Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8FqzuEW8udWydKzvyJcvd8U8LbU.roa
File: 8FqzuEW8udWydKzvyJcvd8U8LbU.roa (raw, json)
Hash identifier: 5ydzvY5J2S8IakUOgRx/jcApGQWVL/rrL2AGOaD9CsI=
Subject key identifier: F0:5A:B3:B8:45:BC:B9:D5:B2:74:AC:EF:C8:97:2F:77:C5:3C:2D:B5
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019423D7ADB798CB79A086705EF8B7BA6C51
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8FqzuEW8udWydKzvyJcvd8U8LbU.roa
Signing time: Wed 01 Jan 2025 21:48:44 +0000
ROA not before: Wed 01 Jan 2025 21:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47585
IP address blocks: 151.243.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 18:17:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:ad:b7:98:cb:79:a0:86:70:5e:f8:b7:ba:6c:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 1 21:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f05ab3b845bcb9d5b274acefc8972f77c53c2db5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c0:de:64:1d:d0:15:32:72:3c:fd:5d:58:af:
3b:c1:1d:13:34:93:dd:ff:8a:27:a8:a7:e9:7d:c9:
f6:94:b4:3e:53:33:de:0d:3f:25:6d:79:ff:26:2a:
08:57:e1:84:ca:29:e3:41:b5:66:6e:83:08:da:62:
b6:8f:56:03:64:28:e2:0e:ff:28:a8:78:26:a8:4b:
b7:f3:7a:c3:f4:85:07:4b:31:17:88:8c:8e:9d:a4:
3f:12:b8:70:9f:6e:9e:06:7b:75:68:c3:20:77:b0:
af:0e:0c:e5:7b:1c:6c:09:d7:08:1c:6b:a9:d6:b5:
48:04:79:f2:1e:6a:2a:6a:1d:be:34:29:02:f8:f3:
02:ff:0a:43:bf:35:b0:f0:10:08:97:07:95:78:84:
6a:58:a5:44:a7:ca:a5:4d:af:ad:c8:15:81:80:84:
80:18:72:bc:b0:db:70:7b:90:65:65:f6:89:5e:d8:
39:c2:ee:d5:a1:29:cb:da:db:e8:ea:3b:ca:41:6c:
90:49:4b:dc:aa:69:bd:bc:e2:3a:9f:8a:af:dc:27:
bf:51:b5:ae:ff:70:6b:9e:ec:c5:05:20:ed:a5:97:
ed:d5:ac:24:22:f0:39:ae:29:58:01:52:ee:22:32:
71:7d:73:73:b7:6c:17:f4:cd:6e:f8:55:c5:e5:74:
e0:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:5A:B3:B8:45:BC:B9:D5:B2:74:AC:EF:C8:97:2F:77:C5:3C:2D:B5
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8FqzuEW8udWydKzvyJcvd8U8LbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.254.0/24
Signature Algorithm: sha256WithRSAEncryption
66:8f:69:fc:75:97:90:c6:07:cf:26:01:60:6a:13:34:82:29:
57:94:b5:d1:d0:ee:7b:00:22:cf:15:32:20:d9:93:2b:1e:50:
e3:48:e4:df:57:db:97:3b:9f:9b:60:47:0e:60:29:f0:49:b1:
96:9f:1d:5e:f5:e7:02:3b:e0:a5:d4:81:34:cd:79:c4:81:05:
31:82:93:6f:46:76:47:57:f6:13:f2:e9:48:71:fc:1a:55:85:
0f:73:9e:fc:42:7a:70:ca:35:37:1c:ee:ca:c4:12:41:6b:78:
35:c3:c3:6a:5a:54:86:5a:93:6a:ba:70:a5:f5:56:a8:54:c7:
0e:ca:18:cb:22:a4:c7:b0:53:1c:a5:fa:f7:6f:d7:ea:64:cc:
b6:db:17:4b:43:eb:67:fd:81:9b:66:60:5d:e4:61:4e:77:19:
75:67:59:94:43:74:47:d8:74:c1:0a:48:af:39:36:9e:6a:1f:
00:4a:6b:91:72:a5:b0:13:c9:f0:bf:ce:97:6a:6d:99:59:a5:
2a:06:32:7c:3c:c9:ee:d7:c2:8e:2a:02:fe:a3:2f:48:ce:42:
e5:04:4b:3b:02:38:e9:73:31:32:45:c2:da:c1:c3:ec:f5:ff:
9d:ad:b4:22:2a:e0:ec:b1:ce:50:20:62:22:31:a9:00:cf:74:
6d:13:4d:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1623mMt5oIZwXvi3umxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTAxMjE0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDVhYjNiODQ1YmNiOWQ1YjI3NGFjZWZjODk3MmY3N2M1M2MyZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8DeZB3QFTJyPP1dWK87wR0TNJPd
/4onqKfpfcn2lLQ+UzPeDT8lbXn/JioIV+GEyinjQbVmboMI2mK2j1YDZCjiDv8o
qHgmqEu383rD9IUHSzEXiIyOnaQ/Erhwn26eBnt1aMMgd7CvDgzlexxsCdcIHGup
1rVIBHnyHmoqah2+NCkC+PMC/wpDvzWw8BAIlweVeIRqWKVEp8qlTa+tyBWBgISA
GHK8sNtwe5BlZfaJXtg5wu7VoSnL2tvo6jvKQWyQSUvcqmm9vOI6n4qv3Ce/UbWu
/3BrnuzFBSDtpZft1awkIvA5rilYAVLuIjJxfXNzt2wX9M1u+FXF5XTgrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPBas7hFvLnVsnSs78iXL3fFPC21MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvOEZxenVFVzh1ZFd5ZEt6dnlKY3ZkOFU4TGJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/P+MA0G
CSqGSIb3DQEBCwUAA4IBAQBmj2n8dZeQxgfPJgFgahM0gilXlLXR0O57ACLPFTIg
2ZMrHlDjSOTfV9uXO5+bYEcOYCnwSbGWnx1e9ecCO+Cl1IE0zXnEgQUxgpNvRnZH
V/YT8ulIcfwaVYUPc578QnpwyjU3HO7KxBJBa3g1w8NqWlSGWpNqunCl9VaoVMcO
yhjLIqTHsFMcpfr3b9fqZMy22xdLQ+tn/YGbZmBd5GFOdxl1Z1mUQ3RH2HTBCkiv
OTaeah8ASmuRcqWwE8nwv86Xam2ZWaUqBjJ8PMnu18KOKgL+oy9IzkLlBEs7Ajjp
czEyRcLawcPs9f+drbQiKuDssc5QIGIiMakAz3RtE02I
-----END CERTIFICATE-----
Generated at Thu Apr 17 11:40:24 2025 by rpki-client