![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/a7550a-83ec-48d0-bb33-cdee9995e9e7/1/XZwJ99-YvP8So0PfTb0GVXOsjNg.roa
File: XZwJ99-YvP8So0PfTb0GVXOsjNg.roa (raw, json)
Hash identifier: 6GoVAj2cQZazpUolAZ/qpVxBaQkijgBAOutmcJVa4fQ=
Subject key identifier: 5D:9C:09:F7:DF:98:BC:FF:12:A3:43:DF:4D:BD:06:55:73:AC:8C:D8
Certificate issuer: /CN=0dd84ddac50c59aecaf06b09b8573a862a0ea3db
Certificate serial: 084EB5F7
Authority key identifier: 0D:D8:4D:DA:C5:0C:59:AE:CA:F0:6B:09:B8:57:3A:86:2A:0E:A3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DdhN2sUMWa7K8GsJuFc6hioOo9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/a7550a-83ec-48d0-bb33-cdee9995e9e7/1/XZwJ99-YvP8So0PfTb0GVXOsjNg.roa
Signing time: Sat 01 Jan 2022 09:55:37 +0000
ROA not before: Sat 01 Jan 2022 09:55:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204280
IP address blocks: 185.107.186.0/24 maxlen: 24
185.107.186.0/23 maxlen: 23
185.107.184.0/22 maxlen: 22
185.107.184.0/23 maxlen: 23
185.107.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139376119 (0x84eb5f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dd84ddac50c59aecaf06b09b8573a862a0ea3db
Validity
Not Before: Jan 1 09:55:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d9c09f7df98bcff12a343df4dbd065573ac8cd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:89:76:c9:68:ea:0c:2a:54:5c:b0:3e:cc:4d:
a9:75:07:ec:c4:4a:8b:2f:b6:26:2d:59:dd:be:50:
d2:a9:d9:85:bd:bb:ae:16:23:fe:1d:8d:96:a4:78:
05:55:c3:d0:ed:4f:73:49:ab:60:67:66:d7:12:ff:
e5:3d:94:fe:e8:e6:74:1c:26:17:79:60:35:6c:44:
b3:66:ae:25:cc:8e:4c:58:38:1e:28:e5:72:e7:2f:
1e:52:f2:bb:65:45:67:be:c0:a5:99:03:3c:48:7a:
09:e0:27:d5:a9:e5:40:4c:ff:41:8b:0d:14:7d:e6:
6f:f0:7d:aa:76:88:dc:63:62:b5:da:6c:69:0a:91:
5f:45:8b:4b:c6:c1:35:87:41:9c:78:5f:f6:ef:85:
11:df:ae:bb:56:b5:db:0d:0d:ce:0c:c7:a7:7a:9a:
fc:80:6f:72:e0:5b:23:19:2a:08:12:d3:35:5f:dc:
c1:3b:90:c3:99:30:67:c8:97:5e:65:ff:e9:28:f3:
ea:41:45:b1:82:07:3d:6f:b0:5e:47:f3:f2:57:ff:
8a:df:29:30:e3:46:a2:cf:64:01:c7:a4:f3:70:93:
13:08:2c:01:2c:f9:70:61:50:ab:f2:b9:50:da:cd:
1c:3e:1e:21:d5:5c:e0:24:84:94:c5:87:7d:5b:09:
91:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:9C:09:F7:DF:98:BC:FF:12:A3:43:DF:4D:BD:06:55:73:AC:8C:D8
X509v3 Authority Key Identifier:
keyid:0D:D8:4D:DA:C5:0C:59:AE:CA:F0:6B:09:B8:57:3A:86:2A:0E:A3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdhN2sUMWa7K8GsJuFc6hioOo9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/a7550a-83ec-48d0-bb33-cdee9995e9e7/1/XZwJ99-YvP8So0PfTb0GVXOsjNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/a7550a-83ec-48d0-bb33-cdee9995e9e7/1/DdhN2sUMWa7K8GsJuFc6hioOo9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.184.0/22
Signature Algorithm: sha256WithRSAEncryption
01:99:2d:45:12:be:35:2b:b6:20:17:85:e7:44:80:ef:8c:65:
db:2c:22:77:33:03:9d:3c:3c:19:d6:c7:2b:9b:08:e6:99:d2:
78:c8:44:41:6d:de:94:4e:8f:7b:33:1b:21:25:13:36:bf:b6:
cb:d4:f3:a7:c6:22:b7:bc:3d:45:52:ef:25:1c:3a:94:2c:1c:
80:b9:30:4a:be:0e:78:20:32:c2:c3:a8:d9:e2:f9:85:3c:19:
4e:7c:b5:b7:4e:3d:19:3f:cd:67:cb:a6:c7:04:e8:57:22:6c:
cc:bd:4f:64:60:a3:27:03:16:52:51:e8:87:e9:e1:a3:d3:22:
41:3e:48:fd:90:76:4a:d8:9f:dc:7c:0c:1e:70:8f:27:91:a8:
d5:58:5e:e2:cd:45:59:08:2a:dd:28:7a:3e:53:a6:08:e5:39:
84:da:3f:9f:ce:bd:ba:4a:43:91:2b:40:07:96:91:da:d2:9a:
ea:96:4d:f7:18:20:83:81:0e:c1:5b:f2:f4:8e:6a:20:fe:71:
ab:36:5f:b8:94:7d:8d:5a:e3:4a:32:71:9b:05:af:d2:54:f6:
b9:5a:33:08:6e:30:5d:92:5f:bc:17:1d:74:2e:ae:66:5e:be:
d8:a8:01:e2:d0:32:eb:87:60:9b:9c:d4:a9:d1:82:d4:f5:6e:
af:ef:52:4a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECE619zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZGQ4NGRkYWM1MGM1OWFlY2FmMDZiMDliODU3M2E4NjJhMGVhM2RiMB4XDTIyMDEw
MTA5NTUzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQ5YzA5ZjdkZjk4
YmNmZjEyYTM0M2RmNGRiZDA2NTU3M2FjOGNkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALyJdslo6gwqVFywPsxNqXUH7MRKiy+2Ji1Z3b5Q0qnZhb27
rhYj/h2NlqR4BVXD0O1Pc0mrYGdm1xL/5T2U/ujmdBwmF3lgNWxEs2auJcyOTFg4
HijlcucvHlLyu2VFZ77ApZkDPEh6CeAn1anlQEz/QYsNFH3mb/B9qnaI3GNitdps
aQqRX0WLS8bBNYdBnHhf9u+FEd+uu1a12w0NzgzHp3qa/IBvcuBbIxkqCBLTNV/c
wTuQw5kwZ8iXXmX/6Sjz6kFFsYIHPW+wXkfz8lf/it8pMONGos9kAcek83CTEwgs
ASz5cGFQq/K5UNrNHD4eIdVc4CSElMWHfVsJkTsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRdnAn335i8/xKjQ99NvQZVc6yM2DAfBgNVHSMEGDAWgBQN2E3axQxZrsrw
awm4VzqGKg6j2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RkaE4yc1VNV2E3SzhHc0p1RmM2aGlvT285cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvYTc1NTBhLTgzZWMtNDhkMC1iYjMzLWNkZWU5OTk1ZTllNy8x
L1had0o5OS1ZdlA4U28wUGZUYjBHVlhPc2pOZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
YTc1NTBhLTgzZWMtNDhkMC1iYjMzLWNkZWU5OTk1ZTllNy8xL0RkaE4yc1VNV2E3
SzhHc0p1RmM2aGlvT285cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlruDANBgkqhkiG9w0BAQsFAAOC
AQEAAZktRRK+NSu2IBeF50SA74xl2ywidzMDnTw8GdbHK5sI5pnSeMhEQW3elE6P
ezMbISUTNr+2y9Tzp8Yit7w9RVLvJRw6lCwcgLkwSr4OeCAywsOo2eL5hTwZTny1
t049GT/NZ8umxwToVyJszL1PZGCjJwMWUlHoh+nho9MiQT5I/ZB2Stif3HwMHnCP
J5Go1Vhe4s1FWQgq3Sh6PlOmCOU5hNo/n869ukpDkStAB5aR2tKa6pZN9xggg4EO
wVvy9I5qIP5xqzZfuJR9jVrjSjJxmwWv0lT2uVozCG4wXZJfvBcddC6uZl6+2KgB
4tAy64dgm5zUqdGC1PVur+9SSg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:22 2025 by rpki-client