![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/b069f9-f146-4247-bacc-be6304c252c7/1/czm8lYbwPk-ixhwoABT_JyBwsKw.roa
File: czm8lYbwPk-ixhwoABT_JyBwsKw.roa (raw, json)
Hash identifier: aa9WvoKdhE5Omx8m3p/rOJ20oY+lTbh5v7mcqvW6RXA=
Subject key identifier: 73:39:BC:95:86:F0:3E:4F:A2:C6:1C:28:00:14:FF:27:20:70:B0:AC
Certificate issuer: /CN=d1d30b774b280c37e1c5ed5d8a69cb9af648b065
Certificate serial: 0184BDF7BE0E451A6E810ADB7F2CB0CF3434
Authority key identifier: D1:D3:0B:77:4B:28:0C:37:E1:C5:ED:5D:8A:69:CB:9A:F6:48:B0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0dMLd0soDDfhxe1dimnLmvZIsGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/b069f9-f146-4247-bacc-be6304c252c7/1/czm8lYbwPk-ixhwoABT_JyBwsKw.roa
Signing time: Mon 28 Nov 2022 11:20:40 +0000
ROA not before: Mon 28 Nov 2022 11:20:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62121
IP address blocks: 91.209.39.0/24 maxlen: 24
193.46.69.0/24 maxlen: 24
195.242.130.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bd:f7:be:0e:45:1a:6e:81:0a:db:7f:2c:b0:cf:34:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1d30b774b280c37e1c5ed5d8a69cb9af648b065
Validity
Not Before: Nov 28 11:20:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7339bc9586f03e4fa2c61c280014ff272070b0ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:40:01:ae:c4:37:c1:cd:8a:35:a3:d7:8f:4e:
ae:91:59:a8:0a:bf:ec:33:9a:b1:b7:12:1a:9d:e0:
83:08:08:82:81:fd:21:78:84:53:95:89:2f:cd:4b:
0e:fd:10:a5:18:03:cb:ef:24:aa:fa:63:03:7d:47:
ed:37:ec:64:0b:42:da:7e:57:2f:19:70:26:42:15:
95:12:49:68:bd:16:29:11:7b:8c:6f:a0:2d:b0:bb:
95:72:ad:4f:94:ee:ef:e5:a4:21:a7:1c:0e:0e:77:
38:aa:20:1a:14:6a:5b:9e:a4:bd:20:de:d8:38:49:
a1:72:d8:53:84:7e:90:88:d0:22:80:76:4f:5c:c6:
bb:91:f5:05:e8:56:bd:72:a1:c0:70:79:6a:64:f1:
d3:67:34:74:65:21:86:a0:e5:ff:4f:d9:eb:60:d2:
19:92:c0:87:b7:51:88:9f:6a:3b:26:92:79:a2:e3:
fc:95:ef:59:bd:f0:ad:b6:76:c7:5a:55:77:82:35:
7d:e3:bd:69:02:4e:9a:10:f5:cb:84:08:9a:04:b6:
7e:9b:7c:e5:6e:31:60:4e:0b:fa:8a:a1:2d:6f:60:
c2:98:18:80:41:49:5a:49:b1:ca:06:42:06:98:30:
78:f2:29:c8:72:eb:b3:3c:d5:42:e0:8c:11:6e:a2:
0c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:39:BC:95:86:F0:3E:4F:A2:C6:1C:28:00:14:FF:27:20:70:B0:AC
X509v3 Authority Key Identifier:
keyid:D1:D3:0B:77:4B:28:0C:37:E1:C5:ED:5D:8A:69:CB:9A:F6:48:B0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dMLd0soDDfhxe1dimnLmvZIsGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/b069f9-f146-4247-bacc-be6304c252c7/1/czm8lYbwPk-ixhwoABT_JyBwsKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/b069f9-f146-4247-bacc-be6304c252c7/1/0dMLd0soDDfhxe1dimnLmvZIsGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.39.0/24
193.46.69.0/24
195.242.130.0/23
Signature Algorithm: sha256WithRSAEncryption
57:ec:7f:9b:71:56:9e:d0:77:05:d6:6b:bb:f4:fd:e1:e0:e0:
48:86:ab:4d:0c:c5:f6:38:d8:35:1f:dd:0f:f8:62:c1:05:b1:
da:09:df:cd:e1:b3:89:7c:72:7a:97:b4:20:92:2d:4c:58:d8:
c8:a5:2f:41:9f:20:90:23:e9:00:51:ce:97:d9:66:94:d1:ce:
73:50:dd:4a:02:80:dc:3e:1b:59:df:8a:5a:05:17:3a:a4:d4:
f7:8b:fc:9a:8b:59:fa:f3:b0:25:96:f6:dc:30:b0:db:80:46:
b3:b1:3d:ad:5a:11:72:8c:b0:d8:0f:ec:9a:37:1f:83:39:11:
38:28:9f:cc:9e:bf:f8:1f:7b:e9:9e:0e:ee:2f:ed:3b:c7:16:
fc:14:73:21:e4:0f:3b:ae:a8:73:4a:7a:ae:20:44:f6:3e:e6:
d9:16:e7:a9:50:d8:ca:ca:9a:f3:18:8d:88:0b:05:82:55:3f:
d4:01:e9:ec:53:bb:4c:a0:62:81:5b:1b:b0:8d:99:86:a3:33:
d9:93:8d:41:d4:27:8d:c0:18:b3:b9:d5:6c:5f:3b:e3:f8:3d:
0c:73:39:1a:d8:8b:6a:90:92:04:98:1a:38:68:5f:d4:4e:03:
c7:8e:e4:7b:25:98:64:25:0a:78:c1:78:33:84:59:31:7d:b3:
44:2e:c6:6c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYS9974ORRpugQrbfyywzzQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZDMwYjc3NGIyODBjMzdlMWM1ZWQ1ZDhhNjljYjlhZjY0
OGIwNjUwHhcNMjIxMTI4MTEyMDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzM5YmM5NTg2ZjAzZTRmYTJjNjFjMjgwMDE0ZmYyNzIwNzBiMGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEABrsQ3wc2KNaPXj06ukVmoCr/s
M5qxtxIaneCDCAiCgf0heIRTlYkvzUsO/RClGAPL7ySq+mMDfUftN+xkC0Laflcv
GXAmQhWVEklovRYpEXuMb6AtsLuVcq1PlO7v5aQhpxwODnc4qiAaFGpbnqS9IN7Y
OEmhcthThH6QiNAigHZPXMa7kfUF6Fa9cqHAcHlqZPHTZzR0ZSGGoOX/T9nrYNIZ
ksCHt1GIn2o7JpJ5ouP8le9ZvfCttnbHWlV3gjV9471pAk6aEPXLhAiaBLZ+m3zl
bjFgTgv6iqEtb2DCmBiAQUlaSbHKBkIGmDB48inIcuuzPNVC4IwRbqIMsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHM5vJWG8D5PosYcKAAU/ycgcLCsMB8GA1UdIwQY
MBaAFNHTC3dLKAw34cXtXYppy5r2SLBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGRNTGQwc29ERGZoeGUxZGltbkxtdlpJc0dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9iMDY5ZjktZjE0Ni00MjQ3LWJhY2Mt
YmU2MzA0YzI1MmM3LzEvY3ptOGxZYndQay1peGh3b0FCVF9KeUJ3c0t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9iMDY5ZjktZjE0Ni00MjQ3LWJhY2MtYmU2MzA0YzI1MmM3
LzEvMGRNTGQwc29ERGZoeGUxZGltbkxtdlpJc0dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9EnAwQA
wS5FAwQBw/KCMA0GCSqGSIb3DQEBCwUAA4IBAQBX7H+bcVae0HcF1mu79P3h4OBI
hqtNDMX2ONg1H90P+GLBBbHaCd/N4bOJfHJ6l7Qgki1MWNjIpS9BnyCQI+kAUc6X
2WaU0c5zUN1KAoDcPhtZ34paBRc6pNT3i/yai1n687AllvbcMLDbgEazsT2tWhFy
jLDYD+yaNx+DORE4KJ/Mnr/4H3vpng7uL+07xxb8FHMh5A87rqhzSnquIET2PubZ
FuepUNjKyprzGI2ICwWCVT/UAensU7tMoGKBWxuwjZmGozPZk41B1CeNwBizudVs
Xzvj+D0Mczka2ItqkJIEmBo4aF/UTgPHjuR7JZhkJQp4wXgzhFkxfbNELsZs
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:28:00 2025 by rpki-client