![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/I-ZvfqiyshkBnptS5xCTZ-zJTas.roa
File: I-ZvfqiyshkBnptS5xCTZ-zJTas.roa (raw, json)
Hash identifier: W/nP3t47NaKPonWUnElQYdca0gw7yMVd7sLrYeLIJoU=
Subject key identifier: 23:E6:6F:7E:A8:B2:B2:19:01:9E:9B:52:E7:10:93:67:EC:C9:4D:AB
Certificate issuer: /CN=afc193ee11e54716169f94c8f931eae1fc854921
Certificate serial: 018CCA976FBD2CF3BB562CA87E4DBD438857
Authority key identifier: AF:C1:93:EE:11:E5:47:16:16:9F:94:C8:F9:31:EA:E1:FC:85:49:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r8GT7hHlRxYWn5TI-THq4fyFSSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/I-ZvfqiyshkBnptS5xCTZ-zJTas.roa
Signing time: Tue 02 Jan 2024 14:32:51 +0000
ROA not before: Tue 02 Jan 2024 14:32:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208367
IP address blocks: 45.142.100.0/24 maxlen: 24
2a10:46c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:97:6f:bd:2c:f3:bb:56:2c:a8:7e:4d:bd:43:88:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afc193ee11e54716169f94c8f931eae1fc854921
Validity
Not Before: Jan 2 14:32:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23e66f7ea8b2b219019e9b52e7109367ecc94dab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c0:9b:cc:6f:b5:f2:b5:65:dd:e7:31:ee:f1:
78:fb:4f:0e:5c:16:20:e3:17:5c:cb:62:aa:2d:37:
1d:6b:4f:a4:8f:6a:d1:c1:18:65:dd:d6:5b:8a:aa:
f0:06:22:35:3b:c1:88:2b:1c:05:50:f8:7a:6f:0a:
43:21:11:fe:3c:63:4d:2d:a1:e2:fe:4e:11:39:a3:
62:ae:f0:40:18:7a:b6:ac:02:50:dc:7d:c8:e6:11:
08:7e:af:9f:ab:54:b6:0b:2c:b1:e2:11:7e:89:6b:
89:8f:38:54:fd:ca:32:65:48:cf:79:1c:d0:58:09:
3d:fe:14:78:ab:f6:3d:2e:66:3a:63:4e:04:ed:dc:
a2:1d:a2:ff:c2:65:32:0b:b0:5a:a2:2a:0f:40:33:
d2:64:86:9a:57:49:b6:14:12:c9:05:7b:c1:2b:93:
4a:c9:b7:d4:18:e6:4d:09:0b:f6:56:e9:51:46:c5:
48:c2:7a:4d:44:35:9e:e3:45:15:69:1f:f9:d2:eb:
b2:a3:ce:61:0a:3e:51:31:81:de:54:fa:50:46:90:
eb:a2:79:32:e3:c2:0b:0c:58:fb:7e:e1:f6:13:f2:
b8:e9:43:05:af:de:a5:a4:46:cb:86:b4:06:18:9e:
b9:05:c2:69:3f:15:5d:cb:a8:23:f0:7d:f8:e2:08:
c1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E6:6F:7E:A8:B2:B2:19:01:9E:9B:52:E7:10:93:67:EC:C9:4D:AB
X509v3 Authority Key Identifier:
keyid:AF:C1:93:EE:11:E5:47:16:16:9F:94:C8:F9:31:EA:E1:FC:85:49:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r8GT7hHlRxYWn5TI-THq4fyFSSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/I-ZvfqiyshkBnptS5xCTZ-zJTas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/0b9cbf-25ae-4327-98aa-a7dd9aea1d7a/1/r8GT7hHlRxYWn5TI-THq4fyFSSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.100.0/24
IPv6:
2a10:46c0::/32
Signature Algorithm: sha256WithRSAEncryption
44:a7:1b:68:0c:ee:3c:05:84:be:08:cb:7f:1d:bf:12:e0:5c:
4a:d9:3c:23:74:9a:66:3c:5b:2c:af:55:4b:03:f7:66:f7:31:
49:bd:fa:13:f9:f4:34:9a:eb:a3:ce:6f:35:53:ca:ed:44:3b:
b4:12:e5:99:45:3f:03:3f:a7:80:39:37:36:b3:ad:e5:70:78:
b8:c5:9c:1b:cd:15:34:db:09:9b:09:5f:6f:90:d1:ce:a9:44:
92:3b:c4:f3:c1:13:df:b6:00:98:b2:86:c9:3c:eb:8c:50:d5:
ea:34:26:18:8b:25:2d:8a:0d:e9:31:3d:53:f3:60:1a:50:18:
e9:b5:ca:cd:6a:52:40:58:1a:d3:07:2b:81:c9:20:22:82:79:
00:22:8b:24:02:f2:1c:38:9c:f4:ac:2e:00:34:85:b8:17:4c:
a2:b2:df:70:68:dd:74:4b:7c:6e:0d:f4:9e:bd:6b:58:28:f6:
8d:eb:5c:e4:73:4d:c6:bb:a4:38:ab:54:44:5d:ad:f1:b2:82:
1e:e5:35:82:52:15:78:b7:57:4d:1e:fb:47:d7:c0:c7:6f:40:
70:77:0a:67:b6:b1:8c:22:c6:83:38:a0:71:3d:9e:3d:c9:4d:
67:ed:c8:f9:27:03:13:ad:1d:42:ab:1a:19:bf:8a:0c:8a:cd:
f7:a4:1c:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKl2+9LPO7Viyofk29Q4hXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYzE5M2VlMTFlNTQ3MTYxNjlmOTRjOGY5MzFlYWUxZmM4
NTQ5MjEwHhcNMjQwMTAyMTQzMjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2U2NmY3ZWE4YjJiMjE5MDE5ZTliNTJlNzEwOTM2N2VjYzk0ZGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cCbzG+18rVl3ecx7vF4+08OXBYg
4xdcy2KqLTcda0+kj2rRwRhl3dZbiqrwBiI1O8GIKxwFUPh6bwpDIRH+PGNNLaHi
/k4ROaNirvBAGHq2rAJQ3H3I5hEIfq+fq1S2Cyyx4hF+iWuJjzhU/coyZUjPeRzQ
WAk9/hR4q/Y9LmY6Y04E7dyiHaL/wmUyC7BaoioPQDPSZIaaV0m2FBLJBXvBK5NK
ybfUGOZNCQv2VulRRsVIwnpNRDWe40UVaR/50uuyo85hCj5RMYHeVPpQRpDronky
48ILDFj7fuH2E/K46UMFr96lpEbLhrQGGJ65BcJpPxVdy6gj8H344gjBowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCPmb36osrIZAZ6bUucQk2fsyU2rMB8GA1UdIwQY
MBaAFK/Bk+4R5UcWFp+UyPkx6uH8hUkhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjhHVDdoSGxSeFlXbjVUSS1USHE0ZnlGU1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8wYjljYmYtMjVhZS00MzI3LTk4YWEt
YTdkZDlhZWExZDdhLzEvSS1admZxaXlzaGtCbnB0UzV4Q1RaLXpKVGFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8wYjljYmYtMjVhZS00MzI3LTk4YWEtYTdkZDlhZWExZDdh
LzEvcjhHVDdoSGxSeFlXbjVUSS1USHE0ZnlGU1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALY5kMA0E
AgACMAcDBQAqEEbAMA0GCSqGSIb3DQEBCwUAA4IBAQBEpxtoDO48BYS+CMt/Hb8S
4FxK2TwjdJpmPFssr1VLA/dm9zFJvfoT+fQ0muujzm81U8rtRDu0EuWZRT8DP6eA
OTc2s63lcHi4xZwbzRU02wmbCV9vkNHOqUSSO8TzwRPftgCYsobJPOuMUNXqNCYY
iyUtig3pMT1T82AaUBjptcrNalJAWBrTByuBySAignkAIoskAvIcOJz0rC4ANIW4
F0yist9waN10S3xuDfSevWtYKPaN61zkc03Gu6Q4q1REXa3xsoIe5TWCUhV4t1dN
HvtH18DHb0BwdwpntrGMIsaDOKBxPZ49yU1n7cj5JwMTrR1CqxoZv4oMis33pBxK
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:53 2025 by rpki-client