Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8tMrERJ0MruFgS9hGvzU_kM3ans.roa
File: 8tMrERJ0MruFgS9hGvzU_kM3ans.roa (raw, json)
Hash identifier: Dlgj/2TxKQxEfZoy4f6biVZQDGnfCBgqD6iWwOx/rAQ=
Subject key identifier: F2:D3:2B:11:12:74:32:BB:85:81:2F:61:1A:FC:D4:FE:43:37:6A:7B
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0194B03A1EBC77032AF6419D563E6BB0086D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8tMrERJ0MruFgS9hGvzU_kM3ans.roa
Signing time: Wed 29 Jan 2025 04:03:06 +0000
ROA not before: Wed 29 Jan 2025 04:03:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7224
IP address blocks: 151.243.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 04:18:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b0:3a:1e:bc:77:03:2a:f6:41:9d:56:3e:6b:b0:08:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 29 04:03:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2d32b11127432bb85812f611afcd4fe43376a7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:27:95:b7:df:e5:99:16:ec:d1:99:a4:b7:89:
dc:bd:f5:59:a8:01:8c:bd:a6:d7:6e:77:ce:91:8b:
b5:8b:24:2b:85:8c:21:58:c5:2c:49:a9:37:98:1e:
15:a9:e8:52:1c:99:96:72:b9:12:4d:e7:84:2b:f3:
c4:55:b4:3b:3e:0a:d9:eb:2e:41:09:dc:9e:2b:5e:
b7:ca:9b:b6:a2:80:d5:a0:93:48:59:17:78:ba:c3:
33:bb:ca:c3:1e:a2:4e:82:32:76:9f:82:e6:42:d6:
86:b8:3c:d2:b6:72:5b:f0:c0:76:61:0c:3e:83:30:
b2:b3:01:44:aa:59:0f:c3:1c:5c:e7:b0:da:2f:c0:
21:49:a7:0d:80:30:5f:6b:97:47:93:1b:fb:af:05:
1c:0b:b0:26:fd:24:4c:f8:bb:ea:03:a8:49:b9:c7:
4e:0b:1f:3e:2c:63:d3:be:e7:16:99:90:41:90:15:
97:6d:84:55:1d:38:6e:8e:68:0c:47:36:d9:4a:04:
ca:ad:e4:1a:d8:0b:63:01:59:50:af:b4:b3:c9:1d:
dd:15:59:87:6b:e7:46:73:9a:15:db:fb:76:26:62:
c3:a0:ad:99:dd:34:6f:95:9d:ab:c0:df:57:aa:8d:
7d:86:2f:a9:db:db:c5:17:e1:d3:72:07:4b:a7:67:
a1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:D3:2B:11:12:74:32:BB:85:81:2F:61:1A:FC:D4:FE:43:37:6A:7B
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8tMrERJ0MruFgS9hGvzU_kM3ans.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.98.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:39:bd:fa:9e:9b:32:df:b8:37:74:ea:29:84:da:93:51:87:
d0:ee:45:6c:49:a9:41:8b:3a:cc:e6:89:e9:68:c0:5f:b2:be:
12:03:08:24:a3:12:02:87:42:1f:07:55:be:dc:49:0d:82:ea:
36:89:c9:e8:e2:35:f2:21:b9:81:b2:9d:5d:a8:9d:d0:4f:1f:
f9:52:7d:16:e9:d5:d0:f0:59:db:9a:e3:65:32:b1:8d:95:3e:
71:d4:12:7b:b4:50:b3:68:e8:29:77:3e:63:35:41:26:ff:cc:
95:f9:34:94:63:cd:1d:a7:d9:ea:78:85:61:5c:a6:c3:1c:51:
29:c7:c6:76:d0:e8:b8:ce:49:ac:d7:dc:1d:4a:19:cf:ae:3c:
ee:71:27:b6:fc:eb:18:42:e2:e8:20:5b:5f:39:1b:34:5c:f4:
45:63:63:b5:55:b7:a7:d5:d1:77:13:99:7c:43:a7:6a:15:3e:
7b:96:99:cf:18:d6:de:06:fb:07:1d:af:28:af:dc:e6:d8:f5:
43:7d:4a:41:29:8a:74:4a:79:2d:61:a6:f3:49:30:6d:c9:31:
4e:7c:45:22:11:95:d8:b0:ab:e9:ab:35:80:7e:cc:02:82:1b:
47:ba:21:16:67:e6:70:85:6f:6d:85:09:8f:fd:51:8d:c1:f0:
60:57:4d:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSwOh68dwMq9kGdVj5rsAhtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTI5MDQwMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmQzMmIxMTEyNzQzMmJiODU4MTJmNjExYWZjZDRmZTQzMzc2YTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkieVt9/lmRbs0Zmkt4ncvfVZqAGM
vabXbnfOkYu1iyQrhYwhWMUsSak3mB4VqehSHJmWcrkSTeeEK/PEVbQ7PgrZ6y5B
CdyeK163ypu2ooDVoJNIWRd4usMzu8rDHqJOgjJ2n4LmQtaGuDzStnJb8MB2YQw+
gzCyswFEqlkPwxxc57DaL8AhSacNgDBfa5dHkxv7rwUcC7Am/SRM+LvqA6hJucdO
Cx8+LGPTvucWmZBBkBWXbYRVHThujmgMRzbZSgTKreQa2AtjAVlQr7SzyR3dFVmH
a+dGc5oV2/t2JmLDoK2Z3TRvlZ2rwN9Xqo19hi+p29vFF+HTcgdLp2ehOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPLTKxESdDK7hYEvYRr81P5DN2p7MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvOHRNckVSSjBNcnVGZ1M5aEd2elVfa00zYW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/NiMA0G
CSqGSIb3DQEBCwUAA4IBAQCaOb36npsy37g3dOophNqTUYfQ7kVsSalBizrM5onp
aMBfsr4SAwgkoxICh0IfB1W+3EkNguo2icno4jXyIbmBsp1dqJ3QTx/5Un0W6dXQ
8FnbmuNlMrGNlT5x1BJ7tFCzaOgpdz5jNUEm/8yV+TSUY80dp9nqeIVhXKbDHFEp
x8Z20Oi4zkms19wdShnPrjzucSe2/OsYQuLoIFtfORs0XPRFY2O1Vben1dF3E5l8
Q6dqFT57lpnPGNbeBvsHHa8or9zm2PVDfUpBKYp0SnktYabzSTBtyTFOfEUiEZXY
sKvpqzWAfswCghtHuiEWZ+ZwhW9thQmP/VGNwfBgV01t
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:34:22 2025 by rpki-client