Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/BxlBTbSSRHItLVH8L2B_4aKtOAo.roa
File: BxlBTbSSRHItLVH8L2B_4aKtOAo.roa (raw, json)
Hash identifier: kE1Fg8npQyT58lWoymPKOGTvM2xrbWd3iylaJLZr55w=
Subject key identifier: 07:19:41:4D:B4:92:44:72:2D:2D:51:FC:2F:60:7F:E1:A2:AD:38:0A
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01972E4C80D84A547227E85F64A2C35C65CF
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/BxlBTbSSRHItLVH8L2B_4aKtOAo.roa
Signing time: Mon 02 Jun 2025 01:40:55 +0000
ROA not before: Mon 02 Jun 2025 01:40:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 14.102.226.0/23 maxlen: 24
14.102.227.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.102.0/23 maxlen: 24
89.106.15.0/24 maxlen: 24
89.106.28.0/22 maxlen: 22
94.229.212.0/24 maxlen: 24
94.229.220.0/24 maxlen: 24
94.229.222.0/24 maxlen: 24
94.229.223.0/24 maxlen: 24
194.36.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 19:38:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2e:4c:80:d8:4a:54:72:27:e8:5f:64:a2:c3:5c:65:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 2 01:40:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0719414db49244722d2d51fc2f607fe1a2ad380a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8d:22:91:2c:73:a7:14:2d:7d:ad:df:34:78:
9f:03:2c:71:19:d6:f5:5f:04:2a:52:93:da:1f:29:
26:9c:88:b0:cf:37:73:84:f5:cd:bc:b6:fd:bf:4b:
2b:5b:3c:01:92:4e:34:16:f4:79:19:ad:7c:9b:ef:
f9:ce:34:71:4c:49:44:41:34:c7:6c:38:bf:ef:2a:
38:79:6f:20:96:9c:ed:c2:cd:7f:44:11:aa:53:d1:
ae:70:99:8f:e8:ef:81:40:a8:1e:c6:ce:ba:b0:6a:
66:c9:a0:c3:e5:06:4f:69:05:4d:28:92:c5:29:03:
cd:fe:1c:8f:a1:4a:7d:5c:7f:c9:c4:ff:ae:bf:4a:
e0:c6:c4:3f:a7:b8:d1:58:b9:31:f4:3e:65:db:89:
50:60:6a:6b:7c:9e:ce:7b:0a:da:d1:a4:3d:93:c3:
34:7a:c5:78:89:d8:14:77:db:f2:56:20:30:3f:5d:
e9:62:60:09:d9:7a:f6:af:22:4b:e5:ad:64:d3:2c:
63:da:f7:d4:9c:cc:bf:7f:3d:29:c6:03:db:d9:07:
47:80:bd:74:ec:48:88:d6:be:16:1a:2d:94:9f:8e:
9e:8d:65:71:a5:65:b2:71:d7:b4:13:17:17:a5:3b:
77:a7:ca:17:9a:c2:17:21:f6:e3:da:50:14:8e:c4:
71:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:19:41:4D:B4:92:44:72:2D:2D:51:FC:2F:60:7F:E1:A2:AD:38:0A
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/BxlBTbSSRHItLVH8L2B_4aKtOAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/23
77.111.96.0/22
77.111.102.0/23
89.106.15.0/24
89.106.28.0/22
94.229.212.0/24
94.229.220.0/24
94.229.222.0/23
194.36.34.0/24
Signature Algorithm: sha256WithRSAEncryption
20:f2:62:bb:e3:df:5e:16:be:d8:62:2c:34:37:1a:c8:58:d8:
5b:f3:55:15:1b:81:aa:76:da:9a:65:47:2e:ce:2e:bb:1e:21:
6c:1b:85:46:0c:54:79:18:d6:1e:e8:8b:c5:77:c1:f9:8e:7e:
9f:ff:3f:d0:69:67:88:af:f8:3b:19:99:31:18:cd:a6:5b:99:
62:c3:06:95:f3:66:34:b0:27:b7:67:2c:b8:5f:c7:cc:05:8a:
a7:ff:05:86:a1:e4:4c:dd:46:c7:b5:b2:49:0a:22:28:7f:92:
45:cc:46:27:48:df:c6:36:ca:11:8f:74:00:51:02:45:aa:57:
26:69:b7:8f:4d:1d:76:05:82:9b:c8:e3:37:5c:13:cf:ea:72:
15:df:3c:35:af:90:34:80:dd:45:9b:f8:e1:5c:dc:25:06:4e:
14:81:83:e3:24:52:d5:25:3c:46:a4:1b:76:ad:a2:fe:f1:79:
68:6b:2b:10:44:f9:6b:bd:27:04:05:39:24:0f:94:7e:a4:d7:
53:46:c1:fd:6a:a3:a5:b5:d2:81:39:c4:75:8d:07:1d:4f:32:
2c:7d:58:5c:b1:69:0b:8e:5f:c8:98:d2:2e:2a:36:fa:d0:8b:
4b:96:81:c7:ce:84:6a:4e:a4:72:6e:db:04:6c:5f:04:26:d6:
f1:0d:32:bf
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZcuTIDYSlRyJ+hfZKLDXGXPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwNjAyMDE0MDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzE5NDE0ZGI0OTI0NDcyMmQyZDUxZmMyZjYwN2ZlMWEyYWQzODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxo0ikSxzpxQtfa3fNHifAyxxGdb1
XwQqUpPaHykmnIiwzzdzhPXNvLb9v0srWzwBkk40FvR5Ga18m+/5zjRxTElEQTTH
bDi/7yo4eW8glpztws1/RBGqU9GucJmP6O+BQKgexs66sGpmyaDD5QZPaQVNKJLF
KQPN/hyPoUp9XH/JxP+uv0rgxsQ/p7jRWLkx9D5l24lQYGprfJ7Oewra0aQ9k8M0
esV4idgUd9vyViAwP13pYmAJ2Xr2ryJL5a1k0yxj2vfUnMy/fz0pxgPb2QdHgL10
7EiI1r4WGi2Un46ejWVxpWWycde0ExcXpTt3p8oXmsIXIfbj2lAUjsRx+wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAcZQU20kkRyLS1R/C9gf+GirTgKMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvQnhsQlRiU1NSSEl0TFZIOEwyQl80YUt0T0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBDmbiAwQC
TW9gAwQBTW9mAwQAWWoPAwQCWWocAwQAXuXUAwQAXuXcAwQBXuXeAwQAwiQiMA0G
CSqGSIb3DQEBCwUAA4IBAQAg8mK7499eFr7YYiw0NxrIWNhb81UVG4GqdtqaZUcu
zi67HiFsG4VGDFR5GNYe6IvFd8H5jn6f/z/QaWeIr/g7GZkxGM2mW5liwwaV82Y0
sCe3Zyy4X8fMBYqn/wWGoeRM3UbHtbJJCiIof5JFzEYnSN/GNsoRj3QAUQJFqlcm
abePTR12BYKbyOM3XBPP6nIV3zw1r5A0gN1Fm/jhXNwlBk4UgYPjJFLVJTxGpBt2
raL+8XloaysQRPlrvScEBTkkD5R+pNdTRsH9aqOltdKBOcR1jQcdTzIsfVhcsWkL
jl/ImNIuKjb60ItLloHHzoRqTqRybtsEbF8EJtbxDTK/
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:55:47 2025 by rpki-client