![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/kMrqWdiP4mI8ZqMLpJOjVknNaxA.roa
File: kMrqWdiP4mI8ZqMLpJOjVknNaxA.roa (raw, json)
Hash identifier: MWUZCOliYLMrMMxs1x1TO5uOOHSnR5p4RqTw3gc4FkY=
Subject key identifier: 90:CA:EA:59:D8:8F:E2:62:3C:66:A3:0B:A4:93:A3:56:49:CD:6B:10
Certificate issuer: /CN=b9e67fcb0bdc6001d8cf7073c649eb9819fc5eb8
Certificate serial: 018721D913096948AC64078EB7E29C236DD7
Authority key identifier: B9:E6:7F:CB:0B:DC:60:01:D8:CF:70:73:C6:49:EB:98:19:FC:5E:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/kMrqWdiP4mI8ZqMLpJOjVknNaxA.roa
Signing time: Mon 27 Mar 2023 06:54:46 +0000
ROA not before: Mon 27 Mar 2023 06:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15547
IP address blocks: 81.88.176.0/21 maxlen: 21
81.88.176.0/20 maxlen: 20
213.230.56.0/21 maxlen: 21
213.230.52.0/22 maxlen: 22
92.240.96.0/19 maxlen: 19
185.17.176.0/22 maxlen: 22
31.31.48.0/20 maxlen: 20
213.221.128.0/19 maxlen: 19
195.162.160.0/22 maxlen: 22
195.162.164.0/23 maxlen: 23
185.44.196.0/22 maxlen: 22
195.162.167.0/24 maxlen: 24
195.162.168.0/21 maxlen: 21
195.162.176.0/20 maxlen: 20
178.237.80.0/20 maxlen: 20
95.215.60.0/22 maxlen: 22
194.12.16.0/20 maxlen: 20
86.111.128.0/20 maxlen: 20
185.50.220.0/22 maxlen: 22
92.62.176.0/20 maxlen: 20
192.162.24.0/22 maxlen: 22
81.13.128.0/17 maxlen: 17
78.155.0.0/19 maxlen: 19
77.242.160.0/20 maxlen: 20
178.157.84.0/22 maxlen: 22
213.238.0.0/19 maxlen: 19
185.17.108.0/22 maxlen: 22
217.79.192.0/20 maxlen: 20
2a03:4380::/32 maxlen: 32
2a02:26a0::/29 maxlen: 29
2001:14a8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 27 Mar 2023 06:56:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:21:d9:13:09:69:48:ac:64:07:8e:b7:e2:9c:23:6d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e67fcb0bdc6001d8cf7073c649eb9819fc5eb8
Validity
Not Before: Mar 27 06:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90caea59d88fe2623c66a30ba493a35649cd6b10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:cc:7a:db:47:7b:fa:d6:65:df:09:39:04:c1:
c2:b5:7a:49:07:7d:5e:b2:40:7e:8b:32:b7:5e:b7:
d7:3a:5e:a0:e9:71:b1:60:10:17:53:a0:ce:0a:fe:
91:27:9d:d1:f5:79:1c:e7:9b:4a:e7:ca:5a:9b:c2:
98:e1:da:ee:c5:9a:b0:9a:d1:e2:fa:43:d4:1d:a4:
f9:b5:f5:9a:f4:4a:d3:b1:aa:07:71:02:b7:34:ac:
4f:b1:98:6e:6a:2e:5d:52:11:35:c7:bc:90:ff:68:
a1:82:40:56:7d:01:db:0d:46:97:bf:ae:2b:3a:45:
41:4b:2e:3f:d0:54:f5:ba:ca:eb:db:d2:1e:70:d1:
5a:7a:92:b0:99:28:e4:37:5f:46:d4:29:72:54:6a:
44:96:fd:4f:4d:51:5e:e5:12:7d:44:ab:a5:87:5f:
24:0d:73:bd:77:a2:88:75:c5:a5:ac:1a:b6:70:e7:
b9:a8:39:68:4d:3b:b2:80:d6:5e:11:61:fc:e8:52:
41:21:03:b3:50:07:fb:e2:bd:de:87:8a:69:a9:52:
f6:c1:a7:7e:18:1b:af:36:34:33:a6:40:43:39:f6:
7f:b2:32:5b:e0:76:33:d1:36:b7:8e:db:89:09:0f:
b8:48:e5:0d:cb:64:2a:d3:dc:e4:fd:c6:43:02:61:
c5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CA:EA:59:D8:8F:E2:62:3C:66:A3:0B:A4:93:A3:56:49:CD:6B:10
X509v3 Authority Key Identifier:
keyid:B9:E6:7F:CB:0B:DC:60:01:D8:CF:70:73:C6:49:EB:98:19:FC:5E:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/kMrqWdiP4mI8ZqMLpJOjVknNaxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/0dbe56-3daa-4a64-925a-fa71ae05dc3f/1/ueZ_ywvcYAHYz3BzxknrmBn8Xrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.48.0/20
77.242.160.0/20
78.155.0.0/19
81.13.128.0/17
81.88.176.0/20
86.111.128.0/20
92.62.176.0/20
92.240.96.0/19
95.215.60.0/22
178.157.84.0/22
178.237.80.0/20
185.17.108.0/22
185.17.176.0/22
185.44.196.0/22
185.50.220.0/22
192.162.24.0/22
194.12.16.0/20
195.162.160.0-195.162.165.255
195.162.167.0-195.162.191.255
213.221.128.0/19
213.230.52.0-213.230.63.255
213.238.0.0/19
217.79.192.0/20
IPv6:
2001:14a8::/32
2a02:26a0::/29
2a03:4380::/32
Signature Algorithm: sha256WithRSAEncryption
55:c6:2d:68:94:47:6d:2b:96:ea:42:d2:ed:de:cf:35:f9:6c:
bb:92:1f:ab:a1:40:57:89:98:c2:3a:00:9e:e5:09:0b:06:af:
c9:fd:72:d2:47:ad:40:67:93:ec:d4:6f:1f:4c:a3:e8:6a:93:
4a:03:f1:e0:bd:24:53:de:a8:ac:86:53:5d:3f:bf:a4:71:08:
58:c0:fe:70:23:c9:a4:c4:1a:e4:d4:73:09:c2:57:60:85:ed:
43:e4:18:8d:6b:c3:03:b7:bb:82:42:1d:d2:46:5a:5c:90:18:
5c:05:f2:fe:bf:12:71:aa:8c:33:9a:06:17:ba:36:76:55:3f:
c6:f9:e8:ce:14:4c:bf:54:57:3a:8b:9d:c5:f9:95:d5:96:db:
fe:93:5e:cb:0c:6c:e2:8a:a7:9c:d6:4c:e5:2b:b0:1d:f4:d7:
50:dd:03:cd:d0:cf:ec:1f:e8:4a:9d:37:8a:f3:a9:21:2b:a3:
0a:40:55:9f:75:73:a3:fd:3b:03:d9:bd:da:1a:9f:43:be:ae:
5b:59:13:d8:68:38:ae:a6:78:b5:38:89:14:e6:b7:4f:ef:fe:
2f:6e:84:be:1d:6a:b6:6f:6e:e5:86:59:92:54:6a:30:8d:c5:
44:aa:1f:58:8e:00:49:b4:fe:e1:22:f7:b9:27:f2:08:92:63:
ed:c1:f4:38
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYch2RMJaUisZAeOt+KcI23XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTY3ZmNiMGJkYzYwMDFkOGNmNzA3M2M2NDllYjk4MTlm
YzVlYjgwHhcNMjMwMzI3MDY1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGNhZWE1OWQ4OGZlMjYyM2M2NmEzMGJhNDkzYTM1NjQ5Y2Q2YjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsx620d7+tZl3wk5BMHCtXpJB31e
skB+izK3XrfXOl6g6XGxYBAXU6DOCv6RJ53R9Xkc55tK58pam8KY4druxZqwmtHi
+kPUHaT5tfWa9ErTsaoHcQK3NKxPsZhuai5dUhE1x7yQ/2ihgkBWfQHbDUaXv64r
OkVBSy4/0FT1usrr29IecNFaepKwmSjkN19G1ClyVGpElv1PTVFe5RJ9RKulh18k
DXO9d6KIdcWlrBq2cOe5qDloTTuygNZeEWH86FJBIQOzUAf74r3eh4ppqVL2wad+
GBuvNjQzpkBDOfZ/sjJb4HYz0Ta3jtuJCQ+4SOUNy2Qq09zk/cZDAmHFNwIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFJDK6lnYj+JiPGajC6STo1ZJzWsQMB8GA1UdIwQY
MBaAFLnmf8sL3GAB2M9wc8ZJ65gZ/F64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVaX3l3dmNZQUhZejNCenhrbnJtQm44WHJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8wZGJlNTYtM2RhYS00YTY0LTkyNWEt
ZmE3MWFlMDVkYzNmLzEva01ycVdkaVA0bUk4WnFNTHBKT2pWa25OYXhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8wZGJlNTYtM2RhYS00YTY0LTkyNWEtZmE3MWFlMDVkYzNm
LzEvdWVaX3l3dmNZQUhZejNCenhrbnJtQm44WHJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBqQQCAAEwgaIDBAQf
HzADBARN8qADBAVOmwADBAdRDYADBARRWLADBARWb4ADBARcPrADBAVc8GADBAJf
1zwDBAKynVQDBASy7VADBAK5EWwDBAK5EbADBAK5LMQDBAK5MtwDBALAohgDBATC
DBAwDAMEBcOioAMEAcOipDAMAwQAw6KnAwQGw6KAAwQF1d2AMAwDBALV5jQDBAbV
5gADBAXV7gADBATZT8AwGwQCAAIwFQMFACABFKgDBQMqAiagAwUAKgNDgDANBgkq
hkiG9w0BAQsFAAOCAQEAVcYtaJRHbSuW6kLS7d7PNflsu5Ifq6FAV4mYwjoAnuUJ
Cwavyf1y0ketQGeT7NRvH0yj6GqTSgPx4L0kU96orIZTXT+/pHEIWMD+cCPJpMQa
5NRzCcJXYIXtQ+QYjWvDA7e7gkId0kZaXJAYXAXy/r8ScaqMM5oGF7o2dlU/xvno
zhRMv1RXOoudxfmV1Zbb/pNeywxs4oqnnNZM5SuwHfTXUN0DzdDP7B/oSp03ivOp
ISujCkBVn3Vzo/07A9m92hqfQ76uW1kT2Gg4rqZ4tTiJFOa3T+/+L26Evh1qtm9u
5YZZklRqMI3FRKofWI4ASbT+4SL3uSfyCJJj7cH0OA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:09 2024 by rpki-client on console-ams.rpki-client.org