![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/grMTRifODGLfuQ7gt4y-mTz5UGM.roa
File: grMTRifODGLfuQ7gt4y-mTz5UGM.roa (raw, json)
Hash identifier: KO+NeK7psgHAlHddwe3IOK3NxJwwLzMKL6pc8bhlFwU=
Subject key identifier: 82:B3:13:46:27:CE:0C:62:DF:B9:0E:E0:B7:8C:BE:99:3C:F9:50:63
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FBC52EE3C6CAC7229BD0CAC9C32DCE5AD
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/grMTRifODGLfuQ7gt4y-mTz5UGM.roa
Signing time: Mon 27 May 2024 23:11:42 +0000
ROA not before: Mon 27 May 2024 23:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 May 2024 00:04:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bc:52:ee:3c:6c:ac:72:29:bd:0c:ac:9c:32:dc:e5:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: May 27 23:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82b3134627ce0c62dfb90ee0b78cbe993cf95063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b2:f0:2c:2e:0e:5c:c2:37:5c:42:c0:4b:45:
0d:22:3a:d5:7b:ad:26:69:c2:52:05:0c:df:eb:d1:
42:8d:7c:7f:c5:1b:1d:71:74:8b:e5:1b:b1:19:85:
66:74:bd:cb:41:e3:93:f7:2b:f2:3d:55:c0:c7:88:
ad:cb:f3:f4:bb:a4:04:4a:a1:49:f5:47:df:5a:47:
5e:32:ff:72:b2:68:0a:5f:fe:ea:50:58:af:a6:94:
f2:fb:2a:a2:43:ac:6c:c0:08:c8:01:3c:9b:02:f4:
9e:71:13:28:1f:3a:59:51:8a:5c:41:8e:15:96:0e:
c2:1d:9e:0d:fc:82:c6:dd:fd:3d:88:19:ac:27:7a:
48:b3:c2:f7:84:40:24:a2:0e:0f:0a:75:12:b9:19:
b2:81:a8:22:64:27:9c:f1:67:85:17:2f:ee:91:bd:
c9:37:5d:7a:27:68:2d:3a:78:d7:36:b7:8f:3c:86:
bc:c4:c9:2d:cb:73:23:8e:6c:77:37:7e:25:c7:55:
40:70:8d:47:98:11:dd:5a:a0:63:c5:20:00:22:1c:
10:35:30:eb:d2:17:40:2a:11:62:22:95:cb:a0:5e:
ac:37:c2:64:a2:d6:c2:e1:09:af:88:c5:6d:36:c4:
0d:9a:5c:61:ff:ad:d0:8f:cc:ce:aa:94:07:0e:60:
42:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B3:13:46:27:CE:0C:62:DF:B9:0E:E0:B7:8C:BE:99:3C:F9:50:63
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/grMTRifODGLfuQ7gt4y-mTz5UGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:6b:19:6b:60:25:64:86:73:45:fc:a9:ec:21:4f:e3:0c:07:
27:20:30:2c:9f:66:30:3e:4b:b1:0c:9e:7d:98:41:72:cf:f2:
df:93:c5:7b:6e:91:5e:c7:c6:9e:b9:2a:fe:a8:bd:5b:7e:c5:
22:fd:bc:a7:fa:aa:53:66:85:5e:ea:31:34:1a:b8:34:77:7a:
16:87:89:d9:5c:57:ca:3c:cd:48:cb:75:89:f5:f8:f8:ab:74:
c0:f1:99:c8:87:7d:c5:28:24:e0:87:44:ec:1a:3a:1f:3d:c9:
59:d2:75:fc:3f:f9:b1:e3:14:db:76:09:f7:24:b9:5d:2e:1a:
00:42:31:10:57:1c:7a:40:a6:05:8c:d1:2d:b5:3b:1e:a3:06:
c7:d9:d0:f7:cb:b6:89:34:5f:7e:ff:cc:c3:79:4d:77:57:29:
95:73:9c:3a:54:38:87:cd:ac:1e:b4:14:b5:22:20:e7:13:8d:
1f:6b:fd:d2:ea:86:e4:81:46:29:d1:75:12:3b:a8:b4:bb:e1:
de:12:fb:29:db:3f:23:75:c1:4f:eb:66:74:2d:2c:79:43:c9:
1a:fd:59:a2:75:4f:aa:9c:dc:78:56:6b:12:23:4d:94:11:ef:
04:73:96:4c:dc:7c:89:93:cb:e0:2c:58:da:26:df:92:d2:53:
aa:fc:65:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+8Uu48bKxyKb0MrJwy3OWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNTI3MjMxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmIzMTM0NjI3Y2UwYzYyZGZiOTBlZTBiNzhjYmU5OTNjZjk1MDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrLwLC4OXMI3XELAS0UNIjrVe60m
acJSBQzf69FCjXx/xRsdcXSL5RuxGYVmdL3LQeOT9yvyPVXAx4ity/P0u6QESqFJ
9UffWkdeMv9ysmgKX/7qUFivppTy+yqiQ6xswAjIATybAvSecRMoHzpZUYpcQY4V
lg7CHZ4N/ILG3f09iBmsJ3pIs8L3hEAkog4PCnUSuRmygagiZCec8WeFFy/ukb3J
N116J2gtOnjXNrePPIa8xMkty3Mjjmx3N34lx1VAcI1HmBHdWqBjxSAAIhwQNTDr
0hdAKhFiIpXLoF6sN8JkotbC4QmviMVtNsQNmlxh/63Qj8zOqpQHDmBCUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIKzE0Ynzgxi37kO4LeMvpk8+VBjMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvZ3JNVFJpZk9ER0xmdVE3Z3Q0eS1tVHo1VUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADdrGWtgJWSGc0X8qewh
T+MMBycgMCyfZjA+S7EMnn2YQXLP8t+TxXtukV7Hxp65Kv6ovVt+xSL9vKf6qlNm
hV7qMTQauDR3ehaHidlcV8o8zUjLdYn1+PirdMDxmciHfcUoJOCHROwaOh89yVnS
dfw/+bHjFNt2CfckuV0uGgBCMRBXHHpApgWM0S21Ox6jBsfZ0PfLtok0X37/zMN5
TXdXKZVznDpUOIfNrB60FLUiIOcTjR9r/dLqhuSBRinRdRI7qLS74d4S+ynbPyN1
wU/rZnQtLHlDyRr9WaJ1T6qc3HhWaxIjTZQR7wRzlkzcfImTy+AsWNom35LSU6r8
ZZk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org