Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Kzcq_Pnl1lI9h7czwCXp-xFs2GI.roa
File: Kzcq_Pnl1lI9h7czwCXp-xFs2GI.roa (raw, json)
Hash identifier: yVBSOyCNNHD5BhfK49UmMtzQCAySkUD+ZAfsNZbcaXQ=
Subject key identifier: 2B:37:2A:FC:F9:E5:D6:52:3D:87:B7:33:C0:25:E9:FB:11:6C:D8:62
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197D95CBCF9125E1B199F04552FF8F66BEE
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Kzcq_Pnl1lI9h7czwCXp-xFs2GI.roa
Signing time: Sat 05 Jul 2025 06:53:42 +0000
ROA not before: Sat 05 Jul 2025 06:53:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19318
IP address blocks: 151.242.41.0/24 maxlen: 24
151.242.58.0/24 maxlen: 24
151.242.200.0/24 maxlen: 24
151.242.201.0/24 maxlen: 24
151.243.164.0/22 maxlen: 22
151.243.254.0/24 maxlen: 24
151.245.168.0/21 maxlen: 21
151.245.176.0/21 maxlen: 21
151.245.224.0/21 maxlen: 21
151.245.232.0/21 maxlen: 21
151.245.248.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 07 Jul 2025 09:47:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d9:5c:bc:f9:12:5e:1b:19:9f:04:55:2f:f8:f6:6b:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 5 06:53:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b372afcf9e5d6523d87b733c025e9fb116cd862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e5:b3:24:1b:8c:00:9e:7a:84:a1:e1:80:a0:
b7:fe:d4:24:92:5f:6e:98:7c:4f:d1:ac:71:ed:da:
db:55:4c:be:cf:b0:23:2c:49:ff:0a:9d:3b:c6:84:
22:9a:bf:3a:4e:75:c4:15:72:34:b1:e1:79:90:06:
af:19:26:48:ee:23:13:00:62:c1:bd:7b:4d:3f:aa:
69:29:67:47:71:a3:ea:7c:00:b0:ed:fe:7a:82:62:
76:54:8e:47:97:79:f9:53:68:0e:94:bf:5f:23:5f:
ce:2f:76:56:25:8c:71:ee:c9:a1:d5:d1:a1:c0:9f:
cc:c6:f8:43:e7:1b:c2:d1:84:a2:84:db:37:63:40:
5c:cf:86:f7:54:f7:ab:ba:ad:b2:b8:1a:fa:2a:db:
1f:84:8f:09:62:5b:37:db:0f:a7:04:c8:82:68:4a:
17:ee:ea:e1:cc:18:d6:52:fe:9c:2d:6e:0f:f3:36:
e8:75:d8:33:33:6d:11:06:c4:59:8b:5c:3d:5a:67:
c7:d6:c9:3d:18:ad:ff:11:c3:7e:e5:5a:bb:9d:66:
48:8d:b5:3e:02:20:85:3c:15:8c:83:06:ed:68:a8:
3a:d8:ec:e1:56:fb:77:c1:21:1c:c7:bc:0c:b0:6c:
e5:f3:3d:86:a5:02:b0:6d:fa:fa:fa:6d:0c:d2:88:
0b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:37:2A:FC:F9:E5:D6:52:3D:87:B7:33:C0:25:E9:FB:11:6C:D8:62
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Kzcq_Pnl1lI9h7czwCXp-xFs2GI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.41.0/24
151.242.58.0/24
151.242.200.0/23
151.243.164.0/22
151.243.254.0/24
151.245.168.0-151.245.183.255
151.245.224.0/20
151.245.248.0/21
Signature Algorithm: sha256WithRSAEncryption
37:bc:67:ee:9d:0c:4c:a2:97:ac:18:24:fd:5c:2c:cf:82:8e:
70:46:db:1d:c8:cf:13:90:ee:38:aa:95:54:96:55:48:55:4a:
8d:ae:2e:cd:a6:d3:24:e9:1b:74:92:61:bc:ec:89:f6:c0:b0:
56:5e:80:48:aa:31:7a:78:6b:62:ba:68:83:90:99:46:74:b5:
62:b7:0a:9a:47:51:60:a4:bd:c1:25:e9:0d:7e:f1:88:c5:59:
a2:e0:4c:46:e1:be:bd:d9:58:26:31:83:9a:f4:ea:8f:ca:52:
64:94:b0:ea:ee:fa:fa:d0:ca:af:ef:9d:ac:01:df:67:01:34:
f4:49:2e:b1:bc:25:e7:9a:f1:3e:21:b3:c1:9c:cc:c7:4f:76:
18:5e:cb:4f:7f:a1:7a:a4:9c:77:9e:7f:7a:63:81:a8:4d:45:
1e:6c:1f:20:b1:16:ff:11:45:da:aa:1f:6d:8e:3f:f8:15:3f:
02:1f:5d:05:d8:46:11:6a:b9:e1:62:a3:2d:4f:4e:00:12:35:
2b:bf:cf:9c:f0:ed:96:ed:20:36:1b:b6:c1:ab:c2:fa:db:eb:
76:d7:9f:bb:06:ca:d3:99:b8:64:17:01:92:2f:e1:be:2a:99:
ae:c7:03:55:84:04:17:93:9a:88:03:ed:a7:dc:62:34:d5:cc:
f2:b3:71:21
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZfZXLz5El4bGZ8EVS/49mvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzA1MDY1MzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjM3MmFmY2Y5ZTVkNjUyM2Q4N2I3MzNjMDI1ZTlmYjExNmNkODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+WzJBuMAJ56hKHhgKC3/tQkkl9u
mHxP0axx7drbVUy+z7AjLEn/Cp07xoQimr86TnXEFXI0seF5kAavGSZI7iMTAGLB
vXtNP6ppKWdHcaPqfACw7f56gmJ2VI5Hl3n5U2gOlL9fI1/OL3ZWJYxx7smh1dGh
wJ/MxvhD5xvC0YSihNs3Y0Bcz4b3VPeruq2yuBr6KtsfhI8JYls32w+nBMiCaEoX
7urhzBjWUv6cLW4P8zboddgzM20RBsRZi1w9WmfH1sk9GK3/EcN+5Vq7nWZIjbU+
AiCFPBWMgwbtaKg62OzhVvt3wSEcx7wMsGzl8z2GpQKwbfr6+m0M0ogLSwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCs3Kvz55dZSPYe3M8Al6fsRbNhiMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvS3pjcV9QbmwxbEk5aDdjendDWHAteEZzMkdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAl/IpAwQA
l/I6AwQBl/LIAwQCl/OkAwQAl/P+MAwDBAOX9agDBAOX9bADBASX9eADBAOX9fgw
DQYJKoZIhvcNAQELBQADggEBADe8Z+6dDEyil6wYJP1cLM+CjnBG2x3IzxOQ7jiq
lVSWVUhVSo2uLs2m0yTpG3SSYbzsifbAsFZegEiqMXp4a2K6aIOQmUZ0tWK3CppH
UWCkvcEl6Q1+8YjFWaLgTEbhvr3ZWCYxg5r06o/KUmSUsOru+vrQyq/vnawB32cB
NPRJLrG8Jeea8T4hs8GczMdPdhhey09/oXqknHeef3pjgahNRR5sHyCxFv8RRdqq
H22OP/gVPwIfXQXYRhFqueFioy1PTgASNSu/z5zw7ZbtIDYbtsGrwvrb63bXn7sG
ytOZuGQXAZIv4b4qma7HA1WEBBeTmogD7afcYjTVzPKzcSE=
-----END CERTIFICATE-----
Generated at Sat Jul 26 00:37:52 2025 by rpki-client