Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/qpfZ671bmFYEoRjUwvbLliz7eGs.roa
File: qpfZ671bmFYEoRjUwvbLliz7eGs.roa (raw, json)
Hash identifier: 9+zu9my75EwJke8DDePuDcJrEJK3YzLJ7xwVoiy0WcI=
Subject key identifier: AA:97:D9:EB:BD:5B:98:56:04:A1:18:D4:C2:F6:CB:96:2C:FB:78:6B
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019A3D9C94322FF0BF0734F05EADB83854D4
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/qpfZ671bmFYEoRjUwvbLliz7eGs.roa
Signing time: Sat 01 Nov 2025 04:11:03 +0000
ROA not before: Sat 01 Nov 2025 04:11:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 14.102.226.0/23 maxlen: 24
45.151.143.0/24 maxlen: 24
74.112.152.0/22 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.102.0/23 maxlen: 24
77.111.105.0/24 maxlen: 24
77.111.108.0/24 maxlen: 24
94.229.213.0/24 maxlen: 24
94.229.214.0/24 maxlen: 24
94.229.219.0/24 maxlen: 24
103.41.44.0/23 maxlen: 24
205.237.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Nov 2025 18:16:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3d:9c:94:32:2f:f0:bf:07:34:f0:5e:ad:b8:38:54:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Nov 1 04:11:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa97d9ebbd5b985604a118d4c2f6cb962cfb786b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2d:af:23:b6:64:dc:96:92:81:c3:ec:98:8c:
7b:61:f1:50:38:06:a8:f3:f8:fb:cc:33:13:7c:28:
96:8f:34:b6:cf:cd:0f:cd:a9:57:a0:0e:bc:fd:c6:
a0:cc:18:4d:84:eb:f8:49:8a:dc:14:af:8a:9c:f3:
cf:78:18:12:08:af:29:fb:21:05:9f:58:75:69:61:
69:47:ca:81:e1:4f:d3:6d:f9:59:38:5a:f6:c3:82:
c0:77:db:ab:32:b9:57:02:7c:0f:27:de:17:71:0a:
54:08:f7:ad:b6:8e:8b:b4:d7:ed:02:f2:de:d6:be:
73:a2:3c:af:c5:34:fd:07:25:a8:97:bd:af:7f:ff:
83:5d:1e:eb:63:e0:71:2e:03:bf:70:7a:89:03:22:
0e:79:49:2d:c3:61:8c:09:3b:06:9e:ed:2a:01:43:
5f:f6:f4:45:37:2c:dc:db:b2:93:c5:c5:57:72:e8:
48:7b:87:85:f6:24:d3:8d:ec:bb:9a:e3:ae:b1:58:
81:99:f4:77:87:6a:77:a6:a3:27:35:59:b2:3d:fc:
21:48:c9:ec:99:f1:64:e2:40:61:85:29:d9:ab:cd:
3e:06:ed:5e:b7:f3:e8:69:57:fc:92:d8:76:f5:04:
ca:66:c5:96:01:24:24:45:f9:3d:78:b5:a0:6b:dc:
45:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:97:D9:EB:BD:5B:98:56:04:A1:18:D4:C2:F6:CB:96:2C:FB:78:6B
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/qpfZ671bmFYEoRjUwvbLliz7eGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/23
45.151.143.0/24
74.112.152.0/22
77.111.96.0/22
77.111.102.0/23
77.111.105.0/24
77.111.108.0/24
94.229.213.0-94.229.214.255
94.229.219.0/24
103.41.44.0/23
205.237.88.0/22
Signature Algorithm: sha256WithRSAEncryption
d1:af:5e:da:94:ee:b6:4a:2e:fb:b3:d8:c7:14:a8:cf:9f:f5:
f9:f1:cf:d3:cf:67:50:9f:36:d9:97:bc:91:94:56:19:44:21:
b0:ee:24:a2:39:e1:0c:01:d5:f3:16:bd:fe:f5:80:1e:ea:4a:
99:64:0e:21:3e:18:c2:32:0e:33:c2:3d:7b:a6:5d:39:ea:a1:
96:b1:c6:98:9d:2d:e8:eb:45:a7:89:0c:d0:a5:7a:e3:e0:1e:
1c:7d:d9:11:52:c3:be:82:48:90:49:45:32:d1:aa:40:8b:73:
c4:45:e7:b3:e3:73:c8:65:df:52:d6:5b:f1:ee:9a:fa:3e:b5:
e1:08:dc:8a:3e:5f:2c:8e:d9:45:4f:24:20:00:2d:34:4e:92:
8a:23:d9:a2:c7:69:6d:f2:c5:ff:0f:9d:4a:58:54:33:f9:3a:
6e:07:43:59:26:f7:df:3c:2a:fb:a7:95:b2:0a:f3:5b:83:7d:
68:96:ce:51:50:c0:cb:9a:2b:03:83:0d:21:8c:98:05:0e:74:
1c:e3:15:08:93:0d:5b:1b:29:26:7a:55:42:ff:42:25:f3:00:
eb:54:de:92:72:c8:33:d2:2f:3e:26:bc:38:27:1b:08:f7:6f:
94:cf:30:60:4c:20:f6:cb:35:56:23:ab:88:dc:8c:c2:27:00:
98:e0:c3:c7
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZo9nJQyL/C/BzTwXq24OFTUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUxMTAxMDQxMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTk3ZDllYmJkNWI5ODU2MDRhMTE4ZDRjMmY2Y2I5NjJjZmI3ODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvy2vI7Zk3JaSgcPsmIx7YfFQOAao
8/j7zDMTfCiWjzS2z80PzalXoA68/cagzBhNhOv4SYrcFK+KnPPPeBgSCK8p+yEF
n1h1aWFpR8qB4U/TbflZOFr2w4LAd9urMrlXAnwPJ94XcQpUCPetto6LtNftAvLe
1r5zojyvxTT9ByWol72vf/+DXR7rY+BxLgO/cHqJAyIOeUktw2GMCTsGnu0qAUNf
9vRFNyzc27KTxcVXcuhIe4eF9iTTjey7muOusViBmfR3h2p3pqMnNVmyPfwhSMns
mfFk4kBhhSnZq80+Bu1et/PoaVf8kth29QTKZsWWASQkRfk9eLWga9xFWQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFKqX2eu9W5hWBKEY1ML2y5Ys+3hrMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvcXBmWjY3MWJtRllFb1JqVXd2YkxsaXo3ZUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQBDmbiAwQA
LZePAwQCSnCYAwQCTW9gAwQBTW9mAwQATW9pAwQATW9sMAwDBABe5dUDBABe5dYD
BABe5dsDBAFnKSwDBALN7VgwDQYJKoZIhvcNAQELBQADggEBANGvXtqU7rZKLvuz
2McUqM+f9fnxz9PPZ1CfNtmXvJGUVhlEIbDuJKI54QwB1fMWvf71gB7qSplkDiE+
GMIyDjPCPXumXTnqoZaxxpidLejrRaeJDNCleuPgHhx92RFSw76CSJBJRTLRqkCL
c8RF57Pjc8hl31LWW/Humvo+teEI3Io+XyyO2UVPJCAALTROkooj2aLHaW3yxf8P
nUpYVDP5Om4HQ1km9988KvunlbIK81uDfWiWzlFQwMuaKwODDSGMmAUOdBzjFQiT
DVsbKSZ6VUL/QiXzAOtU3pJyyDPSLz4mvDgnGwj3b5TPMGBMIPbLNVYjq4jcjMIn
AJjgw8c=
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:02:58 2025 by rpki-client