![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/4BWNVt3GZeSsjDASNzYa4qOBw8g.roa
File: 4BWNVt3GZeSsjDASNzYa4qOBw8g.roa (raw, json)
Hash identifier: enD7DAOZzj0hIWt+pCFSLNOo7qtNyX30StsJKy4Mqvs=
Subject key identifier: E0:15:8D:56:DD:C6:65:E4:AC:8C:30:12:37:36:1A:E2:A3:81:C3:C8
Certificate issuer: /CN=f5450c6376655eec1dd2da4bd21d5f104a96d904
Certificate serial: 05C62E99
Authority key identifier: F5:45:0C:63:76:65:5E:EC:1D:D2:DA:4B:D2:1D:5F:10:4A:96:D9:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/4BWNVt3GZeSsjDASNzYa4qOBw8g.roa
Signing time: Sat 01 Jan 2022 08:58:17 +0000
ROA not before: Sat 01 Jan 2022 08:58:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49832
IP address blocks: 185.88.11.0/24 maxlen: 32
167.160.20.0/24 maxlen: 32
2a06:1ec0::/29 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96874137 (0x5c62e99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5450c6376655eec1dd2da4bd21d5f104a96d904
Validity
Not Before: Jan 1 08:58:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0158d56ddc665e4ac8c301237361ae2a381c3c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c6:56:ea:aa:2b:a8:02:b5:fa:ca:a3:2f:7b:
99:aa:44:aa:e4:e5:f8:ca:34:50:e7:e4:b4:4f:f2:
a8:27:60:8c:df:a2:9c:0c:53:df:f3:24:c6:f4:84:
a5:88:b3:aa:c7:1a:9c:31:ac:94:51:50:7b:77:06:
49:ae:54:10:82:c5:96:0f:9b:b4:1b:9c:b7:e1:59:
bf:64:5d:f2:84:78:ba:29:25:3a:b5:38:c2:10:10:
97:42:80:43:f6:90:be:8d:86:5f:c4:0e:b0:df:0f:
71:50:ad:b1:6d:a4:1c:7d:01:e2:31:b3:53:b5:51:
09:45:69:94:8d:a6:52:f2:16:ef:39:6a:1e:10:39:
d8:c8:54:43:df:5b:cc:cc:28:ff:6f:66:37:c2:93:
d6:d2:10:1e:ae:31:ef:c5:cf:ff:1b:8e:f0:50:d6:
c3:e9:e5:d2:d0:18:7e:f7:d8:61:ba:56:b9:aa:07:
73:44:2c:a0:6c:fd:79:9c:47:e7:11:35:98:63:db:
83:51:46:8e:f8:26:48:c2:47:a8:a1:29:33:b7:61:
01:31:72:be:05:18:9a:e4:2b:59:f7:57:50:5e:62:
f0:04:1b:2a:68:47:77:d2:a3:cb:d3:26:f5:86:1f:
c7:b1:3a:5a:f6:28:67:61:8f:85:2f:48:76:0d:35:
1c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:15:8D:56:DD:C6:65:E4:AC:8C:30:12:37:36:1A:E2:A3:81:C3:C8
X509v3 Authority Key Identifier:
keyid:F5:45:0C:63:76:65:5E:EC:1D:D2:DA:4B:D2:1D:5F:10:4A:96:D9:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/4BWNVt3GZeSsjDASNzYa4qOBw8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b122b0-d461-409d-bbd8-6d1f60543e9c/1/9UUMY3ZlXuwd0tpL0h1fEEqW2QQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.20.0/24
185.88.11.0/24
IPv6:
2a06:1ec0::/29
Signature Algorithm: sha256WithRSAEncryption
73:f3:7c:dd:eb:07:1b:56:99:78:78:78:0d:44:2d:a6:f1:c6:
41:36:d5:eb:5a:bc:e0:8c:cf:5b:9d:b1:85:8c:dc:7c:86:f6:
95:56:fc:c9:52:17:68:19:df:e7:6d:fe:bb:97:f7:47:e4:7e:
94:de:da:99:d4:d5:e3:5a:fa:5c:6f:99:b7:7f:de:16:fe:44:
21:7c:98:21:94:1b:58:87:3a:fd:11:ab:24:ba:d7:e9:a1:69:
24:68:f2:18:d7:13:94:6d:02:12:7f:cf:2c:54:b6:05:f7:52:
3b:e5:9e:25:ce:48:fa:80:c6:f3:b6:e2:73:37:09:33:9c:29:
a9:93:a0:44:f2:0f:f9:fb:6d:26:04:93:06:7c:23:87:b4:b7:
cd:14:c8:2f:db:cd:61:7b:88:f7:a7:c0:50:60:8a:39:0e:2a:
e3:de:ae:1f:72:2e:a7:ed:59:21:a6:a2:ac:a5:45:66:5e:54:
77:6e:28:42:a2:c6:8c:0c:45:ac:08:3b:8b:d9:ab:16:ef:9d:
b8:ff:73:87:ee:db:ee:57:c6:d2:ba:38:4c:2f:f4:c1:33:f9:
ae:66:e5:1a:cb:b3:e8:15:67:45:cd:77:f7:b4:d0:72:1f:80:
05:c7:aa:3a:65:91:70:d6:f1:95:f0:b1:97:d0:d7:d0:aa:b0:
ef:ad:7d:ea
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBcYumTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NTQ1MGM2Mzc2NjU1ZWVjMWRkMmRhNGJkMjFkNWYxMDRhOTZkOTA0MB4XDTIyMDEw
MTA4NTgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTAxNThkNTZkZGM2
NjVlNGFjOGMzMDEyMzczNjFhZTJhMzgxYzNjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ/GVuqqK6gCtfrKoy97mapEquTl+Mo0UOfktE/yqCdgjN+i
nAxT3/MkxvSEpYizqscanDGslFFQe3cGSa5UEILFlg+btBuct+FZv2Rd8oR4uikl
OrU4whAQl0KAQ/aQvo2GX8QOsN8PcVCtsW2kHH0B4jGzU7VRCUVplI2mUvIW7zlq
HhA52MhUQ99bzMwo/29mN8KT1tIQHq4x78XP/xuO8FDWw+nl0tAYfvfYYbpWuaoH
c0QsoGz9eZxH5xE1mGPbg1FGjvgmSMJHqKEpM7dhATFyvgUYmuQrWfdXUF5i8AQb
KmhHd9Kjy9Mm9YYfx7E6WvYoZ2GPhS9Idg01HBMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTgFY1W3cZl5KyMMBI3Nhrio4HDyDAfBgNVHSMEGDAWgBT1RQxjdmVe7B3S
2kvSHV8QSpbZBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlVVU1ZM1psWHV3ZDB0cEwwaDFmRUVxVzJRUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvYjEyMmIwLWQ0NjEtNDA5ZC1iYmQ4LTZkMWY2MDU0M2U5Yy8x
LzRCV05WdDNHWmVTc2pEQVNOellhNHFPQnc4Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
YjEyMmIwLWQ0NjEtNDA5ZC1iYmQ4LTZkMWY2MDU0M2U5Yy8xLzlVVU1ZM1psWHV3
ZDB0cEwwaDFmRUVxVzJRUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAKegFAMEALlYCzANBAIAAjAHAwUD
KgYewDANBgkqhkiG9w0BAQsFAAOCAQEAc/N83esHG1aZeHh4DUQtpvHGQTbV61q8
4IzPW52xhYzcfIb2lVb8yVIXaBnf523+u5f3R+R+lN7amdTV41r6XG+Zt3/eFv5E
IXyYIZQbWIc6/RGrJLrX6aFpJGjyGNcTlG0CEn/PLFS2BfdSO+WeJc5I+oDG87bi
czcJM5wpqZOgRPIP+fttJgSTBnwjh7S3zRTIL9vNYXuI96fAUGCKOQ4q496uH3Iu
p+1ZIaairKVFZl5Ud24oQqLGjAxFrAg7i9mrFu+duP9zh+7b7lfG0ro4TC/0wTP5
rmblGsuz6BVnRc1397TQch+ABceqOmWRcNbxlfCxl9DX0Kqw76196g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:26 2025 by rpki-client