Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/q8cbeoF_BVfwkKf2PBELGSkcxOQ.roa
File: q8cbeoF_BVfwkKf2PBELGSkcxOQ.roa (raw, json)
Hash identifier: lA5vymoefloSnffo/CDgHQB2yg149Jma5kcaV1xSWbc=
Subject key identifier: AB:C7:1B:7A:81:7F:05:57:F0:90:A7:F6:3C:11:0B:19:29:1C:C4:E4
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0194222018F1EBBE69BEA03662AD73722AB4
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/q8cbeoF_BVfwkKf2PBELGSkcxOQ.roa
Signing time: Wed 01 Jan 2025 13:48:36 +0000
ROA not before: Wed 01 Jan 2025 13:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 152179
IP address blocks: 14.102.226.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 15 Jan 2025 18:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:18:f1:eb:be:69:be:a0:36:62:ad:73:72:2a:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jan 1 13:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=abc71b7a817f0557f090a7f63c110b19291cc4e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:cc:a3:87:0f:9f:76:9b:25:17:97:37:1c:fc:
66:f1:2d:8b:ff:24:3c:8a:3b:3e:93:eb:71:e9:0c:
56:e1:65:04:d9:41:a8:ad:74:6c:df:07:08:91:cf:
d6:b5:e6:da:d0:f8:b1:11:08:d7:45:2d:6f:1d:15:
9f:96:22:61:33:57:1c:1f:4c:e5:59:7e:c9:03:1f:
9f:4e:fc:16:a2:f7:17:30:96:70:6d:1c:64:1d:2f:
5c:c7:46:1d:37:41:41:7c:ee:1e:98:49:80:28:ef:
62:b6:56:b7:07:bd:bb:a9:f6:a7:6a:e0:03:58:79:
60:6f:33:cb:a7:90:d4:00:ea:a7:2f:08:11:49:4c:
43:6e:ff:37:16:c9:00:c7:80:ed:3f:ad:08:21:40:
17:86:82:35:54:c2:57:77:d4:13:07:8d:2a:09:65:
d3:c1:fd:42:b1:4e:5d:60:11:45:c9:a3:1c:e1:bd:
10:5e:90:ae:5f:3f:33:bd:7c:ca:39:7c:c7:3b:a0:
de:e2:8a:1b:ae:e9:85:74:70:56:b6:e3:18:44:bf:
2d:1c:a2:41:fa:2d:4b:c3:06:ca:8e:16:24:53:6d:
d1:bb:c9:4a:4e:05:3d:d3:21:82:51:90:03:4d:ed:
77:15:b2:cd:3f:50:e9:cf:c6:e6:e9:e8:7f:7e:2d:
f0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:C7:1B:7A:81:7F:05:57:F0:90:A7:F6:3C:11:0B:19:29:1C:C4:E4
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/q8cbeoF_BVfwkKf2PBELGSkcxOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/23
Signature Algorithm: sha256WithRSAEncryption
dd:ac:88:1e:7b:6f:76:ec:69:a6:86:5e:19:9b:e3:96:aa:12:
fc:e2:5f:c0:c9:da:10:6d:d8:d0:92:cb:7b:1e:43:22:cb:04:
e9:e2:4d:04:a2:b9:f4:ed:d5:e9:32:4b:e8:26:17:d6:ca:8b:
1b:a7:50:c7:d7:45:70:63:ac:da:a3:12:1d:7f:69:8f:90:ba:
ac:0e:90:15:15:66:30:fa:dd:d6:18:1b:d5:a9:3d:34:1b:a2:
8f:f4:14:70:b8:2c:9f:25:3f:29:68:31:b6:d9:96:e1:ea:90:
11:d6:1d:20:9e:91:64:4e:43:2f:49:aa:d0:0d:4f:9d:77:09:
61:7d:ce:37:00:9f:c6:d7:04:33:47:20:cf:07:a1:3a:3d:bc:
0b:fe:66:43:eb:23:d3:37:da:90:6d:95:7d:61:98:b5:0c:71:
6e:fe:ee:4b:23:08:b3:e3:42:28:24:d7:d9:41:d2:24:cd:c5:
c5:e5:28:2f:a5:7c:41:25:95:96:80:d1:13:51:54:24:91:e4:
2d:eb:c7:f4:e1:bc:cc:13:9f:35:80:ef:41:11:b9:e5:46:b9:
81:08:bd:77:79:1b:72:00:78:04:aa:ab:01:30:b3:d4:9f:72:
f8:67:a6:01:88:11:22:b0:f6:e7:88:13:77:02:9e:0b:96:79:
40:a4:d7:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiIBjx675pvqA2Yq1zciq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwMTAxMTM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmM3MWI3YTgxN2YwNTU3ZjA5MGE3ZjYzYzExMGIxOTI5MWNjNGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcyjhw+fdpslF5c3HPxm8S2L/yQ8
ijs+k+tx6QxW4WUE2UGorXRs3wcIkc/Wteba0PixEQjXRS1vHRWfliJhM1ccH0zl
WX7JAx+fTvwWovcXMJZwbRxkHS9cx0YdN0FBfO4emEmAKO9itla3B727qfanauAD
WHlgbzPLp5DUAOqnLwgRSUxDbv83FskAx4DtP60IIUAXhoI1VMJXd9QTB40qCWXT
wf1CsU5dYBFFyaMc4b0QXpCuXz8zvXzKOXzHO6De4oobrumFdHBWtuMYRL8tHKJB
+i1LwwbKjhYkU23Ru8lKTgU90yGCUZADTe13FbLNP1Dpz8bm6eh/fi3w5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKvHG3qBfwVX8JCn9jwRCxkpHMTkMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvcThjYmVvRl9CVmZ3a0tmMlBCRUxHU2tjeE9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBDmbiMA0G
CSqGSIb3DQEBCwUAA4IBAQDdrIgee2927Gmmhl4Zm+OWqhL84l/AydoQbdjQkst7
HkMiywTp4k0Eorn07dXpMkvoJhfWyosbp1DH10VwY6zaoxIdf2mPkLqsDpAVFWYw
+t3WGBvVqT00G6KP9BRwuCyfJT8paDG22Zbh6pAR1h0gnpFkTkMvSarQDU+ddwlh
fc43AJ/G1wQzRyDPB6E6PbwL/mZD6yPTN9qQbZV9YZi1DHFu/u5LIwiz40IoJNfZ
QdIkzcXF5SgvpXxBJZWWgNETUVQkkeQt68f04bzME581gO9BEbnlRrmBCL13eRty
AHgEqqsBMLPUn3L4Z6YBiBEisPbniBN3Ap4LlnlApNde
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:27 2025 by rpki-client