![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/dd8bc5-86ef-4135-bf1f-a4c8d9895a43/1/jnSUz-EY9lPagGeMM_nauUhrQUs.roa
File: jnSUz-EY9lPagGeMM_nauUhrQUs.roa (raw, json)
Hash identifier: R7BT0m/33+J/III4JIkYIurUNGXV8WjWo+B5EgQnF24=
Subject key identifier: 8E:74:94:CF:E1:18:F6:53:DA:80:67:8C:33:F9:DA:B9:48:6B:41:4B
Certificate issuer: /CN=0ef47d753d25289fd98794974aa0536010567bd9
Certificate serial: 018CC8DF7B9B28CB98D78D948D8EDA656931
Authority key identifier: 0E:F4:7D:75:3D:25:28:9F:D9:87:94:97:4A:A0:53:60:10:56:7B:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvR9dT0lKJ_Zh5SXSqBTYBBWe9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/dd8bc5-86ef-4135-bf1f-a4c8d9895a43/1/jnSUz-EY9lPagGeMM_nauUhrQUs.roa
Signing time: Tue 02 Jan 2024 06:32:18 +0000
ROA not before: Tue 02 Jan 2024 06:32:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 185.242.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 20:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:7b:9b:28:cb:98:d7:8d:94:8d:8e:da:65:69:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef47d753d25289fd98794974aa0536010567bd9
Validity
Not Before: Jan 2 06:32:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e7494cfe118f653da80678c33f9dab9486b414b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:84:05:64:d9:4f:d8:64:f9:a2:a1:30:a2:fe:
13:f2:ee:82:77:82:e2:fa:84:92:2c:06:97:1e:13:
2f:a9:81:91:75:d2:c4:7a:7d:ba:16:88:5a:a6:41:
d7:79:4b:34:12:f4:02:ad:e8:68:98:3e:d2:06:6d:
c7:f6:5e:76:74:48:5f:69:b1:64:23:3d:cc:4c:e7:
18:cf:97:90:27:33:dd:f6:f4:dd:5d:b5:5e:50:d3:
35:c9:49:71:e5:06:ed:0f:45:97:5d:37:6f:d8:51:
7b:61:3e:6e:b7:c2:64:25:ec:09:34:77:f5:76:b3:
86:c8:56:cf:89:7a:b5:75:22:a4:61:21:67:0d:b9:
78:48:02:82:e2:70:e0:56:9a:1f:d7:5a:c2:43:7b:
f4:e3:87:f6:8d:16:44:1b:e0:b3:a0:ec:5b:3b:ca:
c9:e8:19:38:5b:50:d3:7d:c4:72:4e:b4:e9:b8:2d:
a3:d7:3d:4b:10:4c:cf:f3:12:2d:9f:66:1c:71:9b:
7a:21:ff:17:e3:a4:f8:9f:ca:67:71:59:4f:0f:e1:
dc:f0:82:3d:87:7a:59:84:21:70:62:17:90:8e:b1:
b6:d1:1c:81:ee:0c:9d:02:ab:c8:4f:c7:f4:7e:c4:
ce:20:b3:6b:6d:de:3f:8e:10:2d:17:96:3a:10:93:
ed:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:74:94:CF:E1:18:F6:53:DA:80:67:8C:33:F9:DA:B9:48:6B:41:4B
X509v3 Authority Key Identifier:
keyid:0E:F4:7D:75:3D:25:28:9F:D9:87:94:97:4A:A0:53:60:10:56:7B:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvR9dT0lKJ_Zh5SXSqBTYBBWe9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/dd8bc5-86ef-4135-bf1f-a4c8d9895a43/1/jnSUz-EY9lPagGeMM_nauUhrQUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/dd8bc5-86ef-4135-bf1f-a4c8d9895a43/1/DvR9dT0lKJ_Zh5SXSqBTYBBWe9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.219.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:a2:7b:4d:bd:47:39:20:64:15:41:42:7f:09:b3:45:cb:08:
9a:3f:be:a1:9f:a3:10:b1:25:23:0c:5d:d1:52:b7:37:be:5b:
b1:44:88:a6:c0:99:e2:68:d5:b1:da:98:52:45:c9:ef:d5:c5:
7a:b9:a1:ce:ed:55:2c:d4:ea:73:0c:cb:0f:1a:ae:02:fc:b5:
14:00:95:ed:c7:a6:11:f5:f1:ef:94:a6:8b:ea:76:b9:3c:40:
b3:aa:16:64:32:5c:10:7f:c4:66:73:92:4f:0c:e0:72:af:8e:
7d:56:c2:17:2f:a5:83:ba:ed:43:e0:25:9f:2c:8b:44:05:39:
3d:15:41:c9:3e:a9:71:1f:79:91:cc:ad:83:1b:35:cf:4d:0b:
f8:59:3f:ce:db:ff:b3:20:4d:8f:77:4e:dd:21:93:5d:3a:9e:
36:d9:94:87:72:5c:cf:96:82:cb:a7:d6:e6:b4:1b:f3:7d:87:
81:45:8a:f8:e1:e7:bf:f8:be:5e:ac:e2:59:44:ea:0f:25:42:
37:64:51:26:4f:bc:d6:61:24:66:49:3e:5e:00:fb:b6:88:1c:
94:06:2c:95:26:fa:40:bb:ed:14:28:c0:92:a0:af:54:c6:61:
ea:83:f2:53:54:a3:b8:3d:9a:73:34:98:3e:ce:c1:0a:fb:58:
e4:2c:b7:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI33ubKMuY142UjY7aZWkxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjQ3ZDc1M2QyNTI4OWZkOTg3OTQ5NzRhYTA1MzYwMTA1
NjdiZDkwHhcNMjQwMTAyMDYzMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTc0OTRjZmUxMThmNjUzZGE4MDY3OGMzM2Y5ZGFiOTQ4NmI0MTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIQFZNlP2GT5oqEwov4T8u6Cd4Li
+oSSLAaXHhMvqYGRddLEen26FohapkHXeUs0EvQCrehomD7SBm3H9l52dEhfabFk
Iz3MTOcYz5eQJzPd9vTdXbVeUNM1yUlx5QbtD0WXXTdv2FF7YT5ut8JkJewJNHf1
drOGyFbPiXq1dSKkYSFnDbl4SAKC4nDgVpof11rCQ3v044f2jRZEG+CzoOxbO8rJ
6Bk4W1DTfcRyTrTpuC2j1z1LEEzP8xItn2YccZt6If8X46T4n8pncVlPD+Hc8II9
h3pZhCFwYheQjrG20RyB7gydAqvIT8f0fsTOILNrbd4/jhAtF5Y6EJPtZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI50lM/hGPZT2oBnjDP52rlIa0FLMB8GA1UdIwQY
MBaAFA70fXU9JSif2YeUl0qgU2AQVnvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZSOWRUMGxLSl9aaDVTWFNxQlRZQkJXZTlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9kZDhiYzUtODZlZi00MTM1LWJmMWYt
YTRjOGQ5ODk1YTQzLzEvam5TVXotRVk5bFBhZ0dlTU1fbmF1VWhyUVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9kZDhiYzUtODZlZi00MTM1LWJmMWYtYTRjOGQ5ODk1YTQz
LzEvRHZSOWRUMGxLSl9aaDVTWFNxQlRZQkJXZTlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufLbMA0G
CSqGSIb3DQEBCwUAA4IBAQCOontNvUc5IGQVQUJ/CbNFywiaP76hn6MQsSUjDF3R
Urc3vluxRIimwJniaNWx2phSRcnv1cV6uaHO7VUs1OpzDMsPGq4C/LUUAJXtx6YR
9fHvlKaL6na5PECzqhZkMlwQf8Rmc5JPDOByr459VsIXL6WDuu1D4CWfLItEBTk9
FUHJPqlxH3mRzK2DGzXPTQv4WT/O2/+zIE2Pd07dIZNdOp422ZSHclzPloLLp9bm
tBvzfYeBRYr44ee/+L5erOJZROoPJUI3ZFEmT7zWYSRmST5eAPu2iByUBiyVJvpA
u+0UKMCSoK9UxmHqg/JTVKO4PZpzNJg+zsEK+1jkLLdJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:20 2025 by rpki-client