![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/befUNfB39upRCZrOKA3AQeqXO2k.roa
File: befUNfB39upRCZrOKA3AQeqXO2k.roa (raw, json)
Hash identifier: YLGQxDB6/8EWWpdXN/l9x5Drrwv1P78A2HFk5LH+8d0=
Subject key identifier: 6D:E7:D4:35:F0:77:F6:EA:51:09:9A:CE:28:0D:C0:41:EA:97:3B:69
Certificate issuer: /CN=75905949e963d3577be076326ca0b91ff32f9684
Certificate serial: 018A891ACF998B36A0B8DD14167163D689E6
Authority key identifier: 75:90:59:49:E9:63:D3:57:7B:E0:76:32:6C:A0:B9:1F:F3:2F:96:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dZBZSelj01d74HYybKC5H_MvloQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/befUNfB39upRCZrOKA3AQeqXO2k.roa
Signing time: Tue 12 Sep 2023 11:15:50 +0000
ROA not before: Tue 12 Sep 2023 11:15:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a0d:d600::/32 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:89:1a:cf:99:8b:36:a0:b8:dd:14:16:71:63:d6:89:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75905949e963d3577be076326ca0b91ff32f9684
Validity
Not Before: Sep 12 11:15:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6de7d435f077f6ea51099ace280dc041ea973b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:91:83:69:51:18:9e:c0:f4:5c:95:25:0f:91:
52:67:f6:5c:75:96:fb:b8:b7:e2:f5:de:df:6f:48:
22:12:4d:d0:cb:40:92:89:12:0f:74:ad:f4:b8:e3:
70:1f:23:5f:5b:23:ff:bd:d1:78:44:f0:6e:85:26:
b0:78:10:59:09:3a:8c:03:87:f6:49:a9:70:40:ae:
69:82:f9:e0:df:b5:fb:b9:8d:64:a9:54:b8:28:8a:
9a:41:bb:08:1f:38:64:c8:72:e8:dc:6b:c4:ef:10:
be:03:38:0f:fe:c5:d6:f0:c3:09:e3:75:8f:de:e3:
0d:64:fa:98:02:02:bd:1f:1a:42:ae:34:21:d1:29:
99:77:f2:fb:7b:47:d9:7b:1f:9b:02:30:7e:b4:25:
44:fb:d7:16:91:f0:cb:58:ab:0f:4f:4d:02:c2:ec:
66:94:15:75:d1:de:d5:2a:9d:40:5c:8f:8f:12:27:
aa:32:07:59:f0:a9:a0:fd:4f:76:9a:4f:4b:c7:13:
e7:f5:c5:ba:74:8e:a4:42:70:f6:9a:3a:d9:3a:a6:
8a:2b:26:60:b6:d8:bb:7e:ab:75:f6:a3:b3:5e:89:
0a:77:fb:3c:32:78:34:d5:b7:a1:4d:de:38:73:69:
5a:b7:4b:aa:b4:3e:c5:cf:f7:07:2c:74:38:1a:fd:
db:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E7:D4:35:F0:77:F6:EA:51:09:9A:CE:28:0D:C0:41:EA:97:3B:69
X509v3 Authority Key Identifier:
keyid:75:90:59:49:E9:63:D3:57:7B:E0:76:32:6C:A0:B9:1F:F3:2F:96:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZBZSelj01d74HYybKC5H_MvloQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/befUNfB39upRCZrOKA3AQeqXO2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/d61f73-ac0b-45bc-a5a4-1a8301b7e6de/1/dZBZSelj01d74HYybKC5H_MvloQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d600::/32
Signature Algorithm: sha256WithRSAEncryption
09:fe:f3:39:0f:36:69:4b:87:cc:43:52:02:9c:5a:5e:20:b4:
f4:41:7c:de:a5:e0:79:23:5f:0d:b1:38:57:a8:9e:87:c0:a9:
1c:24:00:5d:e6:1a:53:05:fe:8e:55:58:13:7d:3e:cd:5a:d2:
5e:25:56:37:45:45:bd:d7:23:32:3a:6e:59:68:87:a1:73:c0:
c9:c2:4c:e9:57:a4:7d:c1:d5:43:a9:a0:e2:bb:37:e3:9f:9b:
99:cb:de:2f:51:f4:89:61:7c:64:df:57:49:c0:1a:b6:41:94:
49:42:1a:04:c5:fb:fc:1b:dd:c4:d4:50:0f:3d:da:aa:a5:66:
f7:39:ad:87:02:45:61:42:2a:8e:b3:c2:31:ab:c4:36:7a:5b:
ff:a5:a4:8d:83:bc:ae:fe:35:f2:9d:5f:5a:79:f7:3f:da:bc:
08:10:b1:f9:f0:00:e3:a7:d5:5c:2d:09:8f:99:87:4a:18:81:
d2:95:5d:0e:f2:37:97:94:ac:fd:93:e5:7a:49:ea:f4:d2:61:
0f:6e:cf:d3:04:e1:ca:2e:65:35:c4:a5:fe:ec:0e:c1:1b:be:
2e:99:45:05:dc:fa:66:db:08:3f:82:f7:da:04:e3:86:1c:96:
ea:5e:0b:9e:39:a1:98:2b:0e:1b:ce:9c:9a:14:cd:14:7c:b0:
bf:27:28:74
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYqJGs+ZizaguN0UFnFj1onmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OTA1OTQ5ZTk2M2QzNTc3YmUwNzYzMjZjYTBiOTFmZjMy
Zjk2ODQwHhcNMjMwOTEyMTExNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGU3ZDQzNWYwNzdmNmVhNTEwOTlhY2UyODBkYzA0MWVhOTczYjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpGDaVEYnsD0XJUlD5FSZ/ZcdZb7
uLfi9d7fb0giEk3Qy0CSiRIPdK30uONwHyNfWyP/vdF4RPBuhSaweBBZCTqMA4f2
SalwQK5pgvng37X7uY1kqVS4KIqaQbsIHzhkyHLo3GvE7xC+AzgP/sXW8MMJ43WP
3uMNZPqYAgK9HxpCrjQh0SmZd/L7e0fZex+bAjB+tCVE+9cWkfDLWKsPT00Cwuxm
lBV10d7VKp1AXI+PEieqMgdZ8Kmg/U92mk9LxxPn9cW6dI6kQnD2mjrZOqaKKyZg
tti7fqt19qOzXokKd/s8Mng01behTd44c2lat0uqtD7Fz/cHLHQ4Gv3bnQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG3n1DXwd/bqUQmazigNwEHqlztpMB8GA1UdIwQY
MBaAFHWQWUnpY9NXe+B2MmyguR/zL5aEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFpCWlNlbGowMWQ3NEhZeWJLQzVIX012bG9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9kNjFmNzMtYWMwYi00NWJjLWE1YTQt
MWE4MzAxYjdlNmRlLzEvYmVmVU5mQjM5dXBSQ1pyT0tBM0FRZXFYTzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9kNjFmNzMtYWMwYi00NWJjLWE1YTQtMWE4MzAxYjdlNmRl
LzEvZFpCWlNlbGowMWQ3NEhZeWJLQzVIX012bG9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg3WADAN
BgkqhkiG9w0BAQsFAAOCAQEACf7zOQ82aUuHzENSApxaXiC09EF83qXgeSNfDbE4
V6ieh8CpHCQAXeYaUwX+jlVYE30+zVrSXiVWN0VFvdcjMjpuWWiHoXPAycJM6Vek
fcHVQ6mg4rs345+bmcveL1H0iWF8ZN9XScAatkGUSUIaBMX7/BvdxNRQDz3aqqVm
9zmthwJFYUIqjrPCMavENnpb/6WkjYO8rv418p1fWnn3P9q8CBCx+fAA46fVXC0J
j5mHShiB0pVdDvI3l5Ss/ZPleknq9NJhD27P0wThyi5lNcSl/uwOwRu+LplFBdz6
ZtsIP4L32gTjhhyW6l4LnjmhmCsOG86cmhTNFHywvycodA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:22 2025 by rpki-client