![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/xvog7yjHuUT9NUW5ETAidz1Vi0w.roa
File: xvog7yjHuUT9NUW5ETAidz1Vi0w.roa (raw, json)
Hash identifier: d1hH29S7fwdK2Fbw/qhW4sRueW3EOWvwYutLdPe2ANM=
Subject key identifier: C6:FA:20:EF:28:C7:B9:44:FD:35:45:B9:11:30:22:77:3D:55:8B:4C
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 0184A9E29C9D7F9B4CD01DDBE2EFFC587A32
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/xvog7yjHuUT9NUW5ETAidz1Vi0w.roa
Signing time: Thu 24 Nov 2022 13:45:11 +0000
ROA not before: Thu 24 Nov 2022 13:45:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39401
IP address blocks: 85.217.230.0/24 maxlen: 24
85.217.231.0/24 maxlen: 24
85.217.228.0/24 maxlen: 24
85.217.229.0/24 maxlen: 24
85.217.227.0/24 maxlen: 24
85.217.232.0/24 maxlen: 24
85.217.233.0/24 maxlen: 24
85.217.240.0/22 maxlen: 24
85.217.240.0/24 maxlen: 24
85.217.237.0/24 maxlen: 24
85.217.235.0/24 maxlen: 24
85.217.236.0/24 maxlen: 24
85.217.234.0/24 maxlen: 24
85.217.244.0/24 maxlen: 24
85.217.244.0/23 maxlen: 24
85.217.245.0/24 maxlen: 24
85.217.242.0/24 maxlen: 24
85.217.243.0/24 maxlen: 24
85.217.241.0/24 maxlen: 24
85.217.246.0/24 maxlen: 24
85.217.249.0/24 maxlen: 24
85.217.248.0/24 maxlen: 24
85.217.247.0/24 maxlen: 24
85.217.225.0/24 maxlen: 24
85.217.226.0/24 maxlen: 24
85.217.224.0/24 maxlen: 24
85.217.224.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a9:e2:9c:9d:7f:9b:4c:d0:1d:db:e2:ef:fc:58:7a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Nov 24 13:45:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6fa20ef28c7b944fd3545b9113022773d558b4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:3d:31:e8:24:7d:00:fa:cd:bd:13:94:32:60:
74:8f:2a:c4:bc:67:66:ab:fd:d4:02:40:3f:fd:3b:
b4:33:b7:77:77:b2:65:67:e2:30:b3:ba:9c:7b:16:
13:0f:59:c2:33:74:9e:2d:9f:4e:7f:c7:df:04:59:
7e:94:23:f2:da:51:dd:ba:2b:2a:f8:53:14:ee:62:
a2:0c:c7:94:65:1e:93:75:37:a0:57:51:e5:c4:7c:
0e:d6:6b:69:6e:0b:d7:3a:f4:0c:72:3c:6b:e9:79:
5d:e1:d0:6e:fd:3e:04:10:b2:9f:58:e9:86:d0:8a:
7d:78:74:e5:33:80:26:2a:29:76:d2:25:df:10:b0:
bb:4a:ff:a2:bc:b5:52:a3:50:45:98:fd:f7:5a:b9:
e2:3c:b4:c3:27:c0:6f:b2:88:7c:61:fc:14:f3:a0:
c3:33:68:40:b4:92:b3:3a:12:05:db:48:f7:a7:5b:
2c:ec:58:b2:d6:92:e9:20:ea:ec:18:38:e0:73:b2:
f6:bf:c1:0c:14:a1:6a:78:0d:d3:e1:3d:5d:f7:b3:
af:e0:c2:1f:c8:a7:58:a5:ef:5d:64:a8:2b:f3:fa:
01:0e:8d:c6:60:c1:9d:1f:db:2b:79:5d:41:b4:14:
8b:47:93:00:5c:64:98:1f:9e:e9:bd:b3:9f:ab:90:
1f:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:FA:20:EF:28:C7:B9:44:FD:35:45:B9:11:30:22:77:3D:55:8B:4C
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/xvog7yjHuUT9NUW5ETAidz1Vi0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.224.0-85.217.249.255
Signature Algorithm: sha256WithRSAEncryption
1f:53:59:1a:47:5a:fd:e1:54:57:c7:89:6b:ad:41:82:1c:f3:
72:f3:6c:d8:91:a2:7e:47:24:4a:93:ea:d3:e4:a7:01:14:eb:
02:40:48:56:0f:43:0c:63:29:4d:45:9d:6b:2a:d9:54:b2:23:
78:59:b6:ed:3c:67:f6:79:03:e0:af:c8:3b:d1:db:17:fa:9c:
b0:5e:43:a3:7d:9c:77:07:75:2c:6f:1b:da:df:40:d9:b9:be:
13:a8:14:76:1d:61:5d:18:0b:38:7a:69:87:5a:fc:c4:f2:24:
f8:d4:2b:15:59:49:ae:90:10:57:23:b9:6f:e1:c3:61:ef:61:
6b:e7:45:54:51:1f:a7:1a:89:19:18:bf:b1:ed:a7:4c:44:55:
45:69:6c:64:aa:ba:c9:b4:ae:08:fd:d1:34:5d:e2:d8:60:e2:
04:2d:e1:d3:42:1c:c4:3c:5c:83:aa:d3:dd:c8:be:ce:8c:0b:
3f:97:d0:c6:a1:39:e2:53:e9:05:f4:1f:99:7b:a4:52:22:9a:
2a:86:3c:b3:2c:7e:8b:84:52:4c:07:72:bd:10:1b:15:cd:81:
9e:dc:22:2a:e0:48:22:e9:80:48:59:da:34:00:c6:21:c8:1e:
cc:30:69:b8:96:e1:33:cc:61:e2:37:b4:f9:e1:31:1e:b1:9c:
79:7d:75:29
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYSp4pydf5tM0B3b4u/8WHoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjIxMTI0MTM0NTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmZhMjBlZjI4YzdiOTQ0ZmQzNTQ1YjkxMTMwMjI3NzNkNTU4YjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzj0x6CR9APrNvROUMmB0jyrEvGdm
q/3UAkA//Tu0M7d3d7JlZ+Iws7qcexYTD1nCM3SeLZ9Of8ffBFl+lCPy2lHduisq
+FMU7mKiDMeUZR6TdTegV1HlxHwO1mtpbgvXOvQMcjxr6Xld4dBu/T4EELKfWOmG
0Ip9eHTlM4AmKil20iXfELC7Sv+ivLVSo1BFmP33WrniPLTDJ8Bvsoh8YfwU86DD
M2hAtJKzOhIF20j3p1ss7Fiy1pLpIOrsGDjgc7L2v8EMFKFqeA3T4T1d97Ov4MIf
yKdYpe9dZKgr8/oBDo3GYMGdH9sreV1BtBSLR5MAXGSYH57pvbOfq5Af/QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMb6IO8ox7lE/TVFuREwInc9VYtMMB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEveHZvZzd5akh1VVQ5TlVXNUVUQWlkejFWaTB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVV2eAD
BAFV2fgwDQYJKoZIhvcNAQELBQADggEBAB9TWRpHWv3hVFfHiWutQYIc83LzbNiR
on5HJEqT6tPkpwEU6wJASFYPQwxjKU1FnWsq2VSyI3hZtu08Z/Z5A+CvyDvR2xf6
nLBeQ6N9nHcHdSxvG9rfQNm5vhOoFHYdYV0YCzh6aYda/MTyJPjUKxVZSa6QEFcj
uW/hw2HvYWvnRVRRH6caiRkYv7Htp0xEVUVpbGSqusm0rgj90TRd4thg4gQt4dNC
HMQ8XIOq093Ivs6MCz+X0MahOeJT6QX0H5l7pFIimiqGPLMsfouEUkwHcr0QGxXN
gZ7cIirgSCLpgEhZ2jQAxiHIHswwabiW4TPMYeI3tPnhMR6xnHl9dSk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:06 2025 by rpki-client