![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/b72cb0-0e57-468c-89f0-abcb1e7582b3/1/zjQgOrUY7AS3vulllj-zKWHuicI.roa
File: zjQgOrUY7AS3vulllj-zKWHuicI.roa (raw, json)
Hash identifier: Dk0C3MC+CktkGIlQRbkEk5pXJRYUgQGviwqzKxSM2SA=
Subject key identifier: CE:34:20:3A:B5:18:EC:04:B7:BE:E9:65:96:3F:B3:29:61:EE:89:C2
Certificate issuer: /CN=a55cf89ee562797e775aa4d1d1f7e45f466a73c3
Certificate serial: 01850662239AD5293D8D225F2A011DDC8E2C
Authority key identifier: A5:5C:F8:9E:E5:62:79:7E:77:5A:A4:D1:D1:F7:E4:5F:46:6A:73:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pVz4nuVieX53WqTR0ffkX0Zqc8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/b72cb0-0e57-468c-89f0-abcb1e7582b3/1/zjQgOrUY7AS3vulllj-zKWHuicI.roa
Signing time: Mon 12 Dec 2022 12:49:33 +0000
ROA not before: Mon 12 Dec 2022 12:49:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208058
IP address blocks: 2a13:5a40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:62:23:9a:d5:29:3d:8d:22:5f:2a:01:1d:dc:8e:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a55cf89ee562797e775aa4d1d1f7e45f466a73c3
Validity
Not Before: Dec 12 12:49:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce34203ab518ec04b7bee965963fb32961ee89c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:70:f0:d8:0f:0b:be:45:0d:ea:5a:01:a6:d3:
68:5c:6c:db:48:21:f0:bb:1c:f5:f2:fd:e4:01:b2:
e6:af:92:91:c7:05:20:5f:a9:42:83:b8:4c:4a:1b:
9b:73:4f:8b:58:36:22:cf:1a:c2:e2:a7:80:74:dd:
49:32:d2:f2:25:ed:e0:49:bb:8c:ad:00:7f:1a:84:
5d:99:51:27:e6:e9:ab:68:fb:a4:ba:3e:31:f3:46:
26:ef:44:4e:00:3d:f8:2c:37:49:d5:e5:2f:f4:ff:
9e:a1:37:08:51:ed:76:e7:9d:6f:8e:d5:71:83:c6:
51:a5:d4:f8:87:a0:fc:3b:79:78:69:ff:31:34:e6:
48:d4:1a:64:62:57:81:3d:37:5c:c8:29:01:0e:36:
04:de:d9:c5:b7:77:39:64:36:13:6d:4d:a6:81:12:
5d:61:ab:36:0e:12:7a:bf:c9:58:d1:f6:bd:d6:5e:
44:e4:d8:eb:df:ea:85:cf:ca:2c:2b:5f:23:1d:f1:
e4:e8:cb:f9:ee:0e:45:fe:a5:32:f2:97:55:9f:ab:
26:07:56:6d:69:3d:37:fd:63:bf:71:1d:6c:10:ab:
ca:70:c2:3a:59:06:86:c0:d1:e9:a9:04:ec:95:45:
a3:46:c7:2a:ec:8a:ab:8f:14:fa:d6:8e:6f:20:04:
4a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:34:20:3A:B5:18:EC:04:B7:BE:E9:65:96:3F:B3:29:61:EE:89:C2
X509v3 Authority Key Identifier:
keyid:A5:5C:F8:9E:E5:62:79:7E:77:5A:A4:D1:D1:F7:E4:5F:46:6A:73:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pVz4nuVieX53WqTR0ffkX0Zqc8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b72cb0-0e57-468c-89f0-abcb1e7582b3/1/zjQgOrUY7AS3vulllj-zKWHuicI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/b72cb0-0e57-468c-89f0-abcb1e7582b3/1/pVz4nuVieX53WqTR0ffkX0Zqc8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:5a40::/29
Signature Algorithm: sha256WithRSAEncryption
17:73:b6:1b:25:4d:1c:6d:f9:f8:80:09:2c:1a:62:fa:aa:5b:
b5:a8:c5:2d:14:63:53:c0:ec:9f:18:8c:89:38:db:5c:c1:4c:
9e:f3:68:33:d2:eb:85:b2:06:4b:eb:95:cc:68:49:a6:cb:1a:
dc:67:9d:d2:73:a5:2a:19:0a:a6:b4:a3:83:c1:b2:72:13:83:
6c:2c:2f:54:f1:de:e0:1d:64:49:8d:5a:cb:0c:79:c5:77:75:
1c:a2:16:ac:61:6e:5a:c6:16:11:ba:bd:b6:a8:e8:6b:b6:bd:
0c:c5:5b:78:72:fc:8b:18:10:4f:0b:a2:1b:bd:98:de:46:7e:
42:41:ce:a3:24:3d:ec:71:6d:31:9b:fb:4f:73:64:ac:5f:e8:
8b:d0:9d:ff:cd:01:6e:10:b8:c2:ea:20:53:76:c6:60:3e:7c:
7c:d7:9d:67:a6:04:b5:f7:7b:80:b6:d1:29:62:24:f4:cd:35:
e2:4e:6c:f9:6a:81:dc:93:55:8a:1c:38:df:b0:e4:45:4b:ce:
9e:15:fa:5b:7a:ef:73:a6:f0:1f:84:a6:db:11:56:8e:ef:54:
25:c3:dc:83:8f:de:9d:de:34:7f:d1:b0:d6:d1:40:8a:ab:5d:
ef:5a:89:3a:e4:38:c6:7f:4a:5c:09:06:07:c5:cc:a5:31:7b:
42:ea:25:9d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYUGYiOa1Sk9jSJfKgEd3I4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NWNmODllZTU2Mjc5N2U3NzVhYTRkMWQxZjdlNDVmNDY2
YTczYzMwHhcNMjIxMjEyMTI0OTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTM0MjAzYWI1MThlYzA0YjdiZWU5NjU5NjNmYjMyOTYxZWU4OWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXDw2A8LvkUN6loBptNoXGzbSCHw
uxz18v3kAbLmr5KRxwUgX6lCg7hMShubc0+LWDYizxrC4qeAdN1JMtLyJe3gSbuM
rQB/GoRdmVEn5umraPukuj4x80Ym70ROAD34LDdJ1eUv9P+eoTcIUe12551vjtVx
g8ZRpdT4h6D8O3l4af8xNOZI1BpkYleBPTdcyCkBDjYE3tnFt3c5ZDYTbU2mgRJd
Yas2DhJ6v8lY0fa91l5E5Njr3+qFz8osK18jHfHk6Mv57g5F/qUy8pdVn6smB1Zt
aT03/WO/cR1sEKvKcMI6WQaGwNHpqQTslUWjRscq7IqrjxT61o5vIARKXQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM40IDq1GOwEt77pZZY/sylh7onCMB8GA1UdIwQY
MBaAFKVc+J7lYnl+d1qk0dH35F9GanPDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFZ6NG51VmllWDUzV3FUUjBmZmtYMFpxYzhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9iNzJjYjAtMGU1Ny00NjhjLTg5ZjAt
YWJjYjFlNzU4MmIzLzEvempRZ09yVVk3QVMzdnVsbGxqLXpLV0h1aWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy9iNzJjYjAtMGU1Ny00NjhjLTg5ZjAtYWJjYjFlNzU4MmIz
LzEvcFZ6NG51VmllWDUzV3FUUjBmZmtYMFpxYzhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNaQDAN
BgkqhkiG9w0BAQsFAAOCAQEAF3O2GyVNHG35+IAJLBpi+qpbtajFLRRjU8DsnxiM
iTjbXMFMnvNoM9LrhbIGS+uVzGhJpssa3Ged0nOlKhkKprSjg8GychODbCwvVPHe
4B1kSY1aywx5xXd1HKIWrGFuWsYWEbq9tqjoa7a9DMVbeHL8ixgQTwuiG72Y3kZ+
QkHOoyQ97HFtMZv7T3NkrF/oi9Cd/80BbhC4wuogU3bGYD58fNedZ6YEtfd7gLbR
KWIk9M014k5s+WqB3JNVihw437DkRUvOnhX6W3rvc6bwH4Sm2xFWju9UJcPcg4/e
nd40f9Gw1tFAiqtd71qJOuQ4xn9KXAkGB8XMpTF7QuolnQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:36 2025 by rpki-client