![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/FDLLh5gfmKMq3YjbxTV8GKg2_3E.roa
File: FDLLh5gfmKMq3YjbxTV8GKg2_3E.roa (raw, json)
Hash identifier: v27wWAC4P0kq/x3gOL5JTVLCJ/kygWme6fKJksThtpM=
Subject key identifier: 14:32:CB:87:98:1F:98:A3:2A:DD:88:DB:C5:35:7C:18:A8:36:FF:71
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FD2D9D516D28AB86F6C0A11DB3BB09042
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/FDLLh5gfmKMq3YjbxTV8GKg2_3E.roa
Signing time: Sat 01 Jun 2024 08:10:42 +0000
ROA not before: Sat 01 Jun 2024 08:10:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 01 Jun 2024 09:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d2:d9:d5:16:d2:8a:b8:6f:6c:0a:11:db:3b:b0:90:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 1 08:10:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1432cb87981f98a32add88dbc5357c18a836ff71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6c:63:89:dd:e5:76:e6:4c:02:95:b2:1c:cf:
7c:0d:cd:31:09:09:55:2d:12:41:fc:c9:14:d6:b8:
31:c0:55:bc:57:14:d4:58:84:94:fb:3f:85:07:bb:
8e:51:35:e7:b7:f4:2d:ed:1f:d6:a7:10:d1:81:d9:
a1:1b:8e:b5:a7:96:bc:d6:8f:e4:dd:eb:bf:c5:98:
4e:87:47:ec:65:0a:b1:8b:6a:4e:16:f3:f6:3f:de:
27:c2:85:32:31:86:36:61:ac:6c:43:8f:8d:f7:42:
7e:63:a9:af:be:e7:f8:f5:ac:43:83:77:77:a0:2e:
1d:9e:9b:05:8c:8f:b9:d2:58:fc:96:b4:cf:b1:2f:
1a:66:3c:78:b1:7f:9a:b1:52:2f:1b:f6:bb:02:a8:
2e:3d:47:04:ee:1d:6d:57:ef:cc:e6:67:67:37:c4:
ba:99:85:93:da:ea:f8:6b:f0:00:e4:86:02:30:4e:
4f:ea:a8:7e:c0:35:cc:6e:fb:05:af:96:cc:f1:18:
ed:c0:c9:fa:8d:0c:d2:36:f0:19:39:d1:44:33:c9:
e6:5c:b0:94:09:31:c2:36:cf:fa:f8:bb:27:2f:fd:
aa:99:f4:1b:5d:88:45:23:0c:31:d8:29:e3:da:ad:
43:3c:d6:cd:2a:59:84:01:37:a4:07:f2:7e:20:44:
ec:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:32:CB:87:98:1F:98:A3:2A:DD:88:DB:C5:35:7C:18:A8:36:FF:71
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/FDLLh5gfmKMq3YjbxTV8GKg2_3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:32:0c:d1:b8:86:34:dd:eb:c1:d9:02:64:35:1c:8d:d4:0f:
cf:97:01:00:d2:94:78:22:7a:47:c3:e4:c0:53:08:5e:70:55:
4b:63:ea:bc:0c:6b:d5:21:8b:18:69:e1:1a:39:85:d7:19:53:
db:f2:50:2e:4b:a0:74:80:d5:74:f9:89:3d:eb:23:1c:54:f9:
81:64:4b:a3:fc:af:de:58:c5:ce:f4:9f:2d:c9:c7:4b:c2:70:
58:a0:c4:3d:d1:04:46:9e:df:42:c3:6b:ff:16:ea:eb:ad:57:
2f:3e:fc:f9:f4:49:7d:40:de:07:e6:a6:24:d2:08:05:e8:90:
32:5a:19:4c:60:cf:d3:ac:a0:66:66:bd:e2:21:60:b1:f7:40:
f3:23:31:ff:9f:da:9d:17:0f:8d:b8:96:5c:30:57:c0:3d:e7:
c2:0d:60:2d:fa:f6:0b:6f:c7:0e:14:1f:70:7c:1f:e6:b3:a1:
85:70:51:88:ea:51:1f:f3:8d:b6:ec:9e:39:58:cb:1f:a4:00:
50:42:1b:34:53:f0:96:50:84:6b:6a:d4:71:27:dc:5d:99:90:
62:27:31:50:02:e1:e0:52:6f:8b:2f:6e:99:ae:60:67:bd:a9:
af:8b:32:7e:5c:b7:df:1b:5e:2b:86:dd:f9:00:1b:15:43:03:
db:b5:08:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/S2dUW0oq4b2wKEds7sJBCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAxMDgxMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDMyY2I4Nzk4MWY5OGEzMmFkZDg4ZGJjNTM1N2MxOGE4MzZmZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWxjid3lduZMApWyHM98Dc0xCQlV
LRJB/MkU1rgxwFW8VxTUWISU+z+FB7uOUTXnt/Qt7R/WpxDRgdmhG461p5a81o/k
3eu/xZhOh0fsZQqxi2pOFvP2P94nwoUyMYY2YaxsQ4+N90J+Y6mvvuf49axDg3d3
oC4dnpsFjI+50lj8lrTPsS8aZjx4sX+asVIvG/a7AqguPUcE7h1tV+/M5mdnN8S6
mYWT2ur4a/AA5IYCME5P6qh+wDXMbvsFr5bM8RjtwMn6jQzSNvAZOdFEM8nmXLCU
CTHCNs/6+LsnL/2qmfQbXYhFIwwx2Cnj2q1DPNbNKlmEATekB/J+IETsqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBQyy4eYH5ijKt2I28U1fBioNv9xMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvRkRMTGg1Z2ZtS01xM1lqYnhUVjhHS2cyXzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH0yDNG4hjTd68HZAmQ1
HI3UD8+XAQDSlHgiekfD5MBTCF5wVUtj6rwMa9Uhixhp4Ro5hdcZU9vyUC5LoHSA
1XT5iT3rIxxU+YFkS6P8r95Yxc70ny3Jx0vCcFigxD3RBEae30LDa/8W6uutVy8+
/Pn0SX1A3gfmpiTSCAXokDJaGUxgz9OsoGZmveIhYLH3QPMjMf+f2p0XD424llww
V8A958INYC369gtvxw4UH3B8H+azoYVwUYjqUR/zjbbsnjlYyx+kAFBCGzRT8JZQ
hGtq1HEn3F2ZkGInMVAC4eBSb4svbpmuYGe9qa+LMn5ct98bXiuG3fkAGxVDA9u1
CE4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org