![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VCG5Rsjmguuy3aZUAiQ25sHRAZs.roa
File: VCG5Rsjmguuy3aZUAiQ25sHRAZs.roa (raw, json)
Hash identifier: CqIr6fxBe0x4hFGAevk0ck9Dd8hoNOq2QJ/0LSABj2w=
Subject key identifier: 54:21:B9:46:C8:E6:82:EB:B2:DD:A6:54:02:24:36:E6:C1:D1:01:9B
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FF29D52B17C8096BC3714E9F4909A2007
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VCG5Rsjmguuy3aZUAiQ25sHRAZs.roa
Signing time: Fri 07 Jun 2024 12:12:27 +0000
ROA not before: Fri 07 Jun 2024 12:12:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 07 Jun 2024 13:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f2:9d:52:b1:7c:80:96:bc:37:14:e9:f4:90:9a:20:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 7 12:12:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5421b946c8e682ebb2dda654022436e6c1d1019b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ce:5a:f5:a4:0c:2c:07:aa:52:37:a4:2c:d2:
11:07:c7:fc:96:65:9e:6d:1e:42:23:cd:08:24:96:
7c:07:46:c1:33:5a:72:34:9d:4b:5b:ca:92:df:3a:
be:b3:d8:b8:c0:80:6c:5c:70:5b:fc:f1:ab:5e:df:
cb:97:64:8a:38:a0:f8:c5:00:63:1b:9e:a8:4e:ac:
d4:81:75:b6:03:c0:9d:bf:48:a8:9f:cc:8b:72:93:
95:46:09:3a:f6:7b:7b:ac:83:49:66:8e:f7:f9:51:
ac:0b:76:48:3a:88:4b:21:16:d9:0d:17:96:32:f5:
73:50:4d:3e:55:78:1d:53:e4:dc:56:fd:7d:34:a1:
29:69:86:71:2e:f1:98:91:08:6b:62:bb:d6:72:9c:
2b:59:dc:ba:6b:c5:91:1c:88:a0:13:82:2b:d9:a6:
2d:52:9b:48:60:d3:9b:91:84:95:38:35:3c:72:85:
b7:1b:af:73:e2:ac:96:03:1c:83:b0:9f:bd:d0:0c:
f8:1e:73:74:b6:f0:30:49:75:f7:fe:93:d1:d8:83:
fb:8e:88:f2:a3:cf:c5:23:76:fe:7e:d6:fc:a6:30:
d0:1e:2f:0b:5f:0c:33:42:51:77:51:45:37:99:5f:
7f:47:14:a2:49:70:e8:e6:5b:e2:ea:18:67:ac:69:
d2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:21:B9:46:C8:E6:82:EB:B2:DD:A6:54:02:24:36:E6:C1:D1:01:9B
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/VCG5Rsjmguuy3aZUAiQ25sHRAZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:a1:40:8b:fc:82:29:aa:56:c1:2e:46:93:ac:08:5b:5d:dd:
bf:a6:48:3d:5b:0e:87:50:ac:6f:6f:61:34:8d:59:17:5c:cf:
73:d9:af:5f:2c:29:f4:f0:26:48:8e:93:f7:af:0c:88:26:d6:
3a:06:55:45:dd:34:d1:fa:4f:34:e9:6d:4a:dc:8f:0e:37:c0:
0a:36:e2:09:20:34:68:73:a1:d0:94:5b:04:5d:2e:fb:aa:8e:
9f:69:39:e7:cd:11:2c:88:45:bf:b3:e1:54:38:5f:60:65:d1:
15:93:07:e7:0e:81:17:43:dd:2b:f1:9d:88:62:12:15:2d:af:
10:81:fe:2f:df:d3:17:1b:b3:65:1e:41:1a:30:c8:54:c7:bb:
48:1b:59:c7:1d:f4:f5:c3:49:f6:6d:7e:62:db:97:88:47:ff:
12:55:b2:d4:f5:28:08:8b:68:cd:64:58:a2:26:36:16:d4:d3:
f2:cb:92:17:73:3d:b0:8e:eb:79:c6:bd:14:18:fe:5a:90:b9:
07:59:0f:ad:a6:b7:ea:77:b4:ee:a1:84:0b:e3:73:e6:7c:b7:
7e:7e:58:5a:02:e1:dd:26:63:87:c0:f8:ea:e2:32:6e:a7:dc:
e6:c0:1d:4f:0b:50:47:a6:b0:27:18:93:61:05:62:13:2c:de:
13:96:71:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/ynVKxfICWvDcU6fSQmiAHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA3MTIxMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDIxYjk0NmM4ZTY4MmViYjJkZGE2NTQwMjI0MzZlNmMxZDEwMTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqc5a9aQMLAeqUjekLNIRB8f8lmWe
bR5CI80IJJZ8B0bBM1pyNJ1LW8qS3zq+s9i4wIBsXHBb/PGrXt/Ll2SKOKD4xQBj
G56oTqzUgXW2A8Cdv0ion8yLcpOVRgk69nt7rINJZo73+VGsC3ZIOohLIRbZDReW
MvVzUE0+VXgdU+TcVv19NKEpaYZxLvGYkQhrYrvWcpwrWdy6a8WRHIigE4Ir2aYt
UptIYNObkYSVODU8coW3G69z4qyWAxyDsJ+90Az4HnN0tvAwSXX3/pPR2IP7jojy
o8/FI3b+ftb8pjDQHi8LXwwzQlF3UUU3mV9/RxSiSXDo5lvi6hhnrGnSmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFQhuUbI5oLrst2mVAIkNubB0QGbMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvVkNHNVJzam1ndXV5M2FaVUFpUTI1c0hSQVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFKhQIv8gimqVsEuRpOs
CFtd3b+mSD1bDodQrG9vYTSNWRdcz3PZr18sKfTwJkiOk/evDIgm1joGVUXdNNH6
TzTpbUrcjw43wAo24gkgNGhzodCUWwRdLvuqjp9pOefNESyIRb+z4VQ4X2Bl0RWT
B+cOgRdD3SvxnYhiEhUtrxCB/i/f0xcbs2UeQRowyFTHu0gbWccd9PXDSfZtfmLb
l4hH/xJVstT1KAiLaM1kWKImNhbU0/LLkhdzPbCO63nGvRQY/lqQuQdZD62mt+p3
tO6hhAvjc+Z8t35+WFoC4d0mY4fA+OriMm6n3ObAHU8LUEemsCcYk2EFYhMs3hOW
cUs=
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:03:48 2024 by rpki-client on console-fra.rpki-client.org