![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/71c608-1cc2-4899-a5fa-846aaf0eb1ad/1/Pw5xLzn7DQUu4es-o7jpbSODays.roa
File: Pw5xLzn7DQUu4es-o7jpbSODays.roa (raw, json)
Hash identifier: wK4Fw2P8kO38FleGdRQQK2XMBFwnPuE4uFf8jKowH7U=
Subject key identifier: 3F:0E:71:2F:39:FB:0D:05:2E:E1:EB:3E:A3:B8:E9:6D:23:83:6B:2B
Certificate issuer: /CN=2ee96208925d836f8d037d179980a83a1b0c1342
Certificate serial: 01856BD37D5F5D709A6A213478FF0E886CDF
Authority key identifier: 2E:E9:62:08:92:5D:83:6F:8D:03:7D:17:99:80:A8:3A:1B:0C:13:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LuliCJJdg2-NA30XmYCoOhsME0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/71c608-1cc2-4899-a5fa-846aaf0eb1ad/1/Pw5xLzn7DQUu4es-o7jpbSODays.roa
Signing time: Sun 01 Jan 2023 05:35:00 +0000
ROA not before: Sun 01 Jan 2023 05:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201107
IP address blocks: 193.30.96.0/24 maxlen: 24
193.30.97.0/24 maxlen: 24
193.30.98.0/24 maxlen: 24
193.30.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:7d:5f:5d:70:9a:6a:21:34:78:ff:0e:88:6c:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ee96208925d836f8d037d179980a83a1b0c1342
Validity
Not Before: Jan 1 05:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f0e712f39fb0d052ee1eb3ea3b8e96d23836b2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:36:63:79:ad:ef:6a:97:06:b9:03:fe:a8:09:
c9:3d:e3:f0:f1:3b:a4:29:a9:26:d6:42:55:51:8a:
65:49:f4:74:38:45:1a:73:17:6c:54:35:34:a0:57:
51:98:a9:e4:0f:ef:9c:7d:ee:00:16:c1:fa:41:e0:
3d:97:05:38:a3:9a:6d:f5:af:ac:73:78:71:f5:a1:
79:5c:af:a4:50:42:be:92:66:5e:96:ef:df:c2:85:
89:a0:65:d7:5e:88:e2:15:21:8c:ab:33:93:94:ea:
68:e6:41:22:66:b3:8b:3c:82:a7:3e:01:cb:60:aa:
61:5b:a3:9e:b3:91:03:23:ad:0e:2e:92:b5:b2:a6:
2b:9f:57:b0:52:67:14:62:53:e9:59:3a:91:c7:62:
d9:7e:37:14:cf:57:1e:70:69:ef:85:91:41:5f:50:
9b:8c:13:c0:18:7e:38:b4:73:39:fa:29:cd:90:4d:
63:6e:42:74:4f:64:b8:6d:af:0c:8d:3e:4d:c1:97:
1e:0f:0b:50:e6:26:88:62:69:74:fe:ef:cd:bf:c3:
f9:94:84:d0:69:99:4e:04:30:9b:9d:96:af:89:f8:
df:d6:87:b5:c0:ba:3c:55:59:f0:0d:d6:91:3c:cf:
0e:55:74:84:0f:3d:a6:65:42:d4:c6:5d:2d:30:70:
92:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:0E:71:2F:39:FB:0D:05:2E:E1:EB:3E:A3:B8:E9:6D:23:83:6B:2B
X509v3 Authority Key Identifier:
keyid:2E:E9:62:08:92:5D:83:6F:8D:03:7D:17:99:80:A8:3A:1B:0C:13:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LuliCJJdg2-NA30XmYCoOhsME0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/71c608-1cc2-4899-a5fa-846aaf0eb1ad/1/Pw5xLzn7DQUu4es-o7jpbSODays.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/71c608-1cc2-4899-a5fa-846aaf0eb1ad/1/LuliCJJdg2-NA30XmYCoOhsME0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.30.96.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:ca:a1:6c:df:70:16:f7:8d:c4:29:71:4a:88:d5:6a:41:41:
f0:02:a5:1b:9a:76:83:23:07:71:c2:8c:10:44:c3:fd:0b:68:
8d:e5:5d:de:98:9f:b1:90:5c:96:47:5b:07:88:dc:50:e0:95:
bc:9c:f0:18:95:2f:54:6d:c4:f9:0a:a3:fa:9c:ce:7e:b9:22:
fc:64:a8:16:d5:1b:7d:3c:29:ba:fe:19:8d:2b:da:aa:86:cc:
13:1c:85:50:d9:b1:a3:88:db:fc:d1:da:f7:07:ef:13:e7:34:
2c:31:3e:f9:b8:1c:1e:e7:b4:e7:9e:14:17:b4:51:1c:96:f7:
5b:81:70:56:1d:13:49:5d:37:13:f2:b0:61:8e:e3:83:91:1f:
87:66:ff:bb:a5:3a:3b:5b:ef:22:e6:86:dd:30:97:8a:cf:26:
9b:41:3b:6c:b3:21:f9:f5:6c:18:3c:02:56:7e:4b:0b:4f:63:
54:2e:7b:3d:f4:d5:f0:dd:47:91:e2:10:a1:05:b6:ed:db:4d:
3d:f9:30:de:ac:e1:9c:d9:fe:03:c1:83:7f:ed:15:d1:25:39:
2e:d9:66:6e:cd:e4:ea:6c:fd:44:05:6b:a4:e3:04:3c:f9:d6:
b3:8b:2b:11:d7:7b:ca:59:ac:f7:b5:a9:ce:b7:52:2b:03:d8:
0a:ee:b1:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr031fXXCaaiE0eP8OiGzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZTk2MjA4OTI1ZDgzNmY4ZDAzN2QxNzk5ODBhODNhMWIw
YzEzNDIwHhcNMjMwMTAxMDUzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjBlNzEyZjM5ZmIwZDA1MmVlMWViM2VhM2I4ZTk2ZDIzODM2YjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDZjea3vapcGuQP+qAnJPePw8Tuk
Kakm1kJVUYplSfR0OEUacxdsVDU0oFdRmKnkD++cfe4AFsH6QeA9lwU4o5pt9a+s
c3hx9aF5XK+kUEK+kmZelu/fwoWJoGXXXojiFSGMqzOTlOpo5kEiZrOLPIKnPgHL
YKphW6Oes5EDI60OLpK1sqYrn1ewUmcUYlPpWTqRx2LZfjcUz1cecGnvhZFBX1Cb
jBPAGH44tHM5+inNkE1jbkJ0T2S4ba8MjT5NwZceDwtQ5iaIYml0/u/Nv8P5lITQ
aZlOBDCbnZavifjf1oe1wLo8VVnwDdaRPM8OVXSEDz2mZULUxl0tMHCSeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD8OcS85+w0FLuHrPqO46W0jg2srMB8GA1UdIwQY
MBaAFC7pYgiSXYNvjQN9F5mAqDobDBNCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHVsaUNKSmRnMi1OQTMwWG1ZQ29PaHNNRTBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MWM2MDgtMWNjMi00ODk5LWE1ZmEt
ODQ2YWFmMGViMWFkLzEvUHc1eEx6bjdEUVV1NGVzLW83anBiU09EYXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MWM2MDgtMWNjMi00ODk5LWE1ZmEtODQ2YWFmMGViMWFk
LzEvTHVsaUNKSmRnMi1OQTMwWG1ZQ29PaHNNRTBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwR5gMA0G
CSqGSIb3DQEBCwUAA4IBAQCqyqFs33AW943EKXFKiNVqQUHwAqUbmnaDIwdxwowQ
RMP9C2iN5V3emJ+xkFyWR1sHiNxQ4JW8nPAYlS9UbcT5CqP6nM5+uSL8ZKgW1Rt9
PCm6/hmNK9qqhswTHIVQ2bGjiNv80dr3B+8T5zQsMT75uBwe57TnnhQXtFEclvdb
gXBWHRNJXTcT8rBhjuODkR+HZv+7pTo7W+8i5obdMJeKzyabQTtssyH59WwYPAJW
fksLT2NULns99NXw3UeR4hChBbbt2009+TDerOGc2f4DwYN/7RXRJTku2WZuzeTq
bP1EBWuk4wQ8+daziysR13vKWaz3tanOt1IrA9gK7rHJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:07 2025 by rpki-client