![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/b68421-99b1-485e-b217-d3adc7449391/1/zuGvaQQT7RedDfGUrLZmrnv8vPM.roa
File: zuGvaQQT7RedDfGUrLZmrnv8vPM.roa (raw, json)
Hash identifier: HqL7srUfP/f4f6vpHDZOE5jUjCMfyAYB/u9dPba4XSE=
Subject key identifier: CE:E1:AF:69:04:13:ED:17:9D:0D:F1:94:AC:B6:66:AE:7B:FC:BC:F3
Certificate issuer: /CN=756fba46634d22b93db1bf46ec5a8d665e62dac7
Certificate serial: 01856CB86AE764FF228D890D3C6DFB4C53C7
Authority key identifier: 75:6F:BA:46:63:4D:22:B9:3D:B1:BF:46:EC:5A:8D:66:5E:62:DA:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dW-6RmNNIrk9sb9G7FqNZl5i2sc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/b68421-99b1-485e-b217-d3adc7449391/1/zuGvaQQT7RedDfGUrLZmrnv8vPM.roa
Signing time: Sun 01 Jan 2023 09:45:03 +0000
ROA not before: Sun 01 Jan 2023 09:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33915
IP address blocks: 195.128.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:6a:e7:64:ff:22:8d:89:0d:3c:6d:fb:4c:53:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=756fba46634d22b93db1bf46ec5a8d665e62dac7
Validity
Not Before: Jan 1 09:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cee1af690413ed179d0df194acb666ae7bfcbcf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ae:82:cb:0f:49:56:14:b6:a9:9d:da:b2:43:
c9:1e:ff:a7:e0:aa:71:2a:c4:66:9f:53:e2:c2:e8:
ac:be:0f:22:9a:67:54:d0:97:43:67:55:52:9c:dc:
4e:98:1a:a6:7b:1e:82:83:bd:7f:eb:a1:58:94:9b:
20:24:ef:82:af:0b:6d:7e:8c:c9:42:7b:17:a4:00:
83:64:28:a6:23:f2:8a:a7:af:cc:58:ec:f4:c8:21:
fc:f7:76:05:00:10:5c:24:33:83:17:6d:99:c8:26:
76:80:40:6c:57:cb:e1:a7:cc:0a:e5:34:f3:13:62:
24:55:43:18:40:7a:5f:c4:14:03:cc:5a:5a:b3:8f:
f3:eb:d5:ba:9e:04:0d:81:fb:30:85:6a:28:d2:cf:
11:bc:3a:8c:f4:ab:97:fc:55:16:39:c8:bc:3f:b8:
b3:3c:8e:3f:f7:bf:da:60:94:c5:7e:4d:9f:65:35:
27:e4:66:be:ce:c6:85:5e:da:77:70:8c:7b:6f:56:
a4:53:24:bc:5d:dd:fe:99:a3:cb:f1:0a:80:35:34:
07:90:51:fd:77:03:f6:1f:f2:af:31:52:84:b2:6d:
e7:59:09:65:bc:b3:9d:5d:22:db:22:40:ea:cc:7a:
38:45:88:b6:14:e4:a3:f3:9b:2c:2e:45:2c:a1:dc:
cc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E1:AF:69:04:13:ED:17:9D:0D:F1:94:AC:B6:66:AE:7B:FC:BC:F3
X509v3 Authority Key Identifier:
keyid:75:6F:BA:46:63:4D:22:B9:3D:B1:BF:46:EC:5A:8D:66:5E:62:DA:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dW-6RmNNIrk9sb9G7FqNZl5i2sc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/b68421-99b1-485e-b217-d3adc7449391/1/zuGvaQQT7RedDfGUrLZmrnv8vPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/b68421-99b1-485e-b217-d3adc7449391/1/dW-6RmNNIrk9sb9G7FqNZl5i2sc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.144.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:e6:a3:3c:67:ef:16:a3:98:08:8e:ea:02:fb:35:0a:9a:72:
72:ea:07:49:08:81:56:37:4f:74:0a:f5:9f:7e:6a:76:a6:27:
87:52:52:43:34:c7:2d:2e:a7:bf:43:31:eb:c1:18:25:76:9e:
78:62:1f:b5:07:75:c1:bb:54:c2:94:00:8b:bc:bb:df:f3:32:
db:c7:0c:3c:3f:10:f8:61:fa:c4:13:ba:74:cd:3f:e0:78:30:
d5:83:81:d2:62:0b:75:71:2d:4b:97:c5:ff:ea:73:b7:e9:7e:
9c:f8:c9:ea:1e:c9:00:54:4c:f4:60:33:d0:a3:bb:9a:fa:d3:
c8:a1:02:b4:8f:96:a3:58:4e:9b:73:fc:74:87:8e:84:e9:49:
33:6f:e2:4a:c5:3c:15:a6:95:02:b2:99:c6:e5:78:8b:c9:85:
e3:65:7f:fa:a5:88:a6:1b:c0:ea:44:1b:93:24:81:a8:b4:ec:
89:8b:60:f5:ed:5e:fe:6e:6e:e1:84:c0:8f:f5:ef:06:a2:44:
52:fb:8c:dc:7c:b7:18:7c:dc:b5:6b:ad:35:9d:6e:a3:1e:f6:
2c:57:20:bc:82:32:44:f8:15:97:54:aa:5d:97:5f:4e:2b:04:
78:95:9e:66:4b:79:0a:cb:a8:fb:fb:c8:e3:f9:fa:09:6e:6e:
7e:24:63:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsuGrnZP8ijYkNPG37TFPHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NmZiYTQ2NjM0ZDIyYjkzZGIxYmY0NmVjNWE4ZDY2NWU2
MmRhYzcwHhcNMjMwMTAxMDk0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWUxYWY2OTA0MTNlZDE3OWQwZGYxOTRhY2I2NjZhZTdiZmNiY2YzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlK6Cyw9JVhS2qZ3askPJHv+n4Kpx
KsRmn1Piwuisvg8immdU0JdDZ1VSnNxOmBqmex6Cg71/66FYlJsgJO+CrwttfozJ
QnsXpACDZCimI/KKp6/MWOz0yCH893YFABBcJDODF22ZyCZ2gEBsV8vhp8wK5TTz
E2IkVUMYQHpfxBQDzFpas4/z69W6ngQNgfswhWoo0s8RvDqM9KuX/FUWOci8P7iz
PI4/97/aYJTFfk2fZTUn5Ga+zsaFXtp3cIx7b1akUyS8Xd3+maPL8QqANTQHkFH9
dwP2H/KvMVKEsm3nWQllvLOdXSLbIkDqzHo4RYi2FOSj85ssLkUsodzMcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM7hr2kEE+0XnQ3xlKy2Zq57/LzzMB8GA1UdIwQY
MBaAFHVvukZjTSK5PbG/RuxajWZeYtrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFctNlJtTk5Jcms5c2I5RzdGcU5abDVpMnNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9iNjg0MjEtOTliMS00ODVlLWIyMTct
ZDNhZGM3NDQ5MzkxLzEvenVHdmFRUVQ3UmVkRGZHVXJMWm1ybnY4dlBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9iNjg0MjEtOTliMS00ODVlLWIyMTctZDNhZGM3NDQ5Mzkx
LzEvZFctNlJtTk5Jcms5c2I5RzdGcU5abDVpMnNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4CQMA0G
CSqGSIb3DQEBCwUAA4IBAQDM5qM8Z+8Wo5gIjuoC+zUKmnJy6gdJCIFWN090CvWf
fmp2pieHUlJDNMctLqe/QzHrwRgldp54Yh+1B3XBu1TClACLvLvf8zLbxww8PxD4
YfrEE7p0zT/geDDVg4HSYgt1cS1Ll8X/6nO36X6c+MnqHskAVEz0YDPQo7ua+tPI
oQK0j5ajWE6bc/x0h46E6Ukzb+JKxTwVppUCspnG5XiLyYXjZX/6pYimG8DqRBuT
JIGotOyJi2D17V7+bm7hhMCP9e8GokRS+4zcfLcYfNy1a601nW6jHvYsVyC8gjJE
+BWXVKpdl19OKwR4lZ5mS3kKy6j7+8jj+foJbm5+JGOA
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:28:41 2025 by rpki-client