Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8SWnqPgFnpVhR50uCoS7eaK1Pgo.roa
File: 8SWnqPgFnpVhR50uCoS7eaK1Pgo.roa (raw, json)
Hash identifier: C/itGHoQe27FbtutoVjR1ofSsOpavDFgHlzm6TZTmlI=
Subject key identifier: F1:25:A7:A8:F8:05:9E:95:61:47:9D:2E:0A:84:BB:79:A2:B5:3E:0A
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019796E50FED40C58FEA5AE158FD58044E34
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8SWnqPgFnpVhR50uCoS7eaK1Pgo.roa
Signing time: Sun 22 Jun 2025 09:08:03 +0000
ROA not before: Sun 22 Jun 2025 09:08:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61003
IP address blocks: 151.242.173.0/24 maxlen: 24
151.243.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Jun 2025 13:50:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:96:e5:0f:ed:40:c5:8f:ea:5a:e1:58:fd:58:04:4e:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 22 09:08:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f125a7a8f8059e9561479d2e0a84bb79a2b53e0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e6:50:9b:62:2e:53:14:12:ea:fa:e2:a9:1c:
31:10:a6:32:c4:ac:a6:79:64:db:3a:3d:1d:7b:9b:
68:a0:b7:d4:d2:05:7a:a4:a2:ea:fb:1b:68:56:09:
fa:4a:c0:9a:ae:26:30:01:3b:fa:1b:bd:d9:de:cc:
a0:a3:52:0a:4e:31:72:88:08:9a:65:dd:8a:a6:00:
27:be:c8:5a:93:86:42:54:04:13:ec:39:9c:37:19:
ad:9a:15:a9:6a:0d:b4:8b:e7:c8:8c:37:ef:a6:75:
14:10:f6:71:bd:09:f9:97:7a:16:5e:2d:d5:7e:9e:
87:b3:48:59:2a:98:5c:11:b7:65:cc:81:e6:a2:df:
6c:79:ac:bd:d6:b8:a8:0d:f8:ee:3a:78:71:fc:ad:
53:1f:9c:bc:7e:21:65:9b:82:24:5e:20:cc:d2:8b:
49:58:ec:f1:55:08:13:50:6c:bd:b9:ee:5b:2b:31:
f7:8c:76:42:f7:eb:55:97:38:89:73:28:c6:33:11:
49:40:af:bc:d1:71:a3:bd:24:b9:a5:4d:bd:53:c0:
50:04:c6:3e:12:b9:d0:0e:4c:e4:5b:85:d7:4a:c0:
aa:f6:ae:8d:e6:cd:27:c5:93:3f:0d:cf:46:66:ac:
da:c6:8f:aa:a8:b7:60:51:0d:46:37:86:aa:ee:37:
72:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:25:A7:A8:F8:05:9E:95:61:47:9D:2E:0A:84:BB:79:A2:B5:3E:0A
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8SWnqPgFnpVhR50uCoS7eaK1Pgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.173.0/24
151.243.156.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:8f:b2:0c:2b:36:9f:70:6a:28:8d:ba:df:c9:ac:d4:df:b3:
4f:da:72:64:e3:dc:12:dc:7d:e5:32:0b:87:c4:40:11:d2:a4:
7b:1f:12:b5:56:f6:5c:ab:31:7c:61:ce:0f:d2:d4:99:98:a5:
9c:44:cd:96:f5:8b:5b:18:4a:4b:68:a5:69:9e:18:bc:b5:a5:
7c:03:b1:b2:4f:16:d1:b3:ec:06:05:7b:38:50:41:87:2c:c0:
3b:62:d6:7c:70:85:58:65:54:ca:17:1d:2a:b1:92:83:97:0c:
0a:25:0f:bb:5c:23:73:84:45:d4:16:d1:da:f7:db:21:56:af:
ea:46:66:84:0c:7c:35:45:1c:31:2a:bb:41:ec:17:29:25:a4:
32:7c:14:98:98:17:c0:62:88:c5:05:4f:33:a9:8c:f8:be:ce:
79:a7:a0:89:36:cb:b2:c3:0f:1c:9e:a9:9a:78:41:51:5c:11:
5a:01:55:67:5f:11:bd:d6:44:66:11:7b:06:fd:27:46:e2:1d:
9d:e0:c2:d2:1a:7b:b5:0f:52:74:25:29:aa:4b:0e:ed:21:e7:
65:77:b7:56:aa:78:5a:d0:93:b5:3a:2b:cc:e3:b2:3e:7c:7f:
a3:96:ec:af:2b:f3:47:9d:ae:49:61:2d:bf:ff:f7:8a:9a:71:
ef:4f:c7:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZeW5Q/tQMWP6lrhWP1YBE40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjIyMDkwODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTI1YTdhOGY4MDU5ZTk1NjE0NzlkMmUwYTg0YmI3OWEyYjUzZTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OZQm2IuUxQS6vriqRwxEKYyxKym
eWTbOj0de5tooLfU0gV6pKLq+xtoVgn6SsCariYwATv6G73Z3sygo1IKTjFyiAia
Zd2KpgAnvshak4ZCVAQT7DmcNxmtmhWpag20i+fIjDfvpnUUEPZxvQn5l3oWXi3V
fp6Hs0hZKphcEbdlzIHmot9seay91rioDfjuOnhx/K1TH5y8fiFlm4IkXiDM0otJ
WOzxVQgTUGy9ue5bKzH3jHZC9+tVlziJcyjGMxFJQK+80XGjvSS5pU29U8BQBMY+
ErnQDkzkW4XXSsCq9q6N5s0nxZM/Dc9GZqzaxo+qqLdgUQ1GN4aq7jdy7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPElp6j4BZ6VYUedLgqEu3mitT4KMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvOFNXbnFQZ0ZucFZoUjUwdUNvUzdlYUsxUGdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/KtAwQA
l/OcMA0GCSqGSIb3DQEBCwUAA4IBAQC2j7IMKzafcGoojbrfyazU37NP2nJk49wS
3H3lMguHxEAR0qR7HxK1VvZcqzF8Yc4P0tSZmKWcRM2W9YtbGEpLaKVpnhi8taV8
A7GyTxbRs+wGBXs4UEGHLMA7YtZ8cIVYZVTKFx0qsZKDlwwKJQ+7XCNzhEXUFtHa
99shVq/qRmaEDHw1RRwxKrtB7BcpJaQyfBSYmBfAYojFBU8zqYz4vs55p6CJNsuy
ww8cnqmaeEFRXBFaAVVnXxG91kRmEXsG/SdG4h2d4MLSGnu1D1J0JSmqSw7tIedl
d7dWqnha0JO1OivM47I+fH+jluyvK/NHna5JYS2///eKmnHvT8fX
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:53:17 2025 by rpki-client