Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FUCAwIz9w_643ORO4c-sZR0_oW8.roa
File: FUCAwIz9w_643ORO4c-sZR0_oW8.roa (raw, json)
Hash identifier: arB+dYDgyzUTRflKFRM9W5ZKhzxRnH+ZK9S2VzT1YE0=
Subject key identifier: 15:40:80:C0:8C:FD:C3:FE:B8:DC:E4:4E:E1:CF:AC:65:1D:3F:A1:6F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01967AF3F5C77D2D7AE543A0C52C8370ED45
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FUCAwIz9w_643ORO4c-sZR0_oW8.roa
Signing time: Mon 28 Apr 2025 05:52:10 +0000
ROA not before: Mon 28 Apr 2025 05:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12189
IP address blocks: 151.243.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 07 May 2025 05:25:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7a:f3:f5:c7:7d:2d:7a:e5:43:a0:c5:2c:83:70:ed:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 28 05:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=154080c08cfdc3feb8dce44ee1cfac651d3fa16f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:01:b5:66:dd:06:d1:54:56:c0:b1:12:2a:78:
a6:6a:a5:64:28:72:31:91:91:d1:a5:37:cb:c1:03:
44:a4:79:c7:22:f0:80:58:a7:28:1c:74:cb:ae:e6:
60:12:90:2d:b7:96:ad:ab:31:cb:1b:96:02:db:97:
98:c8:ab:1f:74:e8:db:90:eb:5a:3e:03:f3:34:68:
47:92:90:e8:73:d2:08:36:b0:ed:f6:fb:e6:be:2e:
bb:45:f8:9b:2c:b8:29:9c:f2:93:85:c6:1d:00:60:
87:54:42:6c:e7:ab:8a:7f:4f:99:f9:b9:84:ef:43:
d0:74:52:0f:8a:0d:c0:b4:ba:45:e1:2b:e1:66:07:
e6:af:e1:ec:fb:bd:72:19:46:7b:4d:ed:b7:0b:4e:
ee:ae:7c:01:e2:c7:d3:b8:46:3b:9c:5c:69:08:31:
33:7a:b4:6e:f3:13:1a:91:0f:5d:a1:d7:45:84:bc:
27:c6:f4:cf:bf:59:da:f5:02:8d:bb:2c:06:9b:b3:
c1:88:69:43:d8:08:ab:b8:c1:7d:92:c4:2b:2e:89:
bb:bc:2b:1f:7a:c3:72:f9:b6:10:29:a4:57:22:9b:
88:08:c6:13:e5:f0:89:cf:c2:f3:ac:40:86:c5:85:
b6:19:47:da:70:de:b1:00:d5:1e:6c:87:3f:e8:75:
ca:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:40:80:C0:8C:FD:C3:FE:B8:DC:E4:4E:E1:CF:AC:65:1D:3F:A1:6F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FUCAwIz9w_643ORO4c-sZR0_oW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.152.0/22
Signature Algorithm: sha256WithRSAEncryption
77:8c:13:fa:65:14:8c:20:99:44:ee:7d:9e:e1:ef:20:4c:31:
1f:3a:80:53:d5:a6:ba:89:b4:75:95:ea:8f:17:1d:05:e6:2a:
9c:bf:e0:0e:a6:e4:ca:0b:42:44:e2:dd:5b:4d:c5:93:83:f3:
64:f9:24:ce:a9:92:24:eb:eb:f3:a4:17:0f:eb:72:8c:6d:d0:
0b:b4:a7:02:9b:d9:05:43:38:4d:90:3d:2f:77:7c:d4:d7:cd:
41:76:75:a3:83:e9:67:85:2d:3d:2c:cb:14:9c:88:17:a9:6a:
ab:5b:92:19:16:13:8c:a4:d6:03:e5:18:8e:94:9e:d4:34:a8:
76:3c:40:ab:10:60:37:3e:b0:28:24:ef:7b:78:09:0f:1d:c1:
c7:19:60:71:38:fd:9f:dd:87:81:c4:c8:bb:9f:35:ba:33:47:
b1:60:92:4c:6a:d1:c8:87:3c:b1:9a:07:20:59:20:24:d9:f6:
ce:b5:bf:33:1e:e8:8f:fc:85:f0:ee:ef:78:cc:da:4d:4a:95:
5c:f4:55:9f:9f:06:07:03:98:dd:76:0d:53:a4:27:05:be:bf:
b9:65:0c:9a:38:a3:5a:9f:ab:46:56:6c:67:8f:ad:88:99:bc:
ea:78:f4:f7:c4:0c:bb:df:21:0f:11:0b:ab:6c:c1:1f:3f:0d:
3a:dd:66:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZ68/XHfS165UOgxSyDcO1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDI4MDU1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTQwODBjMDhjZmRjM2ZlYjhkY2U0NGVlMWNmYWM2NTFkM2ZhMTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QG1Zt0G0VRWwLESKnimaqVkKHIx
kZHRpTfLwQNEpHnHIvCAWKcoHHTLruZgEpAtt5atqzHLG5YC25eYyKsfdOjbkOta
PgPzNGhHkpDoc9IINrDt9vvmvi67RfibLLgpnPKThcYdAGCHVEJs56uKf0+Z+bmE
70PQdFIPig3AtLpF4SvhZgfmr+Hs+71yGUZ7Te23C07urnwB4sfTuEY7nFxpCDEz
erRu8xMakQ9doddFhLwnxvTPv1na9QKNuywGm7PBiGlD2AiruMF9ksQrLom7vCsf
esNy+bYQKaRXIpuICMYT5fCJz8LzrECGxYW2GUfacN6xANUebIc/6HXK4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBVAgMCM/cP+uNzkTuHPrGUdP6FvMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvRlVDQXdJejl3XzY0M09STzRjLXNaUjBfb1c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCl/OYMA0G
CSqGSIb3DQEBCwUAA4IBAQB3jBP6ZRSMIJlE7n2e4e8gTDEfOoBT1aa6ibR1leqP
Fx0F5iqcv+AOpuTKC0JE4t1bTcWTg/Nk+STOqZIk6+vzpBcP63KMbdALtKcCm9kF
QzhNkD0vd3zU181BdnWjg+lnhS09LMsUnIgXqWqrW5IZFhOMpNYD5RiOlJ7UNKh2
PECrEGA3PrAoJO97eAkPHcHHGWBxOP2f3YeBxMi7nzW6M0exYJJMatHIhzyxmgcg
WSAk2fbOtb8zHuiP/IXw7u94zNpNSpVc9FWfnwYHA5jddg1TpCcFvr+5ZQyaOKNa
n6tGVmxnj62ImbzqePT3xAy73yEPEQurbMEfPw063WZA
-----END CERTIFICATE-----
Generated at Fri Jun 6 21:12:05 2025 by rpki-client