Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/d1EEEJTu5QCTWK1hgjwJoE3i7Ow.roa
File: d1EEEJTu5QCTWK1hgjwJoE3i7Ow.roa (raw, json)
Hash identifier: WuiNC+biF9SVPPD+uMZcr/amTgRex3JkkYyz1Ki0F0s=
Subject key identifier: 77:51:04:10:94:EE:E5:00:93:58:AD:61:82:3C:09:A0:4D:E2:EC:EC
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197B1C05C4F3E2AB7283793E59F5CBD154C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/d1EEEJTu5QCTWK1hgjwJoE3i7Ow.roa
Signing time: Fri 27 Jun 2025 14:17:43 +0000
ROA not before: Fri 27 Jun 2025 14:17:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19318
IP address blocks: 151.242.41.0/24 maxlen: 24
151.242.58.0/24 maxlen: 24
151.242.200.0/24 maxlen: 24
151.242.201.0/24 maxlen: 24
151.245.232.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Jun 2025 05:16:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b1:c0:5c:4f:3e:2a:b7:28:37:93:e5:9f:5c:bd:15:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 27 14:17:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7751041094eee5009358ad61823c09a04de2ecec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:67:18:a4:49:87:91:61:e3:1e:74:a5:c5:00:
78:78:1e:a0:23:e5:92:17:e9:9d:23:a1:3d:25:28:
5d:25:2c:f7:f0:df:e7:1f:32:40:49:07:cf:8f:c4:
c4:90:f6:4f:ba:fa:a3:1e:71:d9:d8:4f:28:1d:09:
ed:9e:34:e4:a4:da:a7:75:d8:c4:a5:43:83:bd:f7:
f9:de:e1:e3:e9:b4:3a:46:1d:5c:d6:38:ff:dd:4d:
40:98:5c:a9:05:04:89:ea:5f:77:9c:16:6a:13:6a:
a1:c3:ce:49:0c:e2:38:57:9f:5f:95:0d:ab:d4:cc:
60:ba:da:69:71:34:24:57:6a:31:8a:f7:3c:e6:ca:
f9:56:7b:af:30:2b:c9:3e:84:2c:f6:18:7c:a7:7d:
3c:d3:6e:d1:2d:88:ab:90:ee:c1:24:42:fa:ee:3d:
53:49:68:1c:ff:8b:1e:4a:13:9f:f7:c4:a7:d6:e2:
dd:a9:c5:7a:03:1c:73:fe:15:af:0e:f5:ee:6a:d8:
8b:28:79:64:4d:78:1d:41:51:c3:72:ee:4f:d8:a1:
38:a9:df:55:34:85:0f:68:8e:a3:2a:70:c3:56:9f:
d9:bc:11:d4:70:c2:6a:02:98:bd:17:f8:e5:88:28:
17:e1:04:76:f7:20:4d:80:9c:5f:c1:a8:4a:5d:29:
21:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:51:04:10:94:EE:E5:00:93:58:AD:61:82:3C:09:A0:4D:E2:EC:EC
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/d1EEEJTu5QCTWK1hgjwJoE3i7Ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.41.0/24
151.242.58.0/24
151.242.200.0/23
151.245.232.0/21
Signature Algorithm: sha256WithRSAEncryption
1b:82:1f:37:9a:84:d4:b0:2c:89:ab:e9:30:5f:4d:64:6d:8e:
47:74:88:a3:42:e2:46:1e:37:8f:e2:54:08:ec:6c:3c:1c:bf:
b0:44:aa:93:ea:1d:02:d3:84:32:59:68:bf:0a:54:7b:e9:32:
39:aa:19:ba:b6:1a:48:4f:65:bb:1a:9d:04:b8:fb:93:11:da:
1f:80:a3:0a:39:0f:c9:8c:01:b4:09:59:5e:f3:22:0b:9a:1d:
ca:b2:25:02:91:bc:0a:1a:81:bd:7b:6c:3d:60:13:b9:27:60:
c1:aa:b1:74:e4:34:aa:f6:f5:24:3f:9b:28:55:4d:17:99:58:
7c:25:1f:09:ec:e5:38:63:e5:81:06:f1:bd:13:50:92:b2:65:
c7:9a:44:8f:13:a3:09:dc:de:d5:48:cf:f0:04:b7:14:b4:89:
57:22:a8:c6:5a:c4:4d:81:74:ff:db:8c:b3:34:01:5a:6a:af:
2c:12:5d:20:5f:6d:39:b2:52:dc:39:52:34:02:bb:e1:33:7d:
72:3b:f7:7e:50:47:c2:d8:40:a5:7c:3f:a6:8d:bc:1a:2f:6f:
e8:6d:62:bf:0b:13:ce:29:c3:bb:0a:29:5f:d0:90:fd:74:94:
21:38:2e:12:ed:73:04:ca:f0:45:d8:6d:87:a1:79:de:25:89:
5e:85:71:05
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZexwFxPPiq3KDeT5Z9cvRVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjI3MTQxNzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzUxMDQxMDk0ZWVlNTAwOTM1OGFkNjE4MjNjMDlhMDRkZTJlY2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mcYpEmHkWHjHnSlxQB4eB6gI+WS
F+mdI6E9JShdJSz38N/nHzJASQfPj8TEkPZPuvqjHnHZ2E8oHQntnjTkpNqnddjE
pUODvff53uHj6bQ6Rh1c1jj/3U1AmFypBQSJ6l93nBZqE2qhw85JDOI4V59flQ2r
1MxgutppcTQkV2oxivc85sr5VnuvMCvJPoQs9hh8p308027RLYirkO7BJEL67j1T
SWgc/4seShOf98Sn1uLdqcV6Axxz/hWvDvXuatiLKHlkTXgdQVHDcu5P2KE4qd9V
NIUPaI6jKnDDVp/ZvBHUcMJqApi9F/jliCgX4QR29yBNgJxfwahKXSkhMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHdRBBCU7uUAk1itYYI8CaBN4uzsMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZDFFRUVKVHU1UUNUV0sxaGdqd0pvRTNpN093LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/IpAwQA
l/I6AwQBl/LIAwQDl/XoMA0GCSqGSIb3DQEBCwUAA4IBAQAbgh83moTUsCyJq+kw
X01kbY5HdIijQuJGHjeP4lQI7Gw8HL+wRKqT6h0C04QyWWi/ClR76TI5qhm6thpI
T2W7Gp0EuPuTEdofgKMKOQ/JjAG0CVle8yILmh3KsiUCkbwKGoG9e2w9YBO5J2DB
qrF05DSq9vUkP5soVU0XmVh8JR8J7OU4Y+WBBvG9E1CSsmXHmkSPE6MJ3N7VSM/w
BLcUtIlXIqjGWsRNgXT/24yzNAFaaq8sEl0gX205slLcOVI0ArvhM31yO/d+UEfC
2EClfD+mjbwaL2/obWK/CxPOKcO7Cilf0JD9dJQhOC4S7XMEyvBF2G2HoXneJYle
hXEF
-----END CERTIFICATE-----
Generated at Sat Jul 26 12:06:48 2025 by rpki-client