![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hp8GmOXZrjFJWjv6vJPu_1HqsII.roa
File: hp8GmOXZrjFJWjv6vJPu_1HqsII.roa (raw, json)
Hash identifier: aHy0NL7QKKRAsp4JYyQEsz1snhavEFjpx/CJOdrnv5E=
Subject key identifier: 86:9F:06:98:E5:D9:AE:31:49:5A:3B:FA:BC:93:EE:FF:51:EA:B0:82
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01900F8ECAAC63B5371B0A98C7415FA959C9
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hp8GmOXZrjFJWjv6vJPu_1HqsII.roa
Signing time: Thu 13 Jun 2024 03:05:34 +0000
ROA not before: Thu 13 Jun 2024 03:05:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:190:f8e:802f/128 maxlen: 128
Validation: Failed, certificate revoked on Thu 13 Jun 2024 03:10:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0f:8e:ca:ac:63:b5:37:1b:0a:98:c7:41:5f:a9:59:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 13 03:05:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=869f0698e5d9ae31495a3bfabc93eeff51eab082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:26:ed:d0:3f:df:ca:2c:c7:94:4a:60:a4:55:
1f:2c:a4:c5:a7:fd:a2:70:95:f8:99:28:2d:ef:5c:
46:95:9a:8b:35:ff:b3:aa:7b:7c:3d:85:a7:bc:29:
37:e6:17:a0:e7:b9:86:d4:bc:91:69:7e:61:1c:81:
b4:f3:60:96:db:f9:85:f4:ba:a0:a7:4a:84:5b:b4:
1d:8d:07:b7:19:64:01:b3:9a:7d:19:e6:77:91:92:
75:d4:c3:45:cf:aa:85:4c:3f:3c:59:0f:a1:ff:f3:
9b:a2:0d:84:01:e5:20:5e:0a:1c:e4:06:91:ee:70:
fa:8c:c7:e4:fd:de:c2:6c:ed:37:eb:e6:f4:bc:62:
b0:70:d6:82:58:bb:54:60:78:8b:3c:3f:fb:9b:02:
3f:ce:9c:d9:e9:72:d1:60:fb:3b:a2:60:c1:b0:c1:
b2:ee:da:ae:34:e6:82:ba:d5:6e:a7:fc:35:4b:1f:
e1:9f:e3:dc:63:42:b8:ad:ef:7d:a1:1d:8c:36:aa:
b6:b7:11:dc:54:c1:3a:88:20:db:a3:4c:f8:8b:92:
04:4f:e5:36:78:dd:f5:e6:e4:0c:18:a4:68:32:e7:
1f:a6:c5:97:21:83:1a:b5:85:5b:37:f6:1c:80:2c:
3f:ec:7a:ab:ec:fb:1b:e0:0b:63:57:ac:a5:e5:2d:
5a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:9F:06:98:E5:D9:AE:31:49:5A:3B:FA:BC:93:EE:FF:51:EA:B0:82
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/hp8GmOXZrjFJWjv6vJPu_1HqsII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:00:90:5c:04:56:bd:06:52:f0:9a:d6:2b:9f:8b:be:20:5f:
01:f1:b7:e4:53:4e:f5:54:28:a7:cc:7e:17:d5:2f:e2:c4:87:
43:86:d8:dd:08:76:04:0f:40:90:70:3f:4f:ad:31:6d:57:49:
1b:85:c2:26:33:f6:8b:17:1f:0a:32:81:1b:63:32:a5:db:0f:
ff:12:9f:09:a6:db:3d:b7:19:55:e4:b7:d5:6f:23:b9:8e:1f:
92:e0:17:ac:d4:33:2a:15:41:d4:98:4e:b3:6c:f6:b5:4c:07:
10:fb:af:d4:90:85:2c:e1:7e:3c:41:95:b2:5d:af:ab:62:7b:
14:f0:a7:1c:72:23:eb:de:92:8c:87:03:80:ad:ec:74:f1:d2:
5f:fb:be:3e:7e:5c:86:18:2e:a7:d4:07:d2:b8:6f:01:e6:12:
38:8a:f1:f5:8f:fe:be:b2:a8:33:f2:4f:21:49:5e:17:8a:8d:
90:4b:cf:81:59:3c:fb:8c:47:d9:bf:dd:39:d7:0a:c9:1c:85:
22:64:dc:c7:c0:61:74:53:39:91:71:75:a6:96:4b:6e:84:a5:
61:04:18:b2:a1:a0:dc:c0:9c:70:a4:d8:67:f6:3e:7a:0c:5f:
c7:cd:31:3d:c2:da:08:81:93:ee:06:59:4d:5b:54:35:9a:f3:
a4:72:f5:73
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAPjsqsY7U3GwqYx0FfqVnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjEzMDMwNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjlmMDY5OGU1ZDlhZTMxNDk1YTNiZmFiYzkzZWVmZjUxZWFiMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSbt0D/fyizHlEpgpFUfLKTFp/2i
cJX4mSgt71xGlZqLNf+zqnt8PYWnvCk35heg57mG1LyRaX5hHIG082CW2/mF9Lqg
p0qEW7QdjQe3GWQBs5p9GeZ3kZJ11MNFz6qFTD88WQ+h//Obog2EAeUgXgoc5AaR
7nD6jMfk/d7CbO036+b0vGKwcNaCWLtUYHiLPD/7mwI/zpzZ6XLRYPs7omDBsMGy
7tquNOaCutVup/w1Sx/hn+PcY0K4re99oR2MNqq2txHcVME6iCDbo0z4i5IET+U2
eN315uQMGKRoMucfpsWXIYMatYVbN/YcgCw/7Hqr7Psb4AtjV6yl5S1aYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIafBpjl2a4xSVo7+ryT7v9R6rCCMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvaHA4R21PWFpyakZKV2p2NnZKUHVfMUhxc0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADMAkFwEVr0GUvCa1iuf
i74gXwHxt+RTTvVUKKfMfhfVL+LEh0OG2N0IdgQPQJBwP0+tMW1XSRuFwiYz9osX
HwoygRtjMqXbD/8Snwmm2z23GVXkt9VvI7mOH5LgF6zUMyoVQdSYTrNs9rVMBxD7
r9SQhSzhfjxBlbJdr6tiexTwpxxyI+vekoyHA4Ct7HTx0l/7vj5+XIYYLqfUB9K4
bwHmEjiK8fWP/r6yqDPyTyFJXheKjZBLz4FZPPuMR9m/3TnXCskchSJk3MfAYXRT
OZFxdaaWS26EpWEEGLKhoNzAnHCk2Gf2PnoMX8fNMT3C2giBk+4GWU1bVDWa86Ry
9XM=
Generated at Thu Jun 13 04:16:08 2024 by rpki-client on console-fra.rpki-client.org