Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/pyAs_m3-gdclfKx2_E31p5Gfgq4.roa
File: pyAs_m3-gdclfKx2_E31p5Gfgq4.roa (raw, json)
Hash identifier: 32n84KLr9J2ZIXtlNBOPx1V3FH9CjL+EWMoZnP3Or4o=
Subject key identifier: A7:20:2C:FE:6D:FE:81:D7:25:7C:AC:76:FC:4D:F5:A7:91:9F:82:AE
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01981D5154C3EE213B733CCAC911BAC5983C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/pyAs_m3-gdclfKx2_E31p5Gfgq4.roa
Signing time: Fri 18 Jul 2025 11:35:25 +0000
ROA not before: Fri 18 Jul 2025 11:35:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19318
IP address blocks: 151.242.41.0/24 maxlen: 24
151.242.58.0/24 maxlen: 24
151.242.200.0/24 maxlen: 24
151.242.201.0/24 maxlen: 24
151.243.164.0/22 maxlen: 22
151.243.254.0/24 maxlen: 24
151.244.164.0/22 maxlen: 22
151.244.168.0/22 maxlen: 22
151.245.160.0/21 maxlen: 21
151.245.168.0/21 maxlen: 21
151.245.176.0/21 maxlen: 21
151.245.216.0/21 maxlen: 21
151.245.224.0/21 maxlen: 21
151.245.232.0/21 maxlen: 21
151.245.248.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 21 Jul 2025 08:18:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1d:51:54:c3:ee:21:3b:73:3c:ca:c9:11:ba:c5:98:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 18 11:35:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7202cfe6dfe81d7257cac76fc4df5a7919f82ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:33:5a:98:a7:39:94:67:31:b7:07:a8:48:70:
66:74:a1:cb:73:ce:a2:6f:7d:2a:50:dd:d1:e2:67:
77:c7:8f:af:48:a6:8c:d5:5e:dd:21:08:66:1c:22:
ca:79:9b:8b:a8:b9:0f:d4:a8:d9:6c:d5:89:4d:b5:
fa:36:50:63:d4:39:06:4a:8b:46:ee:e7:4f:9d:4c:
0e:7f:8e:68:a9:98:8d:21:99:fa:4c:33:4c:9d:86:
e0:2b:ef:de:b6:6e:e5:a9:3e:90:1f:69:91:c4:6e:
79:41:99:71:81:1b:cb:1c:60:89:a9:42:54:53:33:
18:bc:1b:b6:42:fb:06:3d:e6:dd:15:e9:fe:63:c1:
10:fe:21:c7:06:ae:1c:5a:98:0a:53:03:c1:79:73:
7e:0c:ba:4c:73:40:ce:48:2b:12:e0:9b:d2:55:bd:
d7:6b:7a:b7:16:82:bb:a2:ac:94:10:a1:a7:23:59:
5d:10:08:f7:24:02:1f:72:76:bd:3a:62:9b:9b:e3:
f5:de:06:b6:c7:b2:bf:23:c2:6c:ff:4f:0f:14:44:
13:5f:03:ce:93:1d:b5:9f:ae:2e:37:f0:29:3f:0e:
7a:e7:e2:2c:29:d2:65:74:f7:06:58:47:76:56:b2:
67:b8:27:e7:03:d1:74:8b:a0:4c:d3:ec:76:a8:66:
3e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:20:2C:FE:6D:FE:81:D7:25:7C:AC:76:FC:4D:F5:A7:91:9F:82:AE
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/pyAs_m3-gdclfKx2_E31p5Gfgq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.41.0/24
151.242.58.0/24
151.242.200.0/23
151.243.164.0/22
151.243.254.0/24
151.244.164.0-151.244.171.255
151.245.160.0-151.245.183.255
151.245.216.0-151.245.239.255
151.245.248.0/21
Signature Algorithm: sha256WithRSAEncryption
69:7e:15:4d:0e:68:58:76:f5:2e:26:ba:73:66:2a:72:36:ab:
90:4e:c9:c8:9a:6b:0a:98:0b:e0:6b:b4:3e:19:05:b6:ef:53:
d0:fd:e8:95:3f:4b:36:a5:9e:67:63:ec:4c:61:03:1a:7e:39:
4c:9a:51:57:4e:14:21:11:0a:e2:ec:e1:97:c3:63:af:f1:0d:
db:b0:e8:5c:11:13:6f:c2:64:f7:a8:5d:7b:b9:e5:9c:af:67:
e3:7e:04:51:bc:a4:8f:82:39:a9:da:f6:3e:08:dc:29:a4:2e:
1a:c9:07:90:0b:06:7e:e1:cb:27:fc:87:09:9c:0b:84:5d:87:
9c:1b:9d:28:9f:80:79:08:b5:62:99:36:d6:6b:e1:b5:57:bd:
d1:06:45:9c:f2:5e:f0:36:eb:02:26:70:a3:c9:eb:c5:a0:a1:
e3:0e:c3:94:49:f1:60:e9:92:2e:1a:ff:30:82:93:a9:bc:27:
e4:99:5c:e4:2d:ac:2c:4e:f8:b0:6a:fa:f8:1b:ba:74:35:b0:
40:a2:a1:10:7f:2f:af:62:89:a9:56:e0:25:3e:b0:6f:77:aa:
18:03:3b:fb:a0:b4:32:27:90:aa:2a:5c:07:9c:31:71:c1:25:
e1:6e:d5:b8:4f:e3:b1:6f:f4:e8:82:87:f8:4c:51:6f:b1:a3:
90:bd:85:09
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZgdUVTD7iE7czzKyRG6xZg8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzE4MTEzNTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzIwMmNmZTZkZmU4MWQ3MjU3Y2FjNzZmYzRkZjVhNzkxOWY4MmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujNamKc5lGcxtweoSHBmdKHLc86i
b30qUN3R4md3x4+vSKaM1V7dIQhmHCLKeZuLqLkP1KjZbNWJTbX6NlBj1DkGSotG
7udPnUwOf45oqZiNIZn6TDNMnYbgK+/etm7lqT6QH2mRxG55QZlxgRvLHGCJqUJU
UzMYvBu2QvsGPebdFen+Y8EQ/iHHBq4cWpgKUwPBeXN+DLpMc0DOSCsS4JvSVb3X
a3q3FoK7oqyUEKGnI1ldEAj3JAIfcna9OmKbm+P13ga2x7K/I8Js/08PFEQTXwPO
kx21n64uN/ApPw565+IsKdJldPcGWEd2VrJnuCfnA9F0i6BM0+x2qGY+dwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFKcgLP5t/oHXJXysdvxN9aeRn4KuMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvcHlBc19tMy1nZGNsZkt4Ml9FMzFwNUdmZ3E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAl/IpAwQA
l/I6AwQBl/LIAwQCl/OkAwQAl/P+MAwDBAKX9KQDBAKX9KgwDAMEBZf1oAMEA5f1
sDAMAwQDl/XYAwQEl/XgAwQDl/X4MA0GCSqGSIb3DQEBCwUAA4IBAQBpfhVNDmhY
dvUuJrpzZipyNquQTsnImmsKmAvga7Q+GQW271PQ/eiVP0s2pZ5nY+xMYQMafjlM
mlFXThQhEQri7OGXw2Ov8Q3bsOhcERNvwmT3qF17ueWcr2fjfgRRvKSPgjmp2vY+
CNwppC4ayQeQCwZ+4csn/IcJnAuEXYecG50on4B5CLVimTbWa+G1V73RBkWc8l7w
NusCJnCjyevFoKHjDsOUSfFg6ZIuGv8wgpOpvCfkmVzkLawsTviwavr4G7p0NbBA
oqEQfy+vYompVuAlPrBvd6oYAzv7oLQyJ5CqKlwHnDFxwSXhbtW4T+Oxb/Togof4
TFFvsaOQvYUJ
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:48:54 2025 by rpki-client