Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/DU8pPzqO-uK7ZH885bAZrg1txO0.roa
File: DU8pPzqO-uK7ZH885bAZrg1txO0.roa (raw, json)
Hash identifier: WqU4lcjxvO4Y2dS1ZFm324Cec47AIhIoMsu9YuK15D8=
Subject key identifier: 0D:4F:29:3F:3A:8E:FA:E2:BB:64:7F:3C:E5:B0:19:AE:0D:6D:C4:ED
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018F465D65B28F3594394B1DE42852E48C02
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/DU8pPzqO-uK7ZH885bAZrg1txO0.roa
Signing time: Sun 05 May 2024 01:27:57 +0000
ROA not before: Sun 05 May 2024 01:27:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 14.102.231.0/24 maxlen: 24
14.102.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 May 2024 20:38:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:46:5d:65:b2:8f:35:94:39:4b:1d:e4:28:52:e4:8c:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: May 5 01:27:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d4f293f3a8efae2bb647f3ce5b019ae0d6dc4ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b7:b0:0d:b6:92:6f:1c:bc:a9:61:75:98:d9:
82:66:f5:12:09:3e:dc:ed:e7:30:e5:3c:68:60:dd:
13:f4:69:67:7a:a8:75:9e:c6:20:49:18:2e:36:11:
a6:4b:84:dc:c1:e3:81:0b:ea:89:c0:74:91:f4:e2:
5b:b4:a0:95:7e:28:ad:f9:d3:60:2b:18:ac:81:a2:
22:82:6c:61:48:3b:49:55:cf:b8:47:2f:63:2a:f9:
dc:d0:d4:02:c3:40:e6:e4:8d:9e:ca:d5:2d:9a:94:
85:c7:f3:33:89:d7:3e:29:b4:31:09:8c:28:e7:88:
ce:6e:a9:5e:68:77:e1:13:e8:99:d2:95:65:46:f8:
70:2a:2a:dc:27:b4:c5:85:2b:4b:d9:05:95:28:c8:
07:94:21:4f:b1:6b:aa:9e:32:73:c5:7a:2d:2a:ca:
68:65:19:2f:26:d5:e8:8d:e8:fb:62:f1:ac:1e:98:
53:6e:1f:06:c0:2d:bc:f6:7f:d9:85:a9:24:2b:c1:
07:07:eb:6f:2b:42:df:ae:d6:db:2f:b2:52:c2:6c:
b0:36:e8:a4:12:1a:cb:30:c6:f5:59:a7:35:6b:1f:
78:3c:9f:9d:ca:be:4c:6c:85:7d:e7:9d:fb:ac:ba:
b4:8e:5b:0a:a0:f1:d3:7b:e4:40:1b:c9:85:0e:18:
76:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:4F:29:3F:3A:8E:FA:E2:BB:64:7F:3C:E5:B0:19:AE:0D:6D:C4:ED
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/DU8pPzqO-uK7ZH885bAZrg1txO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.231.0/24
14.102.236.0/24
Signature Algorithm: sha256WithRSAEncryption
13:4d:f1:03:a2:41:2c:62:2c:53:30:b7:7b:c3:1d:ec:fe:74:
8a:aa:ef:e4:ce:ee:97:2b:ac:5a:5a:df:82:aa:f5:b2:0a:9d:
27:04:4f:ab:df:51:8f:69:f8:c1:91:2d:a3:65:e9:eb:67:78:
3d:50:81:16:af:5e:b0:82:3d:39:8e:9e:e9:a2:7a:75:07:e2:
8f:df:6c:a3:1e:d6:e8:72:5d:e7:27:52:c9:39:f7:19:17:de:
5b:0b:54:87:2d:44:6a:f2:d8:2c:1b:75:b9:a4:57:33:48:f7:
c3:74:72:7a:ce:b4:ed:b5:df:36:0b:4e:35:aa:44:88:f1:d4:
04:2d:ee:dc:08:39:bf:26:30:0a:cb:f8:9a:60:bd:ff:de:10:
c0:88:da:8e:17:75:61:b0:e0:5a:a1:66:94:4f:d8:0f:1b:dd:
4a:58:26:aa:7d:91:bf:49:ac:1b:09:e3:b3:30:5f:a5:61:1f:
36:5a:e3:7d:db:77:91:29:ab:94:49:c0:9c:29:9e:6b:b7:92:
97:3f:47:cc:f3:e6:d1:ba:72:e9:bb:7f:8a:8a:6b:e5:0d:b9:
27:e4:11:e8:93:31:c6:4a:52:d7:24:f6:88:95:8f:7e:90:84:
30:c2:31:cf:71:af:37:d1:69:5b:d1:70:18:05:55:6a:37:f7:
7e:cc:26:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9GXWWyjzWUOUsd5ChS5IwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwNTA1MDEyNzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDRmMjkzZjNhOGVmYWUyYmI2NDdmM2NlNWIwMTlhZTBkNmRjNGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobewDbaSbxy8qWF1mNmCZvUSCT7c
7ecw5TxoYN0T9Glneqh1nsYgSRguNhGmS4TcweOBC+qJwHSR9OJbtKCVfiit+dNg
KxisgaIigmxhSDtJVc+4Ry9jKvnc0NQCw0Dm5I2eytUtmpSFx/Mzidc+KbQxCYwo
54jObqleaHfhE+iZ0pVlRvhwKircJ7TFhStL2QWVKMgHlCFPsWuqnjJzxXotKspo
ZRkvJtXojej7YvGsHphTbh8GwC289n/ZhakkK8EHB+tvK0LfrtbbL7JSwmywNuik
EhrLMMb1Wac1ax94PJ+dyr5MbIV95537rLq0jlsKoPHTe+RAG8mFDhh2zwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA1PKT86jvriu2R/POWwGa4NbcTtMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvRFU4cFB6cU8tdUs3Wkg4ODViQVpyZzF0eE8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQADmbnAwQA
DmbsMA0GCSqGSIb3DQEBCwUAA4IBAQATTfEDokEsYixTMLd7wx3s/nSKqu/kzu6X
K6xaWt+CqvWyCp0nBE+r31GPafjBkS2jZenrZ3g9UIEWr16wgj05jp7ponp1B+KP
32yjHtbocl3nJ1LJOfcZF95bC1SHLURq8tgsG3W5pFczSPfDdHJ6zrTttd82C041
qkSI8dQELe7cCDm/JjAKy/iaYL3/3hDAiNqOF3VhsOBaoWaUT9gPG91KWCaqfZG/
SawbCeOzMF+lYR82WuN923eRKauUScCcKZ5rt5KXP0fM8+bRunLpu3+KimvlDbkn
5BHokzHGSlLXJPaIlY9+kIQwwjHPca830Wlb0XAYBVVqN/d+zCbU
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:38 2025 by rpki-client