Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/1kMzfPFi0G0CMbk2X38hctz3QfY.roa
File: 1kMzfPFi0G0CMbk2X38hctz3QfY.roa (raw, json)
Hash identifier: JKPuiIhLAteeW6Cy2tMCxEN5faYm9GL77luk4OvkBQY=
Subject key identifier: D6:43:33:7C:F1:62:D0:6D:02:31:B9:36:5F:7F:21:72:DC:F7:41:F6
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019736BD7F4B828DB851CDBB5B88D3946C2B
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/1kMzfPFi0G0CMbk2X38hctz3QfY.roa
Signing time: Tue 03 Jun 2025 17:01:17 +0000
ROA not before: Tue 03 Jun 2025 17:01:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 74.112.152.0/22 maxlen: 24
205.237.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Jun 2025 18:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:36:bd:7f:4b:82:8d:b8:51:cd:bb:5b:88:d3:94:6c:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 3 17:01:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d643337cf162d06d0231b9365f7f2172dcf741f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:37:56:86:35:cb:e2:b0:06:79:41:ff:e4:67:
36:ac:3a:da:a8:d1:da:14:ef:98:64:70:69:f2:ca:
48:b9:8a:61:a5:db:2e:93:82:32:90:27:60:a4:8e:
e6:cb:59:a9:42:60:8e:f7:27:89:d0:75:b7:52:8e:
be:4e:56:e9:68:90:e7:ca:26:7c:50:ee:81:d6:20:
05:cf:ac:ca:52:c2:38:17:20:c8:6e:70:dd:8c:d3:
91:9a:f7:fd:00:5e:a1:c1:14:cd:62:11:97:65:91:
bc:5e:02:21:ec:47:cb:d9:4e:43:e0:8a:3a:07:7c:
19:2d:9c:20:1c:77:2a:fc:e9:c3:f7:ee:d9:77:07:
a9:e9:9f:fc:b6:a3:d1:98:eb:b5:25:ad:d2:eb:59:
80:2b:51:a0:e1:f8:56:a5:02:ed:66:dd:c2:60:86:
3c:97:ee:3b:49:0c:d1:5a:a8:0a:ed:8e:b6:71:0e:
70:50:3c:dc:fb:39:e8:0b:76:a6:dd:38:c2:fb:38:
fc:38:47:21:2e:f7:74:6e:6b:26:e4:a0:a2:8e:a1:
62:db:03:ab:d2:23:78:83:b3:c7:cd:41:19:1b:72:
18:8b:b5:11:cd:28:81:e7:03:f7:4d:75:30:5b:c9:
a7:8f:5c:53:65:f9:a6:c4:f1:77:71:7a:a6:b7:bd:
f8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:43:33:7C:F1:62:D0:6D:02:31:B9:36:5F:7F:21:72:DC:F7:41:F6
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/1kMzfPFi0G0CMbk2X38hctz3QfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
74.112.152.0/22
205.237.88.0/22
Signature Algorithm: sha256WithRSAEncryption
11:b9:4b:74:b5:1a:af:76:9a:80:33:da:53:89:31:9d:b3:d3:
2f:9c:50:1f:eb:f5:ad:48:28:83:06:23:4e:1c:0f:f0:9a:f6:
1f:4e:53:ac:d7:96:10:0c:24:c1:64:70:89:6b:da:b2:82:9d:
90:e6:c5:ba:f4:a6:34:e6:f1:45:e1:1e:5a:c1:31:25:9c:4a:
e0:00:5c:99:27:7a:cb:a6:d6:ae:b4:22:10:a3:58:e7:21:05:
9a:31:c2:e0:49:2e:1a:74:2c:f4:ea:28:2b:97:4b:32:23:11:
10:4e:9f:1e:96:0d:36:8a:c8:d7:84:78:af:31:33:b6:e9:76:
ed:87:7a:80:20:ce:05:53:27:3b:bb:ae:2f:05:bd:fe:3b:2d:
84:94:45:6e:fd:47:89:2c:12:6a:71:a4:69:c2:bb:10:b7:62:
5a:48:4a:7f:66:3b:2a:38:61:49:40:63:dd:10:6a:da:49:fa:
e1:29:0a:65:9b:7a:06:86:17:b4:00:98:05:bd:87:11:26:5d:
21:1b:13:f9:64:80:4a:53:a4:7b:98:9f:e9:d1:dc:c2:3b:a7:
32:49:ed:c0:3c:87:93:ad:c0:48:b6:67:14:de:aa:24:7a:fe:
dc:5b:ba:6e:09:bf:63:86:9c:e4:d2:e5:79:96:af:b0:67:8d:
ba:2f:75:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZc2vX9Lgo24Uc27W4jTlGwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwNjAzMTcwMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQzMzM3Y2YxNjJkMDZkMDIzMWI5MzY1ZjdmMjE3MmRjZjc0MWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzdWhjXL4rAGeUH/5Gc2rDraqNHa
FO+YZHBp8spIuYphpdsuk4IykCdgpI7my1mpQmCO9yeJ0HW3Uo6+TlbpaJDnyiZ8
UO6B1iAFz6zKUsI4FyDIbnDdjNORmvf9AF6hwRTNYhGXZZG8XgIh7EfL2U5D4Io6
B3wZLZwgHHcq/OnD9+7Zdwep6Z/8tqPRmOu1Ja3S61mAK1Gg4fhWpQLtZt3CYIY8
l+47SQzRWqgK7Y62cQ5wUDzc+znoC3am3TjC+zj8OEchLvd0bmsm5KCijqFi2wOr
0iN4g7PHzUEZG3IYi7URzSiB5wP3TXUwW8mnj1xTZfmmxPF3cXqmt734zQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNZDM3zxYtBtAjG5Nl9/IXLc90H2MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvMWtNemZQRmkwRzBDTWJrMlgzOGhjdHozUWZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCSnCYAwQC
ze1YMA0GCSqGSIb3DQEBCwUAA4IBAQARuUt0tRqvdpqAM9pTiTGds9MvnFAf6/Wt
SCiDBiNOHA/wmvYfTlOs15YQDCTBZHCJa9qygp2Q5sW69KY05vFF4R5awTElnErg
AFyZJ3rLptautCIQo1jnIQWaMcLgSS4adCz06igrl0syIxEQTp8elg02isjXhHiv
MTO26Xbth3qAIM4FUyc7u64vBb3+Oy2ElEVu/UeJLBJqcaRpwrsQt2JaSEp/Zjsq
OGFJQGPdEGraSfrhKQplm3oGhhe0AJgFvYcRJl0hGxP5ZIBKU6R7mJ/p0dzCO6cy
Se3APIeTrcBItmcU3qokev7cW7puCb9jhpzk0uV5lq+wZ426L3Vw
-----END CERTIFICATE-----
Generated at Tue Jun 17 15:09:27 2025 by rpki-client