![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uv6x7HORq0L2-JVtlmVqmqe54P0.roa
File: uv6x7HORq0L2-JVtlmVqmqe54P0.roa (raw, json)
Hash identifier: p0RwN49/wPTfGFJbcDYCXDFrnRNxmpv4Lqs0yPmIL0g=
Subject key identifier: BA:FE:B1:EC:73:91:AB:42:F6:F8:95:6D:96:65:6A:9A:A7:B9:E0:FD
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 01901B987405CB36E7C99D29350A1AE31FF2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uv6x7HORq0L2-JVtlmVqmqe54P0.roa
Signing time: Sat 15 Jun 2024 11:11:34 +0000
ROA not before: Sat 15 Jun 2024 11:11:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 15 Jun 2024 12:04:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:1b:98:74:05:cb:36:e7:c9:9d:29:35:0a:1a:e3:1f:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 15 11:11:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bafeb1ec7391ab42f6f8956d96656a9aa7b9e0fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:ef:40:f2:c9:5a:45:4e:97:98:46:79:26:68:
82:d1:58:6e:3d:69:70:a0:58:af:df:21:3e:30:fc:
54:b7:74:af:1e:e8:03:a1:32:ed:71:ad:77:58:d5:
55:a2:28:f5:f6:c5:21:67:1b:77:bc:24:0b:a4:06:
e0:69:bf:ff:a9:61:a3:ce:a7:35:d5:d9:19:8b:f8:
28:67:e5:2c:32:ad:f4:8a:14:6a:46:43:b5:6b:b6:
66:c5:5d:c6:fc:93:8f:59:86:c4:25:95:cf:84:b7:
83:63:83:16:ce:51:24:69:2c:cc:6c:1d:a7:7a:8d:
72:24:8c:c3:9a:e7:5a:e6:b9:93:93:49:d2:2d:bb:
bd:04:ca:81:79:ca:f7:26:cf:a5:7e:b5:cd:b2:b3:
f0:44:a3:64:cc:de:30:e8:04:70:8d:7c:fd:a7:ee:
f1:28:09:28:fe:91:48:90:e5:68:9d:e1:95:54:31:
47:41:3d:b0:ad:e2:32:0b:8d:ad:d4:87:e2:70:ab:
de:cc:7d:6e:a8:d8:a9:17:84:81:30:46:24:6b:14:
1d:1b:2a:76:dd:d6:14:5d:c0:fe:01:2d:cd:c7:9e:
62:d9:83:af:cd:21:6b:f8:6b:1b:c4:06:12:ab:90:
5b:d2:c5:37:8c:53:33:13:0f:01:a3:d1:40:05:8b:
4a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:FE:B1:EC:73:91:AB:42:F6:F8:95:6D:96:65:6A:9A:A7:B9:E0:FD
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/uv6x7HORq0L2-JVtlmVqmqe54P0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7a:8e:70:ac:9b:cb:5c:48:01:42:3d:b4:f5:54:c1:2c:06:7d:
2f:a5:f0:c0:cb:25:e0:b9:4e:78:f6:23:e0:44:42:77:13:a9:
50:d7:6d:80:d1:00:ea:7e:19:0b:0b:67:b6:5c:9d:36:bd:cb:
eb:53:e8:49:6c:79:41:80:eb:4e:6e:ad:f3:23:3c:70:97:d1:
77:28:6e:be:b7:e1:9d:20:8b:ea:e8:83:f4:a4:27:08:f5:e3:
9e:3f:38:86:68:85:72:76:76:58:b3:5e:c7:04:6f:cc:87:25:
e1:87:36:30:dc:78:a8:cd:16:2b:19:5a:f2:73:13:c8:ca:ca:
1a:df:83:b6:31:6e:cc:8e:81:8f:1d:f2:ee:9d:89:ae:4c:70:
56:58:43:b0:93:ce:58:c3:e8:ca:59:09:5a:67:ef:9c:7c:3e:
9b:8a:cf:c2:52:76:47:20:cd:90:77:5c:7d:6e:e3:32:2f:7f:
59:f7:42:05:2b:b9:44:e6:32:e7:1c:ee:ac:28:ad:53:a1:16:
c9:93:72:0e:1d:2f:c5:20:8c:dc:ce:c4:17:9c:43:85:11:ac:
8f:e6:0d:52:32:63:a7:83:ff:86:5c:95:27:c4:c6:34:32:67:
bb:61:5d:d4:bd:1f:5d:9d:20:53:2c:39:ca:a2:6f:b6:30:77:
8c:e4:26:f0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZAbmHQFyzbnyZ0pNQoa4x/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjE1MTExMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWZlYjFlYzczOTFhYjQyZjZmODk1NmQ5NjY1NmE5YWE3YjllMGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3u9A8slaRU6XmEZ5JmiC0VhuPWlw
oFiv3yE+MPxUt3SvHugDoTLtca13WNVVoij19sUhZxt3vCQLpAbgab//qWGjzqc1
1dkZi/goZ+UsMq30ihRqRkO1a7ZmxV3G/JOPWYbEJZXPhLeDY4MWzlEkaSzMbB2n
eo1yJIzDmuda5rmTk0nSLbu9BMqBecr3Js+lfrXNsrPwRKNkzN4w6ARwjXz9p+7x
KAko/pFIkOVoneGVVDFHQT2wreIyC42t1IficKvezH1uqNipF4SBMEYkaxQdGyp2
3dYUXcD+AS3Nx55i2YOvzSFr+GsbxAYSq5Bb0sU3jFMzEw8Bo9FABYtKCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLr+sexzkatC9viVbZZlapqnueD9MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvdXY2eDdIT1JxMEwyLUpWdGxtVnFtcWU1NFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHqOcKyby1xIAUI9tPVU
wSwGfS+l8MDLJeC5Tnj2I+BEQncTqVDXbYDRAOp+GQsLZ7ZcnTa9y+tT6ElseUGA
605urfMjPHCX0Xcobr634Z0gi+rog/SkJwj1454/OIZohXJ2dlizXscEb8yHJeGH
NjDceKjNFisZWvJzE8jKyhrfg7YxbsyOgY8d8u6dia5McFZYQ7CTzljD6MpZCVpn
75x8PpuKz8JSdkcgzZB3XH1u4zIvf1n3QgUruUTmMucc7qworVOhFsmTcg4dL8Ug
jNzOxBecQ4URrI/mDVIyY6eD/4ZclSfExjQyZ7thXdS9H12dIFMsOcqib7Ywd4zk
JvA=
-----END CERTIFICATE-----
Generated at Sat Jun 15 14:43:00 2024 by rpki-client on console-fra.rpki-client.org