:
2c:4c:06:05:99:1a:c9:e9:72:d4:48:88:81:da:9f:6f:87:9f:
ef:a4:4b:b8:20:01:ab:ce:1a:1f:49:68:bf:c2:0d:dd:d6:a4:
8c:f0:b3:07:c3:89:09:93:cf:96:13:0e:bd:5b:bd:dd:0a:e2:
79:e7:03:da:60:ad:e5:0d:21:c0:98:33:c6:05:49:37:a1:29:
fd:e6:28:7e:df:0d:5e:a6:ae:56:49:09:5f:66:4b:fa:4e:13:
08:32:68:7a:40:6e:12:8f:19:b0:68:e7:0a:e3:3f:cf:00:5a:
a8:8b:0b:49:19:ab:dc:09:be:76:c4:34:f2:72:d6:c0:8b:4e:
30:b4:86:2e:ea:22:39:f8:34:46:5d:57:c4:f5:b4:0d:39:ff:
e1:09:d5:36:3d:9b:fd:b3:ee:9e:06:38:da:a4:4c:7b:bf:6d:
45:58:f7:17
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVynwCGl5Ms3NoRvdcEYwJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyY2IzYzA1ZDZhMmM1MWMyZmY1MmRkOWRjYjllMmI1NWM0
MDQ4ZjkwHhcNMjMwMTAyMTMxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTA1YjhmZDdmMWI3YjY2YzBhMDE3YzhiZTA0Yzg4NjZkYTllZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAra61pYGvcmIOHgPTUV6BkBr5LhdI
KalQ8y7LU0/22T/scEgl5V7KxjnrDcT98duHvDO8ja0Z6kpzuIceaCU7c99HxANT
BneMZnNAUtw8mAJzl0YL+ho9qiwnPKKo7mxbN3pFsUHXWXCy7rzuwyerX7KEvTrm
E57m8i6FNvaxaAXhK9hVLD5QAxCCeMssEErxsmXl/bJzObdjSKBkI5u3IHyFIWXD
d1opelJpQUzSUh+RF5h6r9iw1/IMKxqBlgjWYwWYeQixVgGs2/oBPAgO2tpL4EtJ
8vLjkkJ3jBBzC5E45pSpW6Lc8IZGoOPxnzPq4m4iPdh50BZqSDH1njgdjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL4FuP1/G3tmwKAXyL4EyIZtqe2lMB8GA1UdIwQY
MBaAFDLLPAXWosUcL/Ut2dy54rVcQEj5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXNzOEJkYWl4Und2OVMzWjNMbml0VnhBU1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy85MDYyZTItOTVhZS00NjU2LWIyZWUt
OTg0YThlYjUxZTQ1LzEvdmdXNF9YOGJlMmJBb0JmSXZnVElobTJwN2FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy85MDYyZTItOTVhZS00NjU2LWIyZWUtOTg0YThlYjUxZTQ1
LzEvTXNzOEJkYWl4Und2OVMzWjNMbml0VnhBU1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLhCEAwQC
uQ44MA0GCSqGSIb3DQEBCwUAA4IBAQCjkk6cOEtKFUZATdOsRBtddNuVh3ov9jMI
ZEqoBhf7CJ9TVEtzSlKDqgNnHLRTnWo1EGylk1vS7msTVrKWpYePJTlO4pum1rPU
kmH9KkiBINXu4FHXY/gXcN0sTAYFmRrJ6XLUSIiB2p9vh5/vpEu4IAGrzhofSWi/
wg3d1qSM8LMHw4kJk8+WEw69W73dCuJ55wPaYK3lDSHAmDPGBUk3oSn95ih+3w1e
pq5WSQlfZkv6ThMIMmh6QG4SjxmwaOcK4z/PAFqoiwtJGavcCb52xDTyctbAi04w
tIYu6iI5+DRGXVfE9bQNOf/hCdU2PZv9s+6eBjjapEx7v21FWPcX
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:34:20 2025 by rpki-client