![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/vM9aqUBWt-HbLXS5Rb0w8vRlq2M.roa
File: vM9aqUBWt-HbLXS5Rb0w8vRlq2M.roa (raw, json)
Hash identifier: yx7iUVPpatsYBheZ/OtoNEqhe7m+kXr3mr2rrEWvx90=
Subject key identifier: BC:CF:5A:A9:40:56:B7:E1:DB:2D:74:B9:45:BD:30:F2:F4:65:AB:63
Certificate issuer: /CN=d794e81d72f59c65a0d18144a1b2607983536b4a
Certificate serial: 01877CC29C1CFB4429EDECB6022ADEAE8714
Authority key identifier: D7:94:E8:1D:72:F5:9C:65:A0:D1:81:44:A1:B2:60:79:83:53:6B:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15ToHXL1nGWg0YFEobJgeYNTa0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/vM9aqUBWt-HbLXS5Rb0w8vRlq2M.roa
Signing time: Thu 13 Apr 2023 22:35:41 +0000
ROA not before: Thu 13 Apr 2023 22:35:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42313
IP address blocks: 185.171.146.0/24 maxlen: 24
185.171.144.0/23 maxlen: 23
79.106.104.0/24 maxlen: 24
79.106.107.0/24 maxlen: 24
79.106.118.0/23 maxlen: 23
79.106.117.0/24 maxlen: 24
79.106.125.0/24 maxlen: 24
79.106.123.0/24 maxlen: 24
79.106.124.0/24 maxlen: 24
79.106.122.0/24 maxlen: 24
79.106.120.0/24 maxlen: 24
79.106.127.0/24 maxlen: 24
79.106.128.0/19 maxlen: 19
79.106.126.0/24 maxlen: 24
79.106.192.0/19 maxlen: 19
79.106.195.0/24 maxlen: 24
79.106.194.0/23 maxlen: 23
79.106.196.0/24 maxlen: 24
79.106.205.0/24 maxlen: 24
79.106.204.0/24 maxlen: 24
79.106.210.0/24 maxlen: 24
79.106.211.0/24 maxlen: 24
79.106.209.0/24 maxlen: 24
79.106.207.0/24 maxlen: 24
79.106.215.0/24 maxlen: 24
79.106.214.0/24 maxlen: 24
79.106.218.0/23 maxlen: 23
79.106.220.0/24 maxlen: 24
79.106.160.0/19 maxlen: 19
79.106.176.0/21 maxlen: 21
217.24.240.0/21 maxlen: 21
217.24.240.0/20 maxlen: 20
217.24.248.0/21 maxlen: 21
217.24.248.0/24 maxlen: 24
217.24.254.0/24 maxlen: 24
2a05:fdc0::/32 maxlen: 32
2a05:fdc0:3200::/40 maxlen: 40
2a05:fdc0:3100::/40 maxlen: 40
2a05:fdc0:2200::/40 maxlen: 40
2a05:fdc2:6000::/36 maxlen: 36
2a05:fdc2:1000::/36 maxlen: 36
2a05:fdc2:9000::/36 maxlen: 36
2a05:fdc2:8000::/36 maxlen: 36
2a05:fdc2:2000::/36 maxlen: 36
2a05:fdc2::/32 maxlen: 32
2a05:fdc2:4000::/36 maxlen: 36
2a05:fdc2:3000::/36 maxlen: 36
2a05:fdc2:7000::/36 maxlen: 36
2a05:fdc0::/29 maxlen: 29
2a05:fdc1::/32 maxlen: 32
2a05:fdc0:1000::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 13 Apr 2023 22:37:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7c:c2:9c:1c:fb:44:29:ed:ec:b6:02:2a:de:ae:87:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d794e81d72f59c65a0d18144a1b2607983536b4a
Validity
Not Before: Apr 13 22:35:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bccf5aa94056b7e1db2d74b945bd30f2f465ab63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ea:26:62:19:d4:0a:c0:1d:c8:93:2d:81:c7:
49:01:dc:54:50:dc:3b:dd:7c:f1:43:ea:fa:d2:fe:
c0:4c:46:b0:e1:01:72:6e:fb:84:30:81:b7:47:9a:
e9:9b:11:3f:e8:12:45:01:35:f7:bc:d6:20:09:85:
0c:10:09:c2:97:33:00:df:7d:c5:93:57:3a:85:80:
bc:eb:9f:b9:95:fe:01:ff:2a:4a:65:f4:55:4a:6e:
f3:60:4b:ca:33:e3:22:c8:e3:34:9c:77:7e:0b:ef:
21:41:41:92:ba:c7:18:3a:6c:db:10:3a:d7:3f:cf:
65:60:f5:dc:56:d4:50:9a:15:04:da:34:51:f5:09:
26:ea:74:7d:6c:14:1f:04:e9:d6:b6:8b:dd:f6:e2:
ae:68:70:ae:88:ba:83:14:57:0a:70:78:6d:39:14:
56:4a:dd:f8:a8:4e:9c:5f:8f:27:fc:f5:c1:c7:69:
22:31:21:c9:7a:19:a6:fd:19:13:d2:d4:00:64:96:
c3:ea:bc:d1:b6:2c:41:ee:20:21:3b:1b:7a:20:1f:
c5:a5:2f:16:fd:ca:37:24:9e:a6:1c:58:d0:61:96:
07:bb:78:df:9f:1c:98:b5:a8:03:a3:c6:2d:42:d1:
90:73:7f:f7:c3:b4:8a:13:30:16:bc:4a:54:3b:22:
d2:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:CF:5A:A9:40:56:B7:E1:DB:2D:74:B9:45:BD:30:F2:F4:65:AB:63
X509v3 Authority Key Identifier:
keyid:D7:94:E8:1D:72:F5:9C:65:A0:D1:81:44:A1:B2:60:79:83:53:6B:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15ToHXL1nGWg0YFEobJgeYNTa0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/vM9aqUBWt-HbLXS5Rb0w8vRlq2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/15ToHXL1nGWg0YFEobJgeYNTa0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.106.104.0/24
79.106.107.0/24
79.106.117.0-79.106.120.255
79.106.122.0-79.106.223.255
185.171.144.0-185.171.146.255
217.24.240.0/20
IPv6:
2a05:fdc0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:c9:b9:96:74:74:4c:62:b2:d4:62:54:ba:d8:3d:37:40:8b:
1e:43:7a:3a:a0:5e:c7:bb:e3:ba:52:03:ab:71:6d:83:ac:7b:
e2:8e:81:4b:21:ec:34:fc:c0:94:86:9e:4b:24:93:47:8f:9d:
a2:6b:bd:13:52:3e:f9:0d:13:45:06:34:51:76:47:7d:38:52:
fd:f4:15:63:9d:2f:c8:ad:f0:f3:84:68:47:95:f6:2b:b7:7b:
c9:62:9c:6c:33:35:b1:5a:9c:1f:c6:74:6f:d3:3b:9d:75:c0:
05:2a:e3:ba:22:03:4e:82:db:4c:48:97:08:e0:ff:7b:c1:ef:
ac:9a:73:fa:aa:10:22:00:6e:a9:d8:a1:69:71:12:ff:8f:d8:
b0:da:c5:f6:6a:86:70:d0:b2:f1:66:19:f6:7f:66:ef:24:54:
9f:2b:cd:ee:19:fa:7b:88:67:7a:f2:4d:e1:c7:ba:4d:aa:54:
d1:12:39:36:80:51:71:49:59:2a:29:9b:a1:77:9a:ff:37:e4:
28:dd:e8:4b:52:b4:9f:40:92:e7:a9:09:8c:34:3c:b6:1f:72:
2a:80:6d:a2:19:7a:67:39:62:61:01:22:8d:56:61:f4:1e:99:
13:ea:79:e4:d0:c0:5b:bd:b5:15:05:b1:90:4e:fa:70:fb:70:
0d:20:1b:1c
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYd8wpwc+0Qp7ey2AirerocUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OTRlODFkNzJmNTljNjVhMGQxODE0NGExYjI2MDc5ODM1
MzZiNGEwHhcNMjMwNDEzMjIzNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2NmNWFhOTQwNTZiN2UxZGIyZDc0Yjk0NWJkMzBmMmY0NjVhYjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+omYhnUCsAdyJMtgcdJAdxUUNw7
3XzxQ+r60v7ATEaw4QFybvuEMIG3R5rpmxE/6BJFATX3vNYgCYUMEAnClzMA333F
k1c6hYC865+5lf4B/ypKZfRVSm7zYEvKM+MiyOM0nHd+C+8hQUGSuscYOmzbEDrX
P89lYPXcVtRQmhUE2jRR9Qkm6nR9bBQfBOnWtovd9uKuaHCuiLqDFFcKcHhtORRW
St34qE6cX48n/PXBx2kiMSHJehmm/RkT0tQAZJbD6rzRtixB7iAhOxt6IB/FpS8W
/co3JJ6mHFjQYZYHu3jfnxyYtagDo8YtQtGQc3/3w7SKEzAWvEpUOyLSfwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFLzPWqlAVrfh2y10uUW9MPL0ZatjMB8GA1UdIwQY
MBaAFNeU6B1y9ZxloNGBRKGyYHmDU2tKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTVUb0hYTDFuR1dnMFlGRW9iSmdlWU5UYTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mNmExMjQtN2YwMS00ZTQwLWI3OTYt
Y2NhNTJiNjI2ZmNhLzEvdk05YXFVQld0LUhiTFhTNVJiMHc4dlJscTJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mNmExMjQtN2YwMS00ZTQwLWI3OTYtY2NhNTJiNjI2ZmNh
LzEvMTVUb0hYTDFuR1dnMFlGRW9iSmdlWU5UYTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQAT2poAwQA
T2prMAwDBABPanUDBABPangwDAMEAU9qegMEBU9qwDAMAwQEuauQAwQAuauSAwQE
2RjwMA0EAgACMAcDBQMqBf3AMA0GCSqGSIb3DQEBCwUAA4IBAQCfybmWdHRMYrLU
YlS62D03QIseQ3o6oF7Hu+O6UgOrcW2DrHvijoFLIew0/MCUhp5LJJNHj52ia70T
Uj75DRNFBjRRdkd9OFL99BVjnS/IrfDzhGhHlfYrt3vJYpxsMzWxWpwfxnRv0zud
dcAFKuO6IgNOgttMSJcI4P97we+smnP6qhAiAG6p2KFpcRL/j9iw2sX2aoZw0LLx
Zhn2f2bvJFSfK83uGfp7iGd68k3hx7pNqlTREjk2gFFxSVkqKZuhd5r/N+Qo3ehL
UrSfQJLnqQmMNDy2H3IqgG2iGXpnOWJhASKNVmH0HpkT6nnk0MBbvbUVBbGQTvpw
+3ANIBsc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:59 2024 by rpki-client on console-ams.rpki-client.org