![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/969463-7f6a-4503-abc4-d6b56aba3eb7/1/me4nDAOvJGS9Qlz0OjO3K3zEmrU.roa
File: me4nDAOvJGS9Qlz0OjO3K3zEmrU.roa (raw, json)
Hash identifier: tYVEJGut5EYuY1ModgQaLg7X4qmwmMq/WQ0U5q4HKWI=
Subject key identifier: 99:EE:27:0C:03:AF:24:64:BD:42:5C:F4:3A:33:B7:2B:7C:C4:9A:B5
Certificate issuer: /CN=5c92b9a92c7eb913c3da558002c673e8238db1c7
Certificate serial: 018CC649E583FA2A17A5A389777B74BFB961
Authority key identifier: 5C:92:B9:A9:2C:7E:B9:13:C3:DA:55:80:02:C6:73:E8:23:8D:B1:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XJK5qSx-uRPD2lWAAsZz6CONscc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/969463-7f6a-4503-abc4-d6b56aba3eb7/1/me4nDAOvJGS9Qlz0OjO3K3zEmrU.roa
Signing time: Mon 01 Jan 2024 18:29:40 +0000
ROA not before: Mon 01 Jan 2024 18:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 194.35.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:e5:83:fa:2a:17:a5:a3:89:77:7b:74:bf:b9:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c92b9a92c7eb913c3da558002c673e8238db1c7
Validity
Not Before: Jan 1 18:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=99ee270c03af2464bd425cf43a33b72b7cc49ab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e5:ab:8d:00:30:41:5f:05:20:86:be:5d:77:
1b:78:5c:4d:7e:ea:a3:29:32:7c:91:7c:4f:5a:8a:
2b:71:30:97:5c:47:db:86:8a:8e:b3:bc:43:c1:50:
42:9a:22:7f:33:eb:6c:dd:5a:0b:c5:f7:38:c3:74:
e0:1f:32:e3:2e:c2:12:ac:29:dc:9d:83:f1:74:e0:
14:68:ce:35:01:2a:17:d6:61:ea:cc:8f:d7:b6:f9:
cd:e7:17:9e:8c:96:d8:1d:7a:19:ff:32:84:8c:77:
dc:4c:da:f7:8d:23:09:da:91:9a:b6:ec:ea:71:d8:
49:eb:52:a8:47:ca:9f:c6:af:ed:ea:33:4d:a9:fd:
5a:eb:cd:1f:98:a0:c3:75:7f:32:f0:9f:83:23:b9:
ff:95:67:f4:06:7b:d0:77:5f:76:b7:de:bd:de:82:
84:1f:90:c1:c9:59:01:33:0b:4c:bb:7c:97:8d:6f:
36:67:d8:4d:25:8b:79:d8:18:ef:9b:ae:54:07:79:
32:e8:24:34:21:ba:c7:66:a1:83:82:e9:2e:c2:4a:
7f:95:a1:5a:58:ac:44:4c:e2:6d:e1:a9:1e:d4:ef:
fb:f7:b4:c2:64:3c:fc:a8:c7:47:56:a4:ed:1d:a9:
b7:d9:f0:4c:47:06:ac:57:14:4a:f9:15:99:44:93:
21:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:EE:27:0C:03:AF:24:64:BD:42:5C:F4:3A:33:B7:2B:7C:C4:9A:B5
X509v3 Authority Key Identifier:
keyid:5C:92:B9:A9:2C:7E:B9:13:C3:DA:55:80:02:C6:73:E8:23:8D:B1:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XJK5qSx-uRPD2lWAAsZz6CONscc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/969463-7f6a-4503-abc4-d6b56aba3eb7/1/me4nDAOvJGS9Qlz0OjO3K3zEmrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/969463-7f6a-4503-abc4-d6b56aba3eb7/1/XJK5qSx-uRPD2lWAAsZz6CONscc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.240.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:92:39:0a:f5:e8:09:ed:f5:73:09:78:71:c4:88:6e:a7:9d:
94:21:74:87:ba:57:53:05:35:7f:d8:21:7e:c6:45:25:a5:e7:
0f:35:d7:51:93:55:23:36:9a:a5:1d:36:80:35:83:7f:73:50:
ef:4f:08:1a:cc:3f:4e:41:dc:a7:7d:7d:6c:0b:06:8f:7b:23:
f5:bb:12:5a:3c:27:2c:ed:bb:50:63:39:04:1d:bc:99:c7:5d:
e7:64:5c:3f:84:29:ce:fc:3c:38:d3:b4:03:ce:0e:a7:a0:c7:
99:97:88:7b:52:ef:14:9c:d6:ee:74:3c:c4:78:f7:e4:55:82:
1d:70:fb:0a:ae:b3:34:70:1b:6c:f9:72:38:82:dc:26:1e:f9:
dc:33:24:76:b8:85:d0:a0:a1:1f:45:dd:6a:6f:1c:ea:60:7b:
e5:46:27:92:ab:43:b3:52:ee:3b:26:97:e2:da:c8:5b:bf:94:
74:b8:05:b9:49:cf:83:61:1b:dc:e0:44:3b:b6:3f:39:28:42:
a8:6c:2d:5b:fe:d4:43:fe:6c:a6:1e:a7:40:f5:1a:3c:f5:c8:
92:08:d0:8f:46:9a:4f:3f:f4:fd:2d:5d:54:ea:f1:3e:34:4d:
4a:ce:1d:25:14:a7:fa:15:00:73:d2:6f:12:0a:c2:2c:8d:4b:
b4:ec:ec:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSeWD+ioXpaOJd3t0v7lhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjOTJiOWE5MmM3ZWI5MTNjM2RhNTU4MDAyYzY3M2U4MjM4
ZGIxYzcwHhcNMjQwMTAxMTgyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWVlMjcwYzAzYWYyNDY0YmQ0MjVjZjQzYTMzYjcyYjdjYzQ5YWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuWrjQAwQV8FIIa+XXcbeFxNfuqj
KTJ8kXxPWoorcTCXXEfbhoqOs7xDwVBCmiJ/M+ts3VoLxfc4w3TgHzLjLsISrCnc
nYPxdOAUaM41ASoX1mHqzI/XtvnN5xeejJbYHXoZ/zKEjHfcTNr3jSMJ2pGatuzq
cdhJ61KoR8qfxq/t6jNNqf1a680fmKDDdX8y8J+DI7n/lWf0BnvQd192t9693oKE
H5DByVkBMwtMu3yXjW82Z9hNJYt52Bjvm65UB3ky6CQ0IbrHZqGDgukuwkp/laFa
WKxETOJt4ake1O/797TCZDz8qMdHVqTtHam32fBMRwasVxRK+RWZRJMh8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJnuJwwDryRkvUJc9Doztyt8xJq1MB8GA1UdIwQY
MBaAFFySuaksfrkTw9pVgALGc+gjjbHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEpLNXFTeC11UlBEMmxXQUFzWno2Q09Oc2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85Njk0NjMtN2Y2YS00NTAzLWFiYzQt
ZDZiNTZhYmEzZWI3LzEvbWU0bkRBT3ZKR1M5UWx6ME9qTzNLM3pFbXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85Njk0NjMtN2Y2YS00NTAzLWFiYzQtZDZiNTZhYmEzZWI3
LzEvWEpLNXFTeC11UlBEMmxXQUFzWno2Q09Oc2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiPwMA0G
CSqGSIb3DQEBCwUAA4IBAQClkjkK9egJ7fVzCXhxxIhup52UIXSHuldTBTV/2CF+
xkUlpecPNddRk1UjNpqlHTaANYN/c1DvTwgazD9OQdynfX1sCwaPeyP1uxJaPCcs
7btQYzkEHbyZx13nZFw/hCnO/Dw407QDzg6noMeZl4h7Uu8UnNbudDzEePfkVYId
cPsKrrM0cBts+XI4gtwmHvncMyR2uIXQoKEfRd1qbxzqYHvlRieSq0OzUu47Jpfi
2shbv5R0uAW5Sc+DYRvc4EQ7tj85KEKobC1b/tRD/mymHqdA9Ro89ciSCNCPRppP
P/T9LV1U6vE+NE1Kzh0lFKf6FQBz0m8SCsIsjUu07Ozo
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:55:12 2025 by rpki-client