![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/P5LL914depEbFeQ8COQkTG0cJBg.roa
File: P5LL914depEbFeQ8COQkTG0cJBg.roa (raw, json)
Hash identifier: Xvhw7Exz8LqbEN6nPmkPnxCcOrVih3kA4CDNfQwYBH8=
Subject key identifier: 3F:92:CB:F7:5E:1D:7A:91:1B:15:E4:3C:08:E4:24:4C:6D:1C:24:18
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 0187034243D86C150A1169F3A61D6F3A7252
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/P5LL914depEbFeQ8COQkTG0cJBg.roa
Signing time: Tue 21 Mar 2023 08:21:27 +0000
ROA not before: Tue 21 Mar 2023 08:21:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42894
IP address blocks: 2a04:9a02::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:03:42:43:d8:6c:15:0a:11:69:f3:a6:1d:6f:3a:72:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Mar 21 08:21:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f92cbf75e1d7a911b15e43c08e4244c6d1c2418
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c1:78:e8:c8:b2:74:a1:97:fb:37:2a:72:af:
51:2d:54:ee:8c:ae:44:69:c0:33:c0:1b:7c:d3:1e:
50:d8:d5:16:77:27:3c:d9:01:5c:63:96:b1:af:92:
91:46:89:d7:6d:e7:e2:8c:8b:e8:28:f9:bc:85:dc:
e8:b7:da:bb:f3:f0:aa:8f:71:b3:90:6b:37:cd:f1:
a9:1c:38:39:f0:2a:50:35:dc:21:bb:0e:d8:47:13:
5f:02:b1:6e:a1:9e:6d:d7:f3:c3:36:65:c4:7e:17:
79:d9:76:84:93:99:58:e4:03:a0:b3:b7:76:62:cf:
99:0f:53:e5:b7:8d:89:9b:93:6b:ce:63:eb:f0:53:
47:9c:88:7b:f4:0e:dd:98:13:9b:a8:2a:ea:ae:62:
fd:e7:f2:39:6f:68:62:03:86:d6:cf:ec:63:ce:53:
f1:f1:53:b3:8e:37:f5:d3:c0:e5:79:08:86:74:63:
ee:36:33:bd:60:a4:84:ab:af:cb:ae:9e:01:a5:aa:
d5:d2:8f:b8:0e:86:23:32:2a:20:65:92:04:45:84:
68:18:29:4c:ff:f0:ca:1b:f3:3e:68:34:43:fb:fe:
20:91:6b:b7:c5:78:ae:64:02:f3:91:d2:bd:64:47:
1b:9a:97:5a:77:6b:c2:12:3d:29:11:11:39:8e:11:
78:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:92:CB:F7:5E:1D:7A:91:1B:15:E4:3C:08:E4:24:4C:6D:1C:24:18
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/P5LL914depEbFeQ8COQkTG0cJBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:9a02::/32
Signature Algorithm: sha256WithRSAEncryption
40:80:f2:20:1c:38:e1:00:7e:17:c9:6a:45:94:4b:ac:e7:81:
cb:47:a4:65:07:df:b4:52:75:f3:0f:43:b4:03:1f:e0:f8:b1:
d2:cc:ac:74:c3:66:b1:55:41:04:f6:02:d0:0b:d4:be:ff:b8:
06:31:cf:55:68:6d:e1:c8:b4:47:6b:8e:a0:99:52:91:dd:4b:
8c:6c:48:c2:31:c9:a8:05:cc:69:a2:7e:8b:38:81:0c:6e:bf:
60:93:08:7f:aa:bf:e0:e9:e1:17:78:70:d7:96:d9:8e:0a:2c:
62:80:8c:65:86:c9:04:6b:e7:89:79:58:53:c3:87:cd:60:6d:
46:06:f7:5b:0a:72:f2:6b:db:10:c9:5e:d0:90:1b:de:bc:a1:
63:13:f2:7f:e6:07:84:15:ca:9a:d1:29:c3:06:11:e0:17:e5:
6a:a1:5e:e2:01:86:ad:bd:c8:3e:ab:c5:74:e7:b5:51:ed:a9:
52:87:52:08:c5:58:74:a7:09:35:7b:eb:3d:29:d6:df:1a:86:
2b:54:73:db:47:08:ef:c1:a2:7f:21:9e:e3:a5:cc:e2:ef:af:
eb:f6:17:fd:f7:a7:ec:7c:50:2f:99:58:98:c1:83:09:8b:57:
a1:1e:78:20:fa:b0:9b:6d:28:6f:e6:ec:59:6c:8b:94:11:57:
0a:6e:00:a3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYcDQkPYbBUKEWnzph1vOnJSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjMwMzIxMDgyMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjkyY2JmNzVlMWQ3YTkxMWIxNWU0M2MwOGU0MjQ0YzZkMWMyNDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMF46MiydKGX+zcqcq9RLVTujK5E
acAzwBt80x5Q2NUWdyc82QFcY5axr5KRRonXbefijIvoKPm8hdzot9q78/Cqj3Gz
kGs3zfGpHDg58CpQNdwhuw7YRxNfArFuoZ5t1/PDNmXEfhd52XaEk5lY5AOgs7d2
Ys+ZD1Plt42Jm5NrzmPr8FNHnIh79A7dmBObqCrqrmL95/I5b2hiA4bWz+xjzlPx
8VOzjjf108DleQiGdGPuNjO9YKSEq6/Lrp4BparV0o+4DoYjMiogZZIERYRoGClM
//DKG/M+aDRD+/4gkWu3xXiuZALzkdK9ZEcbmpdad2vCEj0pERE5jhF4OwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFD+Sy/deHXqRGxXkPAjkJExtHCQYMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvUDVMTDkxNGRlcEViRmVROENPUWtURzBjSkJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgSaAjAN
BgkqhkiG9w0BAQsFAAOCAQEAQIDyIBw44QB+F8lqRZRLrOeBy0ekZQfftFJ18w9D
tAMf4Pix0sysdMNmsVVBBPYC0AvUvv+4BjHPVWht4ci0R2uOoJlSkd1LjGxIwjHJ
qAXMaaJ+iziBDG6/YJMIf6q/4OnhF3hw15bZjgosYoCMZYbJBGvniXlYU8OHzWBt
Rgb3Wwpy8mvbEMle0JAb3ryhYxPyf+YHhBXKmtEpwwYR4BflaqFe4gGGrb3IPqvF
dOe1Ue2pUodSCMVYdKcJNXvrPSnW3xqGK1Rz20cI78GifyGe46XM4u+v6/YX/fen
7HxQL5lYmMGDCYtXoR54IPqwm20ob+bsWWyLlBFXCm4Aow==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:35:53 2025 by rpki-client