![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/MJ-tp_X8tG4APWKNX6BVCui72gw.roa
File: MJ-tp_X8tG4APWKNX6BVCui72gw.roa (raw, json)
Hash identifier: PTF7aboDLeko+lEr6u2Xzlkxy6O9hwaM7UoYh5TiYH0=
Subject key identifier: 30:9F:AD:A7:F5:FC:B4:6E:00:3D:62:8D:5F:A0:55:0A:E8:BB:DA:0C
Certificate issuer: /CN=0e0f4872ad1c1f4fcb213b6b2edb388a2d9c9a23
Certificate serial: 018BECFD3F7B73F0D536F5955E8C8483AAF1
Authority key identifier: 0E:0F:48:72:AD:1C:1F:4F:CB:21:3B:6B:2E:DB:38:8A:2D:9C:9A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dg9Icq0cH0_LITtrLts4ii2cmiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/MJ-tp_X8tG4APWKNX6BVCui72gw.roa
Signing time: Mon 20 Nov 2023 13:48:21 +0000
ROA not before: Mon 20 Nov 2023 13:48:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1902
IP address blocks: 188.125.16.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:fd:3f:7b:73:f0:d5:36:f5:95:5e:8c:84:83:aa:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e0f4872ad1c1f4fcb213b6b2edb388a2d9c9a23
Validity
Not Before: Nov 20 13:48:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=309fada7f5fcb46e003d628d5fa0550ae8bbda0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9d:d4:21:a1:fe:94:06:cd:e5:b0:5a:9e:53:
c9:c7:2b:72:91:a1:92:46:8f:6d:b0:96:8e:a8:d2:
6c:f3:49:83:56:f8:7f:66:7b:0c:f1:8f:8f:ee:0a:
06:53:0d:5d:5e:05:33:81:14:2d:dc:d8:4b:60:98:
30:23:8c:0c:20:d4:b6:3c:31:49:aa:f8:aa:65:fc:
bd:13:6b:de:c1:e1:d9:da:39:3a:45:19:b6:d8:00:
bc:1e:fe:9c:aa:01:3d:c7:28:90:04:93:d1:fb:32:
ae:3f:73:1e:62:9f:0e:86:0b:19:09:e7:3e:74:69:
3e:10:65:f9:3c:c2:36:b6:68:07:02:4c:9c:19:2b:
49:6b:42:3e:9e:ad:29:49:d0:8f:60:b5:a7:78:6a:
8e:53:f6:28:a4:85:89:59:0a:f6:ba:40:6c:e0:f8:
18:e6:be:ab:1c:89:d2:81:16:be:68:ad:45:ef:e0:
ae:af:67:c4:50:d7:46:76:af:8c:a4:19:35:ed:e2:
b7:31:1c:7b:b7:52:8d:5f:b5:b8:14:6f:0f:86:8a:
87:ce:f5:4a:23:86:4c:4e:ee:0e:48:85:f1:94:28:
d2:8d:e7:26:fe:91:ee:f7:47:64:32:05:04:44:11:
11:60:f2:34:02:ae:df:9f:81:27:47:c5:a1:c7:3b:
41:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:9F:AD:A7:F5:FC:B4:6E:00:3D:62:8D:5F:A0:55:0A:E8:BB:DA:0C
X509v3 Authority Key Identifier:
keyid:0E:0F:48:72:AD:1C:1F:4F:CB:21:3B:6B:2E:DB:38:8A:2D:9C:9A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dg9Icq0cH0_LITtrLts4ii2cmiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/MJ-tp_X8tG4APWKNX6BVCui72gw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dc5a62-064b-45b0-b89d-c01f80a1c805/1/Dg9Icq0cH0_LITtrLts4ii2cmiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.16.0/20
Signature Algorithm: sha256WithRSAEncryption
42:f8:7e:5f:71:c7:d8:6c:75:34:f9:de:d8:cb:5a:91:19:62:
17:9e:78:a7:75:9a:af:d3:18:42:14:c9:1e:66:77:43:bc:ff:
38:33:c8:a5:90:3c:c9:8c:b9:db:fe:d5:94:a1:a3:d1:fa:09:
91:83:12:8b:80:7a:89:e5:72:22:e2:e5:57:2e:bb:2e:fd:85:
57:6c:f5:6b:62:50:7a:c7:17:d7:bb:c3:9f:b6:96:33:fc:4a:
e9:1c:4b:dd:9f:f4:12:20:fe:ee:45:c6:4f:8a:b3:e1:0d:b5:
aa:8e:dc:f5:0a:4c:dc:a7:84:bb:bb:27:52:f0:90:c8:fb:e5:
6f:7f:19:f8:f5:cb:95:5e:9e:f5:bd:b8:89:73:5e:55:72:2b:
58:f1:e4:6f:5d:b3:8c:c3:d2:cb:62:bf:bf:fe:7f:44:7a:e6:
16:f2:53:96:90:f6:f0:fa:f3:47:9e:85:ee:58:6f:a2:f8:bb:
36:e8:bb:dd:b3:c7:13:b6:23:5a:7b:bb:9a:70:82:ce:6b:c5:
c9:df:42:98:1a:d7:20:da:ab:97:83:d9:36:f6:eb:5c:4c:8d:
c7:59:c0:98:9b:36:d6:41:e9:a3:ef:81:36:1b:14:f9:cf:b3:
a2:8d:69:f9:f9:c9:24:a5:b2:b6:95:33:11:c3:9a:b4:7c:bb:
48:6d:be:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvs/T97c/DVNvWVXoyEg6rxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMGY0ODcyYWQxYzFmNGZjYjIxM2I2YjJlZGIzODhhMmQ5
YzlhMjMwHhcNMjMxMTIwMTM0ODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDlmYWRhN2Y1ZmNiNDZlMDAzZDYyOGQ1ZmEwNTUwYWU4YmJkYTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJ3UIaH+lAbN5bBanlPJxytykaGS
Ro9tsJaOqNJs80mDVvh/ZnsM8Y+P7goGUw1dXgUzgRQt3NhLYJgwI4wMINS2PDFJ
qviqZfy9E2veweHZ2jk6RRm22AC8Hv6cqgE9xyiQBJPR+zKuP3MeYp8OhgsZCec+
dGk+EGX5PMI2tmgHAkycGStJa0I+nq0pSdCPYLWneGqOU/YopIWJWQr2ukBs4PgY
5r6rHInSgRa+aK1F7+Cur2fEUNdGdq+MpBk17eK3MRx7t1KNX7W4FG8PhoqHzvVK
I4ZMTu4OSIXxlCjSjecm/pHu90dkMgUERBERYPI0Aq7fn4EnR8WhxztBVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDCfraf1/LRuAD1ijV+gVQrou9oMMB8GA1UdIwQY
MBaAFA4PSHKtHB9PyyE7ay7bOIotnJojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGc5SWNxMGNIMF9MSVR0ckx0czRpaTJjbWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kYzVhNjItMDY0Yi00NWIwLWI4OWQt
YzAxZjgwYTFjODA1LzEvTUotdHBfWDh0RzRBUFdLTlg2QlZDdWk3Mmd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kYzVhNjItMDY0Yi00NWIwLWI4OWQtYzAxZjgwYTFjODA1
LzEvRGc5SWNxMGNIMF9MSVR0ckx0czRpaTJjbWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEvH0QMA0G
CSqGSIb3DQEBCwUAA4IBAQBC+H5fccfYbHU0+d7Yy1qRGWIXnnindZqv0xhCFMke
ZndDvP84M8ilkDzJjLnb/tWUoaPR+gmRgxKLgHqJ5XIi4uVXLrsu/YVXbPVrYlB6
xxfXu8OftpYz/ErpHEvdn/QSIP7uRcZPirPhDbWqjtz1Ckzcp4S7uydS8JDI++Vv
fxn49cuVXp71vbiJc15VcitY8eRvXbOMw9LLYr+//n9EeuYW8lOWkPbw+vNHnoXu
WG+i+Ls26Lvds8cTtiNae7uacILOa8XJ30KYGtcg2quXg9k29utcTI3HWcCYmzbW
Qemj74E2GxT5z7OijWn5+ckkpbK2lTMRw5q0fLtIbb4q
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:43 2025 by rpki-client