![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BR9yh-A90t_b51qWyPutx6lVBlE.roa
File: BR9yh-A90t_b51qWyPutx6lVBlE.roa (raw, json)
Hash identifier: giLMdHnlTotT8Er+QTVwY8bb8MEhaNokPiTAmjH/aUE=
Subject key identifier: 05:1F:72:87:E0:3D:D2:DF:DB:E7:5A:96:C8:FB:AD:C7:A9:55:06:51
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FB350B7C29DA9AB1A977990ED46F9D02B
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BR9yh-A90t_b51qWyPutx6lVBlE.roa
Signing time: Sun 26 May 2024 05:12:42 +0000
ROA not before: Sun 26 May 2024 05:12:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 26 May 2024 06:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b3:50:b7:c2:9d:a9:ab:1a:97:79:90:ed:46:f9:d0:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 26 05:12:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=051f7287e03dd2dfdbe75a96c8fbadc7a9550651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6a:16:b2:1e:d9:ed:54:6e:81:0c:11:7f:1a:
29:91:65:22:c1:84:52:f4:53:89:42:06:27:10:bd:
d1:a7:55:79:2f:7d:76:41:6c:97:45:33:7a:cf:09:
b8:d9:13:3a:9f:15:80:6a:c1:ee:fc:92:ed:6b:3b:
82:c7:00:16:62:41:5b:d4:07:c4:92:37:14:a6:22:
8d:0a:ea:cf:bf:21:be:6f:37:b8:6b:11:0f:a4:ff:
11:8f:24:ee:0f:7c:0e:1b:21:85:f9:6c:25:0c:e6:
3b:ad:08:1a:42:11:3f:fc:43:bb:33:21:f8:c9:99:
33:40:d0:eb:ac:4c:14:89:3b:8b:a3:4d:c4:18:6b:
2a:e1:84:39:e6:77:dd:fd:91:7d:37:fc:c1:04:6f:
91:a0:3d:3c:d0:ed:38:84:47:d2:8a:aa:d8:03:56:
cd:3a:b1:80:ae:8b:1b:75:6c:8d:94:c0:a5:19:e1:
c3:ec:f2:a0:07:3b:f8:83:e7:60:0a:96:c0:b6:e1:
6d:70:80:39:c8:34:ee:e7:7e:1d:06:4c:b0:db:ce:
4e:72:b2:6b:c4:41:d1:a2:bc:37:f5:e1:fe:0e:bb:
d6:5f:17:0e:09:21:8e:81:cb:f5:e9:2c:be:40:39:
2f:14:6d:02:dd:3c:a3:b5:ff:07:cd:9e:31:45:54:
03:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:1F:72:87:E0:3D:D2:DF:DB:E7:5A:96:C8:FB:AD:C7:A9:55:06:51
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BR9yh-A90t_b51qWyPutx6lVBlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:de:be:f7:6a:fe:fe:d4:1f:ef:95:06:30:c3:0c:98:d1:5d:
ce:b6:12:35:77:52:eb:8e:a1:bd:dc:a6:b9:85:59:6b:d2:ca:
82:96:5a:31:73:9e:89:ce:9d:bf:90:90:83:a1:e2:64:2c:c9:
cf:5d:ef:15:3e:f3:58:26:c8:78:b9:ee:3d:9f:e4:c2:89:75:
09:7f:5d:35:b9:f9:d4:9b:69:27:41:3d:18:3c:98:86:e5:9e:
e7:10:ea:28:07:0e:ca:d4:52:d3:24:42:e6:99:5d:b9:26:41:
c4:77:0e:e7:c5:45:9f:fa:df:37:7b:37:0b:5c:ca:10:c5:de:
38:c7:74:2b:0f:31:6e:df:71:59:5c:8f:94:2f:73:01:8c:08:
31:40:7d:d4:38:4b:64:b2:11:91:9c:40:7c:f0:d0:0b:3d:fb:
4c:be:63:55:92:94:23:8c:d7:f3:03:6f:d0:69:49:64:89:d4:
69:10:1c:6e:6e:92:fd:51:2b:06:fe:f6:6b:3c:12:f8:5a:a3:
7c:26:4a:5a:a4:74:9f:83:0e:38:2d:cc:c7:e0:1a:89:5e:91:
d3:06:c3:d5:d8:60:31:c9:a4:a1:12:d3:ec:88:ed:a2:df:30:
07:ed:c3:28:91:c6:29:e6:48:cc:b2:b4:b0:be:2e:f1:f1:11:
47:a5:44:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+zULfCnamrGpd5kO1G+dArMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI2MDUxMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTFmNzI4N2UwM2RkMmRmZGJlNzVhOTZjOGZiYWRjN2E5NTUwNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomoWsh7Z7VRugQwRfxopkWUiwYRS
9FOJQgYnEL3Rp1V5L312QWyXRTN6zwm42RM6nxWAasHu/JLtazuCxwAWYkFb1AfE
kjcUpiKNCurPvyG+bze4axEPpP8RjyTuD3wOGyGF+WwlDOY7rQgaQhE//EO7MyH4
yZkzQNDrrEwUiTuLo03EGGsq4YQ55nfd/ZF9N/zBBG+RoD080O04hEfSiqrYA1bN
OrGArosbdWyNlMClGeHD7PKgBzv4g+dgCpbAtuFtcIA5yDTu534dBkyw285OcrJr
xEHRorw39eH+DrvWXxcOCSGOgcv16Sy+QDkvFG0C3Tyjtf8HzZ4xRVQDrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAUfcofgPdLf2+dalsj7rcepVQZRMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQlI5eWgtQTkwdF9iNTFxV3lQdXR4NmxWQmxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACTevvdq/v7UH++VBjDD
DJjRXc62EjV3UuuOob3cprmFWWvSyoKWWjFznonOnb+QkIOh4mQsyc9d7xU+81gm
yHi57j2f5MKJdQl/XTW5+dSbaSdBPRg8mIblnucQ6igHDsrUUtMkQuaZXbkmQcR3
DufFRZ/63zd7NwtcyhDF3jjHdCsPMW7fcVlcj5QvcwGMCDFAfdQ4S2SyEZGcQHzw
0As9+0y+Y1WSlCOM1/MDb9BpSWSJ1GkQHG5ukv1RKwb+9ms8Evhao3wmSlqkdJ+D
DjgtzMfgGolekdMGw9XYYDHJpKES0+yI7aLfMAftwyiRxinmSMyytLC+LvHxEUel
RHA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org