![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RLB6LbFDUykDvcLrMvsTHyFaf8M.roa
File: RLB6LbFDUykDvcLrMvsTHyFaf8M.roa (raw, json)
Hash identifier: 1RcCEIqb76Hd8JD6FJrpIvhlIxJjJ3ktaMei61QGvsc=
Subject key identifier: 44:B0:7A:2D:B1:43:53:29:03:BD:C2:EB:32:FB:13:1F:21:5A:7F:C3
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FDE747F3372DF5EE77C9D0F265CCE2A64
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RLB6LbFDUykDvcLrMvsTHyFaf8M.roa
Signing time: Mon 03 Jun 2024 14:15:27 +0000
ROA not before: Mon 03 Jun 2024 14:15:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 03 Jun 2024 15:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:de:74:7f:33:72:df:5e:e7:7c:9d:0f:26:5c:ce:2a:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 3 14:15:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44b07a2db143532903bdc2eb32fb131f215a7fc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:52:90:ac:e0:75:7e:a4:dc:38:c2:5d:f0:45:
af:32:54:71:69:49:19:78:56:8c:8f:b4:04:a2:8a:
af:41:d9:d2:43:f3:52:ac:92:9d:9f:a0:77:30:3d:
e4:35:fe:bf:32:ff:a2:53:94:6e:51:1a:6c:d6:98:
ab:3f:d3:80:d9:96:98:60:43:2d:65:c2:67:0a:09:
e6:4c:56:05:38:28:6c:2a:76:a1:18:14:7c:03:46:
01:95:cd:de:56:4b:d3:46:4d:22:4e:b8:72:27:11:
f6:5e:58:2c:09:d1:8e:fa:54:16:bd:07:e4:03:1b:
2b:f6:20:e1:4d:df:76:07:ec:c4:9d:62:6f:65:50:
30:03:99:99:dd:ed:ab:d8:fe:5e:42:b8:40:e5:84:
41:f8:e4:3e:c6:c5:af:0f:ff:49:de:52:f2:ff:8f:
93:78:d7:86:fb:05:6d:49:ae:fe:72:0d:cc:e8:7b:
9b:e7:7f:52:cd:74:c1:9d:f2:a9:69:b3:21:3b:27:
f3:b7:a8:b9:7c:98:b1:ed:e0:99:50:8e:ab:a3:53:
25:13:83:67:67:1a:5a:26:16:0a:1c:8a:12:3d:99:
e2:b3:4e:09:8f:0c:68:be:ce:62:9f:fa:41:70:00:
45:5b:76:14:93:7f:e4:36:99:ff:6f:c9:64:1e:8d:
b8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:B0:7A:2D:B1:43:53:29:03:BD:C2:EB:32:FB:13:1F:21:5A:7F:C3
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/RLB6LbFDUykDvcLrMvsTHyFaf8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:bf:4f:3c:4a:b3:5d:31:66:a2:e3:93:3a:a1:27:7b:71:88:
e7:e2:5b:fe:25:c1:c3:c9:46:32:6b:13:30:5e:f7:5c:4f:f7:
8b:08:19:95:94:10:3a:5d:d0:2d:34:98:eb:52:1a:ea:1e:89:
ae:55:90:ea:fa:ad:b4:10:39:d1:e0:f5:3c:1d:8e:32:a9:b5:
c6:42:89:47:65:46:41:d7:5d:28:4d:44:ce:b4:cb:cf:a1:27:
29:99:6f:ce:e9:2e:10:af:7e:a2:f6:cc:bf:5c:f4:18:36:12:
b9:dd:d3:88:fa:22:94:0c:6b:b9:25:89:21:bf:e9:ec:85:6c:
f6:aa:85:4f:ae:ed:e8:fb:2d:7b:1d:be:5c:df:12:98:6b:cb:
df:fe:0d:50:b6:b3:5d:75:45:ed:57:e6:88:e1:3c:2f:a4:c0:
d0:cb:8d:47:df:66:07:a6:b0:8e:08:59:93:6c:5f:cb:6b:3e:
84:61:c9:d6:51:ee:eb:1a:15:e0:d2:92:e8:05:54:7c:42:68:
61:8c:f0:a2:68:de:0f:68:8d:bd:a6:3a:ec:43:c8:39:37:09:
ac:0f:0b:93:4f:06:33:28:94:65:0e:31:09:b7:0e:eb:6c:57:
81:38:bb:85:4a:c4:33:33:95:93:41:c2:d9:3d:cf:09:1d:cc:
8a:1c:a7:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/edH8zct9e53ydDyZczipkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAzMTQxNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGIwN2EyZGIxNDM1MzI5MDNiZGMyZWIzMmZiMTMxZjIxNWE3ZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllKQrOB1fqTcOMJd8EWvMlRxaUkZ
eFaMj7QEooqvQdnSQ/NSrJKdn6B3MD3kNf6/Mv+iU5RuURps1pirP9OA2ZaYYEMt
ZcJnCgnmTFYFOChsKnahGBR8A0YBlc3eVkvTRk0iTrhyJxH2XlgsCdGO+lQWvQfk
Axsr9iDhTd92B+zEnWJvZVAwA5mZ3e2r2P5eQrhA5YRB+OQ+xsWvD/9J3lLy/4+T
eNeG+wVtSa7+cg3M6Hub539SzXTBnfKpabMhOyfzt6i5fJix7eCZUI6ro1MlE4Nn
ZxpaJhYKHIoSPZnis04Jjwxovs5in/pBcABFW3YUk3/kNpn/b8lkHo24PQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFESwei2xQ1MpA73C6zL7Ex8hWn/DMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvUkxCNkxiRkRVeWtEdmNMck12c1RIeUZhZjhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHu/TzxKs10xZqLjkzqh
J3txiOfiW/4lwcPJRjJrEzBe91xP94sIGZWUEDpd0C00mOtSGuoeia5VkOr6rbQQ
OdHg9TwdjjKptcZCiUdlRkHXXShNRM60y8+hJymZb87pLhCvfqL2zL9c9Bg2Ernd
04j6IpQMa7kliSG/6eyFbPaqhU+u7ej7LXsdvlzfEphry9/+DVC2s111Re1X5ojh
PC+kwNDLjUffZgemsI4IWZNsX8trPoRhydZR7usaFeDSkugFVHxCaGGM8KJo3g9o
jb2mOuxDyDk3CawPC5NPBjMolGUOMQm3DutsV4E4u4VKxDMzlZNBwtk9zwkdzIoc
p7o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:51 2024 by rpki-client on console-fra.rpki-client.org