![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/9d8f21-b27f-435d-a7b5-784624a7b47e/1/sL_jb_DIeofSosUjecdVKYE_qYk.roa
File: sL_jb_DIeofSosUjecdVKYE_qYk.roa (raw, json)
Hash identifier: sxcvmTotw4OQYIznZirp33Utds97EhNBo2Ji/HKW6cs=
Subject key identifier: B0:BF:E3:6F:F0:C8:7A:87:D2:A2:C5:23:79:C7:55:29:81:3F:A9:89
Certificate issuer: /CN=896d5866c35093352e7b9e0762c591e08e50f967
Certificate serial: 171D6358
Authority key identifier: 89:6D:58:66:C3:50:93:35:2E:7B:9E:07:62:C5:91:E0:8E:50:F9:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iW1YZsNQkzUue54HYsWR4I5Q-Wc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/9d8f21-b27f-435d-a7b5-784624a7b47e/1/sL_jb_DIeofSosUjecdVKYE_qYk.roa
Signing time: Sat 01 Jan 2022 02:53:14 +0000
ROA not before: Sat 01 Jan 2022 02:53:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60092
IP address blocks: 193.151.23.0/24 maxlen: 24
193.151.22.0/24 maxlen: 24
91.195.24.0/24 maxlen: 24
91.195.25.0/24 maxlen: 24
2001:67c:2c89::/48 maxlen: 48
2001:67c:2c92::/48 maxlen: 48
2001:67c:2c88::/48 maxlen: 48
2001:67c:2c93::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 387801944 (0x171d6358)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896d5866c35093352e7b9e0762c591e08e50f967
Validity
Not Before: Jan 1 02:53:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0bfe36ff0c87a87d2a2c52379c75529813fa989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fa:2d:48:0c:1b:40:47:cd:17:81:69:0d:2d:
8d:a7:d6:6c:49:86:3e:7e:7d:d3:89:74:67:53:53:
46:1f:d6:21:98:64:ee:ea:70:81:ca:96:62:82:93:
67:c3:7c:0d:be:a6:24:19:83:aa:27:55:d0:42:d7:
7b:df:1f:2e:98:a7:24:20:08:d9:10:7e:e6:13:6e:
1e:1e:e9:bf:3a:20:4e:8d:e0:e0:b9:e4:d0:75:7e:
e2:4b:1f:08:01:ea:0e:53:b7:ed:e5:3b:4b:81:18:
3a:fa:91:69:68:d3:a6:6f:38:87:6f:89:8b:8c:8d:
21:2f:98:a2:9d:94:69:38:f6:f7:b9:8e:82:cf:7e:
62:49:f8:16:8e:ad:53:d8:cc:9c:3a:00:ac:a7:2b:
1b:78:d7:4c:c6:ac:57:de:a8:dd:6f:74:f7:98:45:
5d:03:b9:f2:2c:31:b9:a3:df:8b:51:0b:47:ef:00:
a6:07:dc:8f:ad:b3:07:5a:e9:24:64:81:ba:be:16:
cb:3f:1e:e0:6f:1a:84:91:00:05:a2:5d:a2:50:e9:
e2:e5:16:e4:c2:5d:98:60:97:4d:aa:96:bf:77:29:
73:e1:f2:a4:24:27:ea:69:c4:94:0a:21:85:1f:a1:
5d:d3:00:9e:1f:c9:0f:91:9d:ac:f4:2a:41:07:7f:
4b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:BF:E3:6F:F0:C8:7A:87:D2:A2:C5:23:79:C7:55:29:81:3F:A9:89
X509v3 Authority Key Identifier:
keyid:89:6D:58:66:C3:50:93:35:2E:7B:9E:07:62:C5:91:E0:8E:50:F9:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iW1YZsNQkzUue54HYsWR4I5Q-Wc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9d8f21-b27f-435d-a7b5-784624a7b47e/1/sL_jb_DIeofSosUjecdVKYE_qYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/9d8f21-b27f-435d-a7b5-784624a7b47e/1/iW1YZsNQkzUue54HYsWR4I5Q-Wc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.24.0/23
193.151.22.0/23
IPv6:
2001:67c:2c88::/47
2001:67c:2c92::/47
Signature Algorithm: sha256WithRSAEncryption
ac:c3:cc:da:59:a8:ca:ff:50:98:d3:77:38:17:39:26:76:45:
da:30:76:5c:8d:90:cf:f4:dc:fb:2c:e2:54:c4:82:3e:d6:da:
82:80:15:ce:e0:d7:a8:ff:6c:b8:10:56:a3:70:5a:f0:d8:a6:
b7:2b:ac:76:5c:1c:80:c1:cb:32:51:f1:32:bc:cb:68:32:c3:
29:ae:90:ce:c3:81:4c:7c:98:b7:e8:c1:9d:65:bc:fe:25:04:
71:b5:ed:da:21:38:72:a1:97:6e:1a:04:06:1c:0a:1e:87:cf:
88:64:2f:ce:03:1f:07:8f:1c:e4:1f:dd:68:34:df:32:99:44:
dc:6e:dd:33:2f:1d:bb:05:2e:f7:5f:b0:3a:3f:7e:c4:0b:54:
4e:6c:a0:da:b9:d4:b5:8d:54:de:24:2b:93:d5:6e:09:82:a7:
77:f5:f4:dd:1e:46:4a:e8:1d:f0:0c:c5:cd:ec:1f:8a:b6:52:
dd:88:66:4c:62:31:4b:5a:ce:72:8a:2a:2f:68:a6:5d:5d:17:
84:95:72:f9:15:af:5f:6e:f1:94:79:12:c6:08:61:1d:b3:7d:
7b:2e:a9:a6:d7:de:9f:28:9f:74:d3:d1:1c:fc:83:c7:c4:b1:
b1:15:7a:5b:8f:33:10:36:97:18:fd:87:af:e4:59:e1:74:c4:
1f:b7:18:cb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEFx1jWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OTZkNTg2NmMzNTA5MzM1MmU3YjllMDc2MmM1OTFlMDhlNTBmOTY3MB4XDTIyMDEw
MTAyNTMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjBiZmUzNmZmMGM4
N2E4N2QyYTJjNTIzNzljNzU1Mjk4MTNmYTk4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKP6LUgMG0BHzReBaQ0tjafWbEmGPn5904l0Z1NTRh/WIZhk
7upwgcqWYoKTZ8N8Db6mJBmDqidV0ELXe98fLpinJCAI2RB+5hNuHh7pvzogTo3g
4Lnk0HV+4ksfCAHqDlO37eU7S4EYOvqRaWjTpm84h2+Ji4yNIS+Yop2UaTj297mO
gs9+Ykn4Fo6tU9jMnDoArKcrG3jXTMasV96o3W9095hFXQO58iwxuaPfi1ELR+8A
pgfcj62zB1rpJGSBur4Wyz8e4G8ahJEABaJdolDp4uUW5MJdmGCXTaqWv3cpc+Hy
pCQn6mnElAohhR+hXdMAnh/JD5GdrPQqQQd/SxkCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBSwv+Nv8Mh6h9KixSN5x1UpgT+piTAfBgNVHSMEGDAWgBSJbVhmw1CTNS57
ngdixZHgjlD5ZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lXMVlac05Ra3pVdWU1NEhZc1dSNEk1US1XYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvOWQ4ZjIxLWIyN2YtNDM1ZC1hN2I1LTc4NDYyNGE3YjQ3ZS8x
L3NMX2piX0RJZW9mU29zVWplY2RWS1lFX3FZay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
OWQ4ZjIxLWIyN2YtNDM1ZC1hN2I1LTc4NDYyNGE3YjQ3ZS8xL2lXMVlac05Ra3pV
dWU1NEhZc1dSNEk1US1XYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wEgQCAAEwDAMEAVvDGAMEAcGXFjAYBAIAAjASAwcB
IAEGfCyIAwcBIAEGfCySMA0GCSqGSIb3DQEBCwUAA4IBAQCsw8zaWajK/1CY03c4
FzkmdkXaMHZcjZDP9Nz7LOJUxII+1tqCgBXO4Neo/2y4EFajcFrw2Ka3K6x2XByA
wcsyUfEyvMtoMsMprpDOw4FMfJi36MGdZbz+JQRxte3aIThyoZduGgQGHAoeh8+I
ZC/OAx8HjxzkH91oNN8ymUTcbt0zLx27BS73X7A6P37EC1RObKDaudS1jVTeJCuT
1W4Jgqd39fTdHkZK6B3wDMXN7B+KtlLdiGZMYjFLWs5yiiovaKZdXReElXL5Fa9f
bvGUeRLGCGEds317Lqmm196fKJ9009Ec/IPHxLGxFXpbjzMQNpcY/Yev5FnhdMQf
txjL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:50 2025 by rpki-client