Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/gwzfPF6WpsFfcrHfQb-4jXGCS6w.roa
File: gwzfPF6WpsFfcrHfQb-4jXGCS6w.roa (raw, json)
Hash identifier: flUhGXbc2qQzUkqoFec0wCnmT1FKeNixzryAIMmUy8M=
Subject key identifier: 83:0C:DF:3C:5E:96:A6:C1:5F:72:B1:DF:41:BF:B8:8D:71:82:4B:AC
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0193F52E7E27FFA8FB702936B86DC4441F6E
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/gwzfPF6WpsFfcrHfQb-4jXGCS6w.roa
Signing time: Mon 23 Dec 2024 20:21:25 +0000
ROA not before: Mon 23 Dec 2024 20:21:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 14.102.232.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
94.229.210.0/24 maxlen: 24
94.229.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Dec 2024 03:45:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f5:2e:7e:27:ff:a8:fb:70:29:36:b8:6d:c4:44:1f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Dec 23 20:21:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=830cdf3c5e96a6c15f72b1df41bfb88d71824bac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:35:bb:ad:f6:90:78:1a:b9:54:14:02:91:46:
55:17:38:d3:fa:d1:06:f8:ca:7a:69:c4:f8:e7:a0:
23:8c:ed:8c:1f:34:41:3b:94:2c:a9:fa:0e:72:b9:
54:d1:c8:53:68:d4:13:cc:70:40:d5:08:61:66:4d:
78:08:e2:93:c8:27:c4:19:e9:b7:00:82:a6:83:09:
8f:79:bf:b8:92:2e:15:5e:cb:3c:e1:a9:9e:b5:4c:
b5:60:48:21:fb:f7:f0:da:9e:7f:a2:4e:81:89:ff:
a9:bf:a8:ff:80:f2:4e:a3:0f:93:31:f7:8a:42:4e:
b4:14:94:2b:10:dc:03:8c:53:ee:eb:05:e9:78:04:
46:41:f6:c7:e9:c4:eb:60:17:fe:d2:00:29:c3:42:
d0:9c:59:17:1c:89:63:b8:30:f8:2a:1e:83:be:4e:
00:96:66:9b:3a:7e:c4:b0:30:92:68:a0:1b:18:7a:
f3:e7:1c:9d:72:1c:0c:46:8b:55:0c:22:ce:59:09:
d5:42:22:dc:26:41:fb:2d:8b:04:76:74:95:45:21:
76:8b:88:86:5a:99:8e:5a:f7:25:79:fc:a9:0f:18:
04:4c:ae:97:78:da:8d:da:b3:25:7b:fd:eb:19:40:
79:76:46:b9:07:6b:35:ee:94:c9:01:97:bd:1e:fc:
98:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:0C:DF:3C:5E:96:A6:C1:5F:72:B1:DF:41:BF:B8:8D:71:82:4B:AC
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/gwzfPF6WpsFfcrHfQb-4jXGCS6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.232.0/24
77.111.96.0/22
94.229.210.0/24
94.229.212.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:0e:7b:a7:8c:ec:48:55:69:5e:f5:48:83:6d:42:5f:32:35:
67:31:96:be:79:24:d3:d3:fc:f5:e8:5d:28:eb:92:9e:3f:20:
b0:8d:19:43:54:e9:7a:74:fd:b4:39:70:92:27:1f:10:07:5d:
b2:61:8b:d5:42:98:78:01:c5:36:b0:80:5f:12:b7:8a:9a:4e:
75:96:3c:7a:24:66:ee:fe:34:a4:0f:87:b5:41:2f:08:a1:38:
d8:85:bb:76:40:7e:7c:8f:bc:c1:d4:0a:4d:72:b1:2c:82:37:
80:60:4c:e2:d6:dd:b2:39:23:15:34:24:44:34:c4:6e:9c:7c:
36:39:6c:4b:eb:60:7c:e1:6e:4d:cf:74:95:0a:73:6b:df:bf:
d0:90:2f:49:05:cb:ba:18:b0:92:4a:8d:b5:2a:70:99:79:a1:
16:06:f2:be:e6:f0:b9:15:19:52:1a:64:bf:e0:97:c0:72:78:
d4:12:db:69:75:22:64:db:aa:3f:1a:c7:19:9d:f8:9e:c2:e5:
e3:36:f4:52:a0:55:87:8a:36:15:0a:cc:73:dd:2c:74:1d:a0:
33:c7:b7:16:66:8e:b3:8d:a1:e7:bb:f5:bf:2a:e0:3b:b4:63:
c5:65:35:02:c7:4c:69:c5:84:a8:fe:b7:d8:6c:5c:81:a3:c7:
ac:8c:b6:bd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZP1Ln4n/6j7cCk2uG3ERB9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQxMjIzMjAyMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzBjZGYzYzVlOTZhNmMxNWY3MmIxZGY0MWJmYjg4ZDcxODI0YmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjW7rfaQeBq5VBQCkUZVFzjT+tEG
+Mp6acT456AjjO2MHzRBO5QsqfoOcrlU0chTaNQTzHBA1QhhZk14COKTyCfEGem3
AIKmgwmPeb+4ki4VXss84ametUy1YEgh+/fw2p5/ok6Bif+pv6j/gPJOow+TMfeK
Qk60FJQrENwDjFPu6wXpeARGQfbH6cTrYBf+0gApw0LQnFkXHIljuDD4Kh6Dvk4A
lmabOn7EsDCSaKAbGHrz5xydchwMRotVDCLOWQnVQiLcJkH7LYsEdnSVRSF2i4iG
WpmOWvclefypDxgETK6XeNqN2rMle/3rGUB5dka5B2s17pTJAZe9HvyYuQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIMM3zxelqbBX3Kx30G/uI1xgkusMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvZ3d6ZlBGNldwc0ZmY3JIZlFiLTRqWEdDUzZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQADmboAwQC
TW9gAwQAXuXSAwQAXuXUMA0GCSqGSIb3DQEBCwUAA4IBAQDLDnunjOxIVWle9UiD
bUJfMjVnMZa+eSTT0/z16F0o65KePyCwjRlDVOl6dP20OXCSJx8QB12yYYvVQph4
AcU2sIBfEreKmk51ljx6JGbu/jSkD4e1QS8IoTjYhbt2QH58j7zB1ApNcrEsgjeA
YEzi1t2yOSMVNCRENMRunHw2OWxL62B84W5Nz3SVCnNr37/QkC9JBcu6GLCSSo21
KnCZeaEWBvK+5vC5FRlSGmS/4JfAcnjUEttpdSJk26o/GscZnfiewuXjNvRSoFWH
ijYVCsxz3Sx0HaAzx7cWZo6zjaHnu/W/KuA7tGPFZTUCx0xpxYSo/rfYbFyBo8es
jLa9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:33 2025 by rpki-client