![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9X6vGpIYsZiCcRH61D89DV_u1cc.roa
File: 9X6vGpIYsZiCcRH61D89DV_u1cc.roa (raw, json)
Hash identifier: 3qbZqmi/6YYI0vYVOMcWQroPaw/av0xkD0zMDBbKJ+I=
Subject key identifier: F5:7E:AF:1A:92:18:B1:98:82:71:11:FA:D4:3F:3D:0D:5F:EE:D5:C7
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019028E54D1A93A1E94EEE1F4F0C0C93798E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9X6vGpIYsZiCcRH61D89DV_u1cc.roa
Signing time: Tue 18 Jun 2024 01:10:34 +0000
ROA not before: Tue 18 Jun 2024 01:10:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 18 Jun 2024 02:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:28:e5:4d:1a:93:a1:e9:4e:ee:1f:4f:0c:0c:93:79:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 18 01:10:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f57eaf1a9218b198827111fad43f3d0d5feed5c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:58:2b:83:04:a1:62:39:2e:50:56:3e:32:2d:
07:db:77:a4:05:ac:7c:9c:a0:dc:ca:25:d8:b6:78:
f8:bd:e9:46:87:6c:e8:c2:20:b6:e2:d6:7a:aa:f3:
c2:3c:e4:48:43:8b:aa:8f:f8:43:2e:07:86:df:b6:
db:9a:03:3c:77:a6:a7:da:ee:61:d7:ef:c0:80:44:
22:e6:aa:27:bb:04:d3:9c:b8:1e:eb:e6:70:5d:79:
26:25:64:ae:35:71:e5:6c:7c:b8:a9:a6:f5:30:f6:
7c:32:60:7b:55:6a:d1:8e:4e:3d:f6:2f:74:87:e6:
06:f8:a1:e7:56:53:f5:c0:d3:e3:e8:15:eb:67:7b:
e8:18:2d:54:d9:21:1b:fc:da:01:3f:b8:ba:ec:24:
95:b0:15:fa:1c:ba:1d:c5:11:48:bc:66:08:15:da:
97:20:48:f4:d6:12:1b:61:58:12:1b:83:b8:b1:89:
ba:d3:b1:64:4b:41:1a:2b:88:a8:cb:32:92:90:dd:
b6:9c:ac:ca:a6:38:bd:51:81:b9:25:8c:52:c6:d0:
62:8f:b7:19:9d:57:9f:8e:d3:01:f7:73:87:1a:a0:
d4:6b:1b:d6:35:62:2a:b1:df:ff:cc:7f:d9:d3:69:
5a:b4:82:fb:32:fd:de:c4:34:17:4d:a8:2e:83:2d:
a1:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:7E:AF:1A:92:18:B1:98:82:71:11:FA:D4:3F:3D:0D:5F:EE:D5:C7
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/9X6vGpIYsZiCcRH61D89DV_u1cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5b:52:1f:72:b7:25:05:b2:e8:cd:5b:ca:b0:95:f6:99:57:bc:
90:39:07:17:a6:1d:11:7b:39:f7:15:cc:71:8a:8a:6d:70:e7:
df:a1:a0:d2:c1:2e:24:a2:9c:e0:69:28:82:aa:8b:4a:86:7e:
99:41:a8:9a:6a:ca:ec:27:b5:34:f1:a2:b3:d7:7b:a8:21:0e:
16:03:4a:27:b7:fa:fb:0e:7c:5a:cd:0b:2d:a9:fe:53:03:09:
bb:de:3d:fd:63:a7:83:5f:80:42:06:f9:52:a9:25:40:a9:fb:
79:4c:3f:c7:91:e4:28:aa:49:bd:5b:1d:79:6e:15:d4:33:1a:
85:65:47:4d:26:dd:73:c1:25:58:d9:d6:c3:5d:61:88:55:de:
97:9e:e1:a7:cb:b4:aa:bb:d0:29:ec:c8:f5:e5:d4:00:1a:fa:
88:6c:be:4e:23:3c:1f:15:6a:f0:ee:89:c1:1c:c1:f4:da:21:
39:82:91:b2:c4:d3:8d:91:ac:7d:e4:fe:01:22:5b:61:ca:55:
fa:15:91:62:c7:35:45:d7:5b:8e:b2:f8:5b:cc:7b:15:10:84:
b7:f8:e4:b4:5c:6c:40:31:8f:43:52:67:20:86:b1:cd:81:e4:
58:8f:da:f2:a2:91:3b:b4:4a:f6:b2:60:29:6b:ed:31:44:54:
82:20:a6:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAo5U0ak6HpTu4fTwwMk3mOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE4MDExMDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTdlYWYxYTkyMThiMTk4ODI3MTExZmFkNDNmM2QwZDVmZWVkNWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslgrgwShYjkuUFY+Mi0H23ekBax8
nKDcyiXYtnj4velGh2zowiC24tZ6qvPCPORIQ4uqj/hDLgeG37bbmgM8d6an2u5h
1+/AgEQi5qonuwTTnLge6+ZwXXkmJWSuNXHlbHy4qab1MPZ8MmB7VWrRjk499i90
h+YG+KHnVlP1wNPj6BXrZ3voGC1U2SEb/NoBP7i67CSVsBX6HLodxRFIvGYIFdqX
IEj01hIbYVgSG4O4sYm607FkS0EaK4ioyzKSkN22nKzKpji9UYG5JYxSxtBij7cZ
nVefjtMB93OHGqDUaxvWNWIqsd//zH/Z02latIL7Mv3exDQXTagugy2hmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPV+rxqSGLGYgnER+tQ/PQ1f7tXHMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvOVg2dkdwSVlzWmlDY1JINjFEODlEVl91MWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFtSH3K3JQWy6M1byrCV
9plXvJA5BxemHRF7OfcVzHGKim1w59+hoNLBLiSinOBpKIKqi0qGfplBqJpqyuwn
tTTxorPXe6ghDhYDSie3+vsOfFrNCy2p/lMDCbvePf1jp4NfgEIG+VKpJUCp+3lM
P8eR5CiqSb1bHXluFdQzGoVlR00m3XPBJVjZ1sNdYYhV3pee4afLtKq70CnsyPXl
1AAa+ohsvk4jPB8VavDuicEcwfTaITmCkbLE042RrH3k/gEiW2HKVfoVkWLHNUXX
W46y+FvMexUQhLf45LRcbEAxj0NSZyCGsc2B5FiP2vKikTu0SvayYClr7TFEVIIg
phA=
Generated at Tue Jun 18 02:58:45 2024 by rpki-client on console-fra.rpki-client.org