Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-VUXC1gz2oXsv3acvRdw2jSfOqo.roa
File: 1-VUXC1gz2oXsv3acvRdw2jSfOqo.roa (raw, json)
Hash identifier: E2SILWeMLib9m/kUiOLsgHirfeuSAP0vI9vxsJ5dx1I=
Subject key identifier: F9:55:17:0B:58:33:DA:85:EC:BF:76:9C:BD:17:70:DA:34:9F:3A:AA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196757EDD3EB342F1560E56C2A98E468B0C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-VUXC1gz2oXsv3acvRdw2jSfOqo.roa
Signing time: Sun 27 Apr 2025 04:26:10 +0000
ROA not before: Sun 27 Apr 2025 04:26:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 151.240.45.0/24 maxlen: 24
151.242.45.0/24 maxlen: 24
151.242.57.0/24 maxlen: 24
151.242.144.0/23 maxlen: 23
151.242.158.0/24 maxlen: 24
151.242.200.0/22 maxlen: 22
151.242.204.0/22 maxlen: 22
151.243.105.0/24 maxlen: 24
151.243.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 04:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:75:7e:dd:3e:b3:42:f1:56:0e:56:c2:a9:8e:46:8b:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 27 04:26:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f955170b5833da85ecbf769cbd1770da349f3aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:84:c2:c4:c6:c1:0f:9c:39:0e:24:15:2f:98:
f5:f4:3d:11:63:5f:60:28:b1:9b:9e:e4:b9:40:c3:
09:f1:5c:4c:37:6e:89:42:de:f3:da:9d:a7:a0:b2:
99:6a:f2:8c:67:30:ef:d4:50:07:b2:fd:05:b4:f3:
52:c9:fe:d0:99:18:fa:7e:d7:72:e7:2f:33:ad:ea:
02:b7:26:26:94:85:99:98:a8:a0:36:95:0d:c2:b3:
27:bb:88:2b:fa:ec:59:46:bf:09:f0:cc:01:a4:cc:
d9:b0:cf:c0:0e:43:69:25:be:3b:5a:54:d9:46:23:
fd:64:1b:39:96:af:0a:03:cc:e6:56:88:d2:c0:49:
56:04:31:b7:6e:d9:fa:ff:8e:4e:f5:0c:9b:97:9e:
f7:1e:eb:c5:d6:37:06:e8:ac:29:42:ac:aa:45:98:
98:c9:7a:8e:4a:b1:97:8a:2d:b8:4d:55:04:d3:b5:
09:94:b2:44:58:4c:e8:fb:9e:5f:6d:79:7a:e9:1a:
69:91:af:ab:af:a9:7b:ea:c9:69:49:87:6a:e4:9b:
b6:ca:94:53:05:d6:00:8f:04:74:4f:9b:8d:53:8e:
3a:fa:56:8c:52:99:09:37:2b:43:bf:7e:53:37:3e:
2f:31:f5:50:f4:47:ea:75:25:6f:fb:81:e7:74:99:
71:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:55:17:0B:58:33:DA:85:EC:BF:76:9C:BD:17:70:DA:34:9F:3A:AA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-VUXC1gz2oXsv3acvRdw2jSfOqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.45.0/24
151.242.45.0/24
151.242.57.0/24
151.242.144.0/23
151.242.158.0/24
151.242.200.0/21
151.243.105.0/24
151.243.159.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:3d:2b:49:29:e5:60:22:ef:75:4a:21:8f:cb:b2:5d:e4:0c:
3e:44:c9:2d:d4:f4:bc:ac:5c:9a:20:92:02:42:9d:da:53:de:
95:73:05:f4:20:b3:9d:4c:a9:04:6f:8a:eb:0e:98:92:3f:d6:
07:78:84:e5:67:e9:a7:ca:06:bc:48:d8:71:7d:fc:4c:86:63:
24:4e:10:19:03:eb:61:9d:a5:51:75:1a:8c:86:dd:b3:f8:e7:
cf:6e:df:06:38:90:36:62:3d:a3:df:02:61:44:ea:06:30:25:
54:73:a9:87:0d:b1:00:23:79:36:04:f8:ee:5a:b6:c9:f2:01:
57:58:5a:79:7f:70:21:11:19:7a:5f:ee:f6:f4:7d:6b:2f:63:
82:d7:d0:a2:d2:eb:77:22:02:18:63:37:b1:25:d5:dd:b5:af:
d9:4d:9c:78:c3:24:83:e6:91:26:e6:9c:ed:06:8f:5c:cd:4b:
cd:37:d4:f7:8b:fa:3b:e5:25:8e:ff:57:78:fa:e2:b6:38:2a:
47:1f:f4:55:df:03:45:fb:7a:91:ff:3d:30:d4:61:09:d7:8f:
8a:cf:89:0b:b5:c7:31:65:21:52:b4:53:fb:79:8d:9c:36:3b:
b0:00:cb:5e:cb:f2:fe:c2:e1:61:5c:16:b8:0d:97:12:20:e6:
4b:75:48:1b
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZZ1ft0+s0LxVg5WwqmORosMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDI3MDQyNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTU1MTcwYjU4MzNkYTg1ZWNiZjc2OWNiZDE3NzBkYTM0OWYzYWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4TCxMbBD5w5DiQVL5j19D0RY19g
KLGbnuS5QMMJ8VxMN26JQt7z2p2noLKZavKMZzDv1FAHsv0FtPNSyf7QmRj6ftdy
5y8zreoCtyYmlIWZmKigNpUNwrMnu4gr+uxZRr8J8MwBpMzZsM/ADkNpJb47WlTZ
RiP9ZBs5lq8KA8zmVojSwElWBDG3btn6/45O9Qybl573HuvF1jcG6KwpQqyqRZiY
yXqOSrGXii24TVUE07UJlLJEWEzo+55fbXl66Rppka+rr6l76slpSYdq5Ju2ypRT
BdYAjwR0T5uNU446+laMUpkJNytDv35TNz4vMfVQ9EfqdSVv+4HndJlxnQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFPlVFwtYM9qF7L92nL0XcNo0nzqqMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMS1WVVhDMWd6Mm9Yc3YzYWN2UmR3MmpTZk9xby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvZjQzYjFkLTllNTAtNDU1MS1hZTZhLTE3YjlkZTE0MTI1
Mi8xL3htSm05R2I3SkppamxGbXpOUzJpVVZHbHBNQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBJBggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAJfwLQME
AJfyLQMEAJfyOQMEAZfykAMEAJfyngMEA5fyyAMEAJfzaQMEAJfznzANBgkqhkiG
9w0BAQsFAAOCAQEATD0rSSnlYCLvdUohj8uyXeQMPkTJLdT0vKxcmiCSAkKd2lPe
lXMF9CCznUypBG+K6w6Ykj/WB3iE5Wfpp8oGvEjYcX38TIZjJE4QGQPrYZ2lUXUa
jIbds/jnz27fBjiQNmI9o98CYUTqBjAlVHOphw2xACN5NgT47lq2yfIBV1haeX9w
IREZel/u9vR9ay9jgtfQotLrdyICGGM3sSXV3bWv2U2ceMMkg+aRJuac7QaPXM1L
zTfU94v6O+Uljv9XePritjgqRx/0Vd8DRft6kf89MNRhCdePis+JC7XHMWUhUrRT
+3mNnDY7sADLXsvy/sLhYVwWuA2XEiDmS3VIGw==
-----END CERTIFICATE-----
Generated at Fri Jun 13 22:53:10 2025 by rpki-client