![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5afc37-0909-4d54-bcef-bd34e0a95a1e/1/XL2X4eID0JymHPvHdGEKbU2BBno.roa
File: XL2X4eID0JymHPvHdGEKbU2BBno.roa (raw, json)
Hash identifier: X3dz4RY/dOrV5jW/S93ydVZQx0SYD96vDwipC4aVRB4=
Subject key identifier: 5C:BD:97:E1:E2:03:D0:9C:A6:1C:FB:C7:74:61:0A:6D:4D:81:06:7A
Certificate issuer: /CN=90a03b68f87da71c271c9cf5c82e955dbc65c104
Certificate serial: 03D7C5E2
Authority key identifier: 90:A0:3B:68:F8:7D:A7:1C:27:1C:9C:F5:C8:2E:95:5D:BC:65:C1:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kKA7aPh9pxwnHJz1yC6VXbxlwQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5afc37-0909-4d54-bcef-bd34e0a95a1e/1/XL2X4eID0JymHPvHdGEKbU2BBno.roa
Signing time: Sat 01 Jan 2022 06:58:39 +0000
ROA not before: Sat 01 Jan 2022 06:58:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48062
IP address blocks: 185.197.180.0/24 maxlen: 24
2a10:f000::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64472546 (0x3d7c5e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90a03b68f87da71c271c9cf5c82e955dbc65c104
Validity
Not Before: Jan 1 06:58:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5cbd97e1e203d09ca61cfbc774610a6d4d81067a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1d:52:5f:d9:3b:46:ec:7a:86:45:8a:94:ed:
e6:e9:7e:0c:bf:28:7f:af:08:0b:23:de:3b:41:f4:
8d:f0:6a:4f:6d:4d:88:88:14:26:8b:20:0b:0a:7b:
cf:a2:b9:53:ea:b6:07:fb:d4:2b:02:06:44:8a:c7:
bc:be:54:26:a7:e1:10:0c:d6:a4:c8:53:6c:de:27:
25:15:68:1a:32:ac:4a:61:7c:d8:5c:7f:83:ef:ae:
3e:23:ee:18:35:47:3c:42:5f:50:f8:c7:01:94:e9:
e6:5b:f6:73:79:7a:55:4a:44:6c:97:36:6a:7c:99:
5b:6f:ae:50:de:f5:3f:80:2b:52:3a:43:43:d5:b6:
59:de:67:5c:e0:5b:5c:b8:f7:e3:37:c0:ac:7d:5b:
77:8b:9a:40:62:4b:8a:46:28:60:5b:ef:4d:06:f4:
d7:31:df:cb:90:ad:12:21:7c:07:2d:f5:2c:27:b5:
58:cd:b0:43:d7:d2:9d:25:49:35:07:b6:59:1d:ae:
e8:57:d1:b3:69:7e:b3:bf:82:46:6e:a9:37:92:2d:
ea:45:9c:c6:19:c2:67:fe:13:ab:5f:ab:04:18:c7:
bc:95:01:bd:fe:58:04:ea:88:1c:86:7e:30:25:89:
0b:00:95:48:5c:0c:5c:69:89:ad:35:c9:18:82:a9:
8d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:BD:97:E1:E2:03:D0:9C:A6:1C:FB:C7:74:61:0A:6D:4D:81:06:7A
X509v3 Authority Key Identifier:
keyid:90:A0:3B:68:F8:7D:A7:1C:27:1C:9C:F5:C8:2E:95:5D:BC:65:C1:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kKA7aPh9pxwnHJz1yC6VXbxlwQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5afc37-0909-4d54-bcef-bd34e0a95a1e/1/XL2X4eID0JymHPvHdGEKbU2BBno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5afc37-0909-4d54-bcef-bd34e0a95a1e/1/kKA7aPh9pxwnHJz1yC6VXbxlwQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.180.0/24
IPv6:
2a10:f000::/32
Signature Algorithm: sha256WithRSAEncryption
89:9c:60:ab:78:fb:47:c3:bc:cf:19:6f:89:e2:cf:5e:a7:85:
14:1d:f6:09:62:a0:7b:9d:8b:43:9c:52:41:55:3f:15:98:27:
29:e4:04:5f:c3:70:25:91:c2:cf:e9:76:31:9d:c8:09:b2:2d:
93:21:e7:9a:21:02:9e:b8:2d:af:b0:a3:54:e9:0d:3d:03:db:
fc:d4:98:e2:ee:7a:c1:09:64:82:14:ad:c0:2a:45:87:8a:4d:
8c:b1:be:76:2c:87:6d:ea:71:73:a2:dc:59:d8:e6:d3:40:4c:
e1:7c:10:a3:eb:af:e8:e3:b6:09:d7:20:91:b9:b3:f2:e7:24:
1d:78:25:26:3d:11:b7:57:80:48:c3:0a:07:71:59:17:2d:11:
38:38:fa:e5:64:c0:d4:dd:15:a1:fb:25:00:45:76:3d:d3:c3:
0d:12:04:32:1f:0d:f1:9f:6d:f6:e7:20:44:7b:84:71:f3:b9:
7a:c4:09:9d:d9:24:ed:e4:be:d5:c9:79:9e:43:79:a0:81:51:
36:28:65:de:92:0c:8f:53:e9:de:3a:36:ed:0e:f7:6d:9a:2e:
b5:61:ed:66:5c:5d:ef:4c:67:fe:61:49:ef:84:fd:fa:8f:4d:
c4:ed:1f:05:ee:fc:fb:e4:50:f5:f0:c6:7a:00:08:83:06:45:
98:0a:f8:3a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA9fF4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MGEwM2I2OGY4N2RhNzFjMjcxYzljZjVjODJlOTU1ZGJjNjVjMTA0MB4XDTIyMDEw
MTA2NTgzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNiZDk3ZTFlMjAz
ZDA5Y2E2MWNmYmM3NzQ2MTBhNmQ0ZDgxMDY3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALsdUl/ZO0bseoZFipTt5ul+DL8of68ICyPeO0H0jfBqT21N
iIgUJosgCwp7z6K5U+q2B/vUKwIGRIrHvL5UJqfhEAzWpMhTbN4nJRVoGjKsSmF8
2Fx/g++uPiPuGDVHPEJfUPjHAZTp5lv2c3l6VUpEbJc2anyZW2+uUN71P4ArUjpD
Q9W2Wd5nXOBbXLj34zfArH1bd4uaQGJLikYoYFvvTQb01zHfy5CtEiF8By31LCe1
WM2wQ9fSnSVJNQe2WR2u6FfRs2l+s7+CRm6pN5It6kWcxhnCZ/4Tq1+rBBjHvJUB
vf5YBOqIHIZ+MCWJCwCVSFwMXGmJrTXJGIKpjeMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRcvZfh4gPQnKYc+8d0YQptTYEGejAfBgNVHSMEGDAWgBSQoDto+H2nHCcc
nPXILpVdvGXBBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tLQTdhUGg5cHh3bkhKejF5QzZWWGJ4bHdRUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvNWFmYzM3LTA5MDktNGQ1NC1iY2VmLWJkMzRlMGE5NWExZS8x
L1hMMlg0ZUlEMEp5bUhQdkhkR0VLYlUyQkJuby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
NWFmYzM3LTA5MDktNGQ1NC1iY2VmLWJkMzRlMGE5NWExZS8xL2tLQTdhUGg5cHh3
bkhKejF5QzZWWGJ4bHdRUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALnFtDANBAIAAjAHAwUAKhDwADAN
BgkqhkiG9w0BAQsFAAOCAQEAiZxgq3j7R8O8zxlvieLPXqeFFB32CWKge52LQ5xS
QVU/FZgnKeQEX8NwJZHCz+l2MZ3ICbItkyHnmiECnrgtr7CjVOkNPQPb/NSY4u56
wQlkghStwCpFh4pNjLG+diyHbepxc6LcWdjm00BM4XwQo+uv6OO2Cdcgkbmz8uck
HXglJj0Rt1eASMMKB3FZFy0RODj65WTA1N0VofslAEV2PdPDDRIEMh8N8Z9t9ucg
RHuEcfO5esQJndkk7eS+1cl5nkN5oIFRNihl3pIMj1Pp3jo27Q73bZoutWHtZlxd
70xn/mFJ74T9+o9NxO0fBe78++RQ9fDGegAIgwZFmAr4Og==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:34 2025 by rpki-client