Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/DBQZ1lixb9tgBacGJ7L0GkapUGo.roa
File: DBQZ1lixb9tgBacGJ7L0GkapUGo.roa (raw, json)
Hash identifier: btEGJfDj6y1VENHJ9uVHolIUkiYyxRKqowxbaSnwVDI=
Subject key identifier: 0C:14:19:D6:58:B1:6F:DB:60:05:A7:06:27:B2:F4:1A:46:A9:50:6A
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019648A8E7AD34CAE5ABE73396E6ED5A71DA
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/DBQZ1lixb9tgBacGJ7L0GkapUGo.roa
Signing time: Fri 18 Apr 2025 11:29:10 +0000
ROA not before: Fri 18 Apr 2025 11:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199707
IP address blocks: 151.242.188.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 19 Apr 2025 05:03:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:48:a8:e7:ad:34:ca:e5:ab:e7:33:96:e6:ed:5a:71:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 18 11:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c1419d658b16fdb6005a70627b2f41a46a9506a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:40:cf:f0:44:1a:11:b4:fd:72:8d:16:7f:ff:
80:3c:06:2b:87:5d:79:5a:1b:c5:fe:b9:24:16:99:
e9:0a:30:6d:b7:8b:56:14:2b:d4:3c:e3:81:7f:a0:
61:42:ce:9c:de:1b:e5:26:50:8b:1a:a0:7a:a8:ec:
45:87:d9:88:5d:c1:fa:ab:9b:81:f0:7b:88:53:e6:
a1:cc:64:8b:77:9d:7d:92:99:d6:e6:30:65:17:a3:
be:bb:65:2e:96:bb:4f:98:bf:3e:06:69:c0:ec:68:
45:e1:c4:58:f5:05:33:08:b1:5b:9a:20:34:53:8d:
28:f6:9d:d5:ec:2c:5c:a1:86:70:27:87:ff:94:2e:
84:3b:a2:19:a4:8f:7e:17:41:03:42:dd:93:e1:77:
d4:c8:63:b8:a1:53:0b:4e:26:ca:0e:8e:01:15:3a:
96:6d:79:5b:25:60:cc:4d:68:7c:87:89:83:cc:7e:
9e:08:12:2d:38:9d:44:d5:e9:89:3c:2a:a0:87:af:
a0:84:33:d8:7f:74:20:29:34:02:9a:7b:10:f6:da:
48:38:0d:6f:81:ca:dd:40:b8:81:0c:2a:e0:0f:dc:
20:0e:65:a2:3e:36:8b:2f:7a:11:f2:b2:52:98:9e:
b2:0a:0a:6b:e9:52:6e:54:76:79:26:5f:f4:37:fe:
0a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:14:19:D6:58:B1:6F:DB:60:05:A7:06:27:B2:F4:1A:46:A9:50:6A
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/DBQZ1lixb9tgBacGJ7L0GkapUGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.188.0/23
Signature Algorithm: sha256WithRSAEncryption
46:56:99:6f:18:e2:6b:6c:03:33:da:24:c8:c2:b0:fb:18:5d:
21:28:07:65:29:ed:f7:f2:b6:f8:e0:c5:03:8c:9d:30:1a:be:
94:25:14:5e:4a:e7:dc:de:0e:c4:a0:2f:4e:a9:32:4c:47:42:
ac:bf:da:cd:45:14:c0:5d:8c:16:84:f4:5e:88:05:c3:4c:ea:
63:3f:58:ec:bd:8e:e9:c6:91:2b:b2:10:89:85:38:ac:f6:bd:
f0:62:23:62:b0:fe:d4:85:7d:ee:53:f6:0f:3a:0a:35:ec:61:
00:ac:9e:d5:14:c1:80:a2:4d:9a:33:2b:9c:99:fa:69:f1:4b:
1a:e2:01:83:00:bc:25:c0:a4:b8:68:6e:ba:45:f4:ac:67:1b:
92:22:e9:72:6c:10:c2:a2:2b:fa:d1:b9:99:b8:43:e5:c3:a3:
b1:55:18:56:a5:08:b7:07:d5:6f:aa:52:17:2b:c3:ea:80:f3:
9f:95:21:43:52:6f:c6:54:e1:96:6f:ac:e0:a8:6a:cf:5c:d8:
80:30:94:7e:1e:f0:89:d0:99:e4:b6:0d:4a:4f:be:3d:77:d4:
ec:3e:e9:0f:db:19:31:75:0b:f9:5e:ad:a0:7d:2d:00:fb:9c:
3c:24:16:7b:bb:8c:db:86:8d:66:93:16:38:df:ef:f0:f6:9c:
23:8c:dd:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZIqOetNMrlq+czlubtWnHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDE4MTEyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzE0MTlkNjU4YjE2ZmRiNjAwNWE3MDYyN2IyZjQxYTQ2YTk1MDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUDP8EQaEbT9co0Wf/+APAYrh115
WhvF/rkkFpnpCjBtt4tWFCvUPOOBf6BhQs6c3hvlJlCLGqB6qOxFh9mIXcH6q5uB
8HuIU+ahzGSLd519kpnW5jBlF6O+u2UulrtPmL8+BmnA7GhF4cRY9QUzCLFbmiA0
U40o9p3V7CxcoYZwJ4f/lC6EO6IZpI9+F0EDQt2T4XfUyGO4oVMLTibKDo4BFTqW
bXlbJWDMTWh8h4mDzH6eCBItOJ1E1emJPCqgh6+ghDPYf3QgKTQCmnsQ9tpIOA1v
gcrdQLiBDCrgD9wgDmWiPjaLL3oR8rJSmJ6yCgpr6VJuVHZ5Jl/0N/4KawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAwUGdZYsW/bYAWnBiey9BpGqVBqMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvREJRWjFsaXhiOXRnQmFjR0o3TDBHa2FwVUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBl/K8MA0G
CSqGSIb3DQEBCwUAA4IBAQBGVplvGOJrbAMz2iTIwrD7GF0hKAdlKe338rb44MUD
jJ0wGr6UJRReSufc3g7EoC9OqTJMR0Ksv9rNRRTAXYwWhPReiAXDTOpjP1jsvY7p
xpErshCJhTis9r3wYiNisP7UhX3uU/YPOgo17GEArJ7VFMGAok2aMyucmfpp8Usa
4gGDALwlwKS4aG66RfSsZxuSIulybBDCoiv60bmZuEPlw6OxVRhWpQi3B9VvqlIX
K8PqgPOflSFDUm/GVOGWb6zgqGrPXNiAMJR+HvCJ0Jnktg1KT749d9TsPukP2xkx
dQv5Xq2gfS0A+5w8JBZ7u4zbho1mkxY43+/w9pwjjN1U
-----END CERTIFICATE-----
Generated at Sun Jun 8 19:23:12 2025 by rpki-client