Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7afaH8gPHT37msR4ZcodXw-_M1g.roa
File: 7afaH8gPHT37msR4ZcodXw-_M1g.roa (raw, json)
Hash identifier: ORYGd0O2K7Gd/GwJ9snF3IPx+lPfWn9F6LBIeNMqZg0=
Subject key identifier: ED:A7:DA:1F:C8:0F:1D:3D:FB:9A:C4:78:65:CA:1D:5F:0F:BF:33:58
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197E448C2F8C0000AC1EF07741E6BA29256
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7afaH8gPHT37msR4ZcodXw-_M1g.roa
Signing time: Mon 07 Jul 2025 09:47:43 +0000
ROA not before: Mon 07 Jul 2025 09:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19318
IP address blocks: 151.242.41.0/24 maxlen: 24
151.242.58.0/24 maxlen: 24
151.242.200.0/24 maxlen: 24
151.242.201.0/24 maxlen: 24
151.243.164.0/22 maxlen: 22
151.243.254.0/24 maxlen: 24
151.244.164.0/22 maxlen: 22
151.244.168.0/22 maxlen: 22
151.245.168.0/21 maxlen: 21
151.245.176.0/21 maxlen: 21
151.245.224.0/21 maxlen: 21
151.245.232.0/21 maxlen: 21
151.245.248.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 18 Jul 2025 11:35:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e4:48:c2:f8:c0:00:0a:c1:ef:07:74:1e:6b:a2:92:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 7 09:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eda7da1fc80f1d3dfb9ac47865ca1d5f0fbf3358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4e:4a:f3:f3:48:3d:47:e2:f2:b4:6c:52:88:
ec:eb:bf:fa:ad:76:06:0c:6e:14:27:d8:ac:4f:a3:
12:6e:b5:d9:1c:24:09:16:38:15:b5:84:73:39:54:
8d:71:bb:fc:39:95:a1:8f:d4:26:d3:27:b5:bb:88:
33:ba:72:0f:9c:65:e3:02:46:52:d5:0d:3a:ca:86:
71:f8:38:4e:e4:c5:43:02:e1:f0:f8:4a:53:6c:ff:
1a:8a:6f:fb:42:bb:40:b8:32:59:7b:bc:00:2f:10:
78:74:87:f1:ee:a0:97:77:b6:31:8e:32:8b:7b:f0:
54:5b:fa:0b:c4:1c:5f:44:bf:25:d2:94:4b:05:09:
59:d7:e3:67:6d:30:48:e1:4a:99:16:a3:1a:5c:e7:
e2:42:c3:b0:5a:4b:84:7b:63:db:b7:18:4b:79:ae:
ac:4d:4c:b3:f8:3a:b0:37:3f:76:93:31:cf:d6:47:
d5:b1:d9:21:ce:73:5f:28:33:98:6e:c1:f1:82:ff:
3c:4c:ad:d4:e7:ec:a6:2d:9f:44:0d:4e:4b:8c:d5:
a5:6e:65:77:95:04:b7:85:7c:17:02:5c:fd:2e:e1:
00:bf:a3:f1:13:47:57:51:93:c7:9d:95:55:df:a9:
a0:37:17:95:69:f0:cf:da:d5:36:19:5d:38:0b:28:
5e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:A7:DA:1F:C8:0F:1D:3D:FB:9A:C4:78:65:CA:1D:5F:0F:BF:33:58
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7afaH8gPHT37msR4ZcodXw-_M1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.41.0/24
151.242.58.0/24
151.242.200.0/23
151.243.164.0/22
151.243.254.0/24
151.244.164.0-151.244.171.255
151.245.168.0-151.245.183.255
151.245.224.0/20
151.245.248.0/21
Signature Algorithm: sha256WithRSAEncryption
36:e7:a1:7f:fc:a5:72:16:f3:c2:9f:6d:0f:b9:72:01:51:3f:
51:92:72:b1:9f:fb:a8:4c:92:e2:9e:fa:ff:7f:ca:c2:35:db:
25:1a:57:f0:f6:9c:04:bd:72:9d:71:2c:62:9e:4b:5c:b3:83:
aa:76:fb:46:5f:3b:73:98:94:f7:07:66:71:02:ad:4d:df:a3:
7e:95:b6:15:e0:1d:46:c4:a2:28:b0:4a:8c:b0:32:4a:11:46:
e5:c2:c1:cc:c8:77:c9:2d:8b:ab:f5:ee:d7:f5:f5:7f:8a:b2:
8f:f2:83:78:32:44:65:77:8e:87:19:51:79:98:f6:f6:bf:11:
2d:ce:d2:cf:aa:dd:89:a9:28:cf:9d:33:df:2f:6d:8a:0b:45:
15:03:d1:a1:53:65:8d:92:9b:67:67:78:23:27:47:56:9f:83:
95:a4:9e:95:a2:d4:e5:55:db:e3:db:15:68:55:37:ad:73:69:
04:6e:68:f9:9c:70:26:47:c2:7c:4f:0a:46:71:15:2b:d9:f2:
aa:39:9c:8e:7b:ab:7d:ab:d9:8e:03:03:79:17:f8:0f:fc:05:
98:e0:82:b0:41:89:4f:a7:82:e3:dd:54:23:ce:50:48:2d:d4:
38:3a:2b:6d:ef:9f:26:e3:04:93:ed:8d:a9:a4:ec:8c:47:17:
c7:9f:81:53
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZfkSML4wAAKwe8HdB5ropJWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzA3MDk0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGE3ZGExZmM4MGYxZDNkZmI5YWM0Nzg2NWNhMWQ1ZjBmYmYzMzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE5K8/NIPUfi8rRsUojs67/6rXYG
DG4UJ9isT6MSbrXZHCQJFjgVtYRzOVSNcbv8OZWhj9Qm0ye1u4gzunIPnGXjAkZS
1Q06yoZx+DhO5MVDAuHw+EpTbP8aim/7QrtAuDJZe7wALxB4dIfx7qCXd7YxjjKL
e/BUW/oLxBxfRL8l0pRLBQlZ1+NnbTBI4UqZFqMaXOfiQsOwWkuEe2PbtxhLea6s
TUyz+DqwNz92kzHP1kfVsdkhznNfKDOYbsHxgv88TK3U5+ymLZ9EDU5LjNWlbmV3
lQS3hXwXAlz9LuEAv6PxE0dXUZPHnZVV36mgNxeVafDP2tU2GV04CyhecQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFO2n2h/IDx09+5rEeGXKHV8PvzNYMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvN2FmYUg4Z1BIVDM3bXNSNFpjb2RYdy1fTTFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAl/IpAwQA
l/I6AwQBl/LIAwQCl/OkAwQAl/P+MAwDBAKX9KQDBAKX9KgwDAMEA5f1qAMEA5f1
sAMEBJf14AMEA5f1+DANBgkqhkiG9w0BAQsFAAOCAQEANuehf/ylchbzwp9tD7ly
AVE/UZJysZ/7qEyS4p76/3/KwjXbJRpX8PacBL1ynXEsYp5LXLODqnb7Rl87c5iU
9wdmcQKtTd+jfpW2FeAdRsSiKLBKjLAyShFG5cLBzMh3yS2Lq/Xu1/X1f4qyj/KD
eDJEZXeOhxlReZj29r8RLc7Sz6rdiakoz50z3y9tigtFFQPRoVNljZKbZ2d4IydH
Vp+DlaSelaLU5VXb49sVaFU3rXNpBG5o+ZxwJkfCfE8KRnEVK9nyqjmcjnurfavZ
jgMDeRf4D/wFmOCCsEGJT6eC491UI85QSC3UODorbe+fJuMEk+2NqaTsjEcXx5+B
Uw==
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:04:08 2025 by rpki-client