![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mUEUeHcjPnKgmHW3kCAhU_s9aEk.roa
File: mUEUeHcjPnKgmHW3kCAhU_s9aEk.roa (raw, json)
Hash identifier: 9VriIHQmXSbjB/P45IBe6wc155opaxHO5Vb6xgMgfsg=
Subject key identifier: 99:41:14:78:77:23:3E:72:A0:98:75:B7:90:20:21:53:FB:3D:68:49
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018B15418027CE5B6FB09A58A746C0471157
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mUEUeHcjPnKgmHW3kCAhU_s9aEk.roa
Signing time: Mon 09 Oct 2023 16:24:56 +0000
ROA not before: Mon 09 Oct 2023 16:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2.56.108.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.138.180.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 09 Oct 2023 16:27:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:15:41:80:27:ce:5b:6f:b0:9a:58:a7:46:c0:47:11:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 9 16:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9941147877233e72a09875b790202153fb3d6849
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e2:9b:d3:c9:55:8e:0f:ef:b9:60:8c:bd:5a:
24:03:4f:5c:c9:ff:43:c7:df:c6:53:38:65:53:d7:
74:f3:f6:39:c1:8b:5c:34:83:ba:f1:5e:94:09:df:
4e:00:79:68:ba:b1:a9:36:7f:a0:56:71:ea:8c:f7:
45:68:39:40:63:c6:01:f4:dd:20:6b:36:ac:c3:f6:
78:ce:d7:5a:0c:d9:b5:82:4f:80:cb:24:a4:9b:b1:
0d:a4:0b:45:46:cd:99:a5:e8:2d:86:55:15:9e:ea:
72:c7:51:4a:9a:df:a2:86:db:fd:81:a3:88:ea:82:
b9:71:fd:fb:89:5a:cb:a1:19:3f:50:8b:8c:51:b1:
41:3c:3b:6f:cf:8d:73:18:75:58:a8:75:af:f7:0b:
db:ba:f7:7a:7e:d2:c9:d9:fc:24:26:89:fd:6c:2c:
6b:05:72:55:0a:e1:78:27:9b:e8:7a:59:67:98:38:
18:dd:c4:fe:1b:e5:29:41:35:fa:88:22:92:fd:3c:
85:f3:fd:ad:07:09:2d:bf:1b:c4:ef:6c:bb:bd:cd:
2e:a8:9c:ee:d2:3a:69:60:b9:40:55:2a:2a:65:fa:
ec:a4:6c:13:89:ea:24:28:c4:7d:12:ce:a2:a6:54:
5d:ec:c3:a2:67:f9:05:85:1a:10:ef:73:34:e9:4d:
b6:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:41:14:78:77:23:3E:72:A0:98:75:B7:90:20:21:53:FB:3D:68:49
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/mUEUeHcjPnKgmHW3kCAhU_s9aEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/24
5.181.87.0/24
45.9.29.0/24
45.81.113.0/24
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.138.180.0/24
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
93:80:d3:1c:1d:26:50:d7:ef:e7:3b:75:6c:1d:7e:4e:04:49:
bd:72:3e:cc:6a:e3:23:b7:85:f0:32:10:7e:67:ac:57:cc:c4:
bd:87:88:2d:c4:d3:1c:09:f8:9f:02:ed:b9:42:f0:bf:81:dd:
2e:a8:f9:7b:ac:28:1b:54:e9:57:7a:48:66:0a:4a:54:38:f7:
b7:15:e5:09:79:38:eb:96:c0:d9:9d:05:3e:28:92:e4:be:42:
87:ce:c2:f9:d7:89:ef:aa:d8:47:a1:a0:f2:bb:4a:59:c5:e3:
ef:49:c3:54:ee:5b:4a:fa:c5:0f:d2:2d:fd:74:47:0b:07:ae:
00:c2:d8:28:16:06:3f:1f:17:22:6c:e1:42:c4:d0:a9:13:07:
3f:2a:5a:31:03:a7:af:6b:0d:8a:ec:5a:dd:43:9a:2b:c4:cd:
2c:1c:3d:e0:0c:46:4d:ce:5f:60:e1:be:17:0d:d5:0f:88:a1:
2f:30:78:ad:16:b0:b4:a6:52:a9:a1:15:f8:bd:78:0a:6c:11:
11:ca:8b:e7:0d:56:18:d3:f8:a1:78:02:8f:f5:d7:ea:fc:e8:
86:b8:88:68:fb:82:f6:eb:0f:28:04:9f:a4:98:0f:ef:06:a2:
d1:6f:1a:10:4f:94:36:99:c3:eb:2a:a7:40:ed:1f:c8:ee:4e:
8c:24:32:37
-----BEGIN CERTIFICATE-----
MIIFwTCCBKmgAwIBAgISAYsVQYAnzltvsJpYp0bARxFXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDA5MTYyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTQxMTQ3ODc3MjMzZTcyYTA5ODc1Yjc5MDIwMjE1M2ZiM2Q2ODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+Kb08lVjg/vuWCMvVokA09cyf9D
x9/GUzhlU9d08/Y5wYtcNIO68V6UCd9OAHlourGpNn+gVnHqjPdFaDlAY8YB9N0g
azasw/Z4ztdaDNm1gk+AyySkm7ENpAtFRs2ZpegthlUVnupyx1FKmt+ihtv9gaOI
6oK5cf37iVrLoRk/UIuMUbFBPDtvz41zGHVYqHWv9wvbuvd6ftLJ2fwkJon9bCxr
BXJVCuF4J5voellnmDgY3cT+G+UpQTX6iCKS/TyF8/2tBwktvxvE72y7vc0uqJzu
0jppYLlAVSoqZfrspGwTieokKMR9Es6iplRd7MOiZ/kFhRoQ73M06U22yQIDAQAB
o4ICzTCCAskwHQYDVR0OBBYEFJlBFHh3Iz5yoJh1t5AgIVP7PWhJMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvbVVFVWVIY2pQbktnbUhXM2tDQWhVX3M5YUVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHiBggrBgEFBQcBBwEB/wSB0jCBzzCBoQQCAAEwgZoDBAAC
OGwDBAAFtVcDBAAtCR0DBAAtUXEDBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQME
Ay2EsAMEAC2KtAMEAC2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AME
ALkr+wMEAbnIPgMEAMEe8AMEAcEe8gMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7Fe
AwQCw9O8MCkEAgACMCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEF
gDANBgkqhkiG9w0BAQsFAAOCAQEAk4DTHB0mUNfv5zt1bB1+TgRJvXI+zGrjI7eF
8DIQfmesV8zEvYeILcTTHAn4nwLtuULwv4HdLqj5e6woG1TpV3pIZgpKVDj3txXl
CXk465bA2Z0FPiiS5L5Ch87C+deJ76rYR6Gg8rtKWcXj70nDVO5bSvrFD9It/XRH
CweuAMLYKBYGPx8XImzhQsTQqRMHPypaMQOnr2sNiuxa3UOaK8TNLBw94AxGTc5f
YOG+Fw3VD4ihLzB4rRawtKZSqaEV+L14CmwREcqL5w1WGNP4oXgCj/XX6vzohriI
aPuC9usPKASfpJgP7wai0W8aEE+UNpnD6yqnQO0fyO5OjCQyNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:19 2024 by rpki-client on console-ams.rpki-client.org