Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kjaq6f8-UJSsgahc2rLqLOVoOLo.roa
File: kjaq6f8-UJSsgahc2rLqLOVoOLo.roa (raw, json)
Hash identifier: KizzBy5mSk+g69lKiseoJth577KJwVcJhnczE5wC4M0=
Subject key identifier: 92:36:AA:E9:FF:3E:50:94:AC:81:A8:5C:DA:B2:EA:2C:E5:68:38:BA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01977E2A69DEA5F029836B2F77605469B49B
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kjaq6f8-UJSsgahc2rLqLOVoOLo.roa
Signing time: Tue 17 Jun 2025 13:53:18 +0000
ROA not before: Tue 17 Jun 2025 13:53:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401776
IP address blocks: 151.243.252.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 19 Jun 2025 06:29:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7e:2a:69:de:a5:f0:29:83:6b:2f:77:60:54:69:b4:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 17 13:53:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9236aae9ff3e5094ac81a85cdab2ea2ce56838ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8d:8f:49:3d:42:5c:77:59:e9:89:20:5d:fa:
d0:5c:83:85:62:8d:53:f6:4d:9e:47:f2:56:88:94:
e7:4d:94:23:73:61:44:7e:04:6d:f0:e4:50:fe:d5:
19:73:09:55:d0:06:fd:99:22:32:d1:c9:d9:fe:56:
b8:7c:05:b9:c2:3c:05:96:ca:9a:0f:4f:a1:93:44:
02:27:9c:6a:a5:ec:75:42:f8:e7:f9:02:51:2f:9c:
3e:22:db:5e:f8:3a:b5:ad:ac:6f:1a:ae:95:41:7d:
04:d4:48:4d:68:1f:04:5d:dd:4a:4f:fa:b2:68:7f:
7b:63:55:c2:ce:67:07:8a:67:1c:09:70:16:42:d7:
ed:f4:fd:f6:1c:a4:4a:d1:89:24:2d:0f:3f:e8:c1:
35:25:17:b6:db:60:6f:cf:21:2b:77:03:71:c8:ff:
5a:97:c4:3a:87:0d:61:7e:aa:81:7e:5c:8c:3f:3b:
4b:cf:55:c0:f8:61:e0:52:f3:8e:91:50:23:2f:19:
fb:0e:5a:2e:08:2d:9c:e1:30:ef:01:86:d8:55:1f:
e2:f4:41:fe:1b:10:6c:98:b0:3f:b2:aa:34:2e:5b:
9c:23:35:b7:7b:21:47:16:1a:8b:33:0c:12:5b:4f:
63:15:15:56:4e:f2:33:e2:37:24:f2:9b:63:a0:ad:
db:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:36:AA:E9:FF:3E:50:94:AC:81:A8:5C:DA:B2:EA:2C:E5:68:38:BA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kjaq6f8-UJSsgahc2rLqLOVoOLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.252.0/23
Signature Algorithm: sha256WithRSAEncryption
61:f9:6d:e4:4b:43:9e:f8:46:fb:33:ef:5c:64:77:c8:cf:a5:
ad:c7:30:d2:88:51:d4:12:43:63:d9:fd:38:c5:ec:f6:86:d3:
b8:e6:08:64:74:3c:f5:bf:8f:53:c3:ec:cd:58:ed:39:f2:99:
82:95:a1:2b:92:33:10:41:36:49:5b:67:70:ec:b1:b3:4e:ee:
dd:c8:ce:35:a5:71:d1:a7:2d:b7:2d:2b:81:29:fc:a2:3e:d8:
52:7d:17:fc:ba:6e:3f:c7:c2:8f:e5:d1:5d:12:4e:5d:52:fb:
90:1b:4c:1d:fe:11:e1:bd:59:a0:ab:a8:22:0d:c1:ed:44:b6:
17:d1:a2:a2:69:60:88:73:69:34:5f:a4:d2:0d:c3:99:fc:ee:
aa:69:36:9d:1d:93:48:f0:9e:a8:9f:d0:bf:82:51:c5:bb:29:
9f:18:4e:ac:f3:a2:59:f9:f1:a7:ce:bb:d6:4b:a7:59:b3:b8:
39:58:81:6e:d6:03:04:31:bd:31:11:0d:25:33:78:73:1e:a6:
b3:1f:cc:c2:f1:c7:d1:05:d2:19:71:32:64:20:a4:48:78:58:
40:56:5d:67:4b:2f:82:9b:54:2f:49:17:37:2f:0c:64:d4:fe:
79:54:7a:d9:d6:0e:f5:0a:4c:e4:02:b1:8d:2c:cd:e8:7f:f2:
7c:6c:ed:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZd+KmnepfApg2svd2BUabSbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjE3MTM1MzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjM2YWFlOWZmM2U1MDk0YWM4MWE4NWNkYWIyZWEyY2U1NjgzOGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsY2PST1CXHdZ6YkgXfrQXIOFYo1T
9k2eR/JWiJTnTZQjc2FEfgRt8ORQ/tUZcwlV0Ab9mSIy0cnZ/la4fAW5wjwFlsqa
D0+hk0QCJ5xqpex1Qvjn+QJRL5w+Itte+Dq1raxvGq6VQX0E1EhNaB8EXd1KT/qy
aH97Y1XCzmcHimccCXAWQtft9P32HKRK0YkkLQ8/6ME1JRe222BvzyErdwNxyP9a
l8Q6hw1hfqqBflyMPztLz1XA+GHgUvOOkVAjLxn7DlouCC2c4TDvAYbYVR/i9EH+
GxBsmLA/sqo0LlucIzW3eyFHFhqLMwwSW09jFRVWTvIz4jck8ptjoK3boQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJI2qun/PlCUrIGoXNqy6izlaDi6MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEva2phcTZmOC1VSlNzZ2FoYzJyTHFMT1ZvT0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBl/P8MA0G
CSqGSIb3DQEBCwUAA4IBAQBh+W3kS0Oe+Eb7M+9cZHfIz6WtxzDSiFHUEkNj2f04
xez2htO45ghkdDz1v49Tw+zNWO058pmClaErkjMQQTZJW2dw7LGzTu7dyM41pXHR
py23LSuBKfyiPthSfRf8um4/x8KP5dFdEk5dUvuQG0wd/hHhvVmgq6giDcHtRLYX
0aKiaWCIc2k0X6TSDcOZ/O6qaTadHZNI8J6on9C/glHFuymfGE6s86JZ+fGnzrvW
S6dZs7g5WIFu1gMEMb0xEQ0lM3hzHqazH8zC8cfRBdIZcTJkIKRIeFhAVl1nSy+C
m1QvSRc3Lwxk1P55VHrZ1g71CkzkArGNLM3of/J8bO3Z
-----END CERTIFICATE-----
Generated at Sat Jul 26 00:34:05 2025 by rpki-client