Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7GX3ysCDN1eFIkg4s79u_5G-LpM.roa
File: 7GX3ysCDN1eFIkg4s79u_5G-LpM.roa (raw, json)
Hash identifier: 8BTr/xe6kssOyA9JaibKbWOuhKhB8O5yNUdl7F8O9SA=
Subject key identifier: EC:65:F7:CA:C0:83:37:57:85:22:48:38:B3:BF:6E:FF:91:BE:2E:93
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197115691777D13728B20A30ED3C9FE5819
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7GX3ysCDN1eFIkg4s79u_5G-LpM.roa
Signing time: Tue 27 May 2025 10:42:55 +0000
ROA not before: Tue 27 May 2025 10:42:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29801
IP address blocks: 151.245.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 May 2025 18:22:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:11:56:91:77:7d:13:72:8b:20:a3:0e:d3:c9:fe:58:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 27 10:42:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec65f7cac083375785224838b3bf6eff91be2e93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:72:f7:40:47:ae:10:a1:b1:b8:db:0c:40:70:
9b:e9:28:6e:02:a9:24:3a:08:1e:b9:d8:89:f3:07:
9f:8b:a9:8f:2b:58:ea:c2:08:8f:30:99:c0:3a:09:
bc:20:58:10:64:f2:43:59:4b:49:25:1a:56:ea:f7:
8a:dc:09:77:c9:01:60:4b:b0:06:65:55:7e:ad:b8:
33:4e:cd:8f:1e:fd:54:86:cf:e2:b2:de:fe:d9:36:
5a:fa:23:cf:49:d2:fd:a3:19:e3:f8:05:bf:a1:85:
87:82:b1:ba:b0:9f:c1:e9:1d:da:dd:53:60:49:eb:
ee:9c:4c:37:b9:0a:c9:39:07:47:92:bc:5c:10:8e:
9b:c0:b4:a3:53:de:d6:9e:3a:fa:02:33:86:f7:c8:
c0:77:d9:c2:97:e3:e8:89:dd:fc:c0:da:25:fb:36:
43:61:9a:9d:ef:a9:51:99:e8:17:ed:26:4c:d1:62:
26:0e:8b:79:9a:a7:d1:b6:72:71:20:c2:ab:ec:14:
a2:d7:65:3c:80:e5:ac:3c:bc:f1:dd:ff:2d:6c:bd:
8e:9c:b0:b7:61:54:43:c7:da:31:ed:b8:f5:0b:1d:
3f:8d:65:eb:71:5d:01:8e:ee:3f:f0:8d:9c:dd:60:
fe:8d:c6:be:19:9a:cd:95:77:45:37:a6:c0:94:c0:
91:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:65:F7:CA:C0:83:37:57:85:22:48:38:B3:BF:6E:FF:91:BE:2E:93
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7GX3ysCDN1eFIkg4s79u_5G-LpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.245.1.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:96:d5:67:a7:01:4d:fb:77:dc:ed:7b:34:ac:a9:46:77:46:
03:12:e4:5b:56:15:c9:08:41:eb:9c:33:48:42:4d:40:7d:8f:
f8:da:d0:5d:ac:ad:75:61:a0:7c:5d:c6:dd:e9:c0:c6:f3:73:
01:66:d4:db:a2:76:2d:22:1b:36:ed:e5:4d:96:94:b1:be:4b:
1e:fb:ee:a9:60:cc:f5:9f:55:7c:42:a5:35:a0:21:80:f2:cb:
d8:01:7f:05:64:6e:33:7a:fa:c0:df:c4:bf:83:1f:4f:01:dd:
50:3c:49:17:f8:0d:6f:02:6c:85:1f:ad:57:da:11:e1:91:e5:
7c:ae:63:ef:3b:76:4d:1f:04:94:cb:b0:bc:c8:e2:84:73:d4:
a8:14:cd:7d:66:89:d8:f5:99:5d:ec:dd:10:b8:6a:e5:a6:40:
09:77:38:82:d8:8f:2c:e6:0b:4f:42:8e:07:c9:70:21:50:3d:
b4:e6:15:09:6e:53:9c:c1:7e:13:f4:7a:89:22:4c:49:0c:cb:
e8:90:4d:81:67:7a:dc:4f:7b:00:d1:61:42:15:62:e9:77:fb:
f6:65:e0:ae:ae:4d:86:58:2f:a7:b9:0a:e5:a5:e8:07:ae:62:
36:6e:c1:72:df:6b:51:a2:b3:be:42:c6:0e:c4:e9:c1:4d:91:
61:f9:01:4c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcRVpF3fRNyiyCjDtPJ/lgZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTI3MTA0MjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzY1ZjdjYWMwODMzNzU3ODUyMjQ4MzhiM2JmNmVmZjkxYmUyZTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnL3QEeuEKGxuNsMQHCb6ShuAqkk
OggeudiJ8wefi6mPK1jqwgiPMJnAOgm8IFgQZPJDWUtJJRpW6veK3Al3yQFgS7AG
ZVV+rbgzTs2PHv1Uhs/ist7+2TZa+iPPSdL9oxnj+AW/oYWHgrG6sJ/B6R3a3VNg
SevunEw3uQrJOQdHkrxcEI6bwLSjU97Wnjr6AjOG98jAd9nCl+Poid38wNol+zZD
YZqd76lRmegX7SZM0WImDot5mqfRtnJxIMKr7BSi12U8gOWsPLzx3f8tbL2OnLC3
YVRDx9ox7bj1Cx0/jWXrcV0Bju4/8I2c3WD+jca+GZrNlXdFN6bAlMCRewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOxl98rAgzdXhSJIOLO/bv+Rvi6TMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvN0dYM3lzQ0ROMWVGSWtnNHM3OXVfNUctTHBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/UBMA0G
CSqGSIb3DQEBCwUAA4IBAQCbltVnpwFN+3fc7Xs0rKlGd0YDEuRbVhXJCEHrnDNI
Qk1AfY/42tBdrK11YaB8Xcbd6cDG83MBZtTbonYtIhs27eVNlpSxvkse++6pYMz1
n1V8QqU1oCGA8svYAX8FZG4zevrA38S/gx9PAd1QPEkX+A1vAmyFH61X2hHhkeV8
rmPvO3ZNHwSUy7C8yOKEc9SoFM19ZonY9Zld7N0QuGrlpkAJdziC2I8s5gtPQo4H
yXAhUD205hUJblOcwX4T9HqJIkxJDMvokE2BZ3rcT3sA0WFCFWLpd/v2ZeCurk2G
WC+nuQrlpegHrmI2bsFy32tRorO+QsYOxOnBTZFh+QFM
-----END CERTIFICATE-----
Generated at Fri Jun 6 21:16:50 2025 by rpki-client