Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/loctrJYWM5HaA5baP-DGtCeXZfE.roa
File: loctrJYWM5HaA5baP-DGtCeXZfE.roa (raw, json)
Hash identifier: /mre0gAVc1x/ElGQOz9KH5CrBVGCmUCJZt1EbkTVA1M=
Subject key identifier: 96:87:2D:AC:96:16:33:91:DA:03:96:DA:3F:E0:C6:B4:27:97:65:F1
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019645440FCABB284EFB7F803855707EED79
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/loctrJYWM5HaA5baP-DGtCeXZfE.roa
Signing time: Thu 17 Apr 2025 19:40:10 +0000
ROA not before: Thu 17 Apr 2025 19:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45014
IP address blocks: 103.84.212.0/24 maxlen: 24
103.84.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Apr 2025 19:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:45:44:0f:ca:bb:28:4e:fb:7f:80:38:55:70:7e:ed:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Apr 17 19:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96872dac96163391da0396da3fe0c6b4279765f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a1:36:ba:07:e6:19:43:69:75:f9:6e:db:cb:
0f:92:ec:8d:35:34:01:45:2e:d8:90:e7:9f:bf:da:
3c:e9:46:27:21:b0:39:48:5a:60:54:c8:fc:aa:cf:
08:c9:65:fd:df:c8:24:c5:c8:6d:d3:75:60:99:8f:
bd:d3:31:4e:06:10:12:7b:cf:b9:eb:d6:d1:d3:d9:
23:16:ab:ca:20:15:20:c1:2b:d8:99:b0:e9:2b:34:
12:cd:ca:15:48:b6:49:97:72:d0:b9:d2:5e:9f:8e:
38:b8:9b:3e:48:21:5f:fd:96:40:aa:5f:0f:fe:f3:
ca:10:33:37:c7:9b:dc:9d:a6:43:dd:3a:1b:e1:7b:
5c:ec:45:a3:ce:5d:3d:ca:ae:28:03:f8:94:08:55:
80:8c:52:1b:0d:7e:a9:be:40:37:cd:10:ce:4e:55:
41:f5:89:54:71:64:67:69:0e:5f:39:ca:32:b0:53:
e4:93:db:c5:2e:f1:22:fc:54:dc:95:df:6c:1d:bd:
6e:88:0c:40:ea:95:00:06:bb:23:02:fa:6a:0a:a4:
e1:31:e3:64:5d:80:f4:e8:a5:37:00:d0:10:ea:85:
65:d1:9d:9b:8f:8e:3f:2a:10:20:42:3d:28:64:a9:
f8:5b:8c:0f:eb:17:dd:d3:3c:c7:e9:87:17:5a:c8:
d1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:87:2D:AC:96:16:33:91:DA:03:96:DA:3F:E0:C6:B4:27:97:65:F1
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/loctrJYWM5HaA5baP-DGtCeXZfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.84.212.0/24
103.84.214.0/24
Signature Algorithm: sha256WithRSAEncryption
26:a3:9b:42:d1:f5:82:a9:c4:0b:4e:4b:06:79:54:9a:4f:d8:
f8:00:8d:c0:a9:1e:fa:af:31:b6:98:b4:ac:74:52:c0:3c:c5:
d0:d2:78:db:30:80:83:fd:51:78:50:3a:b7:4c:32:ba:bb:eb:
c2:79:6b:f2:b4:eb:87:47:c8:ba:db:ea:74:0d:7e:c0:2f:07:
9a:45:48:33:34:ba:7d:53:41:5a:11:a2:07:a0:bf:5f:b3:61:
5e:57:3d:73:3c:d0:7f:69:c6:57:ad:b2:6e:b7:55:5d:1f:63:
3d:ba:8f:b2:72:fa:ce:90:45:de:3e:31:ca:d6:14:1d:c7:47:
06:a2:92:ae:d2:ff:a7:fe:a2:ac:bd:d4:5a:1f:05:22:65:70:
fa:2c:41:82:cd:60:6e:4f:62:70:7e:f4:7c:50:38:e8:6b:0c:
63:cc:ae:e8:64:c3:04:15:63:37:e7:f9:5f:9f:86:a1:da:1c:
e7:12:d8:8a:3d:dd:32:d5:55:d0:16:48:e7:ac:4e:d0:cf:df:
53:47:57:b9:09:32:fa:05:e5:69:af:cc:78:ff:8f:10:cc:28:
25:88:c5:db:5b:98:1a:1f:7b:bd:98:e6:a3:84:25:b9:e2:56:
b8:df:56:9e:ee:8b:82:98:b7:e4:3b:25:5d:89:53:6d:79:ab:
99:de:fe:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZZFRA/KuyhO+3+AOFVwfu15MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwNDE3MTk0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Njg3MmRhYzk2MTYzMzkxZGEwMzk2ZGEzZmUwYzZiNDI3OTc2NWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaE2ugfmGUNpdflu28sPkuyNNTQB
RS7YkOefv9o86UYnIbA5SFpgVMj8qs8IyWX938gkxcht03VgmY+90zFOBhASe8+5
69bR09kjFqvKIBUgwSvYmbDpKzQSzcoVSLZJl3LQudJen444uJs+SCFf/ZZAql8P
/vPKEDM3x5vcnaZD3Tob4Xtc7EWjzl09yq4oA/iUCFWAjFIbDX6pvkA3zRDOTlVB
9YlUcWRnaQ5fOcoysFPkk9vFLvEi/FTcld9sHb1uiAxA6pUABrsjAvpqCqThMeNk
XYD06KU3ANAQ6oVl0Z2bj44/KhAgQj0oZKn4W4wP6xfd0zzH6YcXWsjRLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJaHLayWFjOR2gOW2j/gxrQnl2XxMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvbG9jdHJKWVdNNUhhQTViYVAtREd0Q2VYWmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAZ1TUAwQA
Z1TWMA0GCSqGSIb3DQEBCwUAA4IBAQAmo5tC0fWCqcQLTksGeVSaT9j4AI3AqR76
rzG2mLSsdFLAPMXQ0njbMICD/VF4UDq3TDK6u+vCeWvytOuHR8i62+p0DX7ALwea
RUgzNLp9U0FaEaIHoL9fs2FeVz1zPNB/acZXrbJut1VdH2M9uo+ycvrOkEXePjHK
1hQdx0cGopKu0v+n/qKsvdRaHwUiZXD6LEGCzWBuT2JwfvR8UDjoawxjzK7oZMME
FWM35/lfn4ah2hznEtiKPd0y1VXQFkjnrE7Qz99TR1e5CTL6BeVpr8x4/48QzCgl
iMXbW5gaH3u9mOajhCW54la431ae7ouCmLfkOyVdiVNteauZ3v5T
-----END CERTIFICATE-----
Generated at Sun May 11 22:41:50 2025 by rpki-client