![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/vX7vOYJFKRD-p2nOatxobpF_RBw.roa
File: vX7vOYJFKRD-p2nOatxobpF_RBw.roa (raw, json)
Hash identifier: xu8wd5Ly6XmtpjxZ6+bRZ+72R80KjJ+cgT1c8QhHH94=
Subject key identifier: BD:7E:EF:39:82:45:29:10:FE:A7:69:CE:6A:DC:68:6E:91:7F:44:1C
Certificate issuer: /CN=846d45225cf0d4fa9c65aee88861d2261203ad00
Certificate serial: 018572FA5A018811EC88058650D0E64A2385
Authority key identifier: 84:6D:45:22:5C:F0:D4:FA:9C:65:AE:E8:88:61:D2:26:12:03:AD:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/vX7vOYJFKRD-p2nOatxobpF_RBw.roa
Signing time: Mon 02 Jan 2023 14:54:47 +0000
ROA not before: Mon 02 Jan 2023 14:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209135
IP address blocks: 5.180.198.0/24 maxlen: 24
5.180.196.0/23 maxlen: 23
5.180.196.0/22 maxlen: 24
2a0b:2d40:c10a::/48 maxlen: 48
2a0b:2d40::/32 maxlen: 48
2a0b:2d40::/48 maxlen: 48
2a0b:2d40:bac3::/48 maxlen: 48
2a0b:2d40:eeee::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:5a:01:88:11:ec:88:05:86:50:d0:e6:4a:23:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=846d45225cf0d4fa9c65aee88861d2261203ad00
Validity
Not Before: Jan 2 14:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd7eef3982452910fea769ce6adc686e917f441c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:9d:ba:78:57:f4:17:41:45:d0:e3:ba:49:75:
29:06:2a:7f:ee:ce:7b:b5:cc:15:0b:9f:7e:97:8a:
65:20:fd:db:89:73:f0:20:11:98:85:50:7d:0d:9e:
0a:17:47:7d:cb:b3:f9:4b:01:7b:e7:e0:bb:67:90:
61:56:6b:47:2c:f4:94:ab:35:01:9d:c9:f4:68:6a:
33:f3:71:e2:fd:cf:e2:50:23:0a:4e:9e:50:6c:55:
36:69:03:e4:25:48:d4:12:ca:b9:9f:43:bf:12:e5:
19:06:1e:25:6e:a5:01:db:85:dd:af:2d:96:9b:0d:
64:93:29:c2:a5:50:dc:57:5e:e0:7d:b5:3c:e0:14:
f3:26:f9:c5:9e:52:96:8a:0d:a0:8b:13:d8:20:ed:
56:70:ba:be:64:ae:1d:73:0e:a1:b8:3b:c6:f1:fb:
66:23:de:d6:1b:0d:87:a4:93:67:7a:da:c4:d0:79:
e7:2c:3b:f6:4e:c2:77:23:f0:53:d8:03:28:d5:90:
0f:f7:52:fa:e3:5e:7a:9d:a9:23:b8:c2:64:3c:e6:
53:0f:78:91:9d:95:d8:57:9b:fa:15:af:1a:91:38:
7b:6e:27:86:55:6e:11:6b:66:f6:b3:b9:64:14:ae:
b6:c5:85:f8:89:13:43:f8:21:9c:34:12:bb:b0:4b:
95:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:7E:EF:39:82:45:29:10:FE:A7:69:CE:6A:DC:68:6E:91:7F:44:1C
X509v3 Authority Key Identifier:
keyid:84:6D:45:22:5C:F0:D4:FA:9C:65:AE:E8:88:61:D2:26:12:03:AD:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hG1FIlzw1PqcZa7oiGHSJhIDrQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/vX7vOYJFKRD-p2nOatxobpF_RBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/163f4b-de59-487a-9110-463531046c7f/1/hG1FIlzw1PqcZa7oiGHSJhIDrQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.196.0/22
IPv6:
2a0b:2d40::/32
Signature Algorithm: sha256WithRSAEncryption
46:6b:89:eb:1d:1a:b5:6d:6f:e4:41:52:e6:20:0e:8e:4d:a7:
69:ea:ef:23:41:85:37:ee:d9:46:26:59:8a:ab:b1:2a:cd:51:
f3:52:be:ea:b5:e5:ef:80:06:2d:c8:f3:ca:35:21:40:b9:6d:
8e:04:49:b1:21:0a:91:40:22:62:63:bb:0c:3d:11:cf:33:2a:
52:29:92:62:03:89:0b:97:04:76:18:fb:e0:76:b4:93:d9:cc:
11:32:35:fd:75:9f:80:04:53:83:ef:0b:33:41:e4:16:9b:39:
51:38:94:94:ba:fb:22:be:45:c6:af:a2:f2:8c:18:44:8d:2d:
00:c8:0f:5b:42:d5:35:21:fd:81:78:49:38:7a:2f:ec:47:e1:
fb:d2:1b:88:ad:84:cf:d9:31:b3:c6:c4:86:e5:0b:5c:33:8b:
c8:36:36:07:dc:7d:47:c9:bd:40:7b:65:1c:2f:a5:e3:b1:ad:
48:f9:72:da:39:1e:4b:22:1f:a2:55:cd:29:93:4c:9d:1b:94:
59:9c:49:a9:0a:36:ae:75:66:2f:9a:2f:07:15:69:0d:18:bd:
1c:95:86:27:08:a5:1f:44:9c:88:e0:0a:23:41:86:90:59:ee:
72:8f:07:4a:d4:cf:7f:ff:75:57:55:4b:21:84:f6:33:1f:4a:
89:53:43:93
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVy+loBiBHsiAWGUNDmSiOFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NmQ0NTIyNWNmMGQ0ZmE5YzY1YWVlODg4NjFkMjI2MTIw
M2FkMDAwHhcNMjMwMTAyMTQ1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDdlZWYzOTgyNDUyOTEwZmVhNzY5Y2U2YWRjNjg2ZTkxN2Y0NDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi526eFf0F0FF0OO6SXUpBip/7s57
tcwVC59+l4plIP3biXPwIBGYhVB9DZ4KF0d9y7P5SwF75+C7Z5BhVmtHLPSUqzUB
ncn0aGoz83Hi/c/iUCMKTp5QbFU2aQPkJUjUEsq5n0O/EuUZBh4lbqUB24Xdry2W
mw1kkynCpVDcV17gfbU84BTzJvnFnlKWig2gixPYIO1WcLq+ZK4dcw6huDvG8ftm
I97WGw2HpJNnetrE0HnnLDv2TsJ3I/BT2AMo1ZAP91L64156nakjuMJkPOZTD3iR
nZXYV5v6Fa8akTh7bieGVW4Ra2b2s7lkFK62xYX4iRND+CGcNBK7sEuVrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFL1+7zmCRSkQ/qdpzmrcaG6Rf0QcMB8GA1UdIwQY
MBaAFIRtRSJc8NT6nGWu6Ihh0iYSA60AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8xNjNmNGItZGU1OS00ODdhLTkxMTAt
NDYzNTMxMDQ2YzdmLzEvdlg3dk9ZSkZLUkQtcDJuT2F0eG9icEZfUkJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8xNjNmNGItZGU1OS00ODdhLTkxMTAtNDYzNTMxMDQ2Yzdm
LzEvaEcxRklsencxUHFjWmE3b2lHSFNKaElEclFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCBbTEMA0E
AgACMAcDBQAqCy1AMA0GCSqGSIb3DQEBCwUAA4IBAQBGa4nrHRq1bW/kQVLmIA6O
Tadp6u8jQYU37tlGJlmKq7EqzVHzUr7qteXvgAYtyPPKNSFAuW2OBEmxIQqRQCJi
Y7sMPRHPMypSKZJiA4kLlwR2GPvgdrST2cwRMjX9dZ+ABFOD7wszQeQWmzlROJSU
uvsivkXGr6LyjBhEjS0AyA9bQtU1If2BeEk4ei/sR+H70huIrYTP2TGzxsSG5Qtc
M4vINjYH3H1Hyb1Ae2UcL6Xjsa1I+XLaOR5LIh+iVc0pk0ydG5RZnEmpCjaudWYv
mi8HFWkNGL0clYYnCKUfRJyI4AojQYaQWe5yjwdK1M9//3VXVUshhPYzH0qJU0OT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:20 2025 by rpki-client