![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/xGHmqqAvpgXtnn70CJjn_6vcRxI.roa
File: xGHmqqAvpgXtnn70CJjn_6vcRxI.roa (raw, json)
Hash identifier: WiIiY4NxE690Si1r20xhsYIziF00otOrMB4gMiSxDz4=
Subject key identifier: C4:61:E6:AA:A0:2F:A6:05:ED:9E:7E:F4:08:98:E7:FF:AB:DC:47:12
Certificate issuer: /CN=b91b91504983091506a1a944457a4558b94dab7f
Certificate serial: 018CC8DF2386AAD8E3E49FD37BB04EC313B8
Authority key identifier: B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/xGHmqqAvpgXtnn70CJjn_6vcRxI.roa
Signing time: Tue 02 Jan 2024 06:31:56 +0000
ROA not before: Tue 02 Jan 2024 06:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35534
IP address blocks: 178.175.160.0/23 maxlen: 24
178.175.162.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:23:86:aa:d8:e3:e4:9f:d3:7b:b0:4e:c3:13:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91b91504983091506a1a944457a4558b94dab7f
Validity
Not Before: Jan 2 06:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c461e6aaa02fa605ed9e7ef40898e7ffabdc4712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:39:09:03:57:44:8d:46:93:ed:d1:1d:2f:6a:
fc:97:3a:7e:91:62:63:47:52:d1:37:42:e3:d2:0f:
79:28:2a:27:5f:f2:ea:20:e6:c1:05:d0:e4:9a:b8:
bd:28:f2:82:14:5a:38:68:3a:f0:aa:97:64:fc:25:
01:3e:61:79:3e:25:cf:a5:fe:0b:f8:14:73:df:13:
be:04:e6:53:f6:06:f4:01:32:c2:e9:e6:eb:23:7b:
5a:10:7c:7a:4a:40:53:56:b3:e2:2f:aa:84:57:a8:
b1:36:e6:ac:e4:8c:23:49:ff:a4:ca:42:04:fb:d9:
a0:42:0c:67:27:7a:58:78:db:27:53:d8:73:2e:cd:
04:3c:50:58:57:d8:72:06:86:f4:7a:86:9c:eb:85:
2a:ed:ad:d2:11:73:40:2d:43:15:8d:4d:02:0b:64:
93:db:30:e9:c2:47:57:4b:54:0d:ac:15:21:98:85:
44:3c:27:22:71:19:76:01:06:d2:cf:e3:11:74:d5:
84:14:ee:7f:cf:51:61:a7:3f:a6:84:63:67:ed:3d:
61:ce:da:5f:83:81:17:c1:26:47:1a:d3:a7:7d:19:
9e:ac:75:8d:b5:7b:57:f0:92:fc:c3:e1:e1:b4:4a:
7e:48:bd:b3:e5:c6:b3:ad:82:67:ca:4c:bc:fe:9f:
e6:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:61:E6:AA:A0:2F:A6:05:ED:9E:7E:F4:08:98:E7:FF:AB:DC:47:12
X509v3 Authority Key Identifier:
keyid:B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/xGHmqqAvpgXtnn70CJjn_6vcRxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.175.160.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:85:ed:b9:10:b4:f6:7a:ec:19:8c:e6:40:c7:dc:9b:8a:7c:
82:6b:84:22:d5:80:9c:0e:b1:e1:1b:49:2f:f3:f0:b7:c2:6a:
4f:f3:88:bf:9b:0f:62:e1:72:c9:62:2a:15:cf:c5:89:e5:e3:
71:22:d1:c1:e0:68:b3:24:40:60:9c:9a:bb:40:07:84:fe:8d:
f6:24:3a:85:fb:7d:08:36:a1:4c:7c:67:ed:47:34:e5:db:af:
f3:65:5f:e6:b8:ca:f5:4f:86:93:9b:b6:da:75:18:04:37:06:
4a:36:99:e1:03:6a:61:fe:99:d3:06:bd:82:2b:00:ae:bc:00:
b8:45:f6:5e:e5:e5:3c:6c:af:7e:20:f5:d0:15:c2:f9:a9:91:
35:c3:71:62:c3:d5:d1:61:a2:36:01:2c:b9:aa:9a:45:ce:7b:
5a:6c:96:fa:ad:b5:3e:48:88:c0:37:f5:ea:bd:c6:22:3a:7d:
51:ac:63:64:89:ac:1d:7d:19:ce:c6:8c:5d:e4:25:f0:55:c8:
2f:95:86:3a:57:f6:6b:f1:3f:ec:e7:5e:91:52:39:90:09:bb:
0f:13:1e:3f:91:3a:1c:ed:b0:52:24:27:02:30:7b:3c:61:2b:
eb:ed:bd:fe:d8:13:59:c2:52:aa:db:d1:26:48:51:05:47:b4:
45:e1:ac:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3yOGqtjj5J/Te7BOwxO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MWI5MTUwNDk4MzA5MTUwNmExYTk0NDQ1N2E0NTU4Yjk0
ZGFiN2YwHhcNMjQwMTAyMDYzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDYxZTZhYWEwMmZhNjA1ZWQ5ZTdlZjQwODk4ZTdmZmFiZGM0NzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjkJA1dEjUaT7dEdL2r8lzp+kWJj
R1LRN0Lj0g95KConX/LqIObBBdDkmri9KPKCFFo4aDrwqpdk/CUBPmF5PiXPpf4L
+BRz3xO+BOZT9gb0ATLC6ebrI3taEHx6SkBTVrPiL6qEV6ixNuas5IwjSf+kykIE
+9mgQgxnJ3pYeNsnU9hzLs0EPFBYV9hyBob0eoac64Uq7a3SEXNALUMVjU0CC2ST
2zDpwkdXS1QNrBUhmIVEPCcicRl2AQbSz+MRdNWEFO5/z1Fhpz+mhGNn7T1hztpf
g4EXwSZHGtOnfRmerHWNtXtX8JL8w+HhtEp+SL2z5cazrYJnyky8/p/mwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMRh5qqgL6YF7Z5+9AiY5/+r3EcSMB8GA1UdIwQY
MBaAFLkbkVBJgwkVBqGpREV6RVi5Tat/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjct
OWRkNmU4OGZjYzhkLzEveEdIbXFxQXZwZ1h0bm43MENKam5fNnZjUnhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjctOWRkNmU4OGZjYzhk
LzEvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsq+gMA0G
CSqGSIb3DQEBCwUAA4IBAQCkhe25ELT2euwZjOZAx9ybinyCa4Qi1YCcDrHhG0kv
8/C3wmpP84i/mw9i4XLJYioVz8WJ5eNxItHB4GizJEBgnJq7QAeE/o32JDqF+30I
NqFMfGftRzTl26/zZV/muMr1T4aTm7badRgENwZKNpnhA2ph/pnTBr2CKwCuvAC4
RfZe5eU8bK9+IPXQFcL5qZE1w3Fiw9XRYaI2ASy5qppFzntabJb6rbU+SIjAN/Xq
vcYiOn1RrGNkiawdfRnOxoxd5CXwVcgvlYY6V/Zr8T/s516RUjmQCbsPEx4/kToc
7bBSJCcCMHs8YSvr7b3+2BNZwlKq29EmSFEFR7RF4ayN
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:06:09 2025 by rpki-client