Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7HFoo6XpGHsaR08gZGZioQcSw3A.roa
File: 7HFoo6XpGHsaR08gZGZioQcSw3A.roa (raw, json)
Hash identifier: AhqwrhvF9dUPFUbUdsz3HA2ORJ+B3Ziz1DaZ4+K8PQk=
Subject key identifier: EC:71:68:A3:A5:E9:18:7B:1A:47:4F:20:64:66:62:A1:07:12:C3:70
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0194CCA227A89C4F450C414EC76F6AE516C2
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7HFoo6XpGHsaR08gZGZioQcSw3A.roa
Signing time: Mon 03 Feb 2025 16:26:06 +0000
ROA not before: Mon 03 Feb 2025 16:26:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 14.102.226.0/23 maxlen: 24
14.102.231.0/24 maxlen: 24
14.102.232.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.96.0/24 maxlen: 24
77.111.107.0/24 maxlen: 24
85.208.10.0/24 maxlen: 24
94.229.210.0/24 maxlen: 24
94.229.212.0/24 maxlen: 24
194.36.32.0/24 maxlen: 24
194.36.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Feb 2025 16:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cc:a2:27:a8:9c:4f:45:0c:41:4e:c7:6f:6a:e5:16:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Feb 3 16:26:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec7168a3a5e9187b1a474f20646662a10712c370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:71:f1:4b:90:5a:2d:25:fd:38:0c:53:54:9a:
92:2e:81:94:b4:23:b3:5a:fd:24:6d:ea:7c:27:45:
d1:5a:8e:2b:c5:4f:df:a3:b2:ef:cd:c0:8b:b5:67:
1e:ee:e6:8c:f7:ca:80:e4:83:77:70:f1:04:29:6c:
89:fe:5f:cc:18:db:a5:6e:3b:dd:2e:d4:22:04:1a:
a5:fd:08:09:48:be:7d:60:28:a1:43:3d:c6:0d:5d:
1e:87:79:bc:01:5c:34:71:fb:76:b6:70:7d:40:0f:
97:6f:1f:0c:4d:9d:c8:f8:f9:84:88:3b:4f:ee:91:
19:bc:5e:ea:6a:d3:8f:1e:d0:b8:e6:ae:e6:b5:fd:
b7:1b:b5:d8:50:ae:27:ee:85:a2:69:40:16:aa:96:
08:c8:81:6d:b2:4e:79:81:2b:9e:b1:a3:4b:b6:28:
d5:9e:44:ec:70:29:2d:cb:30:61:9d:b1:d1:a1:24:
10:df:33:65:14:8d:84:6e:28:e6:29:ac:dd:af:30:
7e:b0:8a:a9:45:10:67:f5:d8:12:03:8a:17:0c:54:
0d:9b:53:73:74:f4:e4:5e:b2:2c:53:a0:01:dc:01:
c1:b0:6c:58:ff:06:92:0e:2e:1f:ba:a1:a7:a9:94:
d0:3c:f0:8f:03:c2:cd:8b:00:ac:74:35:08:c7:d0:
c1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:71:68:A3:A5:E9:18:7B:1A:47:4F:20:64:66:62:A1:07:12:C3:70
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7HFoo6XpGHsaR08gZGZioQcSw3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/23
14.102.231.0-14.102.232.255
77.111.96.0/22
77.111.107.0/24
85.208.10.0/24
94.229.210.0/24
94.229.212.0/24
194.36.32.0/23
Signature Algorithm: sha256WithRSAEncryption
c7:01:73:fc:9a:14:fd:86:6f:28:37:53:31:48:18:b2:ab:bd:
c5:48:19:9c:9e:07:90:7a:1c:fd:43:db:3d:a5:70:0a:ad:29:
d7:c3:3d:aa:c6:fd:61:00:86:ab:62:6d:cf:03:7b:a1:67:3d:
0e:3b:4e:7c:54:2c:75:63:42:ef:da:7c:9f:f9:00:b5:3c:cf:
64:9b:2a:37:9c:1f:43:fb:08:70:4c:60:ed:c1:40:ee:7c:fb:
20:0f:3d:87:d8:18:c8:3c:59:7f:16:e2:6b:e4:a3:50:eb:07:
48:ae:2a:38:21:73:5d:1b:1e:3f:a2:86:7d:76:9d:c7:8b:e1:
d1:8a:cd:2d:e5:ad:82:c8:eb:87:3b:1b:7f:03:36:b2:73:be:
46:17:37:79:0f:e3:41:c7:b3:ce:31:38:17:3e:fd:5f:64:69:
1f:67:45:85:4f:89:d3:ec:a5:c2:ea:86:ad:98:d0:e6:46:c1:
e6:b2:e1:24:33:13:8f:62:87:c1:91:a7:a2:06:03:0a:df:f1:
93:60:21:f7:1f:c5:59:70:aa:c1:91:b0:1c:5e:2f:18:ca:46:
6c:cf:56:9e:57:68:1a:c1:8a:63:f9:f2:df:7a:c7:3f:e2:d1:
2a:76:87:69:20:50:bf:06:24:43:08:f1:1b:68:9b:43:b3:83:
54:08:9a:7f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZTMoieonE9FDEFOx29q5RbCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwMjAzMTYyNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzcxNjhhM2E1ZTkxODdiMWE0NzRmMjA2NDY2NjJhMTA3MTJjMzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5HHxS5BaLSX9OAxTVJqSLoGUtCOz
Wv0kbep8J0XRWo4rxU/fo7LvzcCLtWce7uaM98qA5IN3cPEEKWyJ/l/MGNulbjvd
LtQiBBql/QgJSL59YCihQz3GDV0eh3m8AVw0cft2tnB9QA+Xbx8MTZ3I+PmEiDtP
7pEZvF7qatOPHtC45q7mtf23G7XYUK4n7oWiaUAWqpYIyIFtsk55gSuesaNLtijV
nkTscCktyzBhnbHRoSQQ3zNlFI2EbijmKazdrzB+sIqpRRBn9dgSA4oXDFQNm1Nz
dPTkXrIsU6AB3AHBsGxY/waSDi4fuqGnqZTQPPCPA8LNiwCsdDUIx9DBJwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFOxxaKOl6Rh7GkdPIGRmYqEHEsNwMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvN0hGb282WHBHSHNhUjA4Z1pHWmlvUWNTdzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBDmbiMAwD
BAAOZucDBAAOZugDBAJNb2ADBABNb2sDBABV0AoDBABe5dIDBABe5dQDBAHCJCAw
DQYJKoZIhvcNAQELBQADggEBAMcBc/yaFP2Gbyg3UzFIGLKrvcVIGZyeB5B6HP1D
2z2lcAqtKdfDParG/WEAhqtibc8De6FnPQ47TnxULHVjQu/afJ/5ALU8z2SbKjec
H0P7CHBMYO3BQO58+yAPPYfYGMg8WX8W4mvko1DrB0iuKjghc10bHj+ihn12nceL
4dGKzS3lrYLI64c7G38DNrJzvkYXN3kP40HHs84xOBc+/V9kaR9nRYVPidPspcLq
hq2Y0OZGweay4SQzE49ih8GRp6IGAwrf8ZNgIfcfxVlwqsGRsBxeLxjKRmzPVp5X
aBrBimP58t96xz/i0Sp2h2kgUL8GJEMI8Rtom0Ozg1QImn8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:24 2025 by rpki-client