![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NblezAm4ygFsLjaNHFRpho4wdhA.roa
File: NblezAm4ygFsLjaNHFRpho4wdhA.roa (raw, json)
Hash identifier: Jc7DdzbNj8IDAS/KoFfDTwT7FhnG96BQEUu7xA7U/N4=
Subject key identifier: 35:B9:5E:CC:09:B8:CA:01:6C:2E:36:8D:1C:54:69:86:8E:30:76:10
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FC09D9071AC59B99B1768DB2692DE9D9A
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NblezAm4ygFsLjaNHFRpho4wdhA.roa
Signing time: Tue 28 May 2024 19:11:42 +0000
ROA not before: Tue 28 May 2024 19:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 May 2024 20:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c0:9d:90:71:ac:59:b9:9b:17:68:db:26:92:de:9d:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 28 19:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35b95ecc09b8ca016c2e368d1c5469868e307610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:16:1f:11:87:dc:18:19:54:d4:13:47:44:94:
92:e8:19:f4:a5:b1:1a:67:2c:02:aa:2d:58:70:2e:
68:44:e6:f9:dc:e0:72:05:33:74:83:50:29:e2:f9:
cc:bb:a8:91:7c:0c:97:17:2e:64:fe:33:ff:51:1d:
b9:0e:2f:60:44:28:00:d2:b4:e1:f0:79:10:ea:a2:
9e:da:56:79:4d:9f:2f:9d:8e:78:fd:c9:8e:14:c6:
60:98:db:2b:38:3b:bf:ca:4e:26:0e:1c:d3:65:da:
9a:ca:93:9b:2f:04:17:ef:a3:55:8b:a1:e4:70:88:
04:56:7b:7d:5d:60:f4:d9:6f:64:94:09:ae:8e:4a:
b6:1b:64:e4:23:e8:2d:f2:af:09:65:47:a2:9b:7d:
44:cb:ba:94:48:c4:38:4e:92:eb:28:ca:b4:d4:a1:
8a:1a:f7:f0:60:d5:15:34:56:08:97:24:36:88:ad:
9f:fb:80:18:43:22:fe:f6:5a:69:de:47:75:64:c9:
4d:62:1b:8a:05:93:6d:4e:f3:66:9a:71:be:26:62:
f7:b9:76:13:cb:03:11:5a:12:19:ff:06:d2:6a:4f:
fb:92:3b:4d:16:20:74:e7:41:aa:38:59:04:34:a4:
f8:2f:a8:25:1a:7f:ba:d0:93:a3:2b:bc:b4:d5:6b:
50:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:B9:5E:CC:09:B8:CA:01:6C:2E:36:8D:1C:54:69:86:8E:30:76:10
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/NblezAm4ygFsLjaNHFRpho4wdhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:a4:ef:a2:7a:31:51:01:c6:38:34:a3:0c:f7:0a:5f:6a:75:
5c:bb:3c:27:50:29:74:bf:96:21:8b:58:a7:55:af:13:ee:68:
0f:2d:1f:d6:e1:0a:64:80:ec:4a:cc:bb:da:55:af:f8:c1:5b:
92:5b:47:1d:0a:c8:86:76:9b:ad:23:dc:f7:8a:9f:d1:27:48:
3f:92:ef:aa:68:df:5b:64:77:4a:fc:51:09:58:89:98:9d:c2:
fd:f5:b6:1c:98:0f:35:e4:75:be:8a:47:52:81:1d:a8:34:1d:
3d:d0:d8:cf:1c:3d:d1:2f:df:42:a9:9b:58:52:7d:9d:a3:42:
f7:90:ff:cc:b2:e1:91:dc:3d:48:c2:64:32:03:16:29:95:5c:
05:f9:f3:b9:d9:45:0f:a9:51:67:1c:ba:ca:dc:e2:56:f6:5e:
52:57:34:85:c6:5b:9c:41:37:20:68:cf:e8:fd:f7:d3:d6:9b:
b6:a9:ef:b7:c9:a3:4f:36:9b:2a:e3:24:c7:8b:68:e7:0b:99:
b4:41:12:8f:dd:92:b2:cb:99:a3:fe:4a:cb:d1:8c:88:c1:c1:
a6:b7:59:92:94:9b:ef:39:62:d9:d6:0d:3a:52:34:2b:83:b9:
a3:3e:16:b2:76:80:e4:22:a3:e7:a7:83:94:7b:c3:9e:f2:c0:
60:f8:cf:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/AnZBxrFm5mxdo2yaS3p2aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI4MTkxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWI5NWVjYzA5YjhjYTAxNmMyZTM2OGQxYzU0Njk4NjhlMzA3NjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBYfEYfcGBlU1BNHRJSS6Bn0pbEa
ZywCqi1YcC5oROb53OByBTN0g1Ap4vnMu6iRfAyXFy5k/jP/UR25Di9gRCgA0rTh
8HkQ6qKe2lZ5TZ8vnY54/cmOFMZgmNsrODu/yk4mDhzTZdqaypObLwQX76NVi6Hk
cIgEVnt9XWD02W9klAmujkq2G2TkI+gt8q8JZUeim31Ey7qUSMQ4TpLrKMq01KGK
GvfwYNUVNFYIlyQ2iK2f+4AYQyL+9lpp3kd1ZMlNYhuKBZNtTvNmmnG+JmL3uXYT
ywMRWhIZ/wbSak/7kjtNFiB050GqOFkENKT4L6glGn+60JOjK7y01WtQ5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDW5XswJuMoBbC42jRxUaYaOMHYQMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTmJsZXpBbTR5Z0ZzTGphTkhGUnBobzR3ZGhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJmk76J6MVEBxjg0owz3
Cl9qdVy7PCdQKXS/liGLWKdVrxPuaA8tH9bhCmSA7ErMu9pVr/jBW5JbRx0KyIZ2
m60j3PeKn9EnSD+S76po31tkd0r8UQlYiZidwv31thyYDzXkdb6KR1KBHag0HT3Q
2M8cPdEv30Kpm1hSfZ2jQveQ/8yy4ZHcPUjCZDIDFimVXAX587nZRQ+pUWccusrc
4lb2XlJXNIXGW5xBNyBoz+j999PWm7ap77fJo082myrjJMeLaOcLmbRBEo/dkrLL
maP+SsvRjIjBwaa3WZKUm+85YtnWDTpSNCuDuaM+FrJ2gOQio+eng5R7w57ywGD4
zyU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org