Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xeawemsKbRKtDCMMrjsP2zWb9D0.roa
File: xeawemsKbRKtDCMMrjsP2zWb9D0.roa (raw, json)
Hash identifier: jYDFdACJmQ5FDVE0ItOGDRk5TYbwy0QYaAFCxzCnLCY=
Subject key identifier: C5:E6:B0:7A:6B:0A:6D:12:AD:0C:23:0C:AE:3B:0F:DB:35:9B:F4:3D
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019831191CB44A191525128A765409BA8675
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xeawemsKbRKtDCMMrjsP2zWb9D0.roa
Signing time: Tue 22 Jul 2025 07:46:26 +0000
ROA not before: Tue 22 Jul 2025 07:46:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61003
IP address blocks: 151.240.146.0/24 maxlen: 24
151.240.165.0/24 maxlen: 24
151.242.88.0/24 maxlen: 24
151.242.112.0/24 maxlen: 24
151.243.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Jul 2025 07:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:31:19:1c:b4:4a:19:15:25:12:8a:76:54:09:ba:86:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 22 07:46:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5e6b07a6b0a6d12ad0c230cae3b0fdb359bf43d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:19:6a:d4:a4:78:36:2a:d8:1e:f2:af:3d:61:
86:6c:0b:be:30:9c:a6:e9:ff:86:be:c4:e5:db:ed:
ed:17:c7:35:32:85:a0:c3:c1:35:ad:f4:d3:ea:55:
f0:c5:d4:8f:84:29:cd:8c:8a:d4:2b:fe:ed:36:fe:
dc:5e:b3:9c:ed:9e:3e:e5:24:c4:3c:bb:87:d3:eb:
dc:cf:f6:2c:e2:3a:43:c7:83:e1:8a:79:1b:a1:26:
2f:ef:f6:69:bd:d4:05:b0:b1:2a:e2:1c:13:f4:74:
62:80:8f:2c:03:ab:17:28:b4:43:59:84:89:49:98:
0f:c3:e4:03:48:55:bb:8c:73:f0:f3:53:f1:ba:04:
53:f1:17:7d:87:7f:05:c4:d1:87:31:5e:5e:3e:76:
e0:a7:86:18:26:3a:ff:c2:ce:70:22:69:88:f9:40:
87:57:55:70:01:3f:95:ee:47:ef:a5:77:6a:7f:90:
98:4b:57:37:7d:47:79:c3:45:cd:cb:86:2b:c9:37:
d0:f2:eb:94:d0:c9:bc:9c:65:7f:74:70:52:9c:fa:
65:36:e1:9d:6f:8a:db:42:c9:5a:91:d5:eb:26:4a:
1c:12:30:24:46:c4:cd:81:67:7a:4a:81:1c:e2:f4:
12:76:17:d7:c8:b3:84:7c:31:91:29:2a:43:b2:7d:
64:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:E6:B0:7A:6B:0A:6D:12:AD:0C:23:0C:AE:3B:0F:DB:35:9B:F4:3D
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xeawemsKbRKtDCMMrjsP2zWb9D0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.146.0/24
151.240.165.0/24
151.242.88.0/24
151.242.112.0/24
151.243.19.0/24
Signature Algorithm: sha256WithRSAEncryption
87:fd:31:46:ab:27:9a:8a:93:b1:af:aa:20:9d:21:7d:da:b7:
91:e9:1f:89:21:84:f4:b4:28:0b:ff:ed:76:04:fb:99:e1:43:
09:57:a0:20:16:84:a6:5f:34:b5:96:7b:2f:13:6b:fe:d1:78:
cc:a6:09:e0:54:b9:8a:33:01:7e:fd:94:a3:3b:33:26:87:45:
0f:8f:6c:ee:84:82:6a:1a:cf:45:a8:8f:5e:46:93:b3:29:7c:
0e:8d:60:42:34:9c:db:62:4d:6e:4d:37:61:31:ec:17:13:06:
2e:5e:b0:ef:16:e8:e5:de:73:71:e0:9d:f4:7c:37:9d:b1:2f:
7e:d1:92:53:90:58:6a:a1:36:db:43:c7:ca:a7:3e:4e:3b:14:
48:db:ad:03:5d:25:e4:7c:71:70:6d:3e:13:37:f9:c0:10:52:
d5:a9:f0:89:fe:22:b6:7b:c2:1f:ee:04:2f:57:aa:40:d2:36:
db:09:ca:4a:28:fe:c0:c7:fd:05:59:b8:ef:f4:c4:38:aa:a5:
fa:99:b5:64:da:4a:5d:a0:28:a5:7a:43:86:e8:9a:e2:c7:ba:
3a:70:ad:cf:48:71:14:33:cc:cb:ab:7c:9c:60:5c:6c:82:75:
b1:59:1d:6e:c5:d3:1d:f3:7d:dd:8c:37:30:8f:b3:31:ff:ff:
fa:20:e4:1d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZgxGRy0ShkVJRKKdlQJuoZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzIyMDc0NjI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWU2YjA3YTZiMGE2ZDEyYWQwYzIzMGNhZTNiMGZkYjM1OWJmNDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxlq1KR4NirYHvKvPWGGbAu+MJym
6f+GvsTl2+3tF8c1MoWgw8E1rfTT6lXwxdSPhCnNjIrUK/7tNv7cXrOc7Z4+5STE
PLuH0+vcz/Ys4jpDx4PhinkboSYv7/ZpvdQFsLEq4hwT9HRigI8sA6sXKLRDWYSJ
SZgPw+QDSFW7jHPw81PxugRT8Rd9h38FxNGHMV5ePnbgp4YYJjr/ws5wImmI+UCH
V1VwAT+V7kfvpXdqf5CYS1c3fUd5w0XNy4YryTfQ8uuU0Mm8nGV/dHBSnPplNuGd
b4rbQslakdXrJkocEjAkRsTNgWd6SoEc4vQSdhfXyLOEfDGRKSpDsn1k6QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMXmsHprCm0SrQwjDK47D9s1m/Q9MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveGVhd2Vtc0tiUkt0RENNTXJqc1AyeldiOUQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAl/CSAwQA
l/ClAwQAl/JYAwQAl/JwAwQAl/MTMA0GCSqGSIb3DQEBCwUAA4IBAQCH/TFGqyea
ipOxr6ognSF92reR6R+JIYT0tCgL/+12BPuZ4UMJV6AgFoSmXzS1lnsvE2v+0XjM
pgngVLmKMwF+/ZSjOzMmh0UPj2zuhIJqGs9FqI9eRpOzKXwOjWBCNJzbYk1uTTdh
MewXEwYuXrDvFujl3nNx4J30fDedsS9+0ZJTkFhqoTbbQ8fKpz5OOxRI260DXSXk
fHFwbT4TN/nAEFLVqfCJ/iK2e8If7gQvV6pA0jbbCcpKKP7Ax/0FWbjv9MQ4qqX6
mbVk2kpdoCilekOG6Jrix7o6cK3PSHEUM8zLq3ycYFxsgnWxWR1uxdMd833djDcw
j7Mx///6IOQd
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:38:34 2025 by rpki-client