![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/Wqr7DMFGYVS9oNIUN88CFg510h8.roa
File: Wqr7DMFGYVS9oNIUN88CFg510h8.roa (raw, json)
Hash identifier: H9u7iw5yWakGQZn4tyJluOE31wcV3fM4CjvVYM5Al6c=
Subject key identifier: 5A:AA:FB:0C:C1:46:61:54:BD:A0:D2:14:37:CF:02:16:0E:75:D2:1F
Certificate issuer: /CN=3ad65216812ed24fd1c719871a59a971dec30a26
Certificate serial: 018CC3B67557E611E6E1CD3E24D5362375C4
Authority key identifier: 3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/Wqr7DMFGYVS9oNIUN88CFg510h8.roa
Signing time: Mon 01 Jan 2024 06:29:23 +0000
ROA not before: Mon 01 Jan 2024 06:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200384
IP address blocks: 195.16.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:75:57:e6:11:e6:e1:cd:3e:24:d5:36:23:75:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad65216812ed24fd1c719871a59a971dec30a26
Validity
Not Before: Jan 1 06:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5aaafb0cc1466154bda0d21437cf02160e75d21f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e8:09:12:c4:a8:49:f9:d8:5a:52:c8:e7:be:
b7:85:fb:b5:a3:e5:f9:62:be:06:aa:60:d8:65:88:
20:93:bf:6c:29:46:ce:54:a6:20:ca:01:6c:36:2d:
fc:53:dc:86:6b:a4:f3:6e:6c:80:55:fc:eb:7c:b0:
fa:ce:4c:0b:df:67:e8:ca:9b:93:b1:e8:8c:53:0b:
33:79:b7:52:fa:e0:92:3e:7f:e3:62:70:99:89:07:
da:31:24:8c:a5:bf:19:5b:ad:78:43:aa:ad:f9:e5:
b3:52:db:ea:d1:0b:2b:c3:21:18:8d:d9:57:e1:b7:
b9:06:de:26:8f:98:07:5b:b8:0c:57:fe:8f:73:11:
8a:8f:8c:2b:0a:81:4e:dd:17:7d:00:12:a7:9a:de:
f5:d9:db:fb:b2:08:92:01:20:43:a8:d6:1a:92:44:
ff:cc:81:e9:ba:e9:61:d4:be:1f:92:9e:41:f6:17:
96:65:5f:22:2f:95:0a:23:d9:d2:f1:e4:1d:d7:f2:
fe:6e:49:27:2a:1f:80:da:77:2a:e3:c9:7e:2d:f0:
85:60:26:f0:fd:cd:ee:7e:46:95:f3:c3:19:cd:45:
bb:f3:62:bd:a1:81:fc:96:1f:ff:a6:cb:e4:c9:d1:
9d:ca:fa:03:4f:62:d9:d6:13:11:57:2c:1a:a2:c8:
8a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:AA:FB:0C:C1:46:61:54:BD:A0:D2:14:37:CF:02:16:0E:75:D2:1F
X509v3 Authority Key Identifier:
keyid:3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/Wqr7DMFGYVS9oNIUN88CFg510h8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.16.252.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:eb:f8:7e:ba:5e:3f:d2:a9:6d:fe:2f:96:3c:38:97:fe:1e:
ce:8b:c7:c8:fb:29:7a:24:72:f1:5b:3d:5b:4d:c2:66:82:27:
4c:94:ca:bd:77:19:e6:d9:f4:ab:e7:ae:8f:d7:45:d6:a8:f3:
43:c0:26:48:8f:33:58:1d:aa:e9:61:7d:86:cf:8a:6f:05:0a:
e1:88:79:44:30:36:fc:0a:f3:8a:06:54:e6:08:82:3a:5d:89:
9d:fc:3b:ee:a3:90:38:aa:d7:91:b6:53:f2:b9:0b:fa:54:e9:
5a:74:4f:83:5d:1a:ed:4d:d6:df:6c:f5:ee:e3:f7:50:09:35:
68:56:0c:d0:71:09:62:51:7b:07:73:df:31:06:f4:6e:aa:35:
72:5d:7b:b0:70:c7:61:de:b5:cb:11:46:d5:f9:d0:b7:a9:09:
9f:81:ea:46:92:63:8e:c9:08:70:01:4a:32:81:96:64:dc:84:
b7:d6:df:60:2d:a4:15:56:2f:37:a9:e9:94:f8:c4:12:6a:8a:
1c:70:7f:66:bf:c2:6e:0d:fe:6d:c8:11:dc:1a:d9:c0:b4:62:
62:55:5d:55:d3:09:42:3b:63:fb:e2:d9:9b:bc:2d:fb:92:43:
df:69:e1:8b:f1:1c:f7:34:a6:a5:5b:9d:94:20:97:12:03:d2:
98:29:12:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtnVX5hHm4c0+JNU2I3XEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDY1MjE2ODEyZWQyNGZkMWM3MTk4NzFhNTlhOTcxZGVj
MzBhMjYwHhcNMjQwMTAxMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWFhZmIwY2MxNDY2MTU0YmRhMGQyMTQzN2NmMDIxNjBlNzVkMjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmugJEsSoSfnYWlLI5763hfu1o+X5
Yr4GqmDYZYggk79sKUbOVKYgygFsNi38U9yGa6TzbmyAVfzrfLD6zkwL32foypuT
seiMUwszebdS+uCSPn/jYnCZiQfaMSSMpb8ZW614Q6qt+eWzUtvq0QsrwyEYjdlX
4be5Bt4mj5gHW7gMV/6PcxGKj4wrCoFO3Rd9ABKnmt712dv7sgiSASBDqNYakkT/
zIHpuulh1L4fkp5B9heWZV8iL5UKI9nS8eQd1/L+bkknKh+A2ncq48l+LfCFYCbw
/c3ufkaV88MZzUW782K9oYH8lh//psvkydGdyvoDT2LZ1hMRVywaosiKxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqq+wzBRmFUvaDSFDfPAhYOddIfMB8GA1UdIwQY
MBaAFDrWUhaBLtJP0ccZhxpZqXHewwomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTct
NDY1MzhjYTUzODNjLzEvV3FyN0RNRkdZVlM5b05JVU44OENGZzUxMGg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTctNDY1MzhjYTUzODNj
LzEvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxD8MA0G
CSqGSIb3DQEBCwUAA4IBAQB86/h+ul4/0qlt/i+WPDiX/h7Oi8fI+yl6JHLxWz1b
TcJmgidMlMq9dxnm2fSr566P10XWqPNDwCZIjzNYHarpYX2Gz4pvBQrhiHlEMDb8
CvOKBlTmCII6XYmd/Dvuo5A4qteRtlPyuQv6VOladE+DXRrtTdbfbPXu4/dQCTVo
VgzQcQliUXsHc98xBvRuqjVyXXuwcMdh3rXLEUbV+dC3qQmfgepGkmOOyQhwAUoy
gZZk3IS31t9gLaQVVi83qemU+MQSaooccH9mv8JuDf5tyBHcGtnAtGJiVV1V0wlC
O2P74tmbvC37kkPfaeGL8Rz3NKalW52UIJcSA9KYKRLs
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:32 2025 by rpki-client