Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/JfmeoqjfpZJk1i5o6WgcBf921Jg.roa
File: JfmeoqjfpZJk1i5o6WgcBf921Jg.roa (raw, json)
Hash identifier: azDKypTflg7M9h4BqikdkZ8+fYZ8zhp8I9Z9kSPuGBs=
Subject key identifier: 25:F9:9E:A2:A8:DF:A5:92:64:D6:2E:68:E9:68:1C:05:FF:76:D4:98
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01955A5DA0B4064CB1761B378D612B399E75
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/JfmeoqjfpZJk1i5o6WgcBf921Jg.roa
Signing time: Mon 03 Mar 2025 04:57:20 +0000
ROA not before: Mon 03 Mar 2025 04:57:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214013
IP address blocks: 151.242.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 11:03:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5a:5d:a0:b4:06:4c:b1:76:1b:37:8d:61:2b:39:9e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 3 04:57:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25f99ea2a8dfa59264d62e68e9681c05ff76d498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ef:14:81:bf:43:df:1d:ca:8c:83:10:f7:54:
2a:e1:3f:85:c1:cd:0e:ca:22:7c:1e:4c:3c:e8:90:
78:71:d2:30:17:14:3b:70:ba:8b:54:58:78:9c:d9:
47:27:2a:c9:e6:cb:08:ef:65:00:54:63:bf:08:9b:
f5:33:8b:a2:ab:3c:32:3a:c7:42:d0:6b:5c:66:79:
a8:92:6d:9d:b2:97:cb:6a:ce:fb:37:d3:6a:cb:a1:
09:0a:60:82:51:12:7d:68:34:4d:2c:44:c5:4c:04:
77:61:47:7c:09:18:07:6b:d9:58:a7:fd:74:02:7d:
17:ea:70:cf:e1:8f:65:8a:86:2b:3e:db:e5:44:36:
dd:93:8d:82:fc:eb:8d:8b:9d:ec:bb:57:a2:a7:ad:
71:30:31:6f:00:95:db:78:4e:65:7f:7e:67:c7:10:
cc:3e:d8:c8:44:3c:cb:1f:d8:d9:6c:ef:65:c3:cb:
5c:d3:87:4d:23:44:e5:3c:f6:3d:b4:60:6a:5d:48:
64:37:d8:f3:d2:cb:21:d7:12:3a:3b:d9:3e:80:7b:
cf:d7:38:63:ee:11:74:fd:01:74:44:a4:98:dc:f5:
11:16:f8:f3:2c:41:23:73:89:3e:6b:d4:b8:94:7d:
d9:90:a3:e1:09:ba:5c:6b:e7:a8:e6:0d:8e:58:e1:
1a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F9:9E:A2:A8:DF:A5:92:64:D6:2E:68:E9:68:1C:05:FF:76:D4:98
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/JfmeoqjfpZJk1i5o6WgcBf921Jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.34.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:73:b5:60:90:e6:79:41:29:89:d0:68:15:7d:90:d7:d2:71:
51:bd:58:9e:63:a4:21:51:f0:70:c1:01:4a:fa:15:19:bc:8b:
88:11:fd:e5:2e:d4:07:4a:43:3c:8f:37:0d:b9:51:d0:75:58:
5d:22:b7:43:b8:d4:a9:94:d2:e2:49:06:f9:d9:92:40:bb:c8:
a8:d7:c6:7c:d1:b6:79:64:ef:62:ce:28:d0:8c:fc:fa:c5:70:
0f:9c:a4:c1:ab:fc:74:d6:b0:39:d2:0c:0a:06:e5:2d:f0:29:
d7:1b:79:48:fc:7b:3f:75:b7:26:a7:77:50:c3:89:09:cc:9a:
e1:73:41:9b:c5:68:78:25:59:a0:b1:e9:6e:85:ef:f3:44:78:
af:79:f3:a6:58:97:2e:cf:64:8c:91:e6:6a:d5:6d:33:6e:04:
07:51:c0:ab:1d:68:8e:88:9a:9b:83:9e:27:fe:ee:97:84:47:
77:ec:fc:dc:9a:20:06:47:0f:1b:ba:1d:58:59:63:85:24:07:
ce:fd:36:36:2f:23:a3:31:a1:88:78:6b:ad:4d:07:03:de:cc:
b0:97:eb:1d:08:f3:de:9c:22:ed:68:15:13:ec:07:fe:17:b3:
d1:92:16:1c:e0:3c:a5:46:7e:a5:86:10:d4:bd:23:0c:8a:0f:
e5:64:cc:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVaXaC0Bkyxdhs3jWErOZ51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzAzMDQ1NzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWY5OWVhMmE4ZGZhNTkyNjRkNjJlNjhlOTY4MWMwNWZmNzZkNDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnu8Ugb9D3x3KjIMQ91Qq4T+Fwc0O
yiJ8Hkw86JB4cdIwFxQ7cLqLVFh4nNlHJyrJ5ssI72UAVGO/CJv1M4uiqzwyOsdC
0GtcZnmokm2dspfLas77N9Nqy6EJCmCCURJ9aDRNLETFTAR3YUd8CRgHa9lYp/10
An0X6nDP4Y9lioYrPtvlRDbdk42C/OuNi53su1eip61xMDFvAJXbeE5lf35nxxDM
PtjIRDzLH9jZbO9lw8tc04dNI0TlPPY9tGBqXUhkN9jz0ssh1xI6O9k+gHvP1zhj
7hF0/QF0RKSY3PURFvjzLEEjc4k+a9S4lH3ZkKPhCbpca+eo5g2OWOEaAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCX5nqKo36WSZNYuaOloHAX/dtSYMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvSmZtZW9xamZwWkprMWk1bzZXZ2NCZjkyMUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/IiMA0G
CSqGSIb3DQEBCwUAA4IBAQAvc7VgkOZ5QSmJ0GgVfZDX0nFRvVieY6QhUfBwwQFK
+hUZvIuIEf3lLtQHSkM8jzcNuVHQdVhdIrdDuNSplNLiSQb52ZJAu8io18Z80bZ5
ZO9izijQjPz6xXAPnKTBq/x01rA50gwKBuUt8CnXG3lI/Hs/dbcmp3dQw4kJzJrh
c0GbxWh4JVmgseluhe/zRHivefOmWJcuz2SMkeZq1W0zbgQHUcCrHWiOiJqbg54n
/u6XhEd37PzcmiAGRw8buh1YWWOFJAfO/TY2LyOjMaGIeGutTQcD3sywl+sdCPPe
nCLtaBUT7Af+F7PRkhYc4DylRn6lhhDUvSMMig/lZMxU
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:03:39 2025 by rpki-client