Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/YOgknI7L16nr2_qDvo_nNB341Q4.roa
File: YOgknI7L16nr2_qDvo_nNB341Q4.roa (raw, json)
Hash identifier: 7zddBY7PeXEFdARGUz/Cpw6cBqCRXubXWdvpQnY2ahg=
Subject key identifier: 60:E8:24:9C:8E:CB:D7:A9:EB:DB:FA:83:BE:8F:E7:34:1D:F8:D5:0E
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018CF96A46A274A5204BD79EEA2AF09387FD
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/YOgknI7L16nr2_qDvo_nNB341Q4.roa
Signing time: Thu 11 Jan 2024 16:45:40 +0000
ROA not before: Thu 11 Jan 2024 16:45:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 14.102.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 11 Feb 2024 16:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f9:6a:46:a2:74:a5:20:4b:d7:9e:ea:2a:f0:93:87:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jan 11 16:45:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60e8249c8ecbd7a9ebdbfa83be8fe7341df8d50e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:2b:8d:18:22:66:c1:ec:0d:7b:ec:50:38:3e:
2b:ab:a6:28:06:f9:02:83:f9:96:f6:b2:2e:dc:9c:
7d:9c:e3:a1:3d:48:18:6d:b5:d8:d4:6a:35:69:c1:
94:f9:e7:dc:19:f1:a6:83:a2:1c:58:e3:8c:a8:78:
1f:d9:ee:b5:65:cc:88:76:16:26:dc:3a:c9:70:73:
8d:63:54:2d:4a:8d:74:a3:a8:f7:9b:b5:f3:fa:62:
18:62:bb:05:ea:da:02:48:2e:5f:85:8a:ca:9b:31:
86:dd:52:87:34:ea:e7:53:c8:89:59:0e:18:ba:7b:
f9:b0:0f:0a:03:84:72:a0:dd:ad:c6:9a:46:35:92:
98:cf:04:05:81:01:d3:41:5e:20:25:7d:3b:8b:b5:
bc:f1:2a:53:19:a1:07:6a:d3:ae:ed:68:d6:ca:08:
c8:1e:11:21:87:d9:ee:91:7d:c4:49:59:a5:54:9f:
c6:50:26:b4:4b:72:25:61:6d:0a:c7:47:bf:35:56:
2f:b5:88:41:b4:f1:ef:74:52:51:f8:f6:2b:f4:8a:
e9:07:a1:3f:3d:fe:f6:7b:ab:c4:3c:96:0f:f1:fe:
32:90:15:7b:06:36:97:fa:be:8a:c4:b6:74:59:d3:
17:2f:5b:e5:17:65:19:4e:d6:08:da:77:65:74:f5:
ac:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:E8:24:9C:8E:CB:D7:A9:EB:DB:FA:83:BE:8F:E7:34:1D:F8:D5:0E
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/YOgknI7L16nr2_qDvo_nNB341Q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.232.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:0c:53:1e:59:cb:d9:7b:13:01:4a:9b:b6:1b:93:f7:30:4f:
37:94:be:6f:c9:7e:79:77:03:54:5f:72:7f:00:40:c7:43:08:
6a:ef:4c:13:a2:a1:5c:1d:fa:2a:1c:7a:ee:40:a9:22:30:3c:
08:d3:aa:85:2c:2f:ec:f0:2a:69:98:af:1c:95:e3:eb:2f:ea:
eb:99:40:9e:fe:5d:7e:77:38:b5:9e:eb:50:52:d5:c3:bc:e5:
a7:19:3d:cd:38:31:d0:6a:b6:25:de:15:d9:3c:74:fc:92:6c:
0f:9b:67:8a:5a:1d:e9:86:8a:23:2c:14:e9:d9:ba:af:9b:27:
f8:3e:be:04:0a:6e:40:c1:64:7c:a0:15:d5:e3:9d:ac:ef:bc:
e4:8e:07:ec:6e:f7:d0:ac:c0:b8:dc:53:96:5b:0f:f4:60:eb:
a2:ae:35:91:71:39:a7:ce:64:0d:5c:29:0c:c1:75:a6:0a:16:
5c:ca:d5:c8:f2:4a:fa:b6:8c:93:b5:cd:8c:ee:82:5f:02:12:
46:26:86:25:bf:c5:6d:2f:c8:5a:ea:61:86:40:18:c2:82:2d:
94:7c:14:65:e1:00:ac:e0:57:fe:b4:08:9e:65:7d:53:e0:13:
ff:71:8e:48:92:02:db:00:61:09:75:eb:6b:ad:bc:6a:36:42:
73:30:81:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYz5akaidKUgS9ee6irwk4f9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwMTExMTY0NTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGU4MjQ5YzhlY2JkN2E5ZWJkYmZhODNiZThmZTczNDFkZjhkNTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyuNGCJmwewNe+xQOD4rq6YoBvkC
g/mW9rIu3Jx9nOOhPUgYbbXY1Go1acGU+efcGfGmg6IcWOOMqHgf2e61ZcyIdhYm
3DrJcHONY1QtSo10o6j3m7Xz+mIYYrsF6toCSC5fhYrKmzGG3VKHNOrnU8iJWQ4Y
unv5sA8KA4RyoN2txppGNZKYzwQFgQHTQV4gJX07i7W88SpTGaEHatOu7WjWygjI
HhEhh9nukX3ESVmlVJ/GUCa0S3IlYW0Kx0e/NVYvtYhBtPHvdFJR+PYr9IrpB6E/
Pf72e6vEPJYP8f4ykBV7BjaX+r6KxLZ0WdMXL1vlF2UZTtYI2ndldPWsXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGDoJJyOy9ep69v6g76P5zQd+NUOMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvWU9na25JN0wxNm5yMl9xRHZvX25OQjM0MVE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQADmboMA0G
CSqGSIb3DQEBCwUAA4IBAQDYDFMeWcvZexMBSpu2G5P3ME83lL5vyX55dwNUX3J/
AEDHQwhq70wToqFcHfoqHHruQKkiMDwI06qFLC/s8CppmK8clePrL+rrmUCe/l1+
dzi1nutQUtXDvOWnGT3NODHQarYl3hXZPHT8kmwPm2eKWh3phoojLBTp2bqvmyf4
Pr4ECm5AwWR8oBXV452s77zkjgfsbvfQrMC43FOWWw/0YOuirjWRcTmnzmQNXCkM
wXWmChZcytXI8kr6toyTtc2M7oJfAhJGJoYlv8VtL8ha6mGGQBjCgi2UfBRl4QCs
4Ff+tAieZX1T4BP/cY5IkgLbAGEJdetrrbxqNkJzMIFX
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:38 2025 by rpki-client