![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xx0DKSBWJUnVP9gbi9m2mfGXiD4.roa
File: xx0DKSBWJUnVP9gbi9m2mfGXiD4.roa (raw, json)
Hash identifier: V+HjQfePlSKfWIAXc9WSULRPncVw/ed1ARQVbKAgrWk=
Subject key identifier: C7:1D:03:29:20:56:25:49:D5:3F:D8:1B:8B:D9:B6:99:F1:97:88:3E
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 018FF89CA97652287040EAF7931BEF0D34E1
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xx0DKSBWJUnVP9gbi9m2mfGXiD4.roa
Signing time: Sat 08 Jun 2024 16:09:27 +0000
ROA not before: Sat 08 Jun 2024 16:09:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 08 Jun 2024 17:04:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f8:9c:a9:76:52:28:70:40:ea:f7:93:1b:ef:0d:34:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jun 8 16:09:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c71d032920562549d53fd81b8bd9b699f197883e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e4:89:3d:82:99:d7:bc:ce:94:2c:12:27:8b:
4c:b4:32:33:80:9a:8b:c9:81:ea:34:58:a2:3b:6e:
31:19:f6:63:03:3f:d4:16:06:57:38:e9:b6:c5:c1:
a7:31:16:af:80:e7:e0:e8:2c:68:a0:78:01:50:1b:
a9:e1:c0:74:71:3e:c6:a8:7c:d8:45:e2:69:26:da:
50:32:03:b3:4b:2a:c0:22:86:10:f3:53:8c:68:98:
db:37:c0:0b:69:9a:d6:1a:7f:cb:0b:64:6d:28:ee:
93:df:d5:47:7a:35:6d:96:25:30:ea:0b:6b:95:13:
16:fc:f4:7e:21:6b:62:c0:d5:61:22:4d:0c:e0:57:
e7:eb:18:b6:ac:3c:67:9b:80:60:75:c0:d8:b8:00:
28:82:cb:5b:75:63:ab:fb:82:ba:d0:bd:33:ce:2f:
e6:f5:4a:68:7c:80:3f:19:c8:86:8f:63:81:8b:f1:
34:84:0c:c6:57:ad:ed:29:52:91:00:8a:c5:f2:d3:
50:13:64:9a:f9:c3:d8:7d:6d:95:89:e2:c5:3b:48:
11:56:b8:fa:b7:fc:93:a3:a9:3c:39:60:6f:6a:78:
99:23:9d:3f:ca:a8:ab:e3:59:4b:68:1f:2b:f2:1b:
f0:a1:cd:ad:06:b3:3f:02:63:89:d3:5f:fa:ec:ca:
b8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:1D:03:29:20:56:25:49:D5:3F:D8:1B:8B:D9:B6:99:F1:97:88:3E
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/xx0DKSBWJUnVP9gbi9m2mfGXiD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:a6:a1:2a:5f:ee:59:e8:0e:a2:3c:13:ec:56:7f:62:d0:a2:
1f:fb:1c:51:ae:bf:cc:d7:86:ac:4f:19:8b:3e:de:b7:08:1e:
33:e8:64:bf:d9:ba:af:6f:5b:7d:d6:0f:8e:8c:16:e6:69:5d:
a7:ba:48:be:46:7e:c0:dd:0c:7f:37:df:1d:5e:00:f2:f1:7c:
b4:f4:5b:40:2f:d5:f5:fd:69:d7:0d:d3:9c:35:86:c1:1b:ee:
66:14:40:be:e8:1b:ea:ec:0e:ad:bb:80:cb:cb:44:c7:94:32:
42:14:1a:86:22:af:bf:b9:f8:8b:a9:5e:b3:84:0b:4e:35:a9:
f9:1f:dc:a4:3a:12:13:bc:19:00:50:de:1d:72:22:b9:b1:92:
9c:93:1c:44:12:ad:c7:36:61:31:02:0f:8b:22:f0:54:cc:31:
33:33:74:f1:4e:11:3d:44:cf:10:b9:9f:3d:ff:d8:24:fc:1d:
a7:58:7c:8d:3a:90:df:1b:6c:41:bd:fe:d8:0e:e2:ae:2d:df:
de:eb:53:40:39:61:8b:ca:86:a8:6b:a0:ca:0f:ec:79:f5:80:
8a:3e:0d:b7:a0:2e:7a:96:58:97:0e:3d:33:c3:e4:e2:d8:6c:
a1:d0:5f:96:a0:4f:e5:0d:bb:9c:79:01:cc:52:b5:1a:15:7b:
74:b3:0d:68
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY/4nKl2UihwQOr3kxvvDTThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNjA4MTYwOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzFkMDMyOTIwNTYyNTQ5ZDUzZmQ4MWI4YmQ5YjY5OWYxOTc4ODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOSJPYKZ17zOlCwSJ4tMtDIzgJqL
yYHqNFiiO24xGfZjAz/UFgZXOOm2xcGnMRavgOfg6CxooHgBUBup4cB0cT7GqHzY
ReJpJtpQMgOzSyrAIoYQ81OMaJjbN8ALaZrWGn/LC2RtKO6T39VHejVtliUw6gtr
lRMW/PR+IWtiwNVhIk0M4Ffn6xi2rDxnm4BgdcDYuAAogstbdWOr+4K60L0zzi/m
9UpofIA/GciGj2OBi/E0hAzGV63tKVKRAIrF8tNQE2Sa+cPYfW2VieLFO0gRVrj6
t/yTo6k8OWBvaniZI50/yqir41lLaB8r8hvwoc2tBrM/AmOJ01/67Mq44wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMcdAykgViVJ1T/YG4vZtpnxl4g+MB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEveHgwREtTQldKVW5WUDlnYmk5bTJtZkdYaUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABymoSpf7lnoDqI8E+xW
f2LQoh/7HFGuv8zXhqxPGYs+3rcIHjPoZL/Zuq9vW33WD46MFuZpXae6SL5GfsDd
DH833x1eAPLxfLT0W0Av1fX9adcN05w1hsEb7mYUQL7oG+rsDq27gMvLRMeUMkIU
GoYir7+5+IupXrOEC041qfkf3KQ6EhO8GQBQ3h1yIrmxkpyTHEQSrcc2YTECD4si
8FTMMTMzdPFOET1EzxC5nz3/2CT8HadYfI06kN8bbEG9/tgO4q4t397rU0A5YYvK
hqhroMoP7Hn1gIo+DbegLnqWWJcOPTPD5OLYbKHQX5agT+UNu5x5AcxStRoVe3Sz
DWg=
-----END CERTIFICATE-----
Generated at Sat Jun 8 19:30:58 2024 by rpki-client on console-fra.rpki-client.org