![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/I0C5T7eer0P5-lxD9ggHbUg1Ibg.roa
File: I0C5T7eer0P5-lxD9ggHbUg1Ibg.roa (raw, json)
Hash identifier: wG/B1dkj0WrGpIVUOpjrN21eSugnUeuog4foVXKmzmc=
Subject key identifier: 23:40:B9:4F:B7:9E:AF:43:F9:FA:5C:43:F6:08:07:6D:48:35:21:B8
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01900BB7832EDEAB2FEF7EF00180773F6228
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/I0C5T7eer0P5-lxD9ggHbUg1Ibg.roa
Signing time: Wed 12 Jun 2024 09:11:34 +0000
ROA not before: Wed 12 Jun 2024 09:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 12 Jun 2024 10:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0b:b7:83:2e:de:ab:2f:ef:7e:f0:01:80:77:3f:62:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 12 09:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2340b94fb79eaf43f9fa5c43f608076d483521b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6d:64:28:91:68:6a:9b:a7:7e:8f:a0:6f:6b:
49:e2:f7:b6:d0:40:79:d1:7d:24:cd:95:a6:66:1e:
2c:96:07:fb:da:00:42:05:f6:e0:52:5b:bb:94:a6:
36:8a:01:97:57:c6:29:8f:d8:e7:1b:54:0d:7c:e0:
08:c9:0e:e0:6d:79:83:a5:0a:2a:42:01:60:f6:83:
09:d8:ba:8f:ce:4e:2f:78:be:1a:15:05:8a:2f:a9:
b5:2d:b0:64:37:7f:10:fd:38:3a:f3:62:64:e4:4c:
08:b1:13:3a:0e:90:1f:e0:55:fd:0b:3f:fc:ab:9b:
45:bd:03:0e:81:ef:61:28:64:99:32:74:90:da:b9:
6c:39:4f:62:4f:df:8d:a9:82:0a:00:e0:cb:35:6d:
c6:f9:14:5b:ee:d2:26:86:97:df:4f:a4:8e:23:2b:
66:98:ff:23:91:09:d3:49:83:aa:67:06:03:be:94:
0e:24:d4:d4:45:60:53:49:49:4f:49:c8:36:a0:27:
1d:2a:a8:95:e5:e5:e5:26:93:ef:86:66:24:99:b7:
7e:fc:b1:ab:94:2a:1e:4b:48:55:c3:91:7c:38:9e:
4e:c3:dd:39:88:f2:9f:06:99:3d:2b:7a:05:d1:b0:
92:bd:81:4f:05:36:63:df:21:57:ad:72:ca:63:94:
cb:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:40:B9:4F:B7:9E:AF:43:F9:FA:5C:43:F6:08:07:6D:48:35:21:B8
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/I0C5T7eer0P5-lxD9ggHbUg1Ibg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:f7:57:1b:be:d7:f3:e2:a3:40:93:c9:b6:ce:65:2d:f0:24:
68:95:2f:19:0a:09:ac:81:de:62:03:82:d7:aa:08:52:87:e0:
56:8b:60:b3:cf:5d:b3:43:87:bf:d7:0d:a3:e6:fe:c5:65:91:
0a:b5:db:a1:2c:e2:de:74:a5:fd:bd:3f:39:93:d2:2e:cb:fd:
86:82:1f:a6:2d:91:ea:b7:52:42:80:a8:ff:62:9d:06:76:79:
73:e8:da:69:eb:16:dd:14:be:07:1f:ca:56:0e:93:5c:1c:ca:
56:e8:64:dd:6e:05:3d:51:de:9a:e3:33:4a:b8:87:7b:b7:a5:
99:0a:68:e0:a3:b0:72:a8:af:34:2f:da:f3:0b:9f:5e:99:c3:
2c:a9:3b:64:3c:6e:80:73:97:0e:0a:c2:b0:03:f8:58:ad:11:
0f:7f:b2:f6:54:3c:ef:94:26:e9:eb:c6:fc:d1:dc:56:5e:be:
91:25:2e:5b:69:b7:92:e8:15:4c:55:91:b0:07:6e:96:2d:bd:
76:b5:02:ba:05:db:2a:79:be:b2:0f:88:45:78:6e:bb:28:86:
f2:46:1f:7c:93:fc:0d:32:fb:7d:bd:a6:02:1a:73:6b:b8:1b:
f3:96:c3:36:71:dc:e7:36:64:9d:ff:e2:32:17:d3:cf:b7:4c:
3c:73:e2:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZALt4Mu3qsv737wAYB3P2IoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjEyMDkxMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzQwYjk0ZmI3OWVhZjQzZjlmYTVjNDNmNjA4MDc2ZDQ4MzUyMWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr21kKJFoapunfo+gb2tJ4ve20EB5
0X0kzZWmZh4slgf72gBCBfbgUlu7lKY2igGXV8Ypj9jnG1QNfOAIyQ7gbXmDpQoq
QgFg9oMJ2LqPzk4veL4aFQWKL6m1LbBkN38Q/Tg682Jk5EwIsRM6DpAf4FX9Cz/8
q5tFvQMOge9hKGSZMnSQ2rlsOU9iT9+NqYIKAODLNW3G+RRb7tImhpffT6SOIytm
mP8jkQnTSYOqZwYDvpQOJNTURWBTSUlPScg2oCcdKqiV5eXlJpPvhmYkmbd+/LGr
lCoeS0hVw5F8OJ5Ow905iPKfBpk9K3oF0bCSvYFPBTZj3yFXrXLKY5TLfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCNAuU+3nq9D+fpcQ/YIB21INSG4MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvSTBDNVQ3ZWVyMFA1LWx4RDlnZ0hiVWcxSWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABL3Vxu+1/Pio0CTybbO
ZS3wJGiVLxkKCayB3mIDgteqCFKH4FaLYLPPXbNDh7/XDaPm/sVlkQq126Es4t50
pf29PzmT0i7L/YaCH6Ytkeq3UkKAqP9inQZ2eXPo2mnrFt0UvgcfylYOk1wcylbo
ZN1uBT1R3prjM0q4h3u3pZkKaOCjsHKorzQv2vMLn16ZwyypO2Q8boBzlw4KwrAD
+FitEQ9/svZUPO+UJunrxvzR3FZevpElLltpt5LoFUxVkbAHbpYtvXa1AroF2yp5
vrIPiEV4brsohvJGH3yT/A0y+329pgIac2u4G/OWwzZx3Oc2ZJ3/4jIX08+3TDxz
4v4=
-----END CERTIFICATE-----
Generated at Wed Jun 12 13:31:49 2024 by rpki-client on console-fra.rpki-client.org