Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yrMfSMjfRqnpH8NzeTEArJgTKMo.roa
File: yrMfSMjfRqnpH8NzeTEArJgTKMo.roa (raw, json)
Hash identifier: Te0oAPy7wyrkBCtYDl6abNZSazceisevKn7FYHQyY8Q=
Subject key identifier: CA:B3:1F:48:C8:DF:46:A9:E9:1F:C3:73:79:31:00:AC:98:13:28:CA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197E905507606869976A686CD26537CAFA9
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yrMfSMjfRqnpH8NzeTEArJgTKMo.roa
Signing time: Tue 08 Jul 2025 07:52:09 +0000
ROA not before: Tue 08 Jul 2025 07:52:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61003
IP address blocks: 151.242.88.0/24 maxlen: 24
151.242.112.0/24 maxlen: 24
151.242.173.0/24 maxlen: 24
151.243.19.0/24 maxlen: 24
151.243.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 12 Jul 2025 09:31:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e9:05:50:76:06:86:99:76:a6:86:cd:26:53:7c:af:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 8 07:52:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cab31f48c8df46a9e91fc373793100ac981328ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e9:57:1a:9d:d5:97:88:e7:38:f1:bd:99:fe:
44:4e:a1:fb:00:af:68:25:90:b2:84:f1:93:3f:cc:
1a:be:82:76:8e:9b:08:8b:8f:be:94:44:4d:4c:01:
b3:fb:04:ef:6e:93:d4:f2:17:d6:b8:b2:fc:40:59:
12:2a:da:09:02:2c:c2:ea:6c:9b:cd:06:d5:56:d3:
57:dc:04:3c:28:f4:10:d6:d8:46:ef:66:a4:f8:00:
c4:39:0f:35:f1:bf:52:04:ee:4b:4e:87:37:97:c8:
a3:ca:1b:a3:08:35:51:9f:56:5a:2f:3d:41:d0:28:
88:76:cc:86:fe:a1:10:00:5c:aa:c7:8f:43:df:c8:
f2:da:94:64:8e:d0:df:8d:40:0d:9f:01:7c:ad:26:
ab:69:bc:dd:ee:78:7f:30:ef:8b:11:80:a7:23:57:
65:72:88:bb:f2:fa:5a:2b:ba:37:87:a5:f2:ea:83:
1c:6d:e0:13:74:fb:5e:77:3e:65:d7:86:d6:86:df:
ef:26:8f:08:92:50:71:35:ff:ff:1d:df:f9:f5:10:
9b:15:c0:cd:7b:86:ad:e3:30:02:3d:75:fd:e1:2d:
cd:78:4d:51:76:32:58:49:36:82:ed:30:ef:d8:c1:
2b:cf:82:7c:97:27:78:96:97:6a:3f:f4:dd:b8:f8:
02:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B3:1F:48:C8:DF:46:A9:E9:1F:C3:73:79:31:00:AC:98:13:28:CA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yrMfSMjfRqnpH8NzeTEArJgTKMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.88.0/24
151.242.112.0/24
151.242.173.0/24
151.243.19.0/24
151.243.156.0/24
Signature Algorithm: sha256WithRSAEncryption
06:3e:e1:80:16:f9:3c:0f:37:1a:5c:05:4b:10:f6:a4:4d:eb:
b4:b2:cf:55:06:3e:f6:3b:9d:6d:66:56:98:75:60:31:28:1a:
0d:1a:54:91:72:c8:0d:f8:5b:8b:d7:74:cb:a7:db:53:90:66:
31:fd:27:e1:bd:02:35:3d:21:e5:39:33:61:de:93:09:fd:cd:
3a:7b:33:68:36:96:75:2d:57:ad:14:23:43:e0:4d:8d:65:28:
65:50:c4:37:82:40:d1:b3:f9:99:9c:fb:7c:b0:d2:c4:3c:35:
ab:ee:5e:d0:92:e5:32:f1:bc:38:ee:84:89:d4:93:e6:17:5b:
c2:39:93:fb:1a:17:6e:ac:d8:61:f7:5f:46:ea:d7:01:a9:c0:
e3:cf:53:f5:0a:9f:e2:75:32:10:8b:e6:b3:f9:8a:87:4a:95:
d5:01:b9:de:e1:50:91:1c:ed:96:b4:b7:3e:2b:f2:3a:0f:bb:
3d:70:a2:6a:02:8d:da:e1:da:1f:36:22:59:fb:37:f7:b8:15:
1b:01:cc:2a:3d:80:9a:79:55:16:ab:26:cb:bf:f0:88:aa:c2:
17:76:55:ae:ec:2a:80:93:ff:4a:42:39:fb:2a:fd:a3:ac:59:
52:21:62:e3:91:2a:7e:6d:d3:f1:9e:0a:aa:91:8c:e4:1a:91:
9a:7d:62:43
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZfpBVB2BoaZdqaGzSZTfK+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzA4MDc1MjA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWIzMWY0OGM4ZGY0NmE5ZTkxZmMzNzM3OTMxMDBhYzk4MTMyOGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlelXGp3Vl4jnOPG9mf5ETqH7AK9o
JZCyhPGTP8wavoJ2jpsIi4++lERNTAGz+wTvbpPU8hfWuLL8QFkSKtoJAizC6myb
zQbVVtNX3AQ8KPQQ1thG72ak+ADEOQ818b9SBO5LToc3l8ijyhujCDVRn1ZaLz1B
0CiIdsyG/qEQAFyqx49D38jy2pRkjtDfjUANnwF8rSarabzd7nh/MO+LEYCnI1dl
coi78vpaK7o3h6Xy6oMcbeATdPtedz5l14bWht/vJo8IklBxNf//Hd/59RCbFcDN
e4at4zACPXX94S3NeE1RdjJYSTaC7TDv2MErz4J8lyd4lpdqP/TduPgCNQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMqzH0jI30ap6R/Dc3kxAKyYEyjKMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveXJNZlNNamZScW5wSDhOemVURUFySmdUS01vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAl/JYAwQA
l/JwAwQAl/KtAwQAl/MTAwQAl/OcMA0GCSqGSIb3DQEBCwUAA4IBAQAGPuGAFvk8
DzcaXAVLEPakTeu0ss9VBj72O51tZlaYdWAxKBoNGlSRcsgN+FuL13TLp9tTkGYx
/SfhvQI1PSHlOTNh3pMJ/c06ezNoNpZ1LVetFCND4E2NZShlUMQ3gkDRs/mZnPt8
sNLEPDWr7l7QkuUy8bw47oSJ1JPmF1vCOZP7GhdurNhh919G6tcBqcDjz1P1Cp/i
dTIQi+az+YqHSpXVAbne4VCRHO2WtLc+K/I6D7s9cKJqAo3a4dofNiJZ+zf3uBUb
AcwqPYCaeVUWqybLv/CIqsIXdlWu7CqAk/9KQjn7Kv2jrFlSIWLjkSp+bdPxngqq
kYzkGpGafWJD
-----END CERTIFICATE-----
Generated at Sat Jul 26 00:38:34 2025 by rpki-client