![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/4b9Lo84jHKLBPaxhcsmSek8-gT4.roa
File: 4b9Lo84jHKLBPaxhcsmSek8-gT4.roa (raw, json)
Hash identifier: 8RfrNd6H+452k3sRTrTzGCq0rS1t/RA2Tv8lQNjd1+U=
Subject key identifier: E1:BF:4B:A3:CE:23:1C:A2:C1:3D:AC:61:72:C9:92:7A:4F:3E:81:3E
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 018F99BFF2201A8152FD945E6D39CD0B47C7
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/4b9Lo84jHKLBPaxhcsmSek8-gT4.roa
Signing time: Tue 21 May 2024 06:04:04 +0000
ROA not before: Tue 21 May 2024 06:04:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48716
IP address blocks: 77.240.38.0/23 maxlen: 24
77.243.80.0/23 maxlen: 24
78.40.108.0/23 maxlen: 24
85.202.193.0/24 maxlen: 24
85.202.194.0/23 maxlen: 24
89.219.32.0/22 maxlen: 24
91.147.92.0/22 maxlen: 22
91.147.92.0/24 maxlen: 24
91.147.93.0/24 maxlen: 24
91.147.94.0/24 maxlen: 24
91.147.95.0/24 maxlen: 24
91.147.104.0/22 maxlen: 24
91.201.214.0/23 maxlen: 24
91.215.136.0/22 maxlen: 24
91.215.136.0/24 maxlen: 24
91.215.137.0/24 maxlen: 32
91.215.139.0/24 maxlen: 32
94.247.128.0/21 maxlen: 24
109.233.108.0/22 maxlen: 32
185.4.180.0/22 maxlen: 24
185.22.64.0/22 maxlen: 24
185.35.222.0/23 maxlen: 24
185.102.72.0/22 maxlen: 24
185.146.0.0/22 maxlen: 24
194.32.140.0/22 maxlen: 24
194.39.64.0/22 maxlen: 24
194.39.64.0/23 maxlen: 24
194.39.66.0/24 maxlen: 24
194.39.67.0/24 maxlen: 24
194.110.54.0/23 maxlen: 24
195.49.209.0/24 maxlen: 24
195.49.210.0/23 maxlen: 23
195.49.210.0/24 maxlen: 24
195.49.211.0/24 maxlen: 24
195.49.212.0/22 maxlen: 22
195.49.212.0/24 maxlen: 24
195.49.213.0/24 maxlen: 24
195.49.214.0/24 maxlen: 24
195.49.215.0/24 maxlen: 24
195.93.152.0/23 maxlen: 24
195.210.46.0/23 maxlen: 24
2a00:5da0::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 23 May 2024 16:09:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:99:bf:f2:20:1a:81:52:fd:94:5e:6d:39:cd:0b:47:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: May 21 06:04:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1bf4ba3ce231ca2c13dac6172c9927a4f3e813e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:70:c1:df:d7:d7:1a:87:2e:c6:f8:37:fb:36:
25:df:48:27:f7:b5:06:43:19:99:0b:3b:02:ad:0e:
74:6f:03:5d:53:a3:bb:68:cf:7b:a3:66:91:34:04:
af:96:a3:fb:96:b1:3a:c8:58:38:56:5a:ea:c2:19:
1c:03:b8:09:c8:06:8c:43:a6:9e:e6:41:6e:39:ae:
ad:0d:07:92:f5:22:20:b4:bf:6d:c5:94:74:69:4e:
0e:f5:f3:5a:cb:9b:c3:3f:57:70:8c:4d:d3:bf:c4:
7c:90:b8:00:9f:c1:0f:db:1c:62:f3:94:fd:80:48:
a7:c5:dd:92:59:c4:bb:2b:b3:c2:cd:6f:7c:45:90:
bc:24:ce:8e:4c:50:71:85:46:62:f6:b2:02:08:19:
8e:be:23:90:04:f0:a9:11:6c:2a:b9:1b:fa:ca:41:
62:a2:ef:ac:9d:ea:f6:39:94:34:0a:06:94:89:c4:
ad:fc:b0:f9:08:f2:76:94:53:f3:f6:ec:32:88:16:
2e:b3:fa:3a:85:01:cf:eb:0c:e2:12:4b:b8:21:d1:
c7:bb:61:cf:1c:69:4d:9b:d5:8b:6d:17:2c:e7:53:
92:a2:ea:0e:f7:76:4f:6c:d9:15:8d:ee:e7:61:03:
39:e2:3e:58:96:00:b6:a6:ed:d7:35:18:66:e9:dd:
16:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:BF:4B:A3:CE:23:1C:A2:C1:3D:AC:61:72:C9:92:7A:4F:3E:81:3E
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/4b9Lo84jHKLBPaxhcsmSek8-gT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.38.0/23
77.243.80.0/23
78.40.108.0/23
85.202.193.0-85.202.195.255
89.219.32.0/22
91.147.92.0/22
91.147.104.0/22
91.201.214.0/23
91.215.136.0/22
94.247.128.0/21
109.233.108.0/22
185.4.180.0/22
185.22.64.0/22
185.35.222.0/23
185.102.72.0/22
185.146.0.0/22
194.32.140.0/22
194.39.64.0/22
194.110.54.0/23
195.49.209.0-195.49.215.255
195.93.152.0/23
195.210.46.0/23
IPv6:
2a00:5da0::/32
Signature Algorithm: sha256WithRSAEncryption
bc:2f:fc:d6:6a:f5:86:1d:fd:fa:bc:d6:3f:5e:58:81:1d:e3:
97:ff:8e:05:92:8e:7e:c4:02:35:9a:d2:35:69:87:7e:46:f8:
3b:d6:b9:fe:f3:a2:7e:21:5e:03:02:36:3b:e2:9d:25:0c:f2:
d6:b0:87:7b:4c:af:7d:fe:ca:c9:cd:7b:0f:a0:14:3d:c2:8e:
2c:2c:2e:15:90:6d:3d:92:fa:d3:42:f7:dd:c2:7b:7f:72:b2:
96:a7:57:c3:5e:49:b6:c0:51:b9:b1:78:7c:61:a7:90:03:b1:
89:38:54:78:77:58:79:31:8d:6a:7c:18:f5:fc:da:af:ee:d0:
83:c3:8e:f7:dc:b4:06:50:31:ef:f2:b6:9f:7f:1c:73:26:a6:
84:d3:49:fe:38:f6:64:ec:cd:ed:c3:de:b9:40:3a:7e:e7:f5:
76:c2:04:fc:a4:28:80:fe:c3:bc:69:0d:db:84:42:61:6d:d6:
d7:b4:39:08:8e:f2:c0:91:14:1a:f7:35:b8:c3:a8:21:c0:96:
fe:bb:55:e7:3b:1a:cf:dd:aa:cd:fa:b2:0f:53:38:c1:f5:f4:
23:20:09:8e:eb:1b:4b:a2:a8:47:b8:0d:f0:f4:41:76:47:c2:
a3:5f:66:55:40:1b:ed:19:2b:73:4f:ce:6c:ae:e3:77:a5:fe:
7e:0c:1e:54
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAY+Zv/IgGoFS/ZRebTnNC0fHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDdiNTlkMjFlYTM2YjMwNjJmY2E4MGNlNzVjMTYxNmFm
NTExOWEwHhcNMjQwNTIxMDYwNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWJmNGJhM2NlMjMxY2EyYzEzZGFjNjE3MmM5OTI3YTRmM2U4MTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3DB39fXGocuxvg3+zYl30gn97UG
QxmZCzsCrQ50bwNdU6O7aM97o2aRNASvlqP7lrE6yFg4VlrqwhkcA7gJyAaMQ6ae
5kFuOa6tDQeS9SIgtL9txZR0aU4O9fNay5vDP1dwjE3Tv8R8kLgAn8EP2xxi85T9
gEinxd2SWcS7K7PCzW98RZC8JM6OTFBxhUZi9rICCBmOviOQBPCpEWwquRv6ykFi
ou+sner2OZQ0CgaUicSt/LD5CPJ2lFPz9uwyiBYus/o6hQHP6wziEku4IdHHu2HP
HGlNm9WLbRcs51OSouoO93ZPbNkVje7nYQM54j5YlgC2pu3XNRhm6d0WQQIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFOG/S6POIxyiwT2sYXLJknpPPoE+MB8GA1UdIwQY
MBaAFBhHtZ0h6jazBi/KgM51wWFq9RGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTIt
ZjkxYmI1MTc5MjE3LzEvNGI5TG84NGpIS0xCUGF4aGNzbVNlazgtZ1Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTItZjkxYmI1MTc5MjE3
LzEvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTCBmwQCAAEwgZQDBAFN
8CYDBAFN81ADBAFOKGwwDAMEAFXKwQMEAlXKwAMEAlnbIAMEAluTXAMEAluTaAME
AVvJ1gMEAlvXiAMEA173gAMEAm3pbAMEArkEtAMEArkWQAMEAbkj3gMEArlmSAME
ArmSAAMEAsIgjAMEAsInQAMEAcJuNjAMAwQAwzHRAwQDwzHQAwQBw12YAwQBw9Iu
MA0EAgACMAcDBQAqAF2gMA0GCSqGSIb3DQEBCwUAA4IBAQC8L/zWavWGHf36vNY/
XliBHeOX/44Fko5+xAI1mtI1aYd+Rvg71rn+86J+IV4DAjY74p0lDPLWsId7TK99
/srJzXsPoBQ9wo4sLC4VkG09kvrTQvfdwnt/crKWp1fDXkm2wFG5sXh8YaeQA7GJ
OFR4d1h5MY1qfBj1/Nqv7tCDw4733LQGUDHv8raffxxzJqaE00n+OPZk7M3tw965
QDp+5/V2wgT8pCiA/sO8aQ3bhEJhbdbXtDkIjvLAkRQa9zW4w6ghwJb+u1XnOxrP
3arN+rIPUzjB9fQjIAmO6xtLoqhHuA3w9EF2R8KjX2ZVQBvtGStzT85sruN3pf5+
DB5U
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:55 2025 by rpki-client