![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139342e3136392e3231372e302f32342d3234203d3e20383334.roa
File: 3139342e3136392e3231372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 45s6hLqUL/Iqd9Wtl16gvXYOj4v3WtCpGx2N7nlOAXw=
Subject key identifier: BD:94:28:8B:0D:95:C0:49:E8:CB:D4:B2:11:59:17:C8:31:5C:28:B4
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 66A04A9FEB34568C67FFFD468A7F128BD366DCE5
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139342e3136392e3231372e302f32342d3234203d3e20383334.roa
Signing time: Mon 20 Nov 2023 00:00:06 +0000
ROA not before: Sun 19 Nov 2023 23:55:06 +0000
ROA not after: Mon 18 Nov 2024 00:00:06 +0000
asID: 834
IP address blocks: 194.169.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jan 2024 22:27:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:a0:4a:9f:eb:34:56:8c:67:ff:fd:46:8a:7f:12:8b:d3:66:dc:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 19 23:55:06 2023 GMT
Not After : Nov 18 00:00:06 2024 GMT
Subject: CN=BD94288B0D95C049E8CBD4B2115917C8315C28B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f9:d5:46:4d:c5:c9:b7:28:47:ee:b5:05:bf:
ba:4b:e2:e3:7a:de:75:90:d5:61:b7:b5:ef:4e:4e:
6b:ae:da:4a:14:a1:7e:c4:36:89:e9:c5:9e:f8:fd:
5f:f7:64:72:46:b8:7d:28:9b:49:4d:5e:f1:50:c1:
11:d1:e0:d3:70:b6:3c:7c:33:4b:51:bf:d3:59:77:
c1:99:65:56:c1:fb:8c:20:4e:ce:83:7d:e3:ee:3d:
4f:b9:f9:9f:e2:fc:a8:67:54:0e:e4:6c:9f:fd:3e:
2d:70:50:8b:b9:b5:fb:ba:5b:17:40:c1:b5:6b:28:
47:4d:8c:44:e4:7c:f5:70:8e:8c:a9:0e:47:33:4a:
84:b6:0b:19:e6:9f:4a:72:5c:d6:22:c7:09:15:d1:
64:bf:15:b4:3d:fe:ff:22:67:e7:4c:53:2f:d3:03:
d0:1f:24:8b:c5:77:f0:f0:66:8b:72:98:e4:0e:c1:
cc:c2:c4:08:bb:ea:12:b9:09:8d:4c:2c:f9:b2:27:
62:1d:d4:99:c2:52:7d:e2:45:f6:fc:b7:1f:45:e2:
47:85:24:f3:24:27:32:63:00:a7:64:be:7e:83:0d:
e8:9d:cd:2a:f5:5d:6a:3a:ab:a6:e5:07:60:78:87:
0c:fb:1d:81:b1:5c:db:4b:a9:93:c0:65:82:ca:03:
3a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:94:28:8B:0D:95:C0:49:E8:CB:D4:B2:11:59:17:C8:31:5C:28:B4
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139342e3136392e3231372e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.217.0/24
Signature Algorithm: sha256WithRSAEncryption
17:77:08:a3:5b:6f:3d:a1:c8:89:10:63:9e:67:2f:12:77:b2:
5e:d7:74:64:f8:64:25:76:8a:f7:b1:e4:82:36:b6:1e:ee:6a:
87:46:2c:88:e2:77:8d:e2:b5:cb:19:50:4b:ed:6a:89:57:20:
ee:39:6f:f8:37:4f:2c:c6:08:c7:5a:12:46:38:f0:ce:91:f5:
d8:cf:2c:8e:24:3a:9f:c3:ba:05:74:13:79:fc:d6:63:3f:e3:
bb:6d:d2:9d:a1:48:61:ab:1f:6e:e1:b8:59:99:ba:95:44:8e:
44:55:3b:79:d1:35:8d:f6:ba:17:98:ad:36:69:25:cc:d1:11:
29:69:5d:c6:94:08:58:c6:0b:7c:09:90:78:4c:65:97:30:a8:
c7:75:02:d7:d9:83:2e:19:da:cd:4d:61:48:2c:0e:b8:c3:8e:
94:58:2a:a3:eb:26:1e:50:0e:59:25:ca:8a:08:b9:da:06:e9:
6b:62:c2:a8:59:c5:91:29:4c:75:70:8b:4d:f3:a2:a0:bc:bc:
46:de:6f:14:17:92:50:2c:05:da:7a:b7:a8:41:25:bd:84:a1:
5c:27:e4:50:7c:d5:b8:aa:76:ac:b5:77:fa:dc:4d:bb:41:ec:
e6:eb:6b:e5:8c:7b:11:23:d8:ab:62:99:28:7a:aa:b7:00:48:
8f:ac:64:7f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUZqBKn+s0Voxn//1Gin8Si9Nm3OUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yMzExMTkyMzU1MDZaFw0yNDExMTgwMDAwMDZaMDMxMTAvBgNV
BAMTKEJEOTQyODhCMEQ5NUMwNDlFOENCRDRCMjExNTkxN0M4MzE1QzI4QjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC++dVGTcXJtyhH7rUFv7pL4uN6
3nWQ1WG3te9OTmuu2koUoX7ENonpxZ74/V/3ZHJGuH0om0lNXvFQwRHR4NNwtjx8
M0tRv9NZd8GZZVbB+4wgTs6DfePuPU+5+Z/i/KhnVA7kbJ/9Pi1wUIu5tfu6WxdA
wbVrKEdNjETkfPVwjoypDkczSoS2Cxnmn0pyXNYixwkV0WS/FbQ9/v8iZ+dMUy/T
A9AfJIvFd/DwZotymOQOwczCxAi76hK5CY1MLPmyJ2Id1JnCUn3iRfb8tx9F4keF
JPMkJzJjAKdkvn6DDeidzSr1XWo6q6blB2B4hwz7HYGxXNtLqZPAZYLKAzrXAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUvZQoiw2VwEnoy9SyEVkXyDFcKLQwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTM0MmUzMTM2MzkyZTMy
MzEzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMKp
2TANBgkqhkiG9w0BAQsFAAOCAQEAF3cIo1tvPaHIiRBjnmcvEneyXtd0ZPhkJXaK
97Hkgja2Hu5qh0YsiOJ3jeK1yxlQS+1qiVcg7jlv+DdPLMYIx1oSRjjwzpH12M8s
jiQ6n8O6BXQTefzWYz/ju23SnaFIYasfbuG4WZm6lUSORFU7edE1jfa6F5itNmkl
zNERKWldxpQIWMYLfAmQeExllzCox3UC19mDLhnazU1hSCwOuMOOlFgqo+smHlAO
WSXKigi52gbpa2LCqFnFkSlMdXCLTfOioLy8Rt5vFBeSUCwF2nq3qEElvYShXCfk
UHzVuKp2rLV3+txNu0Hs5utr5Yx7ESPYq2KZKHqqtwBIj6xkfw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:06 2024 by rpki-client on console-ams.rpki-client.org