Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/1d3aQdF7iqAh7k2uB-w1rt3M090.roa
File: 1d3aQdF7iqAh7k2uB-w1rt3M090.roa (raw, json)
Hash identifier: n7UJsLOqyEx2Kg3T8qiak0kvcCweLzq6uYggi43sDwU=
Subject key identifier: D5:DD:DA:41:D1:7B:8A:A0:21:EE:4D:AE:07:EC:35:AE:DD:CC:D3:DD
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01973C739794DF2DCA2220E1A60ACB07B539
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/1d3aQdF7iqAh7k2uB-w1rt3M090.roa
Signing time: Wed 04 Jun 2025 19:38:17 +0000
ROA not before: Wed 04 Jun 2025 19:38:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 14.102.226.0/23 maxlen: 24
14.102.227.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.102.0/23 maxlen: 24
89.106.15.0/24 maxlen: 24
89.106.28.0/22 maxlen: 22
94.229.212.0/24 maxlen: 24
94.229.220.0/24 maxlen: 24
94.229.222.0/24 maxlen: 24
94.229.223.0/24 maxlen: 24
103.47.59.0/24 maxlen: 24
194.36.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 22:24:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3c:73:97:94:df:2d:ca:22:20:e1:a6:0a:cb:07:b5:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 4 19:38:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5ddda41d17b8aa021ee4dae07ec35aeddccd3dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0c:5f:6e:14:34:45:aa:0b:53:0a:b1:1d:23:
d2:74:61:fb:52:93:28:b1:10:db:1f:5b:d2:cd:b5:
9a:42:7a:f6:cc:45:4e:bc:aa:75:7c:6d:dd:e9:7b:
8b:fb:19:96:f2:90:ff:3f:aa:d6:3d:30:c5:80:e2:
36:ce:a7:5e:08:b7:89:d4:bc:00:9c:1c:ef:ee:b6:
bc:5d:1c:02:81:8e:02:36:de:98:e6:8b:64:74:36:
66:61:8a:00:8f:15:81:ec:7e:c4:ff:49:43:5f:6c:
25:aa:12:0e:a1:ba:84:85:a7:4e:3c:91:13:bf:a9:
b4:0f:34:c8:40:38:a1:ef:94:b2:98:27:9a:b8:33:
90:a2:4c:22:0a:7c:24:fb:5d:48:b9:ae:96:c8:3b:
79:27:1c:4c:93:7b:71:2a:a7:4b:ee:b5:f3:44:2b:
cc:0d:64:f6:d5:f9:d3:96:15:3e:cb:46:61:ad:eb:
c5:d3:f0:3e:19:e2:c3:44:c2:7b:e7:d8:ea:2c:92:
42:44:c6:8b:8b:30:43:e4:01:8c:9f:19:cb:5a:c7:
29:17:b8:68:0e:f1:cc:8f:f2:e7:20:5a:04:eb:34:
aa:89:f7:c7:eb:c6:06:76:59:cc:fa:75:bf:86:c0:
e5:a5:2b:c5:7e:5e:73:70:24:8c:98:e7:ba:19:cc:
c4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:DD:DA:41:D1:7B:8A:A0:21:EE:4D:AE:07:EC:35:AE:DD:CC:D3:DD
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/1d3aQdF7iqAh7k2uB-w1rt3M090.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/23
77.111.96.0/22
77.111.102.0/23
89.106.15.0/24
89.106.28.0/22
94.229.212.0/24
94.229.220.0/24
94.229.222.0/23
103.47.59.0/24
194.36.34.0/24
Signature Algorithm: sha256WithRSAEncryption
dc:f8:5b:40:1d:c0:6a:c4:fe:d1:39:b6:25:42:92:8b:92:44:
d5:81:66:ed:44:02:af:6d:33:70:f0:1e:07:60:32:5d:0b:7d:
0c:27:1f:4c:dd:fa:b5:3c:23:8b:33:bd:83:97:b0:bb:77:a5:
f0:af:78:dd:75:ad:01:68:d7:33:09:42:d9:69:f3:67:10:d2:
fc:c2:60:ad:26:cf:38:70:7e:d5:6b:18:a8:9d:19:44:60:db:
bd:a3:f2:e2:d6:57:78:20:f5:b7:d4:21:5a:d3:4b:e2:dd:98:
bc:44:5a:47:ed:82:e1:78:2a:79:b7:3d:52:aa:62:c9:0d:0a:
d2:e1:05:b6:24:87:65:11:3e:63:ca:5c:a1:5e:8f:e8:83:64:
37:63:c4:8f:8d:ba:70:2c:a9:eb:e7:1a:2c:d8:39:85:b8:e2:
46:11:e1:ed:f9:5c:af:3c:ba:b0:11:0a:a4:2d:f3:37:3c:d8:
6b:82:bd:97:88:f1:30:f7:06:b0:39:3a:9f:d0:6e:f6:f8:9d:
fd:d8:0c:0a:ec:1e:56:ba:47:b2:e3:03:0d:49:c0:3e:0e:a0:
93:1d:92:12:60:1e:53:08:60:5c:a1:50:7a:de:9a:c4:d0:32:
86:77:2f:6a:97:df:2b:30:fb:90:f0:ce:ed:ad:a9:03:a9:ca:
a5:de:dd:79
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZc8c5eU3y3KIiDhpgrLB7U5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwNjA0MTkzODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWRkZGE0MWQxN2I4YWEwMjFlZTRkYWUwN2VjMzVhZWRkY2NkM2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQxfbhQ0RaoLUwqxHSPSdGH7UpMo
sRDbH1vSzbWaQnr2zEVOvKp1fG3d6XuL+xmW8pD/P6rWPTDFgOI2zqdeCLeJ1LwA
nBzv7ra8XRwCgY4CNt6Y5otkdDZmYYoAjxWB7H7E/0lDX2wlqhIOobqEhadOPJET
v6m0DzTIQDih75SymCeauDOQokwiCnwk+11Iua6WyDt5JxxMk3txKqdL7rXzRCvM
DWT21fnTlhU+y0ZhrevF0/A+GeLDRMJ759jqLJJCRMaLizBD5AGMnxnLWscpF7ho
DvHMj/LnIFoE6zSqiffH68YGdlnM+nW/hsDlpSvFfl5zcCSMmOe6GczEFQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFNXd2kHRe4qgIe5NrgfsNa7dzNPdMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvMWQzYVFkRjdpcUFoN2sydUItdzFydDNNMDkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBDmbiAwQC
TW9gAwQBTW9mAwQAWWoPAwQCWWocAwQAXuXUAwQAXuXcAwQBXuXeAwQAZy87AwQA
wiQiMA0GCSqGSIb3DQEBCwUAA4IBAQDc+FtAHcBqxP7RObYlQpKLkkTVgWbtRAKv
bTNw8B4HYDJdC30MJx9M3fq1PCOLM72Dl7C7d6Xwr3jdda0BaNczCULZafNnENL8
wmCtJs84cH7VaxionRlEYNu9o/Li1ld4IPW31CFa00vi3Zi8RFpH7YLheCp5tz1S
qmLJDQrS4QW2JIdlET5jylyhXo/og2Q3Y8SPjbpwLKnr5xos2DmFuOJGEeHt+Vyv
PLqwEQqkLfM3PNhrgr2XiPEw9wawOTqf0G72+J392AwK7B5Wukey4wMNScA+DqCT
HZISYB5TCGBcoVB63prE0DKGdy9ql98rMPuQ8M7trakDqcql3t15
-----END CERTIFICATE-----
Generated at Sat Jun 14 17:40:08 2025 by rpki-client