![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/TWgK7NULg-Y4-c3OIfILwPWfGu0.roa
File: TWgK7NULg-Y4-c3OIfILwPWfGu0.roa (raw, json)
Hash identifier: YDIswcUHNrIa75utuLlygyZZvX60ZOwDuOyX+e55tK0=
Subject key identifier: 4D:68:0A:EC:D5:0B:83:E6:38:F9:CD:CE:21:F2:0B:C0:F5:9F:1A:ED
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018CC79555387200A945F8BD43835E7D63B3
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/TWgK7NULg-Y4-c3OIfILwPWfGu0.roa
Signing time: Tue 02 Jan 2024 00:31:41 +0000
ROA not before: Tue 02 Jan 2024 00:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50887
IP address blocks: 188.214.31.0/24 maxlen: 24
86.107.47.0/24 maxlen: 24
94.177.58.0/24 maxlen: 24
46.102.191.0/24 maxlen: 24
94.177.96.0/23 maxlen: 23
94.177.10.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:55:38:72:00:a9:45:f8:bd:43:83:5e:7d:63:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d680aecd50b83e638f9cdce21f20bc0f59f1aed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:05:15:5f:6e:5f:4b:9f:de:e5:4d:a3:f8:02:
6e:f3:3d:c4:10:7e:92:de:3a:85:4d:46:6f:1a:77:
58:be:a1:69:84:a5:cb:60:85:5f:1b:eb:b1:b1:57:
c0:92:82:84:b4:c6:fd:20:27:44:c0:5c:e5:cb:55:
68:6d:8c:32:87:68:4f:b0:c8:f0:f8:e1:66:21:aa:
a6:48:8d:c1:8c:91:ae:4c:9b:3e:97:5e:f7:7f:22:
17:5b:5a:19:1c:d5:7a:7d:2f:6c:07:2a:a4:5f:3f:
ad:04:28:a2:ae:c2:98:d1:a2:f2:e1:0b:09:1e:fd:
ed:c2:ff:e4:17:07:2a:b3:92:ea:ab:eb:7d:36:e5:
80:db:e5:78:ce:e0:36:35:6f:42:af:7c:11:dc:be:
12:29:13:a0:83:2e:58:0e:cc:28:3c:f1:f0:6f:32:
8b:86:35:c0:ce:69:2d:ad:37:52:dd:3c:85:d6:28:
fe:10:30:e1:7b:af:6a:53:29:f3:a6:03:67:89:a8:
63:fd:c6:47:4e:a8:08:6a:a1:c0:56:71:ef:ba:b3:
8d:01:7e:1c:d4:76:fa:b2:53:90:d8:9d:d1:fd:ab:
68:40:e4:8c:d9:45:95:eb:3f:bd:55:9f:e7:21:e8:
cb:fd:0e:11:bd:81:0e:6f:38:35:51:f8:b8:40:74:
5f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:68:0A:EC:D5:0B:83:E6:38:F9:CD:CE:21:F2:0B:C0:F5:9F:1A:ED
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/TWgK7NULg-Y4-c3OIfILwPWfGu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.191.0/24
86.107.47.0/24
94.177.10.0/23
94.177.58.0/24
94.177.96.0/23
188.214.31.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:42:4b:e3:c6:a1:c4:0f:ef:30:6c:de:eb:de:fb:dc:b2:26:
5a:16:de:b3:92:88:eb:be:9a:33:d6:1e:7f:4a:49:2b:e0:ac:
77:54:cd:f9:bb:d1:eb:22:13:bf:c7:93:0d:7d:b4:08:55:11:
b0:d4:6b:bf:f7:ed:53:4f:c2:cb:c0:74:28:73:24:fc:56:1d:
65:25:6c:48:14:22:ff:bb:07:c1:fc:26:48:43:71:c1:63:44:
b0:e4:0f:a4:56:0d:16:90:71:c8:c4:90:3c:37:54:78:03:74:
d1:3a:89:3a:3d:27:32:68:0f:db:be:e9:fd:25:d7:b6:a3:b7:
05:40:be:db:6d:fc:43:64:92:6a:7c:31:76:78:19:6e:98:a3:
3c:ee:47:33:d4:c7:1b:22:52:44:40:0a:fd:fb:7b:33:12:7f:
25:38:69:d9:45:7d:b5:12:4e:1e:29:36:c5:b8:1e:08:d9:a0:
33:f8:d4:31:12:2e:d8:89:5d:9b:04:3e:74:56:83:b3:73:59:
48:20:a4:ea:9b:1f:52:ee:f3:91:81:46:cd:fb:81:c8:43:bb:
42:72:cc:6b:48:e7:29:b4:0c:ac:f0:2e:be:83:b6:48:06:8f:
60:a6:2b:a0:00:f5:29:c5:ff:74:7e:d1:a3:a5:10:07:3b:96:
0b:15:0f:e5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzHlVU4cgCpRfi9Q4NefWOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMTAyMDAzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDY4MGFlY2Q1MGI4M2U2MzhmOWNkY2UyMWYyMGJjMGY1OWYxYWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQUVX25fS5/e5U2j+AJu8z3EEH6S
3jqFTUZvGndYvqFphKXLYIVfG+uxsVfAkoKEtMb9ICdEwFzly1VobYwyh2hPsMjw
+OFmIaqmSI3BjJGuTJs+l173fyIXW1oZHNV6fS9sByqkXz+tBCiirsKY0aLy4QsJ
Hv3twv/kFwcqs5Lqq+t9NuWA2+V4zuA2NW9Cr3wR3L4SKROggy5YDswoPPHwbzKL
hjXAzmktrTdS3TyF1ij+EDDhe69qUynzpgNniahj/cZHTqgIaqHAVnHvurONAX4c
1Hb6slOQ2J3R/atoQOSM2UWV6z+9VZ/nIejL/Q4RvYEObzg1Ufi4QHRfdwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFE1oCuzVC4PmOPnNziHyC8D1nxrtMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1RXZ0s3TlVMZy1ZNC1jM09JZklMd1BXZkd1MC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBAAuZr8D
BABWay8DBAFesQoDBABesToDBAFesWADBAC81h8wDQYJKoZIhvcNAQELBQADggEB
AMZCS+PGocQP7zBs3uve+9yyJloW3rOSiOu+mjPWHn9KSSvgrHdUzfm70esiE7/H
kw19tAhVEbDUa7/37VNPwsvAdChzJPxWHWUlbEgUIv+7B8H8JkhDccFjRLDkD6RW
DRaQccjEkDw3VHgDdNE6iTo9JzJoD9u+6f0l17ajtwVAvttt/ENkkmp8MXZ4GW6Y
ozzuRzPUxxsiUkRACv37ezMSfyU4adlFfbUSTh4pNsW4HgjZoDP41DESLtiJXZsE
PnRWg7NzWUggpOqbH1Lu85GBRs37gchDu0JyzGtI5ym0DKzwLr6DtkgGj2CmK6AA
9SnF/3R+0aOlEAc7lgsVD+U=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:27:49 2025 by rpki-client