![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/29f55c-6032-41c2-baa4-1080e865ec6c/1/y2tKa8lB4-2TXvFJqQS2MvMKPvo.roa
File: y2tKa8lB4-2TXvFJqQS2MvMKPvo.roa (raw, json)
Hash identifier: NMzFB37sHC8gXGYjfAuKynTGylgzmHCM8mS+yfldg08=
Subject key identifier: CB:6B:4A:6B:C9:41:E3:ED:93:5E:F1:49:A9:04:B6:32:F3:0A:3E:FA
Certificate issuer: /CN=572bc93f1580fc95274d983940f3efaede304ae5
Certificate serial: 018AD38ED233B7AFCDFFD71C97710286F0A9
Authority key identifier: 57:2B:C9:3F:15:80:FC:95:27:4D:98:39:40:F3:EF:AE:DE:30:4A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VyvJPxWA_JUnTZg5QPPvrt4wSuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/29f55c-6032-41c2-baa4-1080e865ec6c/1/y2tKa8lB4-2TXvFJqQS2MvMKPvo.roa
Signing time: Tue 26 Sep 2023 22:14:27 +0000
ROA not before: Tue 26 Sep 2023 22:14:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200887
IP address blocks: 185.244.236.0/24 maxlen: 24
2a13:1580::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 26 Sep 2023 22:16:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d3:8e:d2:33:b7:af:cd:ff:d7:1c:97:71:02:86:f0:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=572bc93f1580fc95274d983940f3efaede304ae5
Validity
Not Before: Sep 26 22:14:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cb6b4a6bc941e3ed935ef149a904b632f30a3efa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1f:a8:78:1d:32:04:71:6e:9b:5c:ff:79:c7:
2f:1b:4e:44:52:71:eb:ad:61:21:4b:83:ad:8a:78:
21:15:73:54:58:42:98:ac:7a:c3:03:82:89:80:f5:
86:9f:a6:90:7b:1b:8d:f6:37:0f:f9:bc:d5:fc:82:
44:a3:a7:79:f3:fc:60:b4:ec:59:d2:ba:35:13:eb:
6b:05:e5:d4:21:be:0c:c5:a2:19:fe:ba:c0:dc:e1:
7a:32:aa:48:50:a5:03:3c:09:cd:7f:69:78:f3:7b:
de:d7:5e:74:82:76:41:66:b5:5c:c1:4e:cb:c5:3b:
8a:86:78:cf:aa:c7:73:b8:14:31:72:66:c6:e9:0a:
25:61:19:89:1a:e5:ce:b0:e3:9a:63:b4:c7:67:7d:
87:d9:5e:e8:79:45:f4:31:5c:c1:93:db:f2:b7:eb:
1c:4e:77:ba:87:aa:b7:c5:c9:69:58:7c:62:13:61:
48:28:e7:79:ce:6c:21:7f:00:56:e7:87:fa:0c:3f:
16:dc:e3:5f:bc:77:29:c9:63:66:c5:d9:24:ff:44:
04:0b:56:87:f3:2f:d2:fa:7c:23:89:d7:a4:1e:6a:
af:89:da:09:7f:75:f5:8a:6d:6a:75:76:8f:71:8a:
6d:08:06:4c:ff:24:f6:2f:9e:8f:13:37:9e:55:f3:
df:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:6B:4A:6B:C9:41:E3:ED:93:5E:F1:49:A9:04:B6:32:F3:0A:3E:FA
X509v3 Authority Key Identifier:
keyid:57:2B:C9:3F:15:80:FC:95:27:4D:98:39:40:F3:EF:AE:DE:30:4A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VyvJPxWA_JUnTZg5QPPvrt4wSuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/29f55c-6032-41c2-baa4-1080e865ec6c/1/y2tKa8lB4-2TXvFJqQS2MvMKPvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/29f55c-6032-41c2-baa4-1080e865ec6c/1/VyvJPxWA_JUnTZg5QPPvrt4wSuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.236.0/24
IPv6:
2a13:1580::/29
Signature Algorithm: sha256WithRSAEncryption
43:59:90:ee:8b:a0:63:7a:ec:5c:83:f1:86:81:21:5d:7d:30:
21:be:64:db:ea:91:bf:47:27:63:ca:3d:e9:95:6e:93:2c:5b:
1c:81:c6:57:33:29:79:08:95:ba:5f:6b:24:e0:45:7c:3b:f3:
f5:75:74:e8:8e:36:72:bc:07:3c:c2:a4:ad:9d:16:64:c9:03:
17:ce:f1:a1:14:ca:a6:5c:68:37:c9:c3:d5:9f:33:52:76:ea:
7d:a1:a4:0f:f9:73:73:94:39:71:a7:7d:9f:36:40:98:5f:59:
83:41:f7:d3:d5:3b:c4:44:8d:da:99:b7:4b:57:9b:57:9a:d0:
77:9f:41:5c:43:c4:7f:8f:13:54:11:df:61:69:a0:3b:c9:2a:
20:b1:84:6f:3c:50:88:2d:89:9c:9b:4c:68:21:d3:fd:e8:f1:
2d:b2:22:71:23:6b:2d:06:da:e2:09:a3:cc:e5:62:1a:04:36:
f2:e0:4d:62:99:44:3b:69:19:9c:d3:53:1d:55:c1:9a:df:45:
99:ab:7b:d3:1b:7b:ed:1b:c1:ac:15:89:b9:f6:1a:28:89:0b:
3a:b3:9c:41:07:95:39:5c:77:b8:b7:f4:9a:5d:52:2b:6a:b7:
a0:34:91:99:9b:b1:7e:bc:7d:08:7f:cb:e7:b4:83:fe:00:f8:
dd:bf:42:d2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYrTjtIzt6/N/9ccl3EChvCpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MmJjOTNmMTU4MGZjOTUyNzRkOTgzOTQwZjNlZmFlZGUz
MDRhZTUwHhcNMjMwOTI2MjIxNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjZiNGE2YmM5NDFlM2VkOTM1ZWYxNDlhOTA0YjYzMmYzMGEzZWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB+oeB0yBHFum1z/eccvG05EUnHr
rWEhS4OtinghFXNUWEKYrHrDA4KJgPWGn6aQexuN9jcP+bzV/IJEo6d58/xgtOxZ
0ro1E+trBeXUIb4MxaIZ/rrA3OF6MqpIUKUDPAnNf2l483ve1150gnZBZrVcwU7L
xTuKhnjPqsdzuBQxcmbG6QolYRmJGuXOsOOaY7THZ32H2V7oeUX0MVzBk9vyt+sc
Tne6h6q3xclpWHxiE2FIKOd5zmwhfwBW54f6DD8W3ONfvHcpyWNmxdkk/0QEC1aH
8y/S+nwjidekHmqvidoJf3X1im1qdXaPcYptCAZM/yT2L56PEzeeVfPf9QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMtrSmvJQePtk17xSakEtjLzCj76MB8GA1UdIwQY
MBaAFFcryT8VgPyVJ02YOUDz767eMErlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnl2SlB4V0FfSlVuVFpnNVFQUHZydDR3U3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yOWY1NWMtNjAzMi00MWMyLWJhYTQt
MTA4MGU4NjVlYzZjLzEveTJ0S2E4bEI0LTJUWHZGSnFRUzJNdk1LUHZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8yOWY1NWMtNjAzMi00MWMyLWJhYTQtMTA4MGU4NjVlYzZj
LzEvVnl2SlB4V0FfSlVuVFpnNVFQUHZydDR3U3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufTsMA0E
AgACMAcDBQMqExWAMA0GCSqGSIb3DQEBCwUAA4IBAQBDWZDui6Bjeuxcg/GGgSFd
fTAhvmTb6pG/Rydjyj3plW6TLFscgcZXMyl5CJW6X2sk4EV8O/P1dXTojjZyvAc8
wqStnRZkyQMXzvGhFMqmXGg3ycPVnzNSdup9oaQP+XNzlDlxp32fNkCYX1mDQffT
1TvERI3ambdLV5tXmtB3n0FcQ8R/jxNUEd9haaA7ySogsYRvPFCILYmcm0xoIdP9
6PEtsiJxI2stBtriCaPM5WIaBDby4E1imUQ7aRmc01MdVcGa30WZq3vTG3vtG8Gs
FYm59hooiQs6s5xBB5U5XHe4t/SaXVIraregNJGZm7F+vH0If8vntIP+APjdv0LS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:12 2024 by rpki-client on console-fra.rpki-client.org