![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KfGUVdo_tElCYVg4mTk7yJIgcUM.roa
File: KfGUVdo_tElCYVg4mTk7yJIgcUM.roa (raw, json)
Hash identifier: OUEgGQlRbezC4eRwjdsCs1VLc+LAwn+DKxwfUJXHUKQ=
Subject key identifier: 29:F1:94:55:DA:3F:B4:49:42:61:58:38:99:39:3B:C8:92:20:71:43
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01906FE999D96D4D1E8F63B83B560AF400D6
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KfGUVdo_tElCYVg4mTk7yJIgcUM.roa
Signing time: Mon 01 Jul 2024 20:08:18 +0000
ROA not before: Mon 01 Jul 2024 20:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jul 2024 21:07:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6f:e9:99:d9:6d:4d:1e:8f:63:b8:3b:56:0a:f4:00:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 1 20:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29f19455da3fb4494261583899393bc892207143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f0:b3:5b:37:1b:57:c3:65:59:df:b6:4f:14:
d8:ab:f4:f5:f7:b1:48:03:ab:33:bd:a6:2e:1e:7d:
a3:dd:0e:1b:6d:bc:95:6e:ec:21:70:fa:ea:67:fb:
0b:e1:3d:7e:8d:b8:fb:2d:51:54:ff:09:60:10:47:
99:6c:ac:08:81:63:fb:70:e7:33:0f:01:c2:de:a2:
3c:5b:cc:c4:c0:33:f8:dd:e6:98:12:b0:bc:ca:67:
45:f8:58:ab:28:a4:f6:25:b0:6a:01:72:a1:c5:7b:
14:b9:7e:6f:99:8b:4f:00:00:19:75:28:7e:ed:4d:
b4:a3:41:17:35:76:b6:0d:36:46:5c:3e:4a:8d:fd:
91:f8:fa:cb:1c:a3:4c:4e:4a:31:45:c2:87:1d:7c:
d1:f1:ad:08:a5:cc:60:78:63:c0:1a:65:32:32:79:
70:2a:0e:49:86:3b:06:e6:3e:38:ed:6b:36:8b:96:
1a:c6:68:a0:20:09:43:7b:98:e5:7a:c7:87:bf:dc:
2d:df:27:8f:f5:9d:94:ed:e7:c1:03:5e:60:74:7f:
5d:95:3a:9b:d3:22:19:97:14:f2:09:d1:be:1f:80:
83:7a:de:57:a4:0c:3e:52:fa:81:b0:1b:72:54:9f:
37:d1:3c:8a:07:ed:6c:7a:d8:c3:75:58:ac:64:b5:
35:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F1:94:55:DA:3F:B4:49:42:61:58:38:99:39:3B:C8:92:20:71:43
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/KfGUVdo_tElCYVg4mTk7yJIgcUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:f9:85:4f:46:8c:e2:d0:2f:36:44:ad:96:67:ab:50:66:e1:
5c:52:96:48:2b:5f:2e:b3:ab:a5:69:18:74:73:5d:12:d6:67:
52:58:ee:f8:d3:19:83:12:e4:c9:d5:fa:3f:6b:6b:58:a5:28:
7a:fe:da:53:c4:d3:a3:78:e6:04:26:12:1f:a6:2b:db:2e:6a:
c5:25:32:57:21:bc:e4:a7:17:6f:2b:2c:3f:25:8b:09:4f:8c:
b2:1f:ab:d9:d4:1a:d3:8c:32:9e:8f:2d:98:87:0e:78:93:fa:
dc:ce:81:91:24:1f:44:9e:7b:72:6d:6e:fe:2f:7b:c5:fe:fb:
d6:d8:a3:00:bc:2e:72:f6:31:05:57:43:8e:5a:06:8f:7c:d0:
66:65:0f:44:31:73:59:6f:42:dd:51:d2:57:ca:aa:e7:67:c7:
53:f9:a7:6b:2b:3d:d8:a3:0b:ab:71:e7:99:f5:6b:a9:08:99:
33:ea:87:b8:61:1f:9e:51:23:54:67:8c:61:45:87:16:98:c7:
d5:a5:2b:e0:83:ed:75:9e:b8:d5:0b:32:95:4e:e3:de:7f:a7:
92:c7:78:b6:62:b5:e0:e5:8e:42:ce:7c:3f:20:3d:f7:7d:c1:
2c:1e:0e:3c:a3:e6:03:f6:03:3a:fb:31:b0:d5:d7:cc:c1:aa:
6b:18:c6:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBv6ZnZbU0ej2O4O1YK9ADWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAxMjAwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWYxOTQ1NWRhM2ZiNDQ5NDI2MTU4Mzg5OTM5M2JjODkyMjA3MTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPCzWzcbV8NlWd+2TxTYq/T197FI
A6szvaYuHn2j3Q4bbbyVbuwhcPrqZ/sL4T1+jbj7LVFU/wlgEEeZbKwIgWP7cOcz
DwHC3qI8W8zEwDP43eaYErC8ymdF+FirKKT2JbBqAXKhxXsUuX5vmYtPAAAZdSh+
7U20o0EXNXa2DTZGXD5Kjf2R+PrLHKNMTkoxRcKHHXzR8a0IpcxgeGPAGmUyMnlw
Kg5JhjsG5j447Ws2i5YaxmigIAlDe5jleseHv9wt3yeP9Z2U7efBA15gdH9dlTqb
0yIZlxTyCdG+H4CDet5XpAw+UvqBsBtyVJ830TyKB+1setjDdVisZLU1SQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCnxlFXaP7RJQmFYOJk5O8iSIHFDMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvS2ZHVVZkb190RWxDWVZnNG1Uazd5SklnY1VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADr5hU9GjOLQLzZErZZn
q1Bm4VxSlkgrXy6zq6VpGHRzXRLWZ1JY7vjTGYMS5MnV+j9ra1ilKHr+2lPE06N4
5gQmEh+mK9suasUlMlchvOSnF28rLD8liwlPjLIfq9nUGtOMMp6PLZiHDniT+tzO
gZEkH0See3Jtbv4ve8X++9bYowC8LnL2MQVXQ45aBo980GZlD0Qxc1lvQt1R0lfK
qudnx1P5p2srPdijC6tx55n1a6kImTPqh7hhH55RI1RnjGFFhxaYx9WlK+CD7XWe
uNULMpVO495/p5LHeLZiteDljkLOfD8gPfd9wSweDjyj5gP2Azr7MbDV18zBqmsY
xuE=
-----END CERTIFICATE-----
Generated at Mon Jul 1 21:56:50 2024 by rpki-client on console-fra.rpki-client.org