![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Y2O--Ov0ro0EukCrXV3o8-9QVKU.roa
File: Y2O--Ov0ro0EukCrXV3o8-9QVKU.roa (raw, json)
Hash identifier: haAwOo+hKmcPnv8yf3TuHnh4jo6058jF0I1F9czRzH4=
Subject key identifier: 63:63:BE:F8:EB:F4:AE:8D:04:BA:40:AB:5D:5D:E8:F3:EF:50:54:A5
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FFD5612E3D34FF2201FCDD877C74EC69F
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Y2O--Ov0ro0EukCrXV3o8-9QVKU.roa
Signing time: Sun 09 Jun 2024 14:10:27 +0000
ROA not before: Sun 09 Jun 2024 14:10:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 09 Jun 2024 15:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:fd:56:12:e3:d3:4f:f2:20:1f:cd:d8:77:c7:4e:c6:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 9 14:10:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6363bef8ebf4ae8d04ba40ab5d5de8f3ef5054a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5a:e2:cd:81:d2:97:95:19:d2:c1:68:10:a5:
3d:1c:5d:1b:84:d4:12:55:b3:fa:6c:a5:58:3d:7c:
9e:fa:b9:19:70:d5:7a:e6:b7:53:71:25:2c:a9:07:
72:36:9f:e1:bb:5f:ae:fb:df:26:a2:51:43:06:e4:
11:df:6b:f1:39:ad:c2:c4:6a:c0:cd:7f:30:88:c8:
1e:ef:54:d5:4a:04:fc:5b:60:a0:b0:99:00:97:1d:
ce:08:62:09:19:07:59:9b:f9:30:f6:66:cb:c1:51:
b9:82:34:fb:9e:cb:d5:6a:ec:dc:c5:b4:81:60:38:
54:28:66:64:61:46:68:eb:87:db:61:18:ab:cb:a8:
56:a5:bd:0a:11:37:2b:1d:cf:6a:79:7d:91:ce:06:
40:84:8f:a8:d4:cd:97:64:fe:2b:0b:24:71:ef:f0:
eb:40:aa:76:d8:3d:b0:57:5c:0b:cc:a7:c2:e7:5a:
5c:28:e9:6a:2c:09:87:2f:95:34:f0:2f:4a:9b:d0:
75:bb:76:82:1c:5a:2c:6e:2f:2f:00:ff:80:28:cf:
f5:9a:31:1b:70:2b:5f:5f:f2:e4:51:ff:fb:2e:f4:
a1:44:7b:3f:00:10:1e:5f:dd:6d:3b:62:05:d4:59:
b1:b3:f7:b1:d1:9a:d3:70:da:96:a5:4d:5f:f7:02:
d0:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:63:BE:F8:EB:F4:AE:8D:04:BA:40:AB:5D:5D:E8:F3:EF:50:54:A5
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/Y2O--Ov0ro0EukCrXV3o8-9QVKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:93:b2:c5:47:17:7d:e7:0a:84:5e:61:88:a7:0d:42:85:56:
7a:20:ea:0b:ba:ef:1f:5d:0d:dd:ca:f9:a5:bf:b0:a7:83:22:
f2:a2:dc:db:b3:05:01:c0:b8:51:e9:40:3f:91:75:43:65:a2:
ba:56:33:5c:09:3c:ca:f1:8b:51:5a:24:86:63:00:eb:17:46:
aa:90:d8:ae:8d:6b:4e:13:0e:9d:df:e6:0a:96:c4:7f:aa:0f:
9b:99:95:89:5c:92:4b:43:4f:4b:83:f6:19:ef:85:69:e5:76:
3d:e3:81:46:42:e6:d5:8f:d2:41:32:81:6e:af:96:7e:e7:b7:
73:09:45:3b:6b:f5:4a:e1:81:f2:9d:d8:d0:2a:63:1a:2d:79:
cb:0a:de:00:17:b3:5d:a9:c5:23:9d:a3:a0:16:05:60:b7:ab:
60:ee:1d:aa:63:92:f8:04:d7:ed:8f:7d:db:d8:5a:67:fa:82:
c0:f2:1e:88:67:1f:ae:d0:46:68:f9:88:36:b3:b9:00:8c:19:
f3:2b:9a:67:79:2a:e8:da:65:ed:43:4e:9b:fd:7f:8f:40:b1:
df:c6:34:17:03:03:34:aa:12:e9:58:7b:21:07:31:c4:13:5c:
96:d6:1a:a5:d8:c8:db:14:26:15:c6:17:96:6e:a6:11:e8:a5:
65:66:79:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/9VhLj00/yIB/N2HfHTsafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA5MTQxMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzYzYmVmOGViZjRhZThkMDRiYTQwYWI1ZDVkZThmM2VmNTA1NGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVrizYHSl5UZ0sFoEKU9HF0bhNQS
VbP6bKVYPXye+rkZcNV65rdTcSUsqQdyNp/hu1+u+98molFDBuQR32vxOa3CxGrA
zX8wiMge71TVSgT8W2CgsJkAlx3OCGIJGQdZm/kw9mbLwVG5gjT7nsvVauzcxbSB
YDhUKGZkYUZo64fbYRiry6hWpb0KETcrHc9qeX2RzgZAhI+o1M2XZP4rCyRx7/Dr
QKp22D2wV1wLzKfC51pcKOlqLAmHL5U08C9Km9B1u3aCHFosbi8vAP+AKM/1mjEb
cCtfX/LkUf/7LvShRHs/ABAeX91tO2IF1Fmxs/ex0ZrTcNqWpU1f9wLQewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGNjvvjr9K6NBLpAq11d6PPvUFSlMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvWTJPLS1PdjBybzBFdWtDclhWM284LTlRVktVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD6TssVHF33nCoReYYin
DUKFVnog6gu67x9dDd3K+aW/sKeDIvKi3NuzBQHAuFHpQD+RdUNlorpWM1wJPMrx
i1FaJIZjAOsXRqqQ2K6Na04TDp3f5gqWxH+qD5uZlYlckktDT0uD9hnvhWnldj3j
gUZC5tWP0kEygW6vln7nt3MJRTtr9UrhgfKd2NAqYxotecsK3gAXs12pxSOdo6AW
BWC3q2DuHapjkvgE1+2PfdvYWmf6gsDyHohnH67QRmj5iDazuQCMGfMrmmd5Kuja
Ze1DTpv9f49Asd/GNBcDAzSqEulYeyEHMcQTXJbWGqXYyNsUJhXGF5ZuphHopWVm
ebg=
Generated at Sun Jun 9 16:18:50 2024 by rpki-client on console-fra.rpki-client.org