Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ekkiWDPmjpLGG13vEkjZosSWwUk.roa
File: ekkiWDPmjpLGG13vEkjZosSWwUk.roa (raw, json)
Hash identifier: N6lW3MOarIw5JUASj4qDnZE/7Zyzep4UViWQN/xRdmA=
Subject key identifier: 7A:49:22:58:33:E6:8E:92:C6:1B:5D:EF:12:48:D9:A2:C4:96:C1:49
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019637FCB4ED9510B6E4CB081C014FCD62D3
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ekkiWDPmjpLGG13vEkjZosSWwUk.roa
Signing time: Tue 15 Apr 2025 05:47:10 +0000
ROA not before: Tue 15 Apr 2025 05:47:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 109.122.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Apr 2025 07:15:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:37:fc:b4:ed:95:10:b6:e4:cb:08:1c:01:4f:cd:62:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Apr 15 05:47:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a49225833e68e92c61b5def1248d9a2c496c149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2d:53:6f:cc:30:c5:f5:83:b7:56:79:8d:2c:
22:59:c5:ff:db:16:e4:ac:d2:99:26:2c:22:bf:c0:
ed:70:3c:d7:7f:22:7a:3f:da:44:ef:90:01:19:55:
a6:ff:51:d1:e3:5d:42:e5:0f:08:12:df:f6:27:a3:
f4:56:a4:88:28:42:2d:a2:a4:25:fc:21:10:5c:5e:
cc:f8:8c:f1:dd:f0:4d:5d:21:fb:67:00:e2:73:bc:
1b:4d:02:f1:92:84:7c:64:42:a4:55:8e:31:26:b9:
32:16:a9:80:26:7c:80:f0:db:3f:53:01:50:37:29:
99:28:e9:ba:a9:8e:be:c6:78:39:c8:5b:33:48:8c:
68:af:b0:1f:22:bb:05:1f:ab:6a:56:31:9f:3e:0a:
c9:25:82:6d:4f:91:b1:4b:ae:47:ca:93:62:8d:04:
60:5d:a6:45:51:77:9b:ce:d9:64:9f:13:fc:2c:49:
b2:d9:53:02:12:63:82:bd:67:15:b2:55:b4:aa:b1:
da:40:e7:40:9f:57:b0:c6:9b:8a:e0:72:6c:c2:7b:
8d:c4:a1:c1:83:9b:89:38:eb:5c:ff:5a:52:58:63:
23:6c:cd:7c:77:c4:c1:e6:4a:b4:1e:08:cd:10:9c:
d3:7e:a7:d0:dc:43:91:45:e4:de:86:7e:bc:31:ed:
1f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:49:22:58:33:E6:8E:92:C6:1B:5D:EF:12:48:D9:A2:C4:96:C1:49
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ekkiWDPmjpLGG13vEkjZosSWwUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.42.0/24
Signature Algorithm: sha256WithRSAEncryption
53:4e:b6:61:90:45:13:3d:a0:b4:51:41:11:43:dd:1c:20:a5:
be:29:25:b0:33:ae:c6:a1:53:22:80:74:71:d7:cb:91:8c:31:
09:d7:f4:92:22:45:a5:7a:12:2b:a8:5e:c8:75:85:f0:47:6c:
dd:84:c7:ca:83:0a:9d:5b:f2:00:01:69:1d:cb:b0:34:72:d6:
23:50:05:8f:ba:0e:11:14:86:49:28:99:65:2e:28:7b:cb:ad:
5e:77:05:49:0e:90:4e:b1:35:f4:b3:e0:b2:a1:0b:0a:16:76:
e1:42:f6:ec:8c:3d:10:d5:5a:21:36:1e:51:61:5b:82:06:85:
1f:fa:9d:ed:a3:a2:f2:ff:18:1b:a5:e1:c6:9c:4c:14:f2:d3:
17:a7:05:60:dc:59:77:6e:d5:11:7c:44:8a:86:3c:18:82:98:
1b:96:54:7e:f6:cc:f4:2a:f1:09:f6:1b:f0:c7:78:6b:2b:7b:
67:f1:59:4d:0f:86:21:1c:00:73:89:c0:77:af:d7:58:91:7a:
01:9f:2a:ef:4d:2e:a4:eb:55:68:1f:4d:98:1f:ac:44:1d:d3:
0a:1e:91:a4:55:ac:43:ea:f7:42:17:72:a7:0c:20:b0:64:19:
82:1f:65:e7:8a:e2:af:6c:08:4a:3a:cd:d9:9a:c3:86:e1:8e:
b5:f4:c5:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZY3/LTtlRC25MsIHAFPzWLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwNDE1MDU0NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTQ5MjI1ODMzZTY4ZTkyYzYxYjVkZWYxMjQ4ZDlhMmM0OTZjMTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqi1Tb8wwxfWDt1Z5jSwiWcX/2xbk
rNKZJiwiv8DtcDzXfyJ6P9pE75ABGVWm/1HR411C5Q8IEt/2J6P0VqSIKEItoqQl
/CEQXF7M+Izx3fBNXSH7ZwDic7wbTQLxkoR8ZEKkVY4xJrkyFqmAJnyA8Ns/UwFQ
NymZKOm6qY6+xng5yFszSIxor7AfIrsFH6tqVjGfPgrJJYJtT5GxS65HypNijQRg
XaZFUXebztlknxP8LEmy2VMCEmOCvWcVslW0qrHaQOdAn1ewxpuK4HJswnuNxKHB
g5uJOOtc/1pSWGMjbM18d8TB5kq0HgjNEJzTfqfQ3EORReTehn68Me0f+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHpJIlgz5o6Sxhtd7xJI2aLElsFJMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvZWtraVdEUG1qcExHRzEzdkVralpvc1NXd1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXoqMA0G
CSqGSIb3DQEBCwUAA4IBAQBTTrZhkEUTPaC0UUERQ90cIKW+KSWwM67GoVMigHRx
18uRjDEJ1/SSIkWlehIrqF7IdYXwR2zdhMfKgwqdW/IAAWkdy7A0ctYjUAWPug4R
FIZJKJllLih7y61edwVJDpBOsTX0s+CyoQsKFnbhQvbsjD0Q1VohNh5RYVuCBoUf
+p3to6Ly/xgbpeHGnEwU8tMXpwVg3Fl3btURfESKhjwYgpgbllR+9sz0KvEJ9hvw
x3hrK3tn8VlND4YhHABzicB3r9dYkXoBnyrvTS6k61VoH02YH6xEHdMKHpGkVaxD
6vdCF3KnDCCwZBmCH2XniuKvbAhKOs3ZmsOG4Y619MWG
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:02:33 2025 by rpki-client