Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/JEAqfx25eVxjfAD5g_DlKrWdTyc.roa
File: JEAqfx25eVxjfAD5g_DlKrWdTyc.roa (raw, json)
Hash identifier: Oz68YXFMVG2pBCdczJTDklXDo8YxWG2U/0rwLrHT3U0=
Subject key identifier: 24:40:2A:7F:1D:B9:79:5C:63:7C:00:F9:83:F0:E5:2A:B5:9D:4F:27
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195836CCB151D52E3979946B306FE854142
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/JEAqfx25eVxjfAD5g_DlKrWdTyc.roa
Signing time: Tue 11 Mar 2025 04:18:20 +0000
ROA not before: Tue 11 Mar 2025 04:18:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 151.243.8.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 27 Mar 2025 19:05:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:83:6c:cb:15:1d:52:e3:97:99:46:b3:06:fe:85:41:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 11 04:18:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24402a7f1db9795c637c00f983f0e52ab59d4f27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d8:e9:d5:91:25:09:60:83:b6:7a:ea:87:3b:
08:5b:92:0f:9e:2a:c8:15:95:0c:02:0c:58:ed:90:
45:a0:e1:2a:e3:ea:ba:94:ac:9a:c9:05:de:2b:fd:
57:df:57:80:32:bc:6f:3d:b8:90:a9:aa:5c:b7:ff:
8d:e0:9f:22:e1:9a:23:7a:8c:13:46:e0:c4:fc:ab:
ef:b7:c1:cb:0d:2a:b4:92:94:21:a0:42:db:58:f7:
8d:1e:e6:5d:0f:d6:4f:92:04:d7:96:30:fd:6c:3a:
68:a8:90:da:5a:3a:d5:42:ab:f0:6b:89:77:bc:5d:
90:81:80:7d:25:f4:79:f8:c7:3a:29:2b:cf:82:cf:
84:dc:22:b9:b6:5b:e2:11:72:da:93:44:2d:36:9b:
43:f2:bb:cf:ce:48:45:13:19:03:c8:a2:5f:8c:5a:
ed:a2:b2:c3:f3:5b:f3:55:00:8d:22:9b:af:54:16:
50:df:db:18:6c:43:3a:b5:61:33:c6:57:46:5b:bb:
50:5f:03:6e:b0:e1:98:b7:94:05:82:56:fa:c2:33:
6d:e6:19:3b:b9:33:3a:6a:b1:ca:ed:39:5f:c3:0c:
f6:2d:eb:06:11:3a:d0:5c:14:44:7c:75:17:61:ff:
24:7f:7b:76:55:bb:7c:a4:64:48:1c:62:f7:0c:c7:
b2:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:40:2A:7F:1D:B9:79:5C:63:7C:00:F9:83:F0:E5:2A:B5:9D:4F:27
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/JEAqfx25eVxjfAD5g_DlKrWdTyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.8.0/23
Signature Algorithm: sha256WithRSAEncryption
92:8b:f3:22:b3:eb:c6:fc:d9:3e:af:54:d5:16:72:a9:6a:c6:
e6:f2:8f:c2:bb:f6:fa:3c:89:24:95:32:c4:ae:ae:5d:6b:e9:
12:9e:b6:da:d0:c4:5f:59:79:d8:3a:a3:44:50:33:27:0f:da:
4b:9c:00:0d:07:c5:e7:01:a8:72:d7:38:ab:47:fd:66:8a:6d:
1f:02:22:38:0a:b3:89:53:5c:d3:fb:d3:c0:c3:47:5f:4d:df:
a5:54:d0:98:fd:ee:08:5b:19:de:23:2a:e4:c7:f2:36:3f:b2:
9f:d1:ff:f0:e5:17:18:04:dd:13:62:2e:9e:36:d0:a1:f2:c3:
d2:65:61:a6:dd:ec:04:40:11:58:76:05:f5:9e:ea:71:7b:39:
79:8d:e0:8c:05:91:ac:17:f6:01:70:0d:4a:9b:21:77:29:1f:
3c:18:a2:4d:f4:02:88:9a:d5:37:ab:95:d5:2d:9c:10:08:c9:
9c:c3:18:73:f7:b6:7f:a0:b9:6e:5a:8a:a0:1c:09:61:4f:91:
03:67:cf:f7:9c:38:1a:ad:47:1c:aa:e8:12:07:ba:ee:df:2c:
c1:7f:be:dd:c7:f2:01:92:8c:75:67:52:6f:da:31:1f:ec:87:
08:93:05:69:fc:51:1d:57:d2:47:8c:6c:c3:fe:e3:f5:76:a1:
df:fd:10:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWDbMsVHVLjl5lGswb+hUFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzExMDQxODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQwMmE3ZjFkYjk3OTVjNjM3YzAwZjk4M2YwZTUyYWI1OWQ0ZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNjp1ZElCWCDtnrqhzsIW5IPnirI
FZUMAgxY7ZBFoOEq4+q6lKyayQXeK/1X31eAMrxvPbiQqapct/+N4J8i4ZojeowT
RuDE/Kvvt8HLDSq0kpQhoELbWPeNHuZdD9ZPkgTXljD9bDpoqJDaWjrVQqvwa4l3
vF2QgYB9JfR5+Mc6KSvPgs+E3CK5tlviEXLak0QtNptD8rvPzkhFExkDyKJfjFrt
orLD81vzVQCNIpuvVBZQ39sYbEM6tWEzxldGW7tQXwNusOGYt5QFglb6wjNt5hk7
uTM6arHK7Tlfwwz2LesGETrQXBREfHUXYf8kf3t2Vbt8pGRIHGL3DMeyEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCRAKn8duXlcY3wA+YPw5Sq1nU8nMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvSkVBcWZ4MjVlVnhqZkFENWdfRGxLcldkVHljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBl/MIMA0G
CSqGSIb3DQEBCwUAA4IBAQCSi/Mis+vG/Nk+r1TVFnKpasbm8o/Cu/b6PIkklTLE
rq5da+kSnrba0MRfWXnYOqNEUDMnD9pLnAANB8XnAahy1zirR/1mim0fAiI4CrOJ
U1zT+9PAw0dfTd+lVNCY/e4IWxneIyrkx/I2P7Kf0f/w5RcYBN0TYi6eNtCh8sPS
ZWGm3ewEQBFYdgX1nupxezl5jeCMBZGsF/YBcA1KmyF3KR88GKJN9AKImtU3q5XV
LZwQCMmcwxhz97Z/oLluWoqgHAlhT5EDZ8/3nDgarUccqugSB7ru3yzBf77dx/IB
kox1Z1Jv2jEf7IcIkwVp/FEdV9JHjGzD/uP1dqHf/RCw
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:45:15 2025 by rpki-client