![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aQ-Jb2I_Hv_LZEWdZOkA2aoenrQ.roa
File: aQ-Jb2I_Hv_LZEWdZOkA2aoenrQ.roa (raw, json)
Hash identifier: HBJt8Azt9PIFfn6jMDwgHDGC7eMDatv/CmdQNbLK/RA=
Subject key identifier: 69:0F:89:6F:62:3F:1E:FF:CB:64:45:9D:64:E9:00:D9:AA:1E:9E:B4
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FE021E058526552013517FEF3DBDD9B4E
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aQ-Jb2I_Hv_LZEWdZOkA2aoenrQ.roa
Signing time: Mon 03 Jun 2024 22:04:27 +0000
ROA not before: Mon 03 Jun 2024 22:04:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:e021:a5bd/128 maxlen: 128
Validation: Failed, certificate revoked on Mon 03 Jun 2024 22:12:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e0:21:e0:58:52:65:52:01:35:17:fe:f3:db:dd:9b:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 3 22:04:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=690f896f623f1effcb64459d64e900d9aa1e9eb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5b:31:ab:88:53:34:77:b2:56:64:81:a4:70:
0b:fb:0f:05:05:44:dd:4b:f2:59:aa:e0:c8:9b:0a:
7b:62:85:08:f5:46:da:a7:7a:43:1e:ef:8e:9d:a5:
e6:fe:55:e3:29:af:aa:4c:86:b2:60:3e:cb:48:d3:
31:95:d5:65:9a:6c:b4:1e:81:c1:16:10:67:f3:f2:
c6:b2:ce:ea:b9:f0:90:9a:bc:a5:a9:1d:e5:ba:e7:
a8:16:11:8f:ee:ab:37:4e:4b:d3:05:09:78:01:b7:
65:db:ec:a5:90:6a:41:de:4b:74:c6:66:d3:f4:f0:
4c:17:6f:85:0a:bf:04:c7:ff:c5:fe:c7:c8:b5:15:
5c:1c:b6:85:90:8e:43:ea:79:5c:89:bb:d1:7d:64:
51:6c:3b:e9:e9:ba:24:af:e4:43:f4:a4:45:9a:5c:
b2:55:05:19:1e:d0:64:f0:c0:91:43:76:d0:29:d6:
de:78:98:ca:4e:9d:34:c4:0c:57:57:bc:3a:9e:ee:
09:62:f6:aa:26:37:b2:fe:62:6b:c3:1c:58:82:48:
49:ac:3d:dc:37:77:11:2a:dc:23:32:0d:54:90:aa:
31:f4:1a:a7:f8:87:c9:87:ad:10:3c:0b:d3:a9:77:
96:4f:a5:31:c5:62:90:a5:71:f2:99:ab:46:4d:6b:
c1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:0F:89:6F:62:3F:1E:FF:CB:64:45:9D:64:E9:00:D9:AA:1E:9E:B4
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/aQ-Jb2I_Hv_LZEWdZOkA2aoenrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:4b:77:74:77:13:b2:b7:a7:79:99:2a:71:7a:86:1f:61:40:
a5:43:f3:07:db:2f:0a:2a:6c:39:e4:df:ef:96:a5:34:d8:50:
de:03:52:f9:95:14:11:fa:16:36:33:a0:f9:06:48:8d:6c:85:
3d:15:22:cf:a7:29:47:f5:2f:1e:ea:d0:f9:53:96:79:1e:1b:
0d:48:e2:cf:b0:e7:78:b2:4d:c9:55:e3:34:c5:03:11:de:ae:
44:8e:a2:fe:33:16:a5:4b:e9:7f:7f:d1:bd:41:9f:92:09:4f:
1f:76:8b:66:b4:45:87:ac:19:63:7e:e4:1e:d5:87:7e:19:03:
ce:3f:11:2b:5c:2a:26:52:cb:61:1e:29:96:01:36:42:95:28:
97:27:b2:28:17:a2:27:97:ef:d5:af:10:b8:ca:86:c8:ea:66:
00:de:27:f6:f8:f0:b2:5b:5e:fa:f9:45:f0:f5:d3:8b:17:47:
c0:58:b4:c3:ec:20:af:43:3b:4b:d7:49:f0:1b:af:26:0f:a3:
9a:5f:16:35:35:86:fc:f9:51:11:ab:83:7b:3f:f4:e0:38:46:
c1:c4:96:c2:0a:f4:14:5a:b4:0c:70:3a:ea:64:26:1a:0b:bc:
7b:a6:ef:cd:6b:02:b9:7a:68:1d:05:43:19:35:2c:7e:9e:24:
bf:e1:37:fd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/gIeBYUmVSATUX/vPb3ZtOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjAzMjIwNDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTBmODk2ZjYyM2YxZWZmY2I2NDQ1OWQ2NGU5MDBkOWFhMWU5ZWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1sxq4hTNHeyVmSBpHAL+w8FBUTd
S/JZquDImwp7YoUI9Ubap3pDHu+OnaXm/lXjKa+qTIayYD7LSNMxldVlmmy0HoHB
FhBn8/LGss7qufCQmrylqR3luueoFhGP7qs3TkvTBQl4Abdl2+ylkGpB3kt0xmbT
9PBMF2+FCr8Ex//F/sfItRVcHLaFkI5D6nlcibvRfWRRbDvp6bokr+RD9KRFmlyy
VQUZHtBk8MCRQ3bQKdbeeJjKTp00xAxXV7w6nu4JYvaqJjey/mJrwxxYgkhJrD3c
N3cRKtwjMg1UkKox9Bqn+IfJh60QPAvTqXeWT6UxxWKQpXHymatGTWvBiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGkPiW9iPx7/y2RFnWTpANmqHp60MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvYVEtSmIySV9Idl9MWkVXZFpPa0EyYW9lbnJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIxLd3R3E7K3p3mZKnF6
hh9hQKVD8wfbLwoqbDnk3++WpTTYUN4DUvmVFBH6FjYzoPkGSI1shT0VIs+nKUf1
Lx7q0PlTlnkeGw1I4s+w53iyTclV4zTFAxHerkSOov4zFqVL6X9/0b1Bn5IJTx92
i2a0RYesGWN+5B7Vh34ZA84/EStcKiZSy2EeKZYBNkKVKJcnsigXoieX79WvELjK
hsjqZgDeJ/b48LJbXvr5RfD104sXR8BYtMPsIK9DO0vXSfAbryYPo5pfFjU1hvz5
URGrg3s/9OA4RsHElsIK9BRatAxwOupkJhoLvHum781rArl6aB0FQxk1LH6eJL/h
N/0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org