![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/zJzvEflFo4My11Nm0DiXggVz3HI.roa
File: zJzvEflFo4My11Nm0DiXggVz3HI.roa (raw, json)
Hash identifier: 09au1rlRykIQ6j1id3To7laOw3y9ucRZKbpxv6eWeFI=
Subject key identifier: CC:9C:EF:11:F9:45:A3:83:32:D7:53:66:D0:38:97:82:05:73:DC:72
Certificate issuer: /CN=eeb59b791c7a11d232a95c7ef169285caea695bc
Certificate serial: 018CC50067B437CA3CFA28C74BF948A919C7
Authority key identifier: EE:B5:9B:79:1C:7A:11:D2:32:A9:5C:7E:F1:69:28:5C:AE:A6:95:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rWbeRx6EdIyqVx-8WkoXK6mlbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/zJzvEflFo4My11Nm0DiXggVz3HI.roa
Signing time: Mon 01 Jan 2024 12:29:47 +0000
ROA not before: Mon 01 Jan 2024 12:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207167
IP address blocks: 85.209.28.0/22 maxlen: 22
185.234.132.0/22 maxlen: 22
185.179.33.0/24 maxlen: 24
185.179.32.0/24 maxlen: 24
185.59.144.0/22 maxlen: 22
2a0a:7780::/29 maxlen: 29
2a02:6c20::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:67:b4:37:ca:3c:fa:28:c7:4b:f9:48:a9:19:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eeb59b791c7a11d232a95c7ef169285caea695bc
Validity
Not Before: Jan 1 12:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc9cef11f945a38332d75366d03897820573dc72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:28:86:f6:61:59:ee:ea:b6:9f:03:18:c5:8f:
2b:37:0a:c3:d7:59:b7:a1:af:f9:10:84:6a:9c:fc:
53:fa:bc:dc:57:0e:21:81:20:fa:6a:ea:ee:c9:e6:
d1:4b:f0:1a:6f:60:2a:78:4c:ec:f2:2f:f2:5d:8f:
83:a7:0f:67:16:e1:4a:3b:20:6b:60:98:aa:dc:2e:
9a:e8:fc:1b:ce:93:2e:f4:3d:d9:fd:17:56:e0:3e:
b4:1f:cb:ce:a7:c5:f4:da:88:9d:65:35:de:38:40:
6c:0e:d7:62:83:a4:dd:e7:2e:60:3e:e0:ca:a4:58:
43:4e:2c:ef:2b:08:ea:20:a1:fa:fe:d9:58:f6:5b:
9d:d2:15:f3:92:47:6f:17:c9:6e:78:59:6c:1f:66:
29:88:3f:f2:b3:9e:8e:db:61:a6:77:f6:22:68:f5:
39:0c:36:d3:84:0a:39:80:a9:11:58:7a:df:df:49:
ab:56:53:dd:42:ba:b7:f8:8d:f2:da:b6:df:f2:7c:
98:d4:d2:5b:fa:d4:cf:ec:b7:8f:08:d4:8a:96:a4:
b8:89:96:11:7a:0f:39:9e:f7:f7:c9:a7:1a:f8:e5:
2c:1d:ef:8b:fb:41:ec:f9:4a:84:ba:50:70:27:9a:
9b:1a:0d:05:8b:ce:ce:3f:aa:b7:0b:0c:bb:65:4e:
c1:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:9C:EF:11:F9:45:A3:83:32:D7:53:66:D0:38:97:82:05:73:DC:72
X509v3 Authority Key Identifier:
keyid:EE:B5:9B:79:1C:7A:11:D2:32:A9:5C:7E:F1:69:28:5C:AE:A6:95:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rWbeRx6EdIyqVx-8WkoXK6mlbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/zJzvEflFo4My11Nm0DiXggVz3HI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/efff71-7d11-4a1a-8ad3-a67d8c7ed7ca/1/7rWbeRx6EdIyqVx-8WkoXK6mlbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.28.0/22
185.59.144.0/22
185.179.32.0/23
185.234.132.0/22
IPv6:
2a02:6c20::/32
2a0a:7780::/29
Signature Algorithm: sha256WithRSAEncryption
d4:5b:35:d7:32:fe:84:4e:a9:77:3b:1f:04:c7:ea:df:ae:ae:
38:8b:76:c7:5d:b4:58:e2:40:5b:60:ab:80:f2:f1:de:c8:02:
6c:18:fc:fe:62:0e:a0:2c:ac:dd:b8:f1:36:f3:b4:b7:c6:3d:
3a:91:8b:88:f8:b2:32:1f:8f:be:61:b9:4d:37:fd:50:0b:af:
9a:c6:bb:9f:38:15:b1:24:46:93:f1:63:0a:93:84:f5:06:b5:
8f:6f:46:a1:94:a0:82:04:69:5e:70:67:ff:6e:d9:59:55:a1:
c9:e4:d8:bc:e6:3d:13:7a:5f:02:e4:eb:21:b7:98:c3:7f:2b:
34:2e:bb:46:79:31:b7:72:e0:2e:8d:a9:7e:fd:56:33:e9:54:
fa:89:ae:2b:62:f0:2a:17:88:b6:39:52:b7:6e:24:d6:48:53:
97:23:6e:ec:00:d7:69:64:6a:da:08:14:cc:5e:51:d9:2d:4c:
be:b5:5b:43:72:b2:20:ad:e0:ef:b0:18:6b:a2:bd:82:10:c2:
08:27:8a:92:1a:72:c0:78:bb:f0:dd:09:43:e3:83:d9:8b:a0:
4b:59:01:7a:0b:a2:e4:c8:6e:1a:7d:78:98:41:0c:c7:bc:b5:
4b:94:6c:2a:19:2a:1e:ad:fd:95:e0:4f:57:0a:98:9b:41:9d:
3c:80:cb:1f
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzFAGe0N8o8+ijHS/lIqRnHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYjU5Yjc5MWM3YTExZDIzMmE5NWM3ZWYxNjkyODVjYWVh
Njk1YmMwHhcNMjQwMTAxMTIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzljZWYxMWY5NDVhMzgzMzJkNzUzNjZkMDM4OTc4MjA1NzNkYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyiG9mFZ7uq2nwMYxY8rNwrD11m3
oa/5EIRqnPxT+rzcVw4hgSD6auruyebRS/Aab2AqeEzs8i/yXY+Dpw9nFuFKOyBr
YJiq3C6a6PwbzpMu9D3Z/RdW4D60H8vOp8X02oidZTXeOEBsDtdig6Td5y5gPuDK
pFhDTizvKwjqIKH6/tlY9lud0hXzkkdvF8lueFlsH2YpiD/ys56O22Gmd/YiaPU5
DDbThAo5gKkRWHrf30mrVlPdQrq3+I3y2rbf8nyY1NJb+tTP7LePCNSKlqS4iZYR
eg85nvf3yaca+OUsHe+L+0Hs+UqEulBwJ5qbGg0Fi87OP6q3Cwy7ZU7BhQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMyc7xH5RaODMtdTZtA4l4IFc9xyMB8GA1UdIwQY
MBaAFO61m3kcehHSMqlcfvFpKFyuppW8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3JXYmVSeDZFZEl5cVZ4LThXa29YSzZtbGJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lZmZmNzEtN2QxMS00YTFhLThhZDMt
YTY3ZDhjN2VkN2NhLzEvekp6dkVmbEZvNE15MTFObTBEaVhnZ1Z6M0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lZmZmNzEtN2QxMS00YTFhLThhZDMtYTY3ZDhjN2VkN2Nh
LzEvN3JXYmVSeDZFZEl5cVZ4LThXa29YSzZtbGJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCVdEcAwQC
uTuQAwQBubMgAwQCueqEMBQEAgACMA4DBQAqAmwgAwUDKgp3gDANBgkqhkiG9w0B
AQsFAAOCAQEA1Fs11zL+hE6pdzsfBMfq366uOIt2x120WOJAW2CrgPLx3sgCbBj8
/mIOoCys3bjxNvO0t8Y9OpGLiPiyMh+PvmG5TTf9UAuvmsa7nzgVsSRGk/FjCpOE
9Qa1j29GoZSgggRpXnBn/27ZWVWhyeTYvOY9E3pfAuTrIbeYw38rNC67Rnkxt3Lg
Lo2pfv1WM+lU+omuK2LwKheItjlSt24k1khTlyNu7ADXaWRq2ggUzF5R2S1MvrVb
Q3KyIK3g77AYa6K9ghDCCCeKkhpywHi78N0JQ+OD2YugS1kBegui5MhuGn14mEEM
x7y1S5RsKhkqHq39leBPVwqYm0GdPIDLHw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:01 2025 by rpki-client