![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/1-NFKDd3yr11CvV2XD312m6U0VAw.roa
File: 1-NFKDd3yr11CvV2XD312m6U0VAw.roa (raw, json)
Hash identifier: dp3noC2IVomNgx9zMWwJ0nUtxEzXGpFAEn+uJshKVuo=
Subject key identifier: F8:D1:4A:0D:DD:F2:AF:5D:42:BD:5D:97:0F:7D:76:9B:A5:34:54:0C
Certificate issuer: /CN=5949b31ebb6e4cbbd0cc770cc6f4d50f78f0eb7b
Certificate serial: 018CC801A9ED9CDCC6682AF733218550FBC5
Authority key identifier: 59:49:B3:1E:BB:6E:4C:BB:D0:CC:77:0C:C6:F4:D5:0F:78:F0:EB:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WUmzHrtuTLvQzHcMxvTVD3jw63s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/1-NFKDd3yr11CvV2XD312m6U0VAw.roa
Signing time: Tue 02 Jan 2024 02:30:01 +0000
ROA not before: Tue 02 Jan 2024 02:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4755
IP address blocks: 194.104.188.0/24 maxlen: 24
194.104.189.0/24 maxlen: 24
194.104.190.0/24 maxlen: 24
194.104.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:a9:ed:9c:dc:c6:68:2a:f7:33:21:85:50:fb:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5949b31ebb6e4cbbd0cc770cc6f4d50f78f0eb7b
Validity
Not Before: Jan 2 02:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8d14a0dddf2af5d42bd5d970f7d769ba534540c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6a:f6:f7:33:5e:ff:85:54:32:c0:f2:18:a9:
0b:86:b8:7c:72:46:b8:7e:8a:bc:a8:fd:29:e0:79:
97:57:02:38:cf:5e:99:42:dd:b1:01:3b:c4:58:16:
12:47:63:9b:3b:26:c3:91:05:44:cc:7d:c2:3f:cf:
53:43:75:15:de:0d:4c:5d:fc:21:fb:bf:b8:94:27:
18:5f:18:47:7b:6e:0f:64:1b:da:0f:29:21:3b:b1:
65:30:5e:2f:bc:d9:b6:28:52:96:1f:e8:14:4f:e8:
5b:47:e0:9f:aa:51:83:32:4a:7c:b5:00:6d:77:5e:
1d:48:65:10:0b:65:6a:a2:2a:07:e4:6a:aa:25:3b:
e0:f5:c5:f4:68:71:d5:fc:50:92:31:94:d1:82:91:
75:df:09:ab:7d:6b:1f:e0:08:05:ce:c9:48:d6:5e:
e4:ef:28:13:d6:20:b9:f6:9a:97:17:01:42:6f:1f:
fc:a1:eb:5e:38:e9:12:e1:22:52:d0:1f:49:ea:65:
68:f2:6b:f8:6c:7a:6e:55:5e:dd:8f:38:10:b2:26:
3a:91:26:6b:a7:4e:45:6f:c9:a7:0b:74:94:eb:b2:
b8:6b:d9:1a:73:57:cd:52:22:d6:98:0b:d9:73:30:
e8:8e:fd:2b:3b:a6:25:e4:01:2c:f7:16:65:59:7b:
f3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:D1:4A:0D:DD:F2:AF:5D:42:BD:5D:97:0F:7D:76:9B:A5:34:54:0C
X509v3 Authority Key Identifier:
keyid:59:49:B3:1E:BB:6E:4C:BB:D0:CC:77:0C:C6:F4:D5:0F:78:F0:EB:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WUmzHrtuTLvQzHcMxvTVD3jw63s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/1-NFKDd3yr11CvV2XD312m6U0VAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/WUmzHrtuTLvQzHcMxvTVD3jw63s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.188.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:92:7c:5f:08:9c:55:f9:08:d3:bc:68:4e:5a:32:7e:f7:16:
33:03:94:21:cc:b4:ad:2c:7b:5a:45:c7:d2:2d:61:8d:f1:4b:
0f:0e:ef:37:ba:3d:18:29:d4:95:a9:99:ca:1c:b2:8d:37:33:
60:df:67:5e:60:bf:17:fd:92:92:ff:54:45:5d:51:fe:1c:87:
17:41:c5:df:e2:32:47:bd:ad:2e:04:6a:dc:f2:ec:74:80:60:
31:8f:69:a6:ed:08:f7:52:b6:de:eb:88:71:a5:8a:67:b8:35:
ce:d2:0c:f8:14:60:71:76:ba:89:d4:3b:99:66:c3:18:af:03:
1d:83:14:ea:d4:87:6b:b6:31:bb:4f:da:6a:30:b7:b1:4e:4d:
49:0f:7c:2a:6f:03:14:db:1c:0b:26:71:28:a9:f3:75:8b:19:
b3:d1:a9:da:8e:15:53:c7:95:73:14:06:2f:18:a5:cf:1b:70:
ba:ce:dc:74:69:03:30:e0:a1:78:eb:60:32:92:8b:ad:cf:c7:
fc:93:43:17:cb:77:d0:28:12:9e:fd:6f:28:77:12:b3:03:de:
88:5f:a1:8d:79:e5:0f:49:ca:13:06:a5:45:b5:3f:ed:19:77:
e0:45:9d:74:d4:28:62:f5:d4:b1:c5:03:b6:34:d3:47:a2:28:
91:00:ce:5d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIAantnNzGaCr3MyGFUPvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NDliMzFlYmI2ZTRjYmJkMGNjNzcwY2M2ZjRkNTBmNzhm
MGViN2IwHhcNMjQwMTAyMDIzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGQxNGEwZGRkZjJhZjVkNDJiZDVkOTcwZjdkNzY5YmE1MzQ1NDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWr29zNe/4VUMsDyGKkLhrh8cka4
foq8qP0p4HmXVwI4z16ZQt2xATvEWBYSR2ObOybDkQVEzH3CP89TQ3UV3g1MXfwh
+7+4lCcYXxhHe24PZBvaDykhO7FlMF4vvNm2KFKWH+gUT+hbR+CfqlGDMkp8tQBt
d14dSGUQC2VqoioH5GqqJTvg9cX0aHHV/FCSMZTRgpF13wmrfWsf4AgFzslI1l7k
7ygT1iC59pqXFwFCbx/8oeteOOkS4SJS0B9J6mVo8mv4bHpuVV7djzgQsiY6kSZr
p05Fb8mnC3SU67K4a9kac1fNUiLWmAvZczDojv0rO6Yl5AEs9xZlWXvzQQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPjRSg3d8q9dQr1dlw99dpulNFQMMB8GA1UdIwQY
MBaAFFlJsx67bky70Mx3DMb01Q948Ot7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1VtekhydHVUTHZRekhjTXh2VFZEM2p3NjNzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9kZTVhZGQtYWM2OC00ZmIxLTg0MTkt
MzE4MGFlNDI3NGYzLzEvMS1ORktEZDN5cjExQ3ZWMlhEMzEybTZVMFZBdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDgvZGU1YWRkLWFjNjgtNGZiMS04NDE5LTMxODBhZTQyNzRm
My8xL1dVbXpIcnR1VEx2UXpIY014dlRWRDNqdzYzcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsJovDAN
BgkqhkiG9w0BAQsFAAOCAQEAP5J8XwicVfkI07xoTloyfvcWMwOUIcy0rSx7WkXH
0i1hjfFLDw7vN7o9GCnUlamZyhyyjTczYN9nXmC/F/2Skv9URV1R/hyHF0HF3+Iy
R72tLgRq3PLsdIBgMY9ppu0I91K23uuIcaWKZ7g1ztIM+BRgcXa6idQ7mWbDGK8D
HYMU6tSHa7Yxu0/aajC3sU5NSQ98Km8DFNscCyZxKKnzdYsZs9Gp2o4VU8eVcxQG
Lxilzxtwus7cdGkDMOCheOtgMpKLrc/H/JNDF8t30CgSnv1vKHcSswPeiF+hjXnl
D0nKEwalRbU/7Rl34EWddNQoYvXUscUDtjTTR6IokQDOXQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:29:47 2025 by rpki-client