![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/4RCGU2dahcOF8-z8v_VWWCEMV8E.roa
File: 4RCGU2dahcOF8-z8v_VWWCEMV8E.roa (raw, json)
Hash identifier: XjRRD7eMieI1ZMe6q9jh4Kurwx8Ysb7bDcZz1EWRLyc=
Subject key identifier: E1:10:86:53:67:5A:85:C3:85:F3:EC:FC:BF:F5:56:58:21:0C:57:C1
Certificate issuer: /CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Certificate serial: 01906D500307321907ABA2742A0D992F6DFE
Authority key identifier: 46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/4RCGU2dahcOF8-z8v_VWWCEMV8E.roa
Signing time: Mon 01 Jul 2024 08:01:18 +0000
ROA not before: Mon 01 Jul 2024 08:01:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10753
IP address blocks: 91.209.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Dec 2024 11:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6d:50:03:07:32:19:07:ab:a2:74:2a:0d:99:2f:6d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46d713ada8dabcf77681c0ca42d9969e447c8ea7
Validity
Not Before: Jul 1 08:01:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e1108653675a85c385f3ecfcbff55658210c57c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2a:fc:91:0f:95:af:b7:4d:9f:d7:74:b1:ed:
55:f5:74:8c:f2:bd:94:20:b6:f9:e5:9d:37:37:29:
5a:04:7f:63:eb:0f:a7:53:8c:bf:5e:a8:bf:18:7a:
ce:a5:e2:94:ed:38:2b:ff:fb:20:3a:10:6d:16:a4:
f2:54:25:7a:d1:df:9e:9d:1c:9d:10:ae:d8:01:7a:
ac:2e:cc:5d:75:eb:c6:2a:8f:42:37:57:8e:97:6b:
2b:9f:4d:6d:a4:42:ba:61:9d:e3:25:3e:3d:10:1d:
63:95:a0:52:7f:4b:ae:5d:95:c7:32:7c:d3:69:12:
37:e7:8c:35:ed:4a:5f:9b:f3:8b:00:6a:69:81:b6:
f8:bd:5c:0a:b8:27:c9:5e:0c:bf:42:e1:a3:54:1f:
a8:f6:ba:37:0c:fe:e2:aa:0e:b8:84:56:11:d7:51:
94:c3:a1:53:f9:13:97:f2:77:d4:06:4d:33:28:77:
6c:ae:e0:ef:cb:05:23:b4:78:3a:c0:0b:b6:0a:de:
4b:a3:ad:52:dc:46:06:d7:18:20:e4:10:f7:33:ef:
29:08:21:bd:81:8e:90:ac:f7:32:b3:3c:1a:96:fb:
46:bc:e4:37:43:18:c8:71:d5:e1:20:e1:c7:67:13:
cd:c8:85:f9:07:b0:1b:f4:e7:68:e5:ec:b2:a4:b3:
32:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:10:86:53:67:5A:85:C3:85:F3:EC:FC:BF:F5:56:58:21:0C:57:C1
X509v3 Authority Key Identifier:
keyid:46:D7:13:AD:A8:DA:BC:F7:76:81:C0:CA:42:D9:96:9E:44:7C:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RtcTrajavPd2gcDKQtmWnkR8jqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/4RCGU2dahcOF8-z8v_VWWCEMV8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/89f0f6-a5ac-467b-a4ad-be218cef4a11/1/RtcTrajavPd2gcDKQtmWnkR8jqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.58.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:8d:ae:d9:ba:d4:62:68:5b:97:28:ca:c3:a7:bc:46:9d:e7:
70:c1:9d:3c:c3:83:37:b6:49:87:7c:85:37:fb:75:6b:54:a6:
27:d2:96:16:88:2b:55:9e:5e:2c:0a:68:29:4c:96:20:3c:09:
7f:19:62:18:a0:68:f4:d1:60:e4:09:4e:bc:1f:7d:50:2d:97:
4b:44:20:cc:7e:8c:0a:07:8f:17:d6:76:c4:ea:b9:61:a6:6f:
a7:28:ec:d8:de:60:ae:9f:1d:2c:7f:d1:14:94:fd:c0:57:ea:
69:da:71:39:a5:a3:11:9d:90:40:0c:e9:92:1b:bd:1d:28:aa:
90:a3:45:73:12:b7:aa:83:ac:bb:4b:25:36:b5:af:25:eb:52:
e3:79:d4:2d:b4:4c:de:4d:4a:68:7a:a1:a0:bc:e9:e3:08:39:
66:85:08:88:89:b7:0f:26:c1:8d:62:dd:1d:4b:3e:c9:42:c8:
09:76:99:15:a9:18:c5:67:ed:ca:83:23:37:fa:dc:5d:b0:79:
ae:14:3c:fd:5a:f3:62:48:9d:d6:17:a2:f7:83:a8:c9:6e:8c:
a0:91:e3:0d:b4:f5:18:1d:fa:a0:5e:dd:db:fd:4e:9e:53:27:
3f:43:6b:a6:91:e8:7e:c8:ed:eb:87:b7:49:98:00:77:5d:af:
e8:c1:01:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBtUAMHMhkHq6J0Kg2ZL23+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZDcxM2FkYThkYWJjZjc3NjgxYzBjYTQyZDk5NjllNDQ3
YzhlYTcwHhcNMjQwNzAxMDgwMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTEwODY1MzY3NWE4NWMzODVmM2VjZmNiZmY1NTY1ODIxMGM1N2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySr8kQ+Vr7dNn9d0se1V9XSM8r2U
ILb55Z03NylaBH9j6w+nU4y/Xqi/GHrOpeKU7Tgr//sgOhBtFqTyVCV60d+enRyd
EK7YAXqsLsxddevGKo9CN1eOl2srn01tpEK6YZ3jJT49EB1jlaBSf0uuXZXHMnzT
aRI354w17Upfm/OLAGppgbb4vVwKuCfJXgy/QuGjVB+o9ro3DP7iqg64hFYR11GU
w6FT+ROX8nfUBk0zKHdsruDvywUjtHg6wAu2Ct5Lo61S3EYG1xgg5BD3M+8pCCG9
gY6QrPcyszwalvtGvOQ3QxjIcdXhIOHHZxPNyIX5B7Ab9Odo5eyypLMyywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOEQhlNnWoXDhfPs/L/1VlghDFfBMB8GA1UdIwQY
MBaAFEbXE62o2rz3doHAykLZlp5EfI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQt
YmUyMThjZWY0YTExLzEvNFJDR1UyZGFoY09GOC16OHZfVldXQ0VNVjhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS84OWYwZjYtYTVhYy00NjdiLWE0YWQtYmUyMThjZWY0YTEx
LzEvUnRjVHJhamF2UGQyZ2NES1F0bVdua1I4anFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9E6MA0G
CSqGSIb3DQEBCwUAA4IBAQCrja7ZutRiaFuXKMrDp7xGnedwwZ08w4M3tkmHfIU3
+3VrVKYn0pYWiCtVnl4sCmgpTJYgPAl/GWIYoGj00WDkCU68H31QLZdLRCDMfowK
B48X1nbE6rlhpm+nKOzY3mCunx0sf9EUlP3AV+pp2nE5paMRnZBADOmSG70dKKqQ
o0VzEreqg6y7SyU2ta8l61LjedQttEzeTUpoeqGgvOnjCDlmhQiIibcPJsGNYt0d
Sz7JQsgJdpkVqRjFZ+3KgyM3+txdsHmuFDz9WvNiSJ3WF6L3g6jJboygkeMNtPUY
HfqgXt3b/U6eUyc/Q2umkeh+yO3rh7dJmAB3Xa/owQHr
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:10:24 2025 by rpki-client