Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Nx24S-tKNbp34oaIYrrybM4sWBk.roa
File: Nx24S-tKNbp34oaIYrrybM4sWBk.roa (raw, json)
Hash identifier: 9nZsudpW9mWd6yaHmD7wnq3oxf7WldIT5hBv2XReot0=
Subject key identifier: 37:1D:B8:4B:EB:4A:35:BA:77:E2:86:88:62:BA:F2:6C:CE:2C:58:19
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197D49CEC034A0D740ABE52A2F15386C249
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Nx24S-tKNbp34oaIYrrybM4sWBk.roa
Signing time: Fri 04 Jul 2025 08:45:43 +0000
ROA not before: Fri 04 Jul 2025 08:45:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64457
IP address blocks: 151.242.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 19 Jul 2025 08:17:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:9c:ec:03:4a:0d:74:0a:be:52:a2:f1:53:86:c2:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 4 08:45:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=371db84beb4a35ba77e2868862baf26cce2c5819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:14:27:ef:b3:4b:a2:80:72:9d:a8:28:0f:3e:
d9:c7:c5:bb:d5:07:f6:d1:81:99:9b:65:5d:21:08:
fa:73:3a:2f:e8:67:59:b0:19:f5:1c:26:bf:b9:af:
57:1c:a5:16:ff:3c:c5:63:3b:75:97:21:cb:ac:73:
e0:46:10:d7:4d:ba:53:f1:ae:b3:6f:e8:88:8b:7d:
09:6e:d4:2a:f9:e1:a8:40:c4:95:9f:b3:61:74:c9:
d9:b0:27:00:7b:11:7c:f1:65:67:4a:78:dd:c4:64:
71:bc:98:9e:c1:e3:fa:e7:0b:43:a2:1b:24:19:81:
70:5e:72:a5:67:1a:45:d2:7c:46:f0:26:3b:8f:91:
46:f4:a9:f4:2b:2e:0e:fa:c3:31:44:8e:dd:57:be:
64:64:6a:f3:7a:55:84:8e:84:fc:4a:97:23:b2:80:
38:3a:ce:8c:31:76:ee:fa:0b:f0:3c:40:dd:76:da:
6e:45:c5:00:5f:85:c2:e1:71:5c:8d:60:bb:82:60:
eb:57:e1:d3:ed:ec:08:c9:66:82:29:85:76:f9:5c:
be:b0:cc:aa:a2:da:68:fb:fa:e0:1e:03:4d:f4:c1:
5e:4c:a9:cd:c3:af:a9:da:3d:90:d8:48:e0:f9:d6:
ed:f8:06:bb:7e:b2:6d:69:c6:d8:95:ff:1b:7c:19:
9f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:1D:B8:4B:EB:4A:35:BA:77:E2:86:88:62:BA:F2:6C:CE:2C:58:19
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Nx24S-tKNbp34oaIYrrybM4sWBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.111.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:4b:d3:d2:ed:41:d6:c0:12:ca:4c:65:22:1f:c7:d6:10:79:
ef:87:d3:41:7a:f5:1c:9f:43:5b:91:79:7e:7b:b7:77:0b:b3:
56:28:3b:75:88:30:a4:08:5e:bb:9c:76:19:af:eb:02:35:65:
5d:22:ae:2d:01:74:34:ed:06:70:ae:d7:9c:ed:7c:4a:0c:c0:
81:0c:5f:d1:c5:1e:d5:dc:74:ef:1e:13:cf:3d:00:69:0c:a7:
a9:3f:5f:14:c8:97:ac:76:81:3d:8e:dd:04:e8:a0:a0:17:46:
af:94:6f:4a:7c:7a:98:53:ce:0e:4f:1a:91:6e:6d:98:08:48:
af:9f:f2:d8:52:0a:20:ca:c6:fc:b3:71:4c:e3:84:54:02:af:
85:d9:ee:6d:fd:9e:69:8e:14:c0:29:67:0f:b7:dd:e3:97:6c:
9d:74:d8:bc:e3:e5:c7:5f:a0:be:c1:4f:0a:13:1b:8a:b6:7b:
a2:a8:45:19:77:0b:44:4c:3c:87:7d:07:87:81:00:14:a1:ea:
9b:12:c4:36:15:52:1c:76:bb:03:e6:7b:0b:64:f9:f7:90:7f:
eb:b2:ac:81:f0:01:b9:bb:2b:d9:d1:f7:f9:65:7f:29:bc:0b:
19:fd:46:fa:4f:73:93:50:72:d9:84:41:c0:ec:d2:29:0d:ad:
c2:e4:9d:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfUnOwDSg10Cr5SovFThsJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzA0MDg0NTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzFkYjg0YmViNGEzNWJhNzdlMjg2ODg2MmJhZjI2Y2NlMmM1ODE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphQn77NLooBynagoDz7Zx8W71Qf2
0YGZm2VdIQj6czov6GdZsBn1HCa/ua9XHKUW/zzFYzt1lyHLrHPgRhDXTbpT8a6z
b+iIi30JbtQq+eGoQMSVn7NhdMnZsCcAexF88WVnSnjdxGRxvJieweP65wtDohsk
GYFwXnKlZxpF0nxG8CY7j5FG9Kn0Ky4O+sMxRI7dV75kZGrzelWEjoT8SpcjsoA4
Os6MMXbu+gvwPEDddtpuRcUAX4XC4XFcjWC7gmDrV+HT7ewIyWaCKYV2+Vy+sMyq
otpo+/rgHgNN9MFeTKnNw6+p2j2Q2Ejg+dbt+Aa7frJtacbYlf8bfBmfRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDcduEvrSjW6d+KGiGK68mzOLFgZMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTngyNFMtdEtOYnAzNG9hSVlycnliTTRzV0JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/JvMA0G
CSqGSIb3DQEBCwUAA4IBAQB7S9PS7UHWwBLKTGUiH8fWEHnvh9NBevUcn0NbkXl+
e7d3C7NWKDt1iDCkCF67nHYZr+sCNWVdIq4tAXQ07QZwrtec7XxKDMCBDF/RxR7V
3HTvHhPPPQBpDKepP18UyJesdoE9jt0E6KCgF0avlG9KfHqYU84OTxqRbm2YCEiv
n/LYUgogysb8s3FM44RUAq+F2e5t/Z5pjhTAKWcPt93jl2yddNi84+XHX6C+wU8K
ExuKtnuiqEUZdwtETDyHfQeHgQAUoeqbEsQ2FVIcdrsD5nsLZPn3kH/rsqyB8AG5
uyvZ0ff5ZX8pvAsZ/Ub6T3OTUHLZhEHA7NIpDa3C5J2r
-----END CERTIFICATE-----
Generated at Sat Jul 26 12:12:01 2025 by rpki-client