Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5aXqmlnXDrTxws13lljn9wUR854.roa
File: 5aXqmlnXDrTxws13lljn9wUR854.roa (raw, json)
Hash identifier: plL8yawl8KOrhVRygXuVLesuWkaFYWa732MkuSJAVAg=
Subject key identifier: E5:A5:EA:9A:59:D7:0E:B4:F1:C2:CD:77:96:58:E7:F7:05:11:F3:9E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01979B99E5E486A1F26E8A21AB7D0538E1E3
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5aXqmlnXDrTxws13lljn9wUR854.roa
Signing time: Mon 23 Jun 2025 07:04:03 +0000
ROA not before: Mon 23 Jun 2025 07:04:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 151.241.128.0/22 maxlen: 24
151.242.40.0/24 maxlen: 24
151.242.64.0/24 maxlen: 24
151.242.242.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.243.120.0/24 maxlen: 24
151.243.214.0/24 maxlen: 24
151.244.4.0/24 maxlen: 24
151.244.5.0/24 maxlen: 24
151.244.6.0/24 maxlen: 24
151.244.56.0/24 maxlen: 24
151.244.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Jun 2025 12:31:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9b:99:e5:e4:86:a1:f2:6e:8a:21:ab:7d:05:38:e1:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 23 07:04:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5a5ea9a59d70eb4f1c2cd779658e7f70511f39e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:71:4a:0f:45:7b:4d:44:41:f4:8c:fc:e6:9a:
ae:10:6d:64:83:7e:88:c8:65:bd:82:60:d5:47:ba:
c2:77:fa:b5:cf:53:f3:e0:9e:fa:b9:bc:a9:d7:7c:
76:af:28:58:65:9b:2b:38:87:ba:78:7f:0d:52:92:
e2:6a:bd:e4:5e:2b:6e:58:5d:1b:f3:ca:8c:a0:d6:
e0:dc:10:8c:45:3b:61:0f:4e:05:45:16:86:5e:a0:
2a:a1:71:36:2a:88:c9:1f:72:34:55:d8:0f:4b:54:
56:80:9a:dd:30:a7:31:76:aa:ae:34:a5:a1:b6:41:
68:88:e4:7f:38:b6:46:22:19:da:b0:6b:4b:de:d5:
b5:7f:2d:87:e6:69:9b:2b:a0:bb:c0:51:25:51:c9:
99:d8:6b:2c:31:71:26:a2:dc:1e:41:6d:0b:1c:26:
ac:24:e8:7c:88:00:81:ca:5d:8f:ae:8c:34:42:15:
be:40:7c:fb:b9:ae:44:da:cc:3e:e1:99:64:ef:a0:
71:02:ce:4d:8f:72:51:47:21:97:84:68:cf:ff:42:
36:81:8f:03:d5:75:f6:a8:24:52:4b:a7:1f:16:fe:
43:6d:ec:18:69:6d:b9:35:40:5b:6f:b8:8a:58:c5:
a6:1f:96:ce:e5:67:af:15:4e:94:36:1d:9f:3f:37:
1c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A5:EA:9A:59:D7:0E:B4:F1:C2:CD:77:96:58:E7:F7:05:11:F3:9E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5aXqmlnXDrTxws13lljn9wUR854.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.128.0/22
151.242.40.0/24
151.242.64.0/24
151.242.242.0/24
151.243.115.0/24
151.243.120.0/24
151.243.214.0/24
151.244.4.0-151.244.6.255
151.244.56.0/24
151.244.58.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:e2:00:ef:2d:4b:f8:47:03:aa:f4:a0:8c:a8:2a:7f:d6:ee:
c9:ff:5e:5b:a0:f6:32:88:1a:c3:13:c7:30:58:d2:e5:69:19:
72:e8:ee:89:2a:ba:0b:a3:35:de:59:62:10:a1:d9:45:94:40:
9a:d2:cc:e4:f6:e5:3e:f5:53:1e:26:48:f1:cb:6e:3b:2a:4e:
0f:49:34:fe:32:6f:17:d5:61:56:b8:6b:7f:c4:ba:ca:e3:3b:
57:10:ec:aa:e3:4b:8d:f4:10:2b:96:11:ea:36:71:2b:3d:11:
2b:db:fa:b8:80:ce:87:59:ae:af:42:38:a1:b6:e5:d9:80:a8:
ef:7f:6f:41:f7:fd:04:58:66:f8:8d:05:b8:a5:89:95:d3:e8:
6b:db:1d:32:57:f4:ad:2e:5b:e0:94:a3:43:37:39:30:cc:85:
c1:6c:81:17:cc:30:77:bf:02:68:2a:94:23:96:15:9a:36:58:
99:9d:2c:01:19:11:9e:1e:0d:63:ba:15:16:34:cf:34:8b:2f:
04:24:52:fd:2c:d3:e5:99:c6:63:47:0b:6f:12:2c:f5:f9:fc:
0b:51:84:f9:67:fe:91:e0:9b:e3:09:96:d0:11:90:44:ce:92:
2c:c9:3e:98:6f:c4:03:7f:f7:d7:52:50:03:5c:d2:fd:d7:c2:
84:2a:b9:62
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZebmeXkhqHyboohq30FOOHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjIzMDcwNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWE1ZWE5YTU5ZDcwZWI0ZjFjMmNkNzc5NjU4ZTdmNzA1MTFmMzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7HFKD0V7TURB9Iz85pquEG1kg36I
yGW9gmDVR7rCd/q1z1Pz4J76ubyp13x2ryhYZZsrOIe6eH8NUpLiar3kXituWF0b
88qMoNbg3BCMRTthD04FRRaGXqAqoXE2KojJH3I0VdgPS1RWgJrdMKcxdqquNKWh
tkFoiOR/OLZGIhnasGtL3tW1fy2H5mmbK6C7wFElUcmZ2GssMXEmotweQW0LHCas
JOh8iACByl2Prow0QhW+QHz7ua5E2sw+4Zlk76BxAs5Nj3JRRyGXhGjP/0I2gY8D
1XX2qCRSS6cfFv5DbewYaW25NUBbb7iKWMWmH5bO5WevFU6UNh2fPzcc5wIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFOWl6ppZ1w608cLNd5ZY5/cFEfOeMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvNWFYcW1sblhEclR4d3MxM2xsam45d1VSODU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCl/GAAwQA
l/IoAwQAl/JAAwQAl/LyAwQAl/NzAwQAl/N4AwQAl/PWMAwDBAKX9AQDBACX9AYD
BACX9DgDBACX9DowDQYJKoZIhvcNAQELBQADggEBALLiAO8tS/hHA6r0oIyoKn/W
7sn/Xlug9jKIGsMTxzBY0uVpGXLo7okqugujNd5ZYhCh2UWUQJrSzOT25T71Ux4m
SPHLbjsqTg9JNP4ybxfVYVa4a3/EusrjO1cQ7KrjS430ECuWEeo2cSs9ESvb+riA
zodZrq9COKG25dmAqO9/b0H3/QRYZviNBbiliZXT6GvbHTJX9K0uW+CUo0M3OTDM
hcFsgRfMMHe/AmgqlCOWFZo2WJmdLAEZEZ4eDWO6FRY0zzSLLwQkUv0s0+WZxmNH
C28SLPX5/AtRhPln/pHgm+MJltARkETOkizJPphvxAN/99dSUANc0v3XwoQquWI=
-----END CERTIFICATE-----
Generated at Sat Jul 26 12:14:19 2025 by rpki-client