Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/CCkAuacKS70uTDhepxUlvj6X6hI.roa
File: CCkAuacKS70uTDhepxUlvj6X6hI.roa (raw, json)
Hash identifier: ZtjuFv9qlg/cDhvkLY6UxMZHHa8f1EQ6YLahJ85w0ng=
Subject key identifier: 08:29:00:B9:A7:0A:4B:BD:2E:4C:38:5E:A7:15:25:BE:3E:97:EA:12
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019D215039B3133459831E1497F37FA62E3C
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/CCkAuacKS70uTDhepxUlvj6X6hI.roa
Signing time: Tue 24 Mar 2026 19:26:38 +0000
ROA not before: Tue 24 Mar 2026 19:26:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 14.102.234.0/24 maxlen: 24
45.151.140.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.102.0/23 maxlen: 24
77.111.105.0/24 maxlen: 24
103.41.44.0/23 maxlen: 24
103.41.46.0/23 maxlen: 24
103.47.59.0/24 maxlen: 24
124.158.113.0/24 maxlen: 24
194.36.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Mar 2026 19:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:21:50:39:b3:13:34:59:83:1e:14:97:f3:7f:a6:2e:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Mar 24 19:26:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=082900b9a70a4bbd2e4c385ea71525be3e97ea12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:33:16:63:ef:51:a8:8b:3c:7c:11:56:5f:c9:
02:63:b5:88:91:dc:4c:60:b1:62:7e:10:ce:58:92:
c2:2c:46:62:44:3d:27:63:56:2a:a1:7b:a3:33:e9:
54:0f:2d:95:e8:4e:b8:9c:a4:fb:4e:3b:2e:5f:2c:
79:72:1a:9e:80:52:24:29:ac:22:9a:79:14:77:bd:
26:f2:eb:05:4b:98:06:77:4a:0f:55:7f:0d:99:f1:
0f:0f:b6:48:67:11:05:7b:51:62:34:f2:e7:76:96:
74:e5:38:ba:5e:f2:2e:42:1f:3d:1d:fc:32:7f:7e:
b0:3a:a6:86:87:05:15:c6:b4:be:4d:78:9e:af:98:
22:b1:16:6c:d3:4b:56:fa:26:52:25:f5:4c:ae:bc:
87:e3:b6:8a:ac:21:b8:ed:48:be:e9:5a:26:fb:ad:
34:da:cc:24:b1:03:4f:54:ce:11:db:2b:b4:26:65:
f9:51:75:6b:28:1f:e5:00:b3:5d:e9:49:24:ce:85:
26:51:c4:6b:dd:c0:c1:35:80:6e:ea:7b:42:61:dd:
3b:2d:47:30:b0:40:04:27:87:a8:43:7b:90:8d:51:
b2:2f:f3:57:0d:2a:30:78:b4:51:33:56:85:2e:f9:
28:b7:33:ce:f9:d1:53:f5:5b:bc:fe:a6:27:23:53:
cc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:29:00:B9:A7:0A:4B:BD:2E:4C:38:5E:A7:15:25:BE:3E:97:EA:12
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/CCkAuacKS70uTDhepxUlvj6X6hI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.234.0/24
45.151.140.0/24
77.111.96.0/22
77.111.102.0/23
77.111.105.0/24
103.41.44.0/22
103.47.59.0/24
124.158.113.0/24
194.36.33.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:08:ad:6f:cc:68:11:43:bd:23:7b:b6:b2:f1:3d:cb:61:e7:
f8:6e:33:03:e5:66:28:c3:b4:2c:47:b1:2d:51:ab:07:f3:b8:
7a:88:49:06:7f:0a:31:fd:a0:ce:6a:55:e0:58:ae:a8:4c:93:
fb:fa:09:4f:e6:a0:84:40:04:7a:43:c1:f1:9f:48:d0:ce:b8:
a4:e0:72:d3:d9:d4:6c:52:89:eb:47:96:88:ea:0d:fd:50:84:
27:17:d4:8f:0d:cb:f0:80:bc:58:ad:3f:b2:1b:a8:7b:10:0a:
e6:7d:7e:a1:ad:4c:71:e1:36:b1:0e:61:cb:7a:9f:8d:59:cd:
c8:96:b2:c3:aa:f5:8f:b8:1a:5e:30:a0:10:8a:04:6e:04:37:
cc:0f:c1:5c:e4:d6:52:7d:ff:a5:af:fc:93:16:64:09:d2:d8:
65:d6:dc:00:dd:c3:af:be:41:db:41:0e:b3:50:db:e2:23:1b:
1d:9f:ee:39:56:c4:4a:49:1b:85:15:e4:6d:2e:57:9e:49:2a:
25:a7:e7:16:07:98:af:f1:84:94:66:48:ba:b4:60:e8:56:fb:
78:39:47:50:af:53:21:a8:73:99:71:d7:a4:cf:68:98:3c:42:
9b:45:a5:5f:0e:a5:f1:90:0e:09:da:2a:be:a5:7a:7f:f1:02:
69:78:aa:7b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ0hUDmzEzRZgx4Ul/N/pi48MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwMzI0MTkyNjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODI5MDBiOWE3MGE0YmJkMmU0YzM4NWVhNzE1MjViZTNlOTdlYTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjMWY+9RqIs8fBFWX8kCY7WIkdxM
YLFifhDOWJLCLEZiRD0nY1YqoXujM+lUDy2V6E64nKT7TjsuXyx5chqegFIkKawi
mnkUd70m8usFS5gGd0oPVX8NmfEPD7ZIZxEFe1FiNPLndpZ05Ti6XvIuQh89Hfwy
f36wOqaGhwUVxrS+TXier5gisRZs00tW+iZSJfVMrryH47aKrCG47Ui+6Vom+600
2swksQNPVM4R2yu0JmX5UXVrKB/lALNd6UkkzoUmUcRr3cDBNYBu6ntCYd07LUcw
sEAEJ4eoQ3uQjVGyL/NXDSoweLRRM1aFLvkotzPO+dFT9Vu8/qYnI1PMrwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAgpALmnCku9Lkw4XqcVJb4+l+oSMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvQ0NrQXVhY0tTNzB1VERoZXB4VWx2ajZYNmhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQADmbqAwQA
LZeMAwQCTW9gAwQBTW9mAwQATW9pAwQCZyksAwQAZy87AwQAfJ5xAwQAwiQhMA0G
CSqGSIb3DQEBCwUAA4IBAQDFCK1vzGgRQ70je7ay8T3LYef4bjMD5WYow7QsR7Et
UasH87h6iEkGfwox/aDOalXgWK6oTJP7+glP5qCEQAR6Q8Hxn0jQzrik4HLT2dRs
UonrR5aI6g39UIQnF9SPDcvwgLxYrT+yG6h7EArmfX6hrUxx4TaxDmHLep+NWc3I
lrLDqvWPuBpeMKAQigRuBDfMD8Fc5NZSff+lr/yTFmQJ0thl1twA3cOvvkHbQQ6z
UNviIxsdn+45VsRKSRuFFeRtLleeSSolp+cWB5iv8YSUZki6tGDoVvt4OUdQr1Mh
qHOZcdekz2iYPEKbRaVfDqXxkA4J2iq+pXp/8QJpeKp7
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:16:27 2026 by rpki-client