![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/99107a-3b1b-4b5e-ae15-f95c60b466a0/1/SyA6n6_DWE4r28pzguIPdf5n27k.roa
File: SyA6n6_DWE4r28pzguIPdf5n27k.roa (raw, json)
Hash identifier: y0T+Utqg2X2+RyaqAd/4BAmlYCF9m1EZpK25PDU4FPg=
Subject key identifier: 4B:20:3A:9F:AF:C3:58:4E:2B:DB:CA:73:82:E2:0F:75:FE:67:DB:B9
Certificate issuer: /CN=53d9c969675a27d515d8fab2c63cde0ed056491e
Certificate serial: 018571D7ACBB282EE2A05174EE73E95AE78E
Authority key identifier: 53:D9:C9:69:67:5A:27:D5:15:D8:FA:B2:C6:3C:DE:0E:D0:56:49:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U9nJaWdaJ9UV2PqyxjzeDtBWSR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/99107a-3b1b-4b5e-ae15-f95c60b466a0/1/SyA6n6_DWE4r28pzguIPdf5n27k.roa
Signing time: Mon 02 Jan 2023 09:37:17 +0000
ROA not before: Mon 02 Jan 2023 09:37:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207786
IP address blocks: 195.85.218.0/24 maxlen: 24
195.85.226.0/24 maxlen: 24
195.85.223.0/24 maxlen: 24
195.85.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:ac:bb:28:2e:e2:a0:51:74:ee:73:e9:5a:e7:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53d9c969675a27d515d8fab2c63cde0ed056491e
Validity
Not Before: Jan 2 09:37:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b203a9fafc3584e2bdbca7382e20f75fe67dbb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c5:e8:21:38:e1:a6:ab:e2:0a:56:09:84:69:
73:76:30:3d:e0:20:c2:2b:4d:2a:db:91:7c:7d:f0:
ae:8f:15:93:5e:35:ec:5e:20:46:c3:6c:83:a3:f2:
d6:97:68:00:d3:6d:7f:6e:7b:17:77:91:b4:aa:b3:
45:d1:af:2c:6b:8c:cb:fd:b4:70:6f:75:66:d6:e4:
36:44:e4:e9:28:42:6e:e0:d6:5f:6e:3e:1a:1e:52:
f8:c5:44:20:72:86:2b:d2:b7:50:37:b7:a9:b3:ac:
e2:f1:d6:34:05:03:05:bf:41:f2:7c:f2:79:68:6e:
00:d5:ef:6e:b7:b9:af:b0:93:c5:50:67:91:86:a5:
ab:2e:36:6a:a0:40:30:9d:7c:70:27:46:a9:91:32:
7b:b0:46:ec:d9:f2:95:a8:4b:1a:42:c7:c6:98:2c:
5f:23:3d:26:f3:45:ea:f5:c8:12:0d:0e:8d:fe:fc:
d6:17:8f:ce:be:51:2d:31:59:53:81:1d:e1:da:07:
9a:89:43:9e:7d:32:6e:34:16:5b:73:f1:e6:18:b9:
e3:f9:79:5e:e7:c1:6d:c7:df:c3:bd:ec:65:cd:26:
cf:6d:96:c6:8e:08:a7:12:f5:67:e7:4a:89:90:e5:
ea:26:99:ea:02:20:30:e4:6a:42:98:a3:d9:44:45:
93:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:20:3A:9F:AF:C3:58:4E:2B:DB:CA:73:82:E2:0F:75:FE:67:DB:B9
X509v3 Authority Key Identifier:
keyid:53:D9:C9:69:67:5A:27:D5:15:D8:FA:B2:C6:3C:DE:0E:D0:56:49:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U9nJaWdaJ9UV2PqyxjzeDtBWSR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/99107a-3b1b-4b5e-ae15-f95c60b466a0/1/SyA6n6_DWE4r28pzguIPdf5n27k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/99107a-3b1b-4b5e-ae15-f95c60b466a0/1/U9nJaWdaJ9UV2PqyxjzeDtBWSR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.85.218.0/24
195.85.223.0/24
195.85.226.0/24
195.85.244.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:4e:98:66:e7:bc:87:04:23:8f:9a:3f:bf:61:08:2f:e6:18:
f1:cd:62:8b:6a:c9:06:1c:3f:8c:e8:4e:9f:b4:dc:a1:de:b3:
e4:fd:10:68:9e:4b:4c:56:58:a3:c1:86:d0:b8:70:7b:e3:a0:
b5:05:02:eb:51:30:73:a0:8f:ba:e9:09:6f:d3:88:96:a1:c9:
68:d0:37:ee:3f:16:01:e6:34:b1:da:cd:5e:f0:7b:b2:f0:70:
00:0b:e8:b2:ef:20:99:e9:1b:e4:d3:ca:1c:e0:d5:45:5b:81:
0a:49:9f:90:ca:f2:8b:ac:39:77:d8:b5:bd:a6:f8:50:07:5d:
56:c7:94:14:e8:f7:8c:62:78:a5:55:5e:70:35:97:1d:c2:b9:
91:3a:8e:dc:3e:b1:a4:c7:3c:4a:4d:a1:95:bb:d3:c4:5b:26:
04:c9:4c:46:9b:b2:cc:84:2f:e1:ca:cb:57:28:aa:c3:0e:bb:
b8:0c:94:f5:a7:d4:74:e9:f7:0a:6b:37:f6:52:d7:1a:31:e8:
56:c9:12:b2:e2:8e:79:20:94:f4:b6:6a:e4:28:72:fa:1f:98:
38:67:ee:e5:1c:bd:10:bc:ac:9a:ea:3c:3f:52:4f:16:7b:11:
04:fb:80:83:e2:97:c3:5f:1c:80:15:7b:59:79:51:7e:27:5f:
92:05:9e:10
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVx16y7KC7ioFF07nPpWueOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzZDljOTY5Njc1YTI3ZDUxNWQ4ZmFiMmM2M2NkZTBlZDA1
NjQ5MWUwHhcNMjMwMTAyMDkzNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjIwM2E5ZmFmYzM1ODRlMmJkYmNhNzM4MmUyMGY3NWZlNjdkYmI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssXoITjhpqviClYJhGlzdjA94CDC
K00q25F8ffCujxWTXjXsXiBGw2yDo/LWl2gA021/bnsXd5G0qrNF0a8sa4zL/bRw
b3Vm1uQ2ROTpKEJu4NZfbj4aHlL4xUQgcoYr0rdQN7eps6zi8dY0BQMFv0HyfPJ5
aG4A1e9ut7mvsJPFUGeRhqWrLjZqoEAwnXxwJ0apkTJ7sEbs2fKVqEsaQsfGmCxf
Iz0m80Xq9cgSDQ6N/vzWF4/OvlEtMVlTgR3h2geaiUOefTJuNBZbc/HmGLnj+Xle
58Ftx9/DvexlzSbPbZbGjginEvVn50qJkOXqJpnqAiAw5GpCmKPZREWTAQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEsgOp+vw1hOK9vKc4LiD3X+Z9u5MB8GA1UdIwQY
MBaAFFPZyWlnWifVFdj6ssY83g7QVkkeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTluSmFXZGFKOVVWMlBxeXhqemVEdEJXU1I0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC85OTEwN2EtM2IxYi00YjVlLWFlMTUt
Zjk1YzYwYjQ2NmEwLzEvU3lBNm42X0RXRTRyMjhwemd1SVBkZjVuMjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC85OTEwN2EtM2IxYi00YjVlLWFlMTUtZjk1YzYwYjQ2NmEw
LzEvVTluSmFXZGFKOVVWMlBxeXhqemVEdEJXU1I0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAw1XaAwQA
w1XfAwQAw1XiAwQAw1X0MA0GCSqGSIb3DQEBCwUAA4IBAQBcTphm57yHBCOPmj+/
YQgv5hjxzWKLaskGHD+M6E6ftNyh3rPk/RBonktMVlijwYbQuHB746C1BQLrUTBz
oI+66Qlv04iWoclo0DfuPxYB5jSx2s1e8Huy8HAAC+iy7yCZ6Rvk08oc4NVFW4EK
SZ+QyvKLrDl32LW9pvhQB11Wx5QU6PeMYnilVV5wNZcdwrmROo7cPrGkxzxKTaGV
u9PEWyYEyUxGm7LMhC/hystXKKrDDru4DJT1p9R06fcKazf2UtcaMehWyRKy4o55
IJT0tmrkKHL6H5g4Z+7lHL0QvKya6jw/Uk8WexEE+4CD4pfDXxyAFXtZeVF+J1+S
BZ4Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:14 2024 by rpki-client on console-fra.rpki-client.org