Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/mImHwqRiljM4dK21teuC-hK44fs.roa
File: mImHwqRiljM4dK21teuC-hK44fs.roa (raw, json)
Hash identifier: jaDxGP0jSpAcKxU7QBfQ5X7g1SOPWQZRfrl67+aA+Yc=
Subject key identifier: 98:89:87:C2:A4:62:96:33:38:74:AD:B5:B5:EB:82:FA:12:B8:E1:FB
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01959F6FA89E4066D9866FEAB088C11340CA
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/mImHwqRiljM4dK21teuC-hK44fs.roa
Signing time: Sun 16 Mar 2025 14:50:49 +0000
ROA not before: Sun 16 Mar 2025 14:50:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 14.102.226.0/23 maxlen: 24
14.102.231.0/24 maxlen: 24
45.151.140.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.97.0/24 maxlen: 24
85.208.10.0/24 maxlen: 24
94.229.212.0/24 maxlen: 24
94.229.220.0/24 maxlen: 24
94.229.223.0/24 maxlen: 24
194.36.32.0/24 maxlen: 24
194.36.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Mar 2025 16:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9f:6f:a8:9e:40:66:d9:86:6f:ea:b0:88:c1:13:40:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Mar 16 14:50:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=988987c2a46296333874adb5b5eb82fa12b8e1fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c0:bc:ef:db:be:f2:61:1d:ca:af:d5:ab:8e:
f0:cd:58:d1:dd:eb:24:7f:1d:0e:cf:a5:b5:9b:ba:
39:8c:e7:7f:9f:f8:53:42:98:ab:53:2a:4e:f3:b1:
b2:49:4f:30:3c:78:04:9c:a7:ff:34:81:d3:67:8f:
08:85:2b:52:82:23:29:88:ba:82:d3:20:5d:d1:af:
9f:35:60:a7:7e:23:76:cc:ae:ed:b4:73:06:a2:02:
6b:e1:6e:82:bb:bd:ea:73:e3:7f:06:75:76:2a:1a:
98:7b:3c:04:77:e5:66:37:bd:e9:c9:e7:35:60:a0:
c2:34:3c:04:56:08:ac:c9:43:ff:0e:67:1d:ad:2e:
e4:dc:de:7f:e6:59:16:b8:69:69:ad:cc:78:33:f4:
d7:13:76:64:6e:6b:ad:95:3d:de:e6:9d:6f:3a:9c:
59:d8:0a:ac:ce:88:a1:4c:9b:63:dc:7f:b0:f1:6c:
5b:0b:53:2b:b0:39:9a:7e:fd:b4:86:5b:72:1d:b6:
a0:47:f9:73:29:11:45:93:19:04:67:74:83:90:ba:
f8:a3:b3:0d:1a:24:c7:81:65:5f:a1:ed:7a:d3:9f:
90:1c:1b:38:a9:7b:f1:25:2c:44:98:15:34:48:9e:
d6:c0:bb:a6:25:ce:72:72:32:b5:99:ae:37:28:59:
0e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:89:87:C2:A4:62:96:33:38:74:AD:B5:B5:EB:82:FA:12:B8:E1:FB
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/mImHwqRiljM4dK21teuC-hK44fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/23
14.102.231.0/24
45.151.140.0/24
77.111.96.0/22
85.208.10.0/24
94.229.212.0/24
94.229.220.0/24
94.229.223.0/24
194.36.32.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:6f:6f:7e:4e:7e:38:89:f4:07:5c:f4:0e:b5:15:71:fc:17:
d4:bd:9e:12:b4:55:d1:63:de:51:da:3b:b5:06:36:91:5d:12:
94:35:1e:de:a2:3b:76:6d:1c:89:75:a2:de:4d:9e:69:18:f3:
74:d8:46:e0:f9:4f:a9:08:b0:2b:2d:7c:37:64:c0:7a:5c:41:
ca:52:8f:ea:9a:a0:28:26:95:4a:2e:d6:15:6f:e5:29:f5:11:
f3:8c:47:de:ce:e5:f3:c9:88:cb:34:fd:38:bf:ed:d8:5d:8d:
ef:5f:22:d5:79:58:9c:98:bf:9d:cd:06:69:8c:9e:98:5e:3c:
00:af:47:05:49:1c:a3:e1:4c:8b:03:73:02:f0:d3:dc:d3:79:
45:26:f3:6a:fc:24:9f:5d:ea:68:99:dd:0b:a2:51:87:88:78:
d3:7f:eb:d3:2d:51:82:a8:a0:fa:70:53:81:4b:91:70:e2:52:
5c:78:a7:b4:bc:72:21:3b:4d:bd:0c:e4:9b:88:ac:cc:ab:9e:
a6:79:5e:01:60:43:d9:67:42:8e:8e:ef:ae:89:67:d6:1c:d9:
90:a9:61:6a:63:24:48:8b:4c:75:38:90:6c:f5:f7:67:58:79:
9c:5d:9b:5d:4d:a9:41:94:94:23:28:4a:13:54:f9:a3:c0:bc:
11:ea:62:ad
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZWfb6ieQGbZhm/qsIjBE0DKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwMzE2MTQ1MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODg5ODdjMmE0NjI5NjMzMzg3NGFkYjViNWViODJmYTEyYjhlMWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusC879u+8mEdyq/Vq47wzVjR3esk
fx0Oz6W1m7o5jOd/n/hTQpirUypO87GySU8wPHgEnKf/NIHTZ48IhStSgiMpiLqC
0yBd0a+fNWCnfiN2zK7ttHMGogJr4W6Cu73qc+N/BnV2KhqYezwEd+VmN73pyec1
YKDCNDwEVgisyUP/DmcdrS7k3N5/5lkWuGlprcx4M/TXE3ZkbmutlT3e5p1vOpxZ
2AqszoihTJtj3H+w8WxbC1MrsDmafv20hltyHbagR/lzKRFFkxkEZ3SDkLr4o7MN
GiTHgWVfoe1605+QHBs4qXvxJSxEmBU0SJ7WwLumJc5ycjK1ma43KFkOMQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJiJh8KkYpYzOHSttbXrgvoSuOH7MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvbUltSHdxUmlsak00ZEsyMXRldUMtaEs0NGZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBDmbiAwQA
DmbnAwQALZeMAwQCTW9gAwQAVdAKAwQAXuXUAwQAXuXcAwQAXuXfAwQBwiQgMA0G
CSqGSIb3DQEBCwUAA4IBAQCgb29+Tn44ifQHXPQOtRVx/BfUvZ4StFXRY95R2ju1
BjaRXRKUNR7eojt2bRyJdaLeTZ5pGPN02Ebg+U+pCLArLXw3ZMB6XEHKUo/qmqAo
JpVKLtYVb+Up9RHzjEfezuXzyYjLNP04v+3YXY3vXyLVeVicmL+dzQZpjJ6YXjwA
r0cFSRyj4UyLA3MC8NPc03lFJvNq/CSfXepomd0LolGHiHjTf+vTLVGCqKD6cFOB
S5Fw4lJceKe0vHIhO029DOSbiKzMq56meV4BYEPZZ0KOju+uiWfWHNmQqWFqYyRI
i0x1OJBs9fdnWHmcXZtdTalBlJQjKEoTVPmjwLwR6mKt
-----END CERTIFICATE-----
Generated at Sat May 10 14:40:22 2025 by rpki-client