Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KkLYTT7Sbl66MKE5Wp9O9tx0XGY.roa
File: KkLYTT7Sbl66MKE5Wp9O9tx0XGY.roa (raw, json)
Hash identifier: KLfLM0U0rKRBq3GUgkyQUVSdUU8QSu7xnFs3uO+aRl0=
Subject key identifier: 2A:42:D8:4D:3E:D2:6E:5E:BA:30:A1:39:5A:9F:4E:F6:DC:74:5C:66
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01953692C3F5D687C15B8836681784F111CB
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KkLYTT7Sbl66MKE5Wp9O9tx0XGY.roa
Signing time: Mon 24 Feb 2025 06:09:02 +0000
ROA not before: Mon 24 Feb 2025 06:09:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211750
IP address blocks: 151.243.36.0/24 maxlen: 24
151.243.126.0/24 maxlen: 24
151.243.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Mar 2025 08:31:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:36:92:c3:f5:d6:87:c1:5b:88:36:68:17:84:f1:11:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 24 06:09:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a42d84d3ed26e5eba30a1395a9f4ef6dc745c66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a9:56:1f:53:6e:45:67:25:31:29:44:66:bd:
11:7c:94:72:ea:de:58:62:ce:49:49:f5:ad:ba:f8:
0f:3d:27:7b:96:88:90:9e:8f:0a:2e:60:6d:5c:09:
de:bd:59:a1:f9:e6:33:bc:8f:31:d1:26:60:d1:a1:
d1:a9:f8:6b:e0:5b:2b:f0:ec:65:32:5a:9f:6d:09:
cb:8c:f5:01:af:76:38:e3:96:f2:c7:3e:d7:3d:4f:
ab:e4:ba:d7:94:3f:48:c0:0a:69:d0:a0:b2:60:67:
24:2a:bf:03:b3:a5:b9:d4:9e:19:8d:2b:6f:ad:6a:
38:87:7c:df:d8:0c:24:a5:d8:b5:99:07:56:58:15:
70:b3:59:f5:2b:51:f1:4d:88:02:bd:73:65:0b:c5:
f2:84:ab:aa:b7:ed:8d:a7:1b:af:a4:04:71:2e:ec:
99:92:60:92:74:d9:80:d0:50:4b:42:d1:75:c3:41:
d7:87:5a:f4:89:d8:4d:4c:4d:73:2a:ab:a1:43:ca:
d5:af:76:3b:94:d2:ab:e4:0a:dc:8b:60:05:6a:b5:
c0:a6:68:31:53:31:6b:0f:e7:2e:03:58:0e:51:1e:
5e:57:85:2c:48:f2:20:da:da:9c:35:c9:11:25:02:
4e:32:61:4c:6d:41:d3:8b:16:61:fd:e4:0a:fa:a1:
f4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:42:D8:4D:3E:D2:6E:5E:BA:30:A1:39:5A:9F:4E:F6:DC:74:5C:66
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KkLYTT7Sbl66MKE5Wp9O9tx0XGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.36.0/24
151.243.126.0/23
Signature Algorithm: sha256WithRSAEncryption
48:7a:88:b0:b9:7a:a3:1f:c1:67:98:e4:0d:73:d1:f9:35:f3:
4d:9d:ef:82:2b:b5:ad:71:bf:29:c0:05:57:7c:0c:bd:8b:18:
57:f9:07:2c:36:9e:09:5c:e7:24:de:d8:49:54:d2:45:9b:3a:
82:34:ca:e1:64:0c:16:49:1e:c3:94:57:2c:51:62:ff:6b:46:
f3:ac:de:32:1f:c8:f4:2d:88:32:f9:07:3b:29:cf:5b:dc:db:
07:90:2e:bd:b0:4f:c6:56:02:c3:52:3d:3c:bd:aa:a5:53:42:
13:ad:bc:9a:f6:dc:c1:75:dd:93:d1:7a:9b:d4:8e:7e:52:d4:
d1:bf:86:3a:21:a4:8f:37:6f:e5:e4:f4:70:25:85:0b:d3:a5:
de:f7:50:82:e6:93:3c:a0:9c:b9:9b:19:b5:cf:70:91:c3:12:
60:ac:7e:b5:88:34:db:2f:63:14:c0:4a:02:8d:cf:ec:ea:0a:
32:31:d8:64:6c:d2:22:24:8e:5a:3a:6e:aa:dd:7b:17:b9:32:
40:05:b2:de:30:37:2c:d5:84:e3:ae:e9:ff:69:2a:32:7f:52:
cd:12:f6:ff:8e:48:1b:8b:06:19:f5:4d:a4:94:90:f8:e9:e9:
77:07:1b:69:31:76:86:60:44:e7:25:6d:cf:66:60:5e:de:1d:
42:9a:c8:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZU2ksP11ofBW4g2aBeE8RHLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMjI0MDYwOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQyZDg0ZDNlZDI2ZTVlYmEzMGExMzk1YTlmNGVmNmRjNzQ1YzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqlWH1NuRWclMSlEZr0RfJRy6t5Y
Ys5JSfWtuvgPPSd7loiQno8KLmBtXAnevVmh+eYzvI8x0SZg0aHRqfhr4Fsr8Oxl
MlqfbQnLjPUBr3Y445byxz7XPU+r5LrXlD9IwApp0KCyYGckKr8Ds6W51J4ZjStv
rWo4h3zf2Awkpdi1mQdWWBVws1n1K1HxTYgCvXNlC8XyhKuqt+2NpxuvpARxLuyZ
kmCSdNmA0FBLQtF1w0HXh1r0idhNTE1zKquhQ8rVr3Y7lNKr5Arci2AFarXApmgx
UzFrD+cuA1gOUR5eV4UsSPIg2tqcNckRJQJOMmFMbUHTixZh/eQK+qH0swIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCpC2E0+0m5eujChOVqfTvbcdFxmMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvS2tMWVRUN1NibDY2TUtFNVdwOU85dHgwWEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/MkAwQB
l/N+MA0GCSqGSIb3DQEBCwUAA4IBAQBIeoiwuXqjH8FnmOQNc9H5NfNNne+CK7Wt
cb8pwAVXfAy9ixhX+QcsNp4JXOck3thJVNJFmzqCNMrhZAwWSR7DlFcsUWL/a0bz
rN4yH8j0LYgy+Qc7Kc9b3NsHkC69sE/GVgLDUj08vaqlU0ITrbya9tzBdd2T0Xqb
1I5+UtTRv4Y6IaSPN2/l5PRwJYUL06Xe91CC5pM8oJy5mxm1z3CRwxJgrH61iDTb
L2MUwEoCjc/s6goyMdhkbNIiJI5aOm6q3XsXuTJABbLeMDcs1YTjrun/aSoyf1LN
Evb/jkgbiwYZ9U2klJD46el3BxtpMXaGYETnJW3PZmBe3h1Cmshr
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:31:18 2025 by rpki-client