Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/9bNau6Wy8CW2-liyBFyIWaBMjWQ.roa
File: 9bNau6Wy8CW2-liyBFyIWaBMjWQ.roa (raw, json)
Hash identifier: G4Mn+hlTDvLSyeUA9xeN2PIaBNu739iEaVbrkq5FKGY=
Subject key identifier: F5:B3:5A:BB:A5:B2:F0:25:B6:FA:58:B2:04:5C:88:59:A0:4C:8D:64
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197737AD15093618131EC5952A479AF89E3
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/9bNau6Wy8CW2-liyBFyIWaBMjWQ.roa
Signing time: Sun 15 Jun 2025 12:05:18 +0000
ROA not before: Sun 15 Jun 2025 12:05:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 151.240.45.0/24 maxlen: 24
151.240.120.0/23 maxlen: 23
151.242.45.0/24 maxlen: 24
151.242.57.0/24 maxlen: 24
151.242.136.0/23 maxlen: 23
151.242.144.0/23 maxlen: 23
151.242.158.0/24 maxlen: 24
151.243.2.0/24 maxlen: 24
151.243.105.0/24 maxlen: 24
151.243.159.0/24 maxlen: 24
151.243.248.0/22 maxlen: 22
151.243.252.0/23 maxlen: 23
151.244.57.0/24 maxlen: 24
151.244.111.0/24 maxlen: 24
151.244.115.0/24 maxlen: 24
151.245.116.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 17 Jun 2025 13:53:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:73:7a:d1:50:93:61:81:31:ec:59:52:a4:79:af:89:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 15 12:05:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5b35abba5b2f025b6fa58b2045c8859a04c8d64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f5:9f:83:a2:1a:08:b7:3c:59:0b:b7:7f:e6:
58:1b:bc:54:9f:da:9b:53:b0:12:3a:73:70:7a:87:
49:19:12:c7:d9:ed:05:7f:93:59:b4:78:d0:e4:27:
71:2c:91:75:98:11:92:1d:41:7a:ec:dd:cc:c4:15:
b1:af:0a:ca:98:f9:9e:0a:27:b8:08:ce:3b:2e:cb:
aa:34:2f:66:3f:01:7e:d2:90:53:48:85:38:1a:21:
a0:8c:b6:7f:f8:54:79:42:d6:d3:97:fa:d2:78:b1:
e7:96:5d:f9:3b:67:07:a0:f7:40:23:c7:f0:58:fa:
2a:e8:60:a4:2f:dc:2e:94:7b:0f:3e:42:25:0f:47:
f0:d5:0e:2e:96:18:ab:36:75:06:12:1f:1c:f0:26:
bb:ba:c4:9c:f9:e3:82:29:ea:f7:5c:a4:9d:96:5a:
fe:7e:b6:90:ec:15:2a:46:a7:e1:bd:c1:fa:10:ec:
cf:6e:fa:dd:f9:2e:80:a6:d1:66:9b:6e:88:73:e4:
c4:cf:35:10:a9:18:ae:20:64:e7:6c:d8:8b:5d:2c:
ac:65:07:04:ab:37:1a:7a:cd:a7:1e:ab:3a:37:9a:
4a:fc:50:71:65:90:85:fe:0a:ab:ec:92:bd:68:73:
1d:0d:5b:0e:83:2f:17:85:bb:0e:3d:94:70:79:d1:
00:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:B3:5A:BB:A5:B2:F0:25:B6:FA:58:B2:04:5C:88:59:A0:4C:8D:64
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/9bNau6Wy8CW2-liyBFyIWaBMjWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.45.0/24
151.240.120.0/23
151.242.45.0/24
151.242.57.0/24
151.242.136.0/23
151.242.144.0/23
151.242.158.0/24
151.243.2.0/24
151.243.105.0/24
151.243.159.0/24
151.243.248.0-151.243.253.255
151.244.57.0/24
151.244.111.0/24
151.244.115.0/24
151.245.116.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:d9:71:ef:c9:98:de:8e:5b:01:8d:38:2b:b8:4a:bb:3e:b6:
e5:b6:66:ca:f5:b0:41:2d:c0:eb:fb:da:e9:be:27:0f:aa:b9:
e8:b6:8c:1c:33:0c:42:70:9d:21:4f:c2:e4:d1:93:43:68:b2:
f7:f6:99:86:e0:14:3f:4c:15:8a:a9:04:3e:43:b7:07:62:a4:
59:a5:a4:22:c9:e5:49:f4:48:98:9d:c3:16:89:25:90:bb:1b:
ac:2e:56:36:5d:a9:58:29:72:eb:70:2a:f9:67:05:3d:3b:9b:
49:99:4d:48:0e:79:ac:cb:aa:29:8d:e6:06:bd:8b:67:f0:43:
f4:6b:d3:e8:09:a9:11:f9:d7:1e:ba:bc:0b:e7:64:07:fe:95:
08:9e:f1:67:e0:42:78:ea:87:0f:88:78:1d:9a:00:99:43:e5:
ad:bf:97:06:9f:7d:52:33:56:09:f3:fd:8e:08:a8:49:aa:62:
eb:0e:4f:1f:a7:c6:d4:79:82:46:ef:d7:60:32:3b:06:d0:57:
50:40:29:fa:90:60:92:58:f2:06:3f:24:65:36:5f:a6:ac:10:
aa:a3:7e:56:d4:27:69:ed:3f:f2:eb:c7:1b:db:dd:a7:06:af:
f1:37:bc:a5:1e:9b:b7:53:45:11:42:c5:b1:5b:db:d9:4b:8f:
b2:2d:18:ca
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZdzetFQk2GBMexZUqR5r4njMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjE1MTIwNTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWIzNWFiYmE1YjJmMDI1YjZmYTU4YjIwNDVjODg1OWEwNGM4ZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5fWfg6IaCLc8WQu3f+ZYG7xUn9qb
U7ASOnNweodJGRLH2e0Ff5NZtHjQ5CdxLJF1mBGSHUF67N3MxBWxrwrKmPmeCie4
CM47LsuqNC9mPwF+0pBTSIU4GiGgjLZ/+FR5QtbTl/rSeLHnll35O2cHoPdAI8fw
WPoq6GCkL9wulHsPPkIlD0fw1Q4ulhirNnUGEh8c8Ca7usSc+eOCKer3XKSdllr+
fraQ7BUqRqfhvcH6EOzPbvrd+S6AptFmm26Ic+TEzzUQqRiuIGTnbNiLXSysZQcE
qzcaes2nHqs6N5pK/FBxZZCF/gqr7JK9aHMdDVsOgy8XhbsOPZRwedEAhQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFPWzWrulsvAltvpYsgRciFmgTI1kMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvOWJOYXU2V3k4Q1cyLWxpeUJGeUlXYUJNaldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAl/AtAwQB
l/B4AwQAl/ItAwQAl/I5AwQBl/KIAwQBl/KQAwQAl/KeAwQAl/MCAwQAl/NpAwQA
l/OfMAwDBAOX8/gDBAGX8/wDBACX9DkDBACX9G8DBACX9HMDBAKX9XQwDQYJKoZI
hvcNAQELBQADggEBAJrZce/JmN6OWwGNOCu4Srs+tuW2Zsr1sEEtwOv72um+Jw+q
uei2jBwzDEJwnSFPwuTRk0Nosvf2mYbgFD9MFYqpBD5DtwdipFmlpCLJ5Un0SJid
wxaJJZC7G6wuVjZdqVgpcutwKvlnBT07m0mZTUgOeazLqimN5ga9i2fwQ/Rr0+gJ
qRH51x66vAvnZAf+lQie8WfgQnjqhw+IeB2aAJlD5a2/lwaffVIzVgnz/Y4IqEmq
YusOTx+nxtR5gkbv12AyOwbQV1BAKfqQYJJY8gY/JGU2X6asEKqjflbUJ2ntP/Lr
xxvb3acGr/E3vKUem7dTRRFCxbFb29lLj7ItGMo=
-----END CERTIFICATE-----
Generated at Sat Jul 26 12:14:31 2025 by rpki-client