Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/09CnL-scNotdfzmTElHFdopeqGI.roa
File: 09CnL-scNotdfzmTElHFdopeqGI.roa (raw, json)
Hash identifier: phk+8bkDWGSEhuwXKOCYOKVdY6E/w0VPxB7u3Xp3hjA=
Subject key identifier: D3:D0:A7:2F:EB:1C:36:8B:5D:7F:39:93:12:51:C5:76:8A:5E:A8:62
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01968507EA7898EA05ED0BE8ECB3B0AA012B
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/09CnL-scNotdfzmTElHFdopeqGI.roa
Signing time: Wed 30 Apr 2025 04:50:10 +0000
ROA not before: Wed 30 Apr 2025 04:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 151.240.45.0/24 maxlen: 24
151.242.45.0/24 maxlen: 24
151.242.57.0/24 maxlen: 24
151.242.144.0/23 maxlen: 23
151.242.158.0/24 maxlen: 24
151.242.200.0/22 maxlen: 22
151.242.204.0/22 maxlen: 22
151.243.105.0/24 maxlen: 24
151.243.159.0/24 maxlen: 24
151.244.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 May 2025 04:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:85:07:ea:78:98:ea:05:ed:0b:e8:ec:b3:b0:aa:01:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 30 04:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3d0a72feb1c368b5d7f39931251c5768a5ea862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:18:ca:03:fd:66:66:5a:c0:8c:6f:38:50:f2:
ee:2b:cc:8c:57:fd:2e:b4:8d:76:1e:df:53:42:31:
0f:46:b2:69:8a:ce:88:ec:ce:6d:b2:b6:bd:80:42:
c5:62:eb:b4:33:52:78:20:0b:4d:9d:d1:3a:da:e7:
8d:c8:04:c3:cb:ea:a9:47:24:26:bb:14:94:32:e5:
0a:cd:f0:ad:6a:f4:d6:e1:36:3a:a3:05:f6:79:cb:
43:39:46:f7:58:7f:7a:7d:10:61:72:80:5f:20:ed:
02:65:c7:c7:8b:cd:a9:11:04:26:34:8d:5f:92:3a:
99:1c:a6:29:c4:48:04:1b:6d:9e:24:49:8b:2c:f1:
55:86:94:0d:ab:a4:65:c5:59:36:25:f0:51:d0:7a:
0d:b1:c2:64:ac:01:4c:30:62:10:80:e2:8e:74:2e:
5b:2f:89:fc:c5:34:2b:fe:7f:ea:94:77:2e:35:e1:
eb:d3:ca:78:fc:2d:26:63:fb:f3:47:5e:34:67:df:
f8:72:f9:19:6e:c8:3d:62:bf:67:67:af:a5:74:9b:
66:ce:d9:eb:87:af:83:10:68:ed:b6:6b:bf:07:f6:
b2:36:5b:30:62:8e:46:05:83:5c:64:cd:89:01:fd:
df:2c:e3:fe:a6:df:57:50:c1:c0:d4:89:9a:60:8e:
18:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:D0:A7:2F:EB:1C:36:8B:5D:7F:39:93:12:51:C5:76:8A:5E:A8:62
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/09CnL-scNotdfzmTElHFdopeqGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.45.0/24
151.242.45.0/24
151.242.57.0/24
151.242.144.0/23
151.242.158.0/24
151.242.200.0/21
151.243.105.0/24
151.243.159.0/24
151.244.57.0/24
Signature Algorithm: sha256WithRSAEncryption
73:9e:bb:33:9b:85:ca:cf:54:41:1d:3a:6a:f2:b9:9a:5d:21:
d2:f2:11:3a:9f:5e:2f:10:02:71:a0:59:48:23:89:9e:22:5b:
17:c4:02:28:cf:50:bb:4f:2a:76:cf:72:02:49:5d:f2:69:01:
4b:e1:ae:e6:45:ab:fc:8c:31:7b:d9:a1:fb:f0:9b:93:2f:ad:
72:b6:b7:a2:fd:3d:71:5f:78:e2:c0:dd:7a:bc:06:84:09:09:
da:81:b0:c6:d2:31:9c:a1:31:de:ff:0f:c8:44:12:4b:87:dc:
44:56:9b:49:c5:17:46:ed:9b:92:1f:9d:b4:c2:63:f1:59:89:
b4:73:0b:41:20:ed:d6:dc:82:6b:b0:bd:54:b4:ff:e0:58:1a:
00:a2:36:59:f4:01:24:26:dc:de:3c:85:63:d3:d7:98:ed:a8:
dc:e3:2f:db:f4:26:83:ec:65:95:bc:73:36:88:f8:a7:c5:84:
56:c1:ea:ef:0c:73:6c:4e:ab:29:20:a4:2e:d5:b7:8a:ea:c9:
1f:1a:53:7a:a4:34:4d:88:ab:90:d4:3e:b7:dd:40:71:d5:c6:
cd:01:be:d3:ff:3c:69:16:12:4d:ba:73:db:3e:2d:87:1c:46:
77:19:48:75:d4:69:ae:83:f8:da:c5:7a:a3:23:d4:ee:c1:cd:
ac:aa:ed:ad
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZaFB+p4mOoF7Qvo7LOwqgErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDMwMDQ1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2QwYTcyZmViMWMzNjhiNWQ3ZjM5OTMxMjUxYzU3NjhhNWVhODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBjKA/1mZlrAjG84UPLuK8yMV/0u
tI12Ht9TQjEPRrJpis6I7M5tsra9gELFYuu0M1J4IAtNndE62ueNyATDy+qpRyQm
uxSUMuUKzfCtavTW4TY6owX2ectDOUb3WH96fRBhcoBfIO0CZcfHi82pEQQmNI1f
kjqZHKYpxEgEG22eJEmLLPFVhpQNq6RlxVk2JfBR0HoNscJkrAFMMGIQgOKOdC5b
L4n8xTQr/n/qlHcuNeHr08p4/C0mY/vzR140Z9/4cvkZbsg9Yr9nZ6+ldJtmztnr
h6+DEGjttmu/B/ayNlswYo5GBYNcZM2JAf3fLOP+pt9XUMHA1ImaYI4YrwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNPQpy/rHDaLXX85kxJRxXaKXqhiMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMDlDbkwtc2NOb3RkZnptVEVsSEZkb3BlcUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAl/AtAwQA
l/ItAwQAl/I5AwQBl/KQAwQAl/KeAwQDl/LIAwQAl/NpAwQAl/OfAwQAl/Q5MA0G
CSqGSIb3DQEBCwUAA4IBAQBznrszm4XKz1RBHTpq8rmaXSHS8hE6n14vEAJxoFlI
I4meIlsXxAIoz1C7Typ2z3ICSV3yaQFL4a7mRav8jDF72aH78JuTL61ytrei/T1x
X3jiwN16vAaECQnagbDG0jGcoTHe/w/IRBJLh9xEVptJxRdG7ZuSH520wmPxWYm0
cwtBIO3W3IJrsL1UtP/gWBoAojZZ9AEkJtzePIVj09eY7ajc4y/b9CaD7GWVvHM2
iPinxYRWwervDHNsTqspIKQu1beK6skfGlN6pDRNiKuQ1D633UBx1cbNAb7T/zxp
FhJNunPbPi2HHEZ3GUh11Gmug/jaxXqjI9Tuwc2squ2t
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:49:27 2025 by rpki-client