![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/dxkxas5jBVM_knYAsiMgGBlou-k.roa
File: dxkxas5jBVM_knYAsiMgGBlou-k.roa (raw, json)
Hash identifier: sh2+TrT6Knut/iI7GOxPvyOjneTAyFCKCDPTzFg0jsQ=
Subject key identifier: 77:19:31:6A:CE:63:05:53:3F:92:76:00:B2:23:20:18:19:68:BB:E9
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0184EC21B38C5CC736F0B0119882F3462CC0
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/dxkxas5jBVM_knYAsiMgGBlou-k.roa
Signing time: Wed 07 Dec 2022 10:29:02 +0000
ROA not before: Wed 07 Dec 2022 10:29:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47771
IP address blocks: 77.77.164.0/24 maxlen: 24
77.77.165.0/24 maxlen: 24
77.77.166.0/24 maxlen: 24
77.77.167.0/24 maxlen: 24
87.119.100.0/24 maxlen: 24
87.119.101.0/24 maxlen: 24
87.119.103.0/24 maxlen: 24
87.119.104.0/24 maxlen: 24
87.119.102.0/24 maxlen: 24
87.119.105.0/24 maxlen: 24
87.119.64.0/24 maxlen: 24
87.119.70.0/24 maxlen: 24
87.119.71.0/24 maxlen: 24
87.119.65.0/24 maxlen: 24
87.119.66.0/24 maxlen: 24
87.119.69.0/24 maxlen: 24
87.119.67.0/24 maxlen: 24
87.119.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:21:b3:8c:5c:c7:36:f0:b0:11:98:82:f3:46:2c:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Dec 7 10:29:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7719316ace6305533f927600b22320181968bbe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c6:82:ad:67:14:ad:8a:58:a7:fa:6d:96:6f:
83:b9:9b:17:87:28:75:9c:5a:4d:31:93:5d:cb:db:
0e:a0:29:cf:1a:9e:bc:e4:14:04:00:77:76:bb:aa:
62:71:66:79:d5:d2:d0:a6:28:6f:23:fe:ca:8d:32:
f3:ba:fd:21:e3:3b:45:e1:3d:b7:42:9b:91:52:31:
70:fd:58:df:8b:c1:c3:8c:7d:b1:d2:b8:39:db:52:
f0:c1:28:f7:59:be:d2:fc:a7:87:ef:4a:e0:77:37:
3e:b8:82:bd:70:1f:c3:82:3c:14:62:5e:bc:52:44:
79:ce:6e:f9:22:8c:f9:ce:a2:c4:73:e7:6b:41:78:
c1:88:3e:ea:d4:dc:fb:bc:2f:f8:3a:be:7f:c6:e0:
32:4a:53:47:50:8f:24:a1:c6:5e:7d:0e:39:3e:72:
a5:fa:17:87:e6:5d:9e:66:5b:3c:97:fe:51:c7:61:
53:27:24:a5:11:0d:30:01:fd:ba:dd:b0:27:9c:af:
ba:ba:3a:6b:a4:26:2f:3b:be:9f:02:b9:b4:b4:e5:
9d:31:a8:63:47:8d:c1:65:4a:27:0e:bb:12:b0:bc:
b4:2e:0c:b6:7f:ba:5e:86:90:bd:03:1b:54:81:7c:
b4:52:bc:94:99:cc:51:b0:78:a5:5b:f3:eb:d8:23:
b8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:19:31:6A:CE:63:05:53:3F:92:76:00:B2:23:20:18:19:68:BB:E9
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/dxkxas5jBVM_knYAsiMgGBlou-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.77.164.0/22
87.119.64.0/21
87.119.100.0-87.119.105.255
Signature Algorithm: sha256WithRSAEncryption
3c:7b:ba:b2:9f:23:8c:8c:d8:ec:b4:84:bf:6d:26:68:15:3a:
23:a9:91:1b:65:43:38:8c:84:32:dc:c9:2a:da:3c:3a:ba:37:
bc:d7:17:86:52:ef:53:70:3c:33:18:7e:0c:b2:dc:13:cb:8b:
87:12:7e:f1:a5:7e:ca:45:90:37:77:f1:ac:eb:a8:ff:00:0e:
32:cd:92:5e:0a:96:00:c0:cb:91:fd:ce:3c:88:b9:c9:17:11:
88:2f:c6:c5:00:4b:cb:21:11:e3:f9:26:43:4e:55:66:49:84:
a6:ca:c8:5d:4c:c0:5c:fc:39:bb:68:90:89:ef:eb:4c:5c:8b:
a1:fc:1b:33:f1:58:9c:74:2f:26:c1:42:d2:70:04:15:f0:6c:
60:ac:41:39:b9:bb:f0:44:4b:16:f0:21:92:bd:45:7c:3d:4a:
8e:f3:e2:a4:9f:87:6a:e8:77:22:cf:0d:86:98:f0:f9:32:1a:
43:ab:4f:a1:88:78:50:e3:a0:ab:71:09:08:a8:c8:1c:4a:39:
53:f3:ac:8d:6e:23:f3:de:89:83:a8:5f:46:b6:53:ed:3e:6e:
b2:27:70:3f:e0:3d:22:8c:e6:5b:36:bf:7e:cc:c2:5b:73:06:
93:48:0d:a3:d2:c9:89:8a:4a:f1:f5:a6:0b:f6:b7:01:96:a1:
c9:73:7c:aa
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYTsIbOMXMc28LARmILzRizAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjIxMjA3MTAyOTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzE5MzE2YWNlNjMwNTUzM2Y5Mjc2MDBiMjIzMjAxODE5NjhiYmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsaCrWcUrYpYp/ptlm+DuZsXhyh1
nFpNMZNdy9sOoCnPGp685BQEAHd2u6picWZ51dLQpihvI/7KjTLzuv0h4ztF4T23
QpuRUjFw/Vjfi8HDjH2x0rg521LwwSj3Wb7S/KeH70rgdzc+uIK9cB/DgjwUYl68
UkR5zm75Ioz5zqLEc+drQXjBiD7q1Nz7vC/4Or5/xuAySlNHUI8kocZefQ45PnKl
+heH5l2eZls8l/5Rx2FTJySlEQ0wAf263bAnnK+6ujprpCYvO76fArm0tOWdMahj
R43BZUonDrsSsLy0Lgy2f7pehpC9AxtUgXy0UryUmcxRsHilW/Pr2CO4/QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHcZMWrOYwVTP5J2ALIjIBgZaLvpMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvZHhreGFzNWpCVk1fa25ZQXNpTWdHQmxvdS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCTU2kAwQD
V3dAMAwDBAJXd2QDBAFXd2gwDQYJKoZIhvcNAQELBQADggEBADx7urKfI4yM2Oy0
hL9tJmgVOiOpkRtlQziMhDLcySraPDq6N7zXF4ZS71NwPDMYfgyy3BPLi4cSfvGl
fspFkDd38azrqP8ADjLNkl4KlgDAy5H9zjyIuckXEYgvxsUAS8shEeP5JkNOVWZJ
hKbKyF1MwFz8ObtokInv60xci6H8GzPxWJx0LybBQtJwBBXwbGCsQTm5u/BESxbw
IZK9RXw9So7z4qSfh2rodyLPDYaY8PkyGkOrT6GIeFDjoKtxCQioyBxKOVPzrI1u
I/PeiYOoX0a2U+0+brIncD/gPSKM5ls2v37MwltzBpNIDaPSyYmKSvH1pgv2twGW
oclzfKo=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:20:23 2025 by rpki-client