Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/PKk3imKtbsmkCtA-QPid44zUrWg.roa
File: PKk3imKtbsmkCtA-QPid44zUrWg.roa (raw, json)
Hash identifier: 9PtC4g1eL5FPX83E9lO3f1IZZx1JwKpmcqEUPW1Za28=
Subject key identifier: 3C:A9:37:8A:62:AD:6E:C9:A4:0A:D0:3E:40:F8:9D:E3:8C:D4:AD:68
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018D99014CB1DBB267FDBB40CDB9B4769895
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/PKk3imKtbsmkCtA-QPid44zUrWg.roa
Signing time: Sun 11 Feb 2024 16:30:15 +0000
ROA not before: Sun 11 Feb 2024 16:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 14.102.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 17:36:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:99:01:4c:b1:db:b2:67:fd:bb:40:cd:b9:b4:76:98:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Feb 11 16:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ca9378a62ad6ec9a40ad03e40f89de38cd4ad68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:94:81:9f:59:f4:bf:aa:8c:70:0c:dc:73:85:
e2:f0:b5:46:86:44:70:33:91:be:bf:98:7e:c5:ab:
ab:50:bd:14:14:fb:40:a4:bf:41:27:fc:02:b3:d7:
ba:77:b7:cc:68:a3:16:a0:62:99:fb:92:0b:f2:ec:
55:8a:98:22:f7:a5:56:b0:f8:2f:89:04:5f:a1:17:
f0:ab:e7:80:6f:5b:55:3f:f3:c1:a5:6a:9c:4f:f9:
79:fa:ff:97:9b:02:d2:88:9f:79:d2:a7:06:87:0c:
13:12:d6:70:a1:ce:3f:53:15:f7:2b:4c:0b:a4:e1:
25:13:08:94:52:77:9d:ec:6d:ab:24:f5:21:ee:c2:
c0:58:ea:e9:41:ab:a4:d6:5a:e7:b6:78:fc:fb:64:
ee:04:a2:bd:52:de:63:20:b1:1f:1c:da:d9:03:0c:
16:db:ea:27:60:22:54:3f:48:88:8a:55:cc:27:74:
04:55:7f:34:58:d3:38:ba:02:b1:be:11:84:85:92:
2b:99:0a:52:2c:b2:0d:2b:af:3d:04:66:dd:4a:6b:
0d:41:2f:c8:71:49:4f:c9:79:ef:e0:df:d3:d2:f5:
f7:82:0b:55:2a:9e:47:32:c5:2e:ec:3d:51:03:72:
32:26:6f:ba:ec:f8:37:cf:e1:a9:da:59:7e:51:da:
d0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A9:37:8A:62:AD:6E:C9:A4:0A:D0:3E:40:F8:9D:E3:8C:D4:AD:68
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/PKk3imKtbsmkCtA-QPid44zUrWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.232.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:6f:8a:0f:18:20:52:fe:d3:d3:51:cd:a5:89:44:92:c2:26:
e8:59:1d:8d:f4:ec:7d:e1:c1:56:f4:b9:bb:81:6a:33:ff:d7:
49:64:b6:ae:a2:b2:6e:61:ce:fc:6e:37:c2:eb:0e:51:1a:d1:
d9:49:19:1f:c2:58:b7:dc:48:96:7c:1a:79:73:81:9a:76:1d:
a5:6f:06:76:25:e6:8b:6f:91:37:48:87:01:a6:26:62:36:45:
5c:4d:ae:37:77:e7:44:93:13:0d:9a:81:3d:c8:34:50:ac:9c:
d6:a1:6e:af:91:ba:6c:80:ee:62:7b:aa:82:3c:c7:24:94:43:
0c:f7:c2:3a:00:a8:1a:ec:2f:c7:b2:30:7b:e5:11:0a:74:9c:
c7:86:24:f4:72:25:65:3c:07:f8:eb:29:d5:ca:48:89:8c:2e:
4b:74:86:ab:69:62:6a:ff:15:a9:42:58:75:2f:1b:97:5f:d9:
47:1b:d5:0a:e8:88:f4:45:cf:e3:04:8c:85:a7:16:49:5c:54:
2c:a5:56:12:42:e9:b6:f6:bf:8b:18:04:aa:ba:98:9a:54:52:
c0:b5:83:f8:ff:09:2b:cb:13:f0:45:49:d3:8a:b4:0b:49:d1:
a0:28:6e:74:82:74:69:7b:28:b5:f2:c7:b3:32:85:84:59:42:
1a:4e:5d:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2ZAUyx27Jn/btAzbm0dpiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwMjExMTYzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2E5Mzc4YTYyYWQ2ZWM5YTQwYWQwM2U0MGY4OWRlMzhjZDRhZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZSBn1n0v6qMcAzcc4Xi8LVGhkRw
M5G+v5h+xaurUL0UFPtApL9BJ/wCs9e6d7fMaKMWoGKZ+5IL8uxVipgi96VWsPgv
iQRfoRfwq+eAb1tVP/PBpWqcT/l5+v+XmwLSiJ950qcGhwwTEtZwoc4/UxX3K0wL
pOElEwiUUned7G2rJPUh7sLAWOrpQauk1lrntnj8+2TuBKK9Ut5jILEfHNrZAwwW
2+onYCJUP0iIilXMJ3QEVX80WNM4ugKxvhGEhZIrmQpSLLINK689BGbdSmsNQS/I
cUlPyXnv4N/T0vX3ggtVKp5HMsUu7D1RA3IyJm+67Pg3z+Gp2ll+UdrQRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDypN4pirW7JpArQPkD4neOM1K1oMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvUEtrM2ltS3Ric21rQ3RBLVFQaWQ0NHpVcldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQADmboMA0G
CSqGSIb3DQEBCwUAA4IBAQCbb4oPGCBS/tPTUc2liUSSwiboWR2N9Ox94cFW9Lm7
gWoz/9dJZLauorJuYc78bjfC6w5RGtHZSRkfwli33EiWfBp5c4Gadh2lbwZ2JeaL
b5E3SIcBpiZiNkVcTa43d+dEkxMNmoE9yDRQrJzWoW6vkbpsgO5ie6qCPMcklEMM
98I6AKga7C/HsjB75REKdJzHhiT0ciVlPAf46ynVykiJjC5LdIaraWJq/xWpQlh1
LxuXX9lHG9UK6Ij0Rc/jBIyFpxZJXFQspVYSQum29r+LGASqupiaVFLAtYP4/wkr
yxPwRUnTirQLSdGgKG50gnRpeyi18sezMoWEWUIaTl1M
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:52 2025 by rpki-client