Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5ysJbPCf6deslM6Wzdz4Apcx-SM.roa
File: 5ysJbPCf6deslM6Wzdz4Apcx-SM.roa (raw, json)
Hash identifier: 1KAGxDIh3SugitIg1sCnVN6jSdYWwcs3PenpDk/qeLI=
Subject key identifier: E7:2B:09:6C:F0:9F:E9:D7:AC:94:CE:96:CD:DC:F8:02:97:31:F9:23
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019600BD5410815EF525B3800433865B906E
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5ysJbPCf6deslM6Wzdz4Apcx-SM.roa
Signing time: Fri 04 Apr 2025 12:18:49 +0000
ROA not before: Fri 04 Apr 2025 12:18:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 151.242.208.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 05 Apr 2025 10:12:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:bd:54:10:81:5e:f5:25:b3:80:04:33:86:5b:90:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 4 12:18:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e72b096cf09fe9d7ac94ce96cddcf8029731f923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:30:b1:7b:0b:8b:86:45:91:95:08:6f:25:b6:
34:2f:b9:83:80:61:5f:73:4a:12:cf:d9:07:05:dd:
32:87:9c:e9:4b:b8:c5:de:d7:8e:bb:11:a4:2f:be:
ad:ad:aa:f4:57:cf:6c:8e:b0:64:a7:48:1c:90:ae:
aa:2f:9d:65:24:16:20:76:20:0a:09:c0:3c:85:25:
37:0c:4d:9d:8e:6e:c6:f8:8c:5d:63:09:e2:c3:c5:
f3:0d:d6:29:86:89:1a:f1:c1:18:c0:31:28:66:89:
76:38:21:79:b3:49:97:a7:5b:12:2e:fc:50:1d:7b:
65:7a:68:53:48:2c:65:e5:78:c8:62:f8:4a:31:fc:
2d:b4:40:5c:42:88:51:29:a3:b3:0b:29:9d:64:79:
67:bb:9b:56:1f:0c:80:9d:ae:b7:3b:e9:ab:c5:e5:
49:1d:b6:2d:c4:0a:a4:4e:69:2f:a2:ae:cb:f8:23:
89:03:22:a4:6d:d6:63:2c:29:72:70:1d:68:b5:36:
57:0f:3d:6b:80:7f:a2:94:d4:9d:27:58:21:65:d9:
1a:57:7a:b6:84:73:d3:3e:15:aa:f1:55:66:fa:06:
7e:44:ff:4e:93:6b:fe:bf:b4:6c:61:95:76:59:03:
51:6b:d9:00:8e:ae:a4:bd:d3:8a:de:23:53:59:68:
c0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:2B:09:6C:F0:9F:E9:D7:AC:94:CE:96:CD:DC:F8:02:97:31:F9:23
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5ysJbPCf6deslM6Wzdz4Apcx-SM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.208.0/23
Signature Algorithm: sha256WithRSAEncryption
41:16:15:f3:e7:02:66:af:26:6c:1e:40:8b:8d:4c:c8:5b:d3:
a4:d3:fe:88:25:ed:d2:56:cc:7f:ab:b6:48:8d:9e:e8:df:75:
f9:0c:5a:2e:34:eb:6b:1d:27:1f:1e:68:67:b9:07:d4:b0:76:
d3:07:8d:e5:4d:af:24:1a:04:83:1e:93:dc:6f:3c:91:10:85:
5e:f1:07:93:e8:07:9d:54:d9:82:ea:d7:c7:7f:b8:0b:17:15:
38:a1:43:be:bd:06:ff:19:b5:38:72:d1:3e:89:fe:b3:7b:3e:
a6:80:a5:cd:eb:58:13:0a:fb:64:45:35:4f:26:b7:70:b0:76:
1a:1a:dd:76:66:84:a7:6a:99:2b:52:87:fe:6c:17:4e:f9:34:
5c:88:17:b4:bd:39:6e:31:a2:73:b6:a1:16:8c:f6:18:29:ba:
73:a5:a3:c5:87:6a:bd:a3:98:dc:b9:47:b0:9b:b0:84:ab:a6:
a3:0e:43:cf:40:ba:69:94:55:d2:50:01:b6:79:c2:f2:7c:b5:
68:6d:c9:c4:b4:39:bb:13:b6:b2:c0:09:62:0f:e3:10:16:ae:
62:ae:fd:00:34:13:c8:dc:e6:29:33:a0:4c:f2:5b:24:6d:de:
c5:7e:8d:a9:71:f9:f5:c8:c8:ad:b7:09:d6:64:6f:fc:1e:e3:
f3:89:a4:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYAvVQQgV71JbOABDOGW5BuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDA0MTIxODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzJiMDk2Y2YwOWZlOWQ3YWM5NGNlOTZjZGRjZjgwMjk3MzFmOTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDCxewuLhkWRlQhvJbY0L7mDgGFf
c0oSz9kHBd0yh5zpS7jF3teOuxGkL76trar0V89sjrBkp0gckK6qL51lJBYgdiAK
CcA8hSU3DE2djm7G+IxdYwniw8XzDdYphoka8cEYwDEoZol2OCF5s0mXp1sSLvxQ
HXtlemhTSCxl5XjIYvhKMfwttEBcQohRKaOzCymdZHlnu5tWHwyAna63O+mrxeVJ
HbYtxAqkTmkvoq7L+COJAyKkbdZjLClycB1otTZXDz1rgH+ilNSdJ1ghZdkaV3q2
hHPTPhWq8VVm+gZ+RP9Ok2v+v7RsYZV2WQNRa9kAjq6kvdOK3iNTWWjA1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOcrCWzwn+nXrJTOls3c+AKXMfkjMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvNXlzSmJQQ2Y2ZGVzbE02V3pkejRBcGN4LVNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBl/LQMA0G
CSqGSIb3DQEBCwUAA4IBAQBBFhXz5wJmryZsHkCLjUzIW9Ok0/6IJe3SVsx/q7ZI
jZ7o33X5DFouNOtrHScfHmhnuQfUsHbTB43lTa8kGgSDHpPcbzyREIVe8QeT6Aed
VNmC6tfHf7gLFxU4oUO+vQb/GbU4ctE+if6zez6mgKXN61gTCvtkRTVPJrdwsHYa
Gt12ZoSnapkrUof+bBdO+TRciBe0vTluMaJztqEWjPYYKbpzpaPFh2q9o5jcuUew
m7CEq6ajDkPPQLpplFXSUAG2ecLyfLVobcnEtDm7E7aywAliD+MQFq5irv0ANBPI
3OYpM6BM8lskbd7Ffo2pcfn1yMittwnWZG/8HuPziaT+
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:54:45 2025 by rpki-client