Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/PRKtUk0kDnSRLLToyLIczd0yonM.roa
File: PRKtUk0kDnSRLLToyLIczd0yonM.roa (raw, json)
Hash identifier: jc55COZN22F2hpKtObV+nVeOr9QTB9S6NrSRFvM+Sn8=
Subject key identifier: 3D:12:AD:52:4D:24:0E:74:91:2C:B4:E8:C8:B2:1C:CD:DD:32:A2:73
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018D762A3DFDAB539B37B6340DF4EF60B598
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/PRKtUk0kDnSRLLToyLIczd0yonM.roa
Signing time: Sun 04 Feb 2024 22:08:16 +0000
ROA not before: Sun 04 Feb 2024 22:08:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61135
IP address blocks: 14.102.234.0/24 maxlen: 24
14.102.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 04 Feb 2024 22:09:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:76:2a:3d:fd:ab:53:9b:37:b6:34:0d:f4:ef:60:b5:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Feb 4 22:08:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d12ad524d240e74912cb4e8c8b21ccddd32a273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:36:ad:29:3e:15:05:47:c9:72:a1:17:d4:68:
39:15:a2:ed:32:aa:e7:db:58:d9:0f:96:15:24:69:
87:4c:88:f1:fb:86:e0:8e:a2:92:8a:dd:84:3b:ee:
23:ce:71:20:5b:91:0a:c6:25:d1:32:bb:4a:2a:46:
52:70:cc:02:63:88:8c:7f:a4:6b:35:fc:9d:98:f6:
4f:4e:8f:df:fd:34:e2:55:85:fc:a2:99:38:59:27:
c6:cd:9e:72:0c:ca:ad:50:c1:c7:5a:7c:4b:78:15:
7c:94:fb:b3:ef:e0:6c:7d:f7:d5:50:5b:f7:1c:71:
b0:a9:59:18:eb:2e:94:48:85:e2:8c:cc:1c:06:23:
d5:22:c1:97:8d:e8:08:54:d3:b4:34:73:e5:1a:82:
90:e1:a1:e5:1a:e6:51:8e:b3:f0:22:19:1b:a0:2f:
b6:06:67:dd:6c:e7:2a:d6:bf:ab:22:7e:16:a4:9c:
b8:0f:80:f9:e9:61:45:e8:23:43:91:ef:a3:60:07:
9e:f4:ec:2c:02:da:ba:18:9d:f0:99:e5:5b:80:83:
46:26:38:0c:cc:26:26:45:b7:13:43:d5:db:68:e9:
cc:3f:bf:40:5c:59:00:46:79:77:21:d8:3b:93:cd:
96:a1:0c:83:3d:ff:37:b6:9a:c8:00:81:fc:3f:a3:
47:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:12:AD:52:4D:24:0E:74:91:2C:B4:E8:C8:B2:1C:CD:DD:32:A2:73
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/PRKtUk0kDnSRLLToyLIczd0yonM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.234.0/24
14.102.236.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:27:66:ba:7e:c9:2d:5c:b6:34:99:93:2b:09:3f:ec:0b:03:
23:46:39:86:bd:3e:5e:66:4e:44:c1:81:dd:2c:0c:bf:30:b5:
9a:de:f0:cb:8c:9a:44:8d:8c:4c:d2:fb:89:e9:b4:65:a4:19:
1c:fd:27:77:82:8c:f6:02:a8:d9:40:20:ac:98:ef:2f:ea:d6:
6b:24:c5:19:21:15:f3:69:c3:ed:ff:c0:8d:b7:3e:27:d8:c9:
f2:9c:7b:16:e7:97:5d:e7:98:27:dc:33:82:46:ce:49:c9:03:
a6:83:f6:55:dd:27:8d:4b:81:b2:ad:bc:60:3c:29:38:20:7a:
87:c2:32:54:b5:de:d7:9f:82:cf:85:cc:65:56:bd:83:19:20:
e1:f3:5e:0d:91:a9:11:c7:fa:f5:f0:7e:1a:09:87:3a:ce:21:
a6:53:50:ea:1b:fb:97:93:24:71:d7:c0:eb:a9:d4:bc:c7:46:
e2:e7:44:b1:18:92:47:cd:80:b8:7a:6e:82:76:d7:b6:50:91:
e4:4c:3c:81:43:24:27:dc:46:47:56:a0:83:ca:a4:86:08:85:
59:6b:1b:83:67:61:aa:77:b2:9c:50:42:63:d3:0d:51:21:cc:
65:8a:6e:10:45:2b:05:2c:94:82:5d:9f:3e:92:a0:f9:06:74:
c5:5e:71:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY12Kj39q1ObN7Y0DfTvYLWYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwMjA0MjIwODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDEyYWQ1MjRkMjQwZTc0OTEyY2I0ZThjOGIyMWNjZGRkMzJhMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjatKT4VBUfJcqEX1Gg5FaLtMqrn
21jZD5YVJGmHTIjx+4bgjqKSit2EO+4jznEgW5EKxiXRMrtKKkZScMwCY4iMf6Rr
NfydmPZPTo/f/TTiVYX8opk4WSfGzZ5yDMqtUMHHWnxLeBV8lPuz7+BsfffVUFv3
HHGwqVkY6y6USIXijMwcBiPVIsGXjegIVNO0NHPlGoKQ4aHlGuZRjrPwIhkboC+2
BmfdbOcq1r+rIn4WpJy4D4D56WFF6CNDke+jYAee9OwsAtq6GJ3wmeVbgINGJjgM
zCYmRbcTQ9XbaOnMP79AXFkARnl3Idg7k82WoQyDPf83tprIAIH8P6NHlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD0SrVJNJA50kSy06MiyHM3dMqJzMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvUFJLdFVrMGtEblNSTExUb3lMSWN6ZDB5b25NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQADmbqAwQA
DmbsMA0GCSqGSIb3DQEBCwUAA4IBAQCNJ2a6fsktXLY0mZMrCT/sCwMjRjmGvT5e
Zk5EwYHdLAy/MLWa3vDLjJpEjYxM0vuJ6bRlpBkc/Sd3goz2AqjZQCCsmO8v6tZr
JMUZIRXzacPt/8CNtz4n2MnynHsW55dd55gn3DOCRs5JyQOmg/ZV3SeNS4Gyrbxg
PCk4IHqHwjJUtd7Xn4LPhcxlVr2DGSDh814NkakRx/r18H4aCYc6ziGmU1DqG/uX
kyRx18DrqdS8x0bi50SxGJJHzYC4em6Cdte2UJHkTDyBQyQn3EZHVqCDyqSGCIVZ
axuDZ2Gqd7KcUEJj0w1RIcxlim4QRSsFLJSCXZ8+kqD5BnTFXnHf
-----END CERTIFICATE-----
Generated at Sat Jun 14 18:12:47 2025 by rpki-client