![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/or2YC0DO6V7Z-3oHpt5Lk8_cWy4.roa
File: or2YC0DO6V7Z-3oHpt5Lk8_cWy4.roa (raw, json)
Hash identifier: Gba2H433uRAY00Hs7TughthafldoHqfdXNGvd9vpfxY=
Subject key identifier: A2:BD:98:0B:40:CE:E9:5E:D9:FB:7A:07:A6:DE:4B:93:CF:DC:5B:2E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189B02E3B0D1157837C7BF139C582EDB6D1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/or2YC0DO6V7Z-3oHpt5Lk8_cWy4.roa
Signing time: Tue 01 Aug 2023 08:19:26 +0000
ROA not before: Tue 01 Aug 2023 08:19:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35409
IP address blocks: 89.213.179.0/24 maxlen: 24
89.213.175.0/24 maxlen: 24
109.176.241.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
89.213.159.0/24 maxlen: 24
109.176.248.0/24 maxlen: 24
109.176.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Aug 2023 08:33:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b0:2e:3b:0d:11:57:83:7c:7b:f1:39:c5:82:ed:b6:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 1 08:19:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2bd980b40cee95ed9fb7a07a6de4b93cfdc5b2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a9:04:9b:7f:b9:2d:48:01:cf:1d:8f:32:c9:
68:71:dd:fe:87:ce:bc:f7:5d:50:8e:44:59:bd:4f:
b6:b3:36:dc:97:65:f4:c1:f6:c1:e0:04:e8:c3:8e:
4e:52:ed:9c:63:b3:46:2e:ce:6e:cb:61:f6:11:92:
4e:c6:b0:6a:e6:96:73:ee:ce:7c:c7:e5:2d:52:ff:
b0:0a:e2:6e:03:a2:57:ba:5e:46:41:ac:31:46:39:
87:72:71:ad:4a:15:51:3a:70:93:2a:ca:e5:fa:b3:
15:65:8b:7b:21:60:e4:67:c6:34:44:9e:12:15:c4:
75:49:10:b9:36:7c:e9:3e:11:e5:a6:26:fd:02:a3:
06:1a:e2:22:c9:4f:82:84:ba:27:93:3b:08:6b:ba:
80:1b:07:6d:fa:21:fd:2f:86:aa:d7:23:bb:32:f3:
1c:d8:0e:a3:1e:e8:16:a2:89:a6:79:4b:15:22:14:
ee:1f:ee:7f:81:be:c1:79:47:04:c4:89:39:06:db:
86:c5:df:f3:16:fd:df:49:9d:61:21:d9:a1:d7:c9:
96:f1:8c:5a:06:95:30:e3:5b:f8:6f:f6:1f:71:b2:
0e:b6:c6:60:78:56:e6:6a:80:bc:be:38:35:ec:4d:
b7:83:6a:f5:a2:7f:02:26:61:65:4a:91:28:aa:9c:
4a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BD:98:0B:40:CE:E9:5E:D9:FB:7A:07:A6:DE:4B:93:CF:DC:5B:2E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/or2YC0DO6V7Z-3oHpt5Lk8_cWy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.159.0/24
89.213.175.0/24
89.213.179.0/24
109.176.241.0-109.176.242.255
109.176.248.0/24
109.176.250.0/24
Signature Algorithm: sha256WithRSAEncryption
31:54:2d:3e:ec:6d:77:2c:d9:64:c3:bb:66:c6:cf:30:ae:5f:
be:c1:d9:ce:4f:6f:40:4a:0b:1e:af:f9:dc:86:cf:87:26:bc:
9d:8a:33:5a:1b:17:67:73:9f:1d:0c:bf:b0:07:b0:bf:f7:fb:
ef:34:a3:f1:37:a1:9c:af:4a:a6:c3:99:06:58:be:23:65:a6:
82:f5:25:92:ee:1a:61:9d:b3:71:ae:ea:ff:9b:23:2c:94:f5:
c6:93:e2:7e:f8:2f:37:8c:53:e9:4d:a5:d3:39:11:e4:6b:97:
1d:9c:70:da:b2:9e:36:f5:d6:30:aa:c3:01:ca:55:3f:ce:d9:
be:e9:68:d8:7c:f0:ec:6c:42:52:f9:5a:01:7b:0d:35:47:47:
37:cf:3a:b7:6e:44:2b:41:ba:b1:23:e7:62:bc:c4:3c:53:c7:
2e:5a:02:d2:c9:39:79:bc:c7:3f:f3:bd:a2:43:7a:63:63:8f:
f7:88:d8:9a:f6:cd:e4:6f:34:0e:fc:61:af:e5:ba:e9:65:88:
e3:58:28:c1:7c:da:58:d2:3e:29:22:e1:ae:37:ac:b0:45:53:
6f:d1:8a:80:38:7a:24:77:a3:89:12:ba:23:7d:83:fc:25:81:
17:e6:db:ec:e2:4c:5a:d4:ad:72:48:9f:4e:0d:d1:19:a9:fa:
16:e2:6a:c9
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYmwLjsNEVeDfHvxOcWC7bbRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAxMDgxOTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmJkOTgwYjQwY2VlOTVlZDlmYjdhMDdhNmRlNGI5M2NmZGM1YjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6kEm3+5LUgBzx2PMslocd3+h868
911QjkRZvU+2szbcl2X0wfbB4ATow45OUu2cY7NGLs5uy2H2EZJOxrBq5pZz7s58
x+UtUv+wCuJuA6JXul5GQawxRjmHcnGtShVROnCTKsrl+rMVZYt7IWDkZ8Y0RJ4S
FcR1SRC5NnzpPhHlpib9AqMGGuIiyU+ChLonkzsIa7qAGwdt+iH9L4aq1yO7MvMc
2A6jHugWoommeUsVIhTuH+5/gb7BeUcExIk5BtuGxd/zFv3fSZ1hIdmh18mW8Yxa
BpUw41v4b/YfcbIOtsZgeFbmaoC8vjg17E23g2r1on8CJmFlSpEoqpxKpwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKK9mAtAzule2ft6B6beS5PP3FsuMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb3IyWUMwRE82VjdaLTNvSHB0NUxrOF9jV3k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAWdWfAwQA
WdWvAwQAWdWzMAwDBABtsPEDBABtsPIDBABtsPgDBABtsPowDQYJKoZIhvcNAQEL
BQADggEBADFULT7sbXcs2WTDu2bGzzCuX77B2c5Pb0BKCx6v+dyGz4cmvJ2KM1ob
F2dznx0Mv7AHsL/3++80o/E3oZyvSqbDmQZYviNlpoL1JZLuGmGds3Gu6v+bIyyU
9caT4n74LzeMU+lNpdM5EeRrlx2ccNqynjb11jCqwwHKVT/O2b7paNh88OxsQlL5
WgF7DTVHRzfPOrduRCtBurEj52K8xDxTxy5aAtLJOXm8xz/zvaJDemNjj/eI2Jr2
zeRvNA78Ya/luulliONYKMF82ljSPiki4a43rLBFU2/RioA4eiR3o4kSuiN9g/wl
gRfm2+ziTFrUrXJIn04N0Rmp+hbiask=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:17 2024 by rpki-client on console-fra.rpki-client.org