Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/aOtmjnL7dm0glwXP9E8bioaXF78.roa
File: aOtmjnL7dm0glwXP9E8bioaXF78.roa (raw, json)
Hash identifier: DRoHBy7Ca+FCKdRRIg6Y4aETNiAaG42gDuXkXtQ/S60=
Subject key identifier: 68:EB:66:8E:72:FB:76:6D:20:97:05:CF:F4:4F:1B:8A:86:97:17:BF
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197CB22C4AE707FE969BDE4353BF3E1BF4C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/aOtmjnL7dm0glwXP9E8bioaXF78.roa
Signing time: Wed 02 Jul 2025 12:35:42 +0000
ROA not before: Wed 02 Jul 2025 12:35:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 151.240.45.0/24 maxlen: 24
151.240.120.0/23 maxlen: 23
151.241.64.0/24 maxlen: 24
151.241.67.0/24 maxlen: 24
151.241.70.0/24 maxlen: 24
151.241.71.0/24 maxlen: 24
151.241.73.0/24 maxlen: 24
151.241.204.0/24 maxlen: 24
151.242.45.0/24 maxlen: 24
151.242.57.0/24 maxlen: 24
151.242.136.0/23 maxlen: 23
151.242.144.0/23 maxlen: 23
151.242.158.0/24 maxlen: 24
151.243.2.0/24 maxlen: 24
151.243.105.0/24 maxlen: 24
151.243.159.0/24 maxlen: 24
151.243.248.0/22 maxlen: 22
151.244.57.0/24 maxlen: 24
151.244.111.0/24 maxlen: 24
151.244.115.0/24 maxlen: 24
151.244.198.0/24 maxlen: 24
151.244.201.0/24 maxlen: 24
151.244.212.0/24 maxlen: 24
151.245.78.0/24 maxlen: 24
151.245.116.0/22 maxlen: 22
151.245.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Jul 2025 13:12:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cb:22:c4:ae:70:7f:e9:69:bd:e4:35:3b:f3:e1:bf:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 2 12:35:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68eb668e72fb766d209705cff44f1b8a869717bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:84:69:b8:1d:b4:36:00:a0:23:d9:b3:55:aa:
cf:c5:ca:fe:db:3c:f7:55:1c:48:91:d9:da:32:b3:
19:d3:15:05:2d:83:0d:50:77:b2:c1:2e:1a:cb:74:
c2:bb:f0:58:f4:fa:95:84:14:d9:11:8f:29:a6:01:
9f:ec:10:df:75:db:b4:d3:d6:35:83:4e:9f:a0:89:
bb:a8:4c:ec:db:39:c3:3d:80:42:7c:08:cd:87:98:
04:0a:35:28:68:72:41:ac:98:f5:d9:81:42:2c:a3:
6c:3e:ad:b7:01:d6:9c:69:b6:b7:e2:dc:10:a4:31:
eb:92:55:75:95:08:92:dd:4f:0b:f7:df:31:b2:a5:
63:b1:07:7e:38:2e:38:f7:a0:e2:d9:e6:3e:f4:e8:
ef:33:94:de:4d:b6:4c:34:33:e5:eb:bb:2b:a4:1f:
58:70:b7:97:59:24:d5:0e:0c:7d:77:a4:a6:f0:60:
f0:1f:60:df:69:9b:af:19:21:48:b8:9d:e3:3b:9c:
25:de:52:59:9f:48:c8:1c:b5:f6:a3:41:de:6c:3a:
cd:92:05:bb:d2:41:05:82:97:59:10:70:9d:7b:e8:
78:06:57:03:c3:09:63:83:ab:d7:38:61:47:89:80:
60:4a:2d:a2:f1:62:cd:bd:27:54:3f:cb:9a:b2:51:
4a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EB:66:8E:72:FB:76:6D:20:97:05:CF:F4:4F:1B:8A:86:97:17:BF
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/aOtmjnL7dm0glwXP9E8bioaXF78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.45.0/24
151.240.120.0/23
151.241.64.0/24
151.241.67.0/24
151.241.70.0/23
151.241.73.0/24
151.241.204.0/24
151.242.45.0/24
151.242.57.0/24
151.242.136.0/23
151.242.144.0/23
151.242.158.0/24
151.243.2.0/24
151.243.105.0/24
151.243.159.0/24
151.243.248.0/22
151.244.57.0/24
151.244.111.0/24
151.244.115.0/24
151.244.198.0/24
151.244.201.0/24
151.244.212.0/24
151.245.78.0/24
151.245.116.0/22
151.245.212.0/24
Signature Algorithm: sha256WithRSAEncryption
99:6f:85:e1:2a:d8:7e:7f:ba:e8:d6:6f:f0:a1:35:cd:1d:92:
d6:61:32:fb:68:bb:ac:2f:f4:60:99:e0:37:db:bf:f9:a5:56:
e2:8c:01:b1:6e:1c:43:3f:b4:e1:4a:92:0d:03:06:73:54:d9:
48:09:c7:85:58:70:19:86:53:75:75:9e:0d:d0:42:39:ad:3a:
9d:52:b5:5e:5b:86:01:79:60:13:d9:00:e6:2d:dd:f9:f7:da:
fa:cd:5c:7e:c8:a6:aa:33:cf:61:da:62:d5:b4:a5:c0:2f:aa:
18:66:07:d0:0f:55:5a:78:9f:5f:b6:1c:5d:11:e1:88:fb:46:
6d:d5:ef:03:22:94:17:ff:6e:56:06:bf:a8:70:6a:2d:6e:73:
6d:86:fe:ae:51:e4:c6:b2:7f:54:19:76:75:9b:5d:a4:cc:7b:
4b:b8:a8:c7:fd:e6:63:75:85:6f:18:2c:c5:6a:68:1a:cd:f1:
81:ed:65:87:00:f2:d5:06:2e:2e:86:2a:a3:6e:ed:95:e0:43:
ee:8b:87:c3:20:c9:0f:e8:d1:0b:e2:84:a1:04:31:0a:5d:71:
01:e4:60:ac:77:23:d2:85:a0:9d:2b:86:90:3c:ee:8d:74:6c:
d6:ef:da:a2:bd:65:15:3d:4a:a0:8f:d9:d8:4d:30:9f:e9:4f:
42:c7:f7:ed
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZfLIsSucH/pab3kNTvz4b9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzAyMTIzNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGViNjY4ZTcyZmI3NjZkMjA5NzA1Y2ZmNDRmMWI4YTg2OTcxN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYRpuB20NgCgI9mzVarPxcr+2zz3
VRxIkdnaMrMZ0xUFLYMNUHeywS4ay3TCu/BY9PqVhBTZEY8ppgGf7BDfddu009Y1
g06foIm7qEzs2znDPYBCfAjNh5gECjUoaHJBrJj12YFCLKNsPq23Adacaba34twQ
pDHrklV1lQiS3U8L998xsqVjsQd+OC4496Di2eY+9OjvM5TeTbZMNDPl67srpB9Y
cLeXWSTVDgx9d6Sm8GDwH2DfaZuvGSFIuJ3jO5wl3lJZn0jIHLX2o0HebDrNkgW7
0kEFgpdZEHCde+h4BlcDwwljg6vXOGFHiYBgSi2i8WLNvSdUP8uaslFKxwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFGjrZo5y+3ZtIJcFz/RPG4qGlxe/MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvYU90bWpuTDdkbTBnbHdYUDlFOGJpb2FYRjc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBACX
8C0DBAGX8HgDBACX8UADBACX8UMDBAGX8UYDBACX8UkDBACX8cwDBACX8i0DBACX
8jkDBAGX8ogDBAGX8pADBACX8p4DBACX8wIDBACX82kDBACX858DBAKX8/gDBACX
9DkDBACX9G8DBACX9HMDBACX9MYDBACX9MkDBACX9NQDBACX9U4DBAKX9XQDBACX
9dQwDQYJKoZIhvcNAQELBQADggEBAJlvheEq2H5/uujWb/ChNc0dktZhMvtou6wv
9GCZ4Dfbv/mlVuKMAbFuHEM/tOFKkg0DBnNU2UgJx4VYcBmGU3V1ng3QQjmtOp1S
tV5bhgF5YBPZAOYt3fn32vrNXH7Ipqozz2HaYtW0pcAvqhhmB9APVVp4n1+2HF0R
4Yj7Rm3V7wMilBf/blYGv6hwai1uc22G/q5R5Mayf1QZdnWbXaTMe0u4qMf95mN1
hW8YLMVqaBrN8YHtZYcA8tUGLi6GKqNu7ZXgQ+6Lh8MgyQ/o0QvihKEEMQpdcQHk
YKx3I9KFoJ0rhpA87o10bNbv2qK9ZRU9SqCP2dhNMJ/pT0LH9+0=
-----END CERTIFICATE-----
Generated at Sat Jul 26 00:37:55 2025 by rpki-client