Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/lrzLzAjnqYiBlqiMkYGwtjsdCAA.roa
File: lrzLzAjnqYiBlqiMkYGwtjsdCAA.roa (raw, json)
Hash identifier: CPf37TDdhi9+i5oW2LqUv9CJRwfJdhYZngfXam/Zjlo=
Subject key identifier: 96:BC:CB:CC:08:E7:A9:88:81:96:A8:8C:91:81:B0:B6:3B:1D:08:00
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01942220182292A6EB501494FDD5A03C89DA
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/lrzLzAjnqYiBlqiMkYGwtjsdCAA.roa
Signing time: Wed 01 Jan 2025 13:48:35 +0000
ROA not before: Wed 01 Jan 2025 13:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 148996
IP address blocks: 14.102.226.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 18:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:18:22:92:a6:eb:50:14:94:fd:d5:a0:3c:89:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jan 1 13:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=96bccbcc08e7a9888196a88c9181b0b63b1d0800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:55:fa:99:8a:1d:02:e8:ac:54:8f:68:5f:91:
32:d6:84:90:e0:cc:80:54:62:1c:93:c9:14:9a:66:
37:b9:af:31:82:b4:9b:df:a6:c2:4b:04:97:5e:e3:
59:d5:67:cf:c7:29:b6:83:2b:5a:a0:d0:39:64:a7:
c8:8c:e8:f4:f0:e7:6c:8c:ba:87:c4:df:1a:06:c0:
14:d7:57:e4:1b:33:37:0d:89:4a:e6:84:0c:7b:cb:
4d:ab:61:13:a8:44:71:9d:50:98:f5:1c:55:e4:d6:
fb:0a:18:c1:a5:93:cc:9a:66:85:d5:a9:b8:89:12:
e0:9b:79:ca:03:20:ee:70:64:91:9d:15:c6:8b:84:
46:a6:41:8f:30:4c:d8:7b:cc:d1:ca:0b:75:5c:6d:
d4:dc:f8:95:78:9b:f3:9e:fc:f1:ac:2c:77:cc:07:
d1:b3:f4:ee:f7:e4:fe:89:c2:a4:00:0b:09:ea:74:
ce:16:cf:40:7e:88:f0:ac:45:99:32:7d:b5:c2:4c:
52:c6:36:2f:68:a5:ab:18:d6:9e:9c:a8:da:da:24:
25:d7:09:80:ec:d8:cf:29:2f:1e:e1:70:35:ad:e0:
44:7c:17:fd:8b:4b:9d:9c:83:5a:6b:2a:93:32:1f:
60:db:54:43:64:ea:a8:c7:f6:37:0c:25:43:d3:41:
0a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:BC:CB:CC:08:E7:A9:88:81:96:A8:8C:91:81:B0:B6:3B:1D:08:00
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/lrzLzAjnqYiBlqiMkYGwtjsdCAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:33:89:b4:68:a0:f3:c0:00:23:35:70:bf:91:12:24:2a:34:
92:f1:30:bc:d1:59:a7:f7:60:34:93:d9:33:5c:61:0d:53:57:
03:95:56:80:64:eb:34:96:9e:45:4e:10:9e:1e:f5:a3:74:d6:
f3:3f:93:e7:f2:42:ac:9b:d4:5f:72:55:81:f8:48:c7:fb:d0:
e0:68:f9:f5:76:6f:c1:b3:6d:b2:fc:14:2b:76:1d:a9:8f:dc:
20:38:9e:c8:98:fd:e8:cb:f6:eb:43:1a:dc:a4:c3:a4:23:21:
c1:04:93:82:6a:f7:0a:53:c1:06:cd:88:ea:71:e8:b5:78:c3:
a6:86:9d:66:3f:c1:5f:cd:70:bc:83:49:7d:d0:f8:9b:1f:5e:
93:6e:b7:a3:e7:65:cd:3b:68:b6:fa:d1:5e:c5:46:00:5a:ec:
de:2a:d4:b1:11:bf:5e:c3:c4:7e:a3:b5:67:79:e4:0e:7a:29:
fc:31:01:81:d3:09:ed:9e:0c:98:84:a0:ed:e9:2a:a4:2c:b8:
d4:d5:64:07:39:bc:5a:67:cc:75:c9:95:b5:13:3f:48:4f:4f:
e7:02:9d:63:d3:d1:8f:5c:ee:e6:c5:3e:68:f3:b8:41:30:06:
48:9f:bb:59:30:c9:a7:5d:22:2c:1f:7f:3e:19:10:a8:51:c8:
b0:9b:6b:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBgikqbrUBSU/dWgPInaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwMTAxMTM0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmJjY2JjYzA4ZTdhOTg4ODE5NmE4OGM5MTgxYjBiNjNiMWQwODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVX6mYodAuisVI9oX5Ey1oSQ4MyA
VGIck8kUmmY3ua8xgrSb36bCSwSXXuNZ1WfPxym2gytaoNA5ZKfIjOj08OdsjLqH
xN8aBsAU11fkGzM3DYlK5oQMe8tNq2ETqERxnVCY9RxV5Nb7ChjBpZPMmmaF1am4
iRLgm3nKAyDucGSRnRXGi4RGpkGPMEzYe8zRygt1XG3U3PiVeJvznvzxrCx3zAfR
s/Tu9+T+icKkAAsJ6nTOFs9AfojwrEWZMn21wkxSxjYvaKWrGNaenKja2iQl1wmA
7NjPKS8e4XA1reBEfBf9i0udnINaayqTMh9g21RDZOqox/Y3DCVD00EKTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJa8y8wI56mIgZaojJGBsLY7HQgAMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvbHJ6THpBam5xWWlCbHFpTWtZR3d0anNkQ0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBDmbiMA0G
CSqGSIb3DQEBCwUAA4IBAQCwM4m0aKDzwAAjNXC/kRIkKjSS8TC80Vmn92A0k9kz
XGENU1cDlVaAZOs0lp5FThCeHvWjdNbzP5Pn8kKsm9RfclWB+EjH+9DgaPn1dm/B
s22y/BQrdh2pj9wgOJ7ImP3oy/brQxrcpMOkIyHBBJOCavcKU8EGzYjqcei1eMOm
hp1mP8FfzXC8g0l90PibH16Tbrej52XNO2i2+tFexUYAWuzeKtSxEb9ew8R+o7Vn
eeQOein8MQGB0wntngyYhKDt6SqkLLjU1WQHObxaZ8x1yZW1Ez9IT0/nAp1j09GP
XO7mxT5o87hBMAZIn7tZMMmnXSIsH38+GRCoUciwm2sM
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:57 2025 by rpki-client