Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/QIhJl2daNCexYlyTdcbL2kHzfeU.roa
File: QIhJl2daNCexYlyTdcbL2kHzfeU.roa (raw, json)
Hash identifier: 2mT+ph+wXUYkwy/oPwX3H6V6JmvvBVnK0KOqhQlrs9o=
Subject key identifier: 40:88:49:97:67:5A:34:27:B1:62:5C:93:75:C6:CB:DA:41:F3:7D:E5
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019E9436F5703A46230B65754D3FC2D0B1D6
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/QIhJl2daNCexYlyTdcbL2kHzfeU.roa
Signing time: Thu 04 Jun 2026 19:58:10 +0000
ROA not before: Thu 04 Jun 2026 19:58:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 14.102.234.0/24 maxlen: 24
43.242.136.0/24 maxlen: 24
43.242.138.0/24 maxlen: 24
45.151.140.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.100.0/24 maxlen: 24
77.111.102.0/23 maxlen: 24
77.111.105.0/24 maxlen: 24
77.111.106.0/24 maxlen: 24
89.106.2.0/24 maxlen: 24
94.229.209.0/24 maxlen: 24
94.229.213.0/24 maxlen: 24
94.229.222.0/24 maxlen: 24
103.41.44.0/23 maxlen: 24
103.41.46.0/23 maxlen: 24
103.41.47.0/24 maxlen: 24
103.102.133.0/24 maxlen: 24
124.158.112.0/24 maxlen: 24
194.36.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jun 2026 15:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:94:36:f5:70:3a:46:23:0b:65:75:4d:3f:c2:d0:b1:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 4 19:58:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=40884997675a3427b1625c9375c6cbda41f37de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:af:b0:99:46:c7:81:61:39:76:45:26:95:47:
81:9d:87:90:8a:07:da:39:dd:bc:d8:dd:59:d6:53:
9c:9b:98:2b:82:3d:04:00:49:65:7f:c1:4a:d1:23:
c5:20:37:59:56:7e:45:af:c9:f5:42:b8:8b:33:97:
aa:0f:29:ed:4e:6a:7e:64:cc:28:a2:8d:7e:cb:5b:
01:d1:59:19:18:73:2d:b5:08:bb:30:4f:73:5e:9b:
7c:aa:e0:fc:e8:d5:74:3f:dc:c8:36:8d:bd:dc:a8:
96:9d:0c:06:26:38:03:65:b1:f3:9f:25:40:aa:05:
fa:da:9a:64:f0:26:9c:c9:12:a3:2f:a5:06:2f:8f:
e3:46:02:c1:f3:f1:e9:f7:7c:30:a8:13:e7:02:ea:
86:f8:d3:5f:35:d3:f6:e2:a8:36:c7:39:f9:7a:ce:
eb:91:e8:8d:e7:7b:4f:72:0f:1d:ec:f5:2a:35:d4:
58:4f:fa:2a:f2:67:b8:9e:d3:c2:2e:2d:a5:51:92:
d5:a8:5a:e8:a3:11:87:b6:b8:00:91:08:72:14:8e:
34:15:13:3a:e4:9e:68:13:c7:53:f8:be:1e:e8:8d:
61:0d:ae:92:c8:b6:a7:46:c7:e5:16:dd:54:08:8e:
62:90:cc:a0:39:32:55:02:b7:f5:76:7f:39:4f:c9:
fe:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:88:49:97:67:5A:34:27:B1:62:5C:93:75:C6:CB:DA:41:F3:7D:E5
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/QIhJl2daNCexYlyTdcbL2kHzfeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.234.0/24
43.242.136.0/24
43.242.138.0/24
45.151.140.0/24
77.111.96.0-77.111.100.255
77.111.102.0/23
77.111.105.0-77.111.106.255
89.106.2.0/24
94.229.209.0/24
94.229.213.0/24
94.229.222.0/24
103.41.44.0/22
103.102.133.0/24
124.158.112.0/24
194.36.33.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:39:ae:e5:e9:08:f8:07:0a:e9:4d:91:1a:bb:a2:63:6f:ca:
59:e7:4a:e6:af:70:46:0d:79:91:dc:6a:2c:3b:2c:15:b2:3e:
47:c1:4c:e9:1c:0e:46:86:34:b9:52:45:69:69:2d:c3:a6:03:
04:48:d4:83:37:91:e3:dd:97:2d:8a:83:99:fa:31:fa:da:4a:
66:7b:46:3d:82:6a:bf:10:e4:ce:d8:36:32:a4:dc:64:02:d0:
22:59:00:e6:9b:d3:7b:8b:aa:9e:a2:66:0e:5e:c1:ca:e8:ee:
7c:4e:01:53:d4:99:e7:59:25:1e:9b:c5:3f:f7:ba:a5:a6:4e:
a9:f1:91:e3:78:15:35:d2:68:a5:30:6b:10:b4:6b:74:1e:5c:
87:67:d4:94:91:cf:e0:c7:b9:2d:fb:44:57:10:86:ce:1f:47:
df:1c:09:07:8a:68:10:70:78:1c:53:35:c1:af:ee:c8:bc:d9:
e7:50:53:2d:c6:90:91:7e:7f:1e:4a:70:9d:84:c8:58:74:d8:
33:6a:1c:85:74:a3:83:da:8b:2d:31:cf:4a:cc:9d:97:52:9d:
af:fe:82:d1:a5:b9:07:0e:82:09:f4:bf:cd:3d:f1:14:2b:7c:
8e:9b:12:38:62:9a:2f:cf:d9:e0:3d:70:85:bf:0f:27:35:ed:
01:11:01:af
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZ6UNvVwOkYjC2V1TT/C0LHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwNjA0MTk1ODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDg4NDk5NzY3NWEzNDI3YjE2MjVjOTM3NWM2Y2JkYTQxZjM3ZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6+wmUbHgWE5dkUmlUeBnYeQigfa
Od282N1Z1lOcm5grgj0EAEllf8FK0SPFIDdZVn5Fr8n1QriLM5eqDyntTmp+ZMwo
oo1+y1sB0VkZGHMttQi7ME9zXpt8quD86NV0P9zINo293KiWnQwGJjgDZbHznyVA
qgX62ppk8CacyRKjL6UGL4/jRgLB8/Hp93wwqBPnAuqG+NNfNdP24qg2xzn5es7r
keiN53tPcg8d7PUqNdRYT/oq8me4ntPCLi2lUZLVqFrooxGHtrgAkQhyFI40FRM6
5J5oE8dT+L4e6I1hDa6SyLanRsflFt1UCI5ikMygOTJVArf1dn85T8n+bQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFECISZdnWjQnsWJck3XGy9pB833lMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvUUloSmwyZGFOQ2V4WWx5VGRjYkwya0h6ZmVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAA5m6gME
ACvyiAMEACvyigMEAC2XjDAMAwQFTW9gAwQATW9kAwQBTW9mMAwDBABNb2kDBABN
b2oDBABZagIDBABe5dEDBABe5dUDBABe5d4DBAJnKSwDBABnZoUDBAB8nnADBADC
JCEwDQYJKoZIhvcNAQELBQADggEBAKw5ruXpCPgHCulNkRq7omNvylnnSuavcEYN
eZHcaiw7LBWyPkfBTOkcDkaGNLlSRWlpLcOmAwRI1IM3kePdly2Kg5n6MfraSmZ7
Rj2Car8Q5M7YNjKk3GQC0CJZAOab03uLqp6iZg5ewcro7nxOAVPUmedZJR6bxT/3
uqWmTqnxkeN4FTXSaKUwaxC0a3QeXIdn1JSRz+DHuS37RFcQhs4fR98cCQeKaBBw
eBxTNcGv7si82edQUy3GkJF+fx5KcJ2EyFh02DNqHIV0o4Paiy0xz0rMnZdSna/+
gtGluQcOggn0v8098RQrfI6bEjhimi/P2eA9cIW/Dyc17QERAa8=
-----END CERTIFICATE-----
Generated at Fri Jun 26 21:04:29 2026 by rpki-client