Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jI73SelkWQdbcOR1ZU8NOdRMwrw.roa
File: jI73SelkWQdbcOR1ZU8NOdRMwrw.roa (raw, json)
Hash identifier: cEzE35jOBI6CG8ueMvkp8RjcTwaB46hy4kz48IJ9R0I=
Subject key identifier: 8C:8E:F7:49:E9:64:59:07:5B:70:E4:75:65:4F:0D:39:D4:4C:C2:BC
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01982CEADDB7ED763ECD28DDBCF0C002A292
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jI73SelkWQdbcOR1ZU8NOdRMwrw.roa
Signing time: Mon 21 Jul 2025 12:17:26 +0000
ROA not before: Mon 21 Jul 2025 12:17:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135402
IP address blocks: 151.242.86.0/24 maxlen: 24
151.242.132.0/24 maxlen: 24
151.242.133.0/24 maxlen: 24
151.243.4.0/24 maxlen: 24
151.243.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Jul 2025 07:39:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2c:ea:dd:b7:ed:76:3e:cd:28:dd:bc:f0:c0:02:a2:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 21 12:17:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c8ef749e96459075b70e475654f0d39d44cc2bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:da:81:47:a3:2f:e8:80:41:90:6c:bb:db:0a:
fb:4b:26:61:0b:44:b0:e6:30:b6:70:66:97:12:cf:
03:6e:8b:70:40:0a:4f:a6:84:e4:ec:d5:2e:5b:7a:
26:3b:98:c7:e9:a2:e8:d5:c2:49:d8:6f:7f:0a:78:
28:c9:75:ec:2c:1d:73:25:74:1a:71:b0:a2:d7:1a:
86:82:aa:53:20:09:ab:c1:76:3a:3a:48:55:d4:fe:
a3:c2:f9:3a:39:fa:ac:b9:11:ae:ef:13:e2:64:31:
5c:da:e4:31:66:66:c7:f8:60:c9:bd:3d:ea:3d:b1:
44:d3:56:21:64:38:dc:d7:cd:da:d4:f3:cf:39:e2:
6d:c0:a1:b7:53:92:04:af:b0:e6:3c:af:82:b7:76:
0e:ec:88:1f:70:8a:e4:81:35:d5:3b:1c:65:e5:8b:
05:32:26:b3:1a:97:9c:84:56:30:ae:47:8b:a5:7b:
1b:c0:3a:22:69:0d:c7:73:ca:07:79:f6:6a:5e:43:
8d:e6:a2:16:4f:c2:90:bd:0c:5c:8d:ae:9a:62:67:
82:a5:a8:a1:dc:9c:b1:da:d3:cf:cb:7a:ff:5a:60:
55:78:20:dd:8c:97:be:6d:a3:90:2e:55:71:6d:04:
88:ce:cd:89:a3:76:42:9b:85:13:9f:10:21:3a:e9:
1a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:8E:F7:49:E9:64:59:07:5B:70:E4:75:65:4F:0D:39:D4:4C:C2:BC
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jI73SelkWQdbcOR1ZU8NOdRMwrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.86.0/24
151.242.132.0/23
151.243.4.0/24
151.243.221.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:cb:2c:f2:00:75:ae:41:4e:d7:1b:c0:b5:f5:10:e1:18:20:
c4:23:1c:1a:9e:90:68:74:15:fe:b2:45:a1:49:98:61:9e:cd:
34:9c:85:0c:74:8b:87:2c:6e:41:a7:8e:d8:70:77:6d:54:75:
1c:f0:80:da:9b:27:3f:b4:cc:9f:7a:39:79:22:8b:8a:80:fe:
2a:cc:12:26:d2:0f:be:94:18:05:27:6c:bc:98:71:13:64:86:
a2:50:2b:fd:23:26:c1:c0:84:a7:d7:bd:e4:0c:44:79:18:ac:
3e:14:14:af:a0:a9:21:65:eb:78:23:6f:54:79:8b:ba:38:bf:
19:40:5f:e4:c2:dc:86:d3:1b:b5:93:7d:67:35:ae:ba:90:d3:
4c:32:3a:b5:99:f1:21:17:f2:4f:1d:12:cc:b8:7b:02:41:77:
67:3d:9c:e4:5a:27:4b:28:d7:8d:97:03:84:01:9e:a8:0f:fa:
87:22:14:f0:ea:6d:a1:47:b7:99:10:8b:93:b3:f6:5c:7f:c6:
89:bb:c3:29:e4:91:e0:83:4a:04:33:d3:f7:8c:65:44:d7:f8:
ad:a4:9d:2a:78:0b:4a:bd:53:08:01:6e:42:bb:6b:ca:2a:35:
6f:a3:6f:ab:fd:83:ec:6c:cd:12:0c:ff:b0:b5:c2:c2:9d:e4:
85:ba:75:ce
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZgs6t237XY+zSjdvPDAAqKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzIxMTIxNzI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzhlZjc0OWU5NjQ1OTA3NWI3MGU0NzU2NTRmMGQzOWQ0NGNjMmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdqBR6Mv6IBBkGy72wr7SyZhC0Sw
5jC2cGaXEs8DbotwQApPpoTk7NUuW3omO5jH6aLo1cJJ2G9/CngoyXXsLB1zJXQa
cbCi1xqGgqpTIAmrwXY6OkhV1P6jwvk6OfqsuRGu7xPiZDFc2uQxZmbH+GDJvT3q
PbFE01YhZDjc183a1PPPOeJtwKG3U5IEr7DmPK+Ct3YO7IgfcIrkgTXVOxxl5YsF
MiazGpechFYwrkeLpXsbwDoiaQ3Hc8oHefZqXkON5qIWT8KQvQxcja6aYmeCpaih
3Jyx2tPPy3r/WmBVeCDdjJe+baOQLlVxbQSIzs2Jo3ZCm4UTnxAhOukaJwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIyO90npZFkHW3DkdWVPDTnUTMK8MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvakk3M1NlbGtXUWRiY09SMVpVOE5PZFJNd3J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/JWAwQB
l/KEAwQAl/MEAwQAl/PdMA0GCSqGSIb3DQEBCwUAA4IBAQAfyyzyAHWuQU7XG8C1
9RDhGCDEIxwanpBodBX+skWhSZhhns00nIUMdIuHLG5Bp47YcHdtVHUc8IDamyc/
tMyfejl5IouKgP4qzBIm0g++lBgFJ2y8mHETZIaiUCv9IybBwISn173kDER5GKw+
FBSvoKkhZet4I29UeYu6OL8ZQF/kwtyG0xu1k31nNa66kNNMMjq1mfEhF/JPHRLM
uHsCQXdnPZzkWidLKNeNlwOEAZ6oD/qHIhTw6m2hR7eZEIuTs/Zcf8aJu8Mp5JHg
g0oEM9P3jGVE1/itpJ0qeAtKvVMIAW5Cu2vKKjVvo2+r/YPsbM0SDP+wtcLCneSF
unXO
-----END CERTIFICATE-----
Generated at Sat Jul 26 00:35:00 2025 by rpki-client