![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XBuU4PToFIHtmI93ZuaWor6MwxQ.roa
File: XBuU4PToFIHtmI93ZuaWor6MwxQ.roa (raw, json)
Hash identifier: tomrGgu4iqfZPJN90tRqvVuwvy3PuXPoHuNVy5u18wU=
Subject key identifier: 5C:1B:94:E0:F4:E8:14:81:ED:98:8F:77:66:E6:96:A2:BE:8C:C3:14
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019060AF488B109EB0B082FA0B54A457A1CD
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XBuU4PToFIHtmI93ZuaWor6MwxQ.roa
Signing time: Fri 28 Jun 2024 21:10:18 +0000
ROA not before: Fri 28 Jun 2024 21:10:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 28 Jun 2024 22:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:60:af:48:8b:10:9e:b0:b0:82:fa:0b:54:a4:57:a1:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 28 21:10:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c1b94e0f4e81481ed988f7766e696a2be8cc314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ce:47:e4:2c:2f:1e:60:59:f2:a6:36:23:f1:
3e:60:07:5e:84:b7:b2:6c:d1:f7:b3:c9:12:d7:49:
18:e2:57:8e:c6:4a:81:d9:d3:90:31:71:d7:9c:a7:
af:cc:cf:98:9f:8b:1d:13:4a:79:f6:67:f0:50:c7:
9a:5d:ca:5c:fc:14:27:48:7c:a4:a2:3d:0c:6e:04:
9a:d7:fc:23:ad:b6:08:ba:a5:00:7a:c2:91:52:3a:
0d:9e:90:aa:20:9d:7f:76:e7:dd:34:a9:cd:8f:2f:
ae:5d:5a:8e:20:f2:99:67:ce:ce:f3:07:34:81:36:
2b:20:d9:a2:18:c6:58:82:cd:ff:83:5c:cc:2d:ae:
f9:8a:eb:6b:4f:c1:3f:4a:b0:fd:ba:a0:21:f7:1a:
9c:a1:f4:be:b6:f7:49:07:20:14:d2:55:79:59:44:
00:44:f6:9a:92:ce:b3:79:e8:71:98:08:03:ef:8f:
49:9c:4c:ad:33:47:9f:bd:b2:a2:07:75:ed:43:f5:
37:44:b8:b1:4b:26:06:2a:0a:f9:43:da:dc:f8:d9:
12:d2:32:ff:5a:76:60:c4:bc:4f:6a:b0:11:eb:01:
26:7b:4b:41:19:11:41:ec:8d:b4:92:fd:a7:0b:27:
dd:7c:89:4b:e9:e0:ff:d9:69:ef:3d:9e:a3:28:a7:
31:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1B:94:E0:F4:E8:14:81:ED:98:8F:77:66:E6:96:A2:BE:8C:C3:14
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/XBuU4PToFIHtmI93ZuaWor6MwxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
30:d4:a1:c7:fb:bd:4e:b2:f0:0b:38:b9:64:c7:b1:8a:b9:5a:
28:9b:27:c7:25:35:9d:d5:b4:58:7c:29:0f:77:47:6c:64:bf:
cd:ab:9f:63:91:91:f3:ea:94:06:55:82:59:cd:62:84:81:8e:
9d:a6:af:09:e0:d4:3c:e6:9d:e8:87:b0:10:b1:ff:64:e7:97:
72:34:d6:15:12:2f:2d:ed:85:34:9a:ff:cc:02:9b:c1:fc:47:
c1:a3:6d:75:03:ca:46:e8:4d:0f:a4:5e:f5:39:36:22:59:ed:
3e:2a:e8:c7:b2:69:c5:a1:a2:32:0a:ed:97:2b:74:06:61:b0:
ba:0e:61:6e:96:a8:f0:a3:8c:14:dd:00:70:7f:81:7a:83:9d:
44:be:69:95:13:3e:3a:1f:f6:68:f7:5c:53:78:46:9e:99:f0:
0a:66:b9:a3:7d:12:cf:aa:2c:ae:17:78:92:97:9e:49:0f:47:
b3:5a:1b:45:6f:b4:38:67:a2:5b:e9:9b:bc:fd:ac:d6:83:c0:
15:53:81:b1:a1:43:af:0f:1e:10:16:81:29:4e:3a:d3:9a:3d:
1f:e5:72:7d:35:68:d5:80:9d:b7:60:6c:0d:94:0b:93:1e:07:
9c:c9:0e:a9:8e:3f:d9:42:30:4d:c7:50:7f:41:d5:8b:f0:f9:
f0:67:c3:fd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBgr0iLEJ6wsIL6C1SkV6HNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjI4MjExMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzFiOTRlMGY0ZTgxNDgxZWQ5ODhmNzc2NmU2OTZhMmJlOGNjMzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz85H5CwvHmBZ8qY2I/E+YAdehLey
bNH3s8kS10kY4leOxkqB2dOQMXHXnKevzM+Yn4sdE0p59mfwUMeaXcpc/BQnSHyk
oj0MbgSa1/wjrbYIuqUAesKRUjoNnpCqIJ1/dufdNKnNjy+uXVqOIPKZZ87O8wc0
gTYrINmiGMZYgs3/g1zMLa75iutrT8E/SrD9uqAh9xqcofS+tvdJByAU0lV5WUQA
RPaaks6zeehxmAgD749JnEytM0efvbKiB3XtQ/U3RLixSyYGKgr5Q9rc+NkS0jL/
WnZgxLxParAR6wEme0tBGRFB7I20kv2nCyfdfIlL6eD/2WnvPZ6jKKcxyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFwblOD06BSB7ZiPd2bmlqK+jMMUMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWEJ1VTRQVG9GSUh0bUk5M1p1YVdvcjZNd3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADDUocf7vU6y8As4uWTH
sYq5WiibJ8clNZ3VtFh8KQ93R2xkv82rn2ORkfPqlAZVglnNYoSBjp2mrwng1Dzm
neiHsBCx/2Tnl3I01hUSLy3thTSa/8wCm8H8R8GjbXUDykboTQ+kXvU5NiJZ7T4q
6MeyacWhojIK7ZcrdAZhsLoOYW6WqPCjjBTdAHB/gXqDnUS+aZUTPjof9mj3XFN4
Rp6Z8ApmuaN9Es+qLK4XeJKXnkkPR7NaG0VvtDhnolvpm7z9rNaDwBVTgbGhQ68P
HhAWgSlOOtOaPR/lcn01aNWAnbdgbA2UC5MeB5zJDqmOP9lCME3HUH9B1Yvw+fBn
w/0=
Generated at Sat Jun 29 02:17:09 2024 by rpki-client on console-fra.rpki-client.org